Principles of Information Security Management
- Get now
- Learn more
- Discussions
  Jan 27
- Course Description:
1. Security and Risk Management (1 - 2h)

A Strategic Governance and Risk Architecture
Cybersecurity Architecture: Fundamentals of Confidentiality, Integrity, and Availability (12 min)
Risky Business: Strengthening Cybersecurity with Risk Analysis (12 min)
Controls Categories (12 min)
Zero Trust (7 min)
Cyber Risk Management: Essentials for the Practical CISO (1 hr)
2. Asset Security (0.5 - 1h)

Asset Security
Data Security: Protect your critical data (or else) (6 min)
SSD Data destruction (10 min reading)
Google Data Center Security: 6 Layers Deep (2 min)
Data Governance (10 min)
3. Security Architecture and Engineering (3 - 4 hrs)

Security Architecture and Engineering
Cryptography: Crash Course Computer Science (12 min)
The Adventure of Alice and the Encrypted Message (14 min)
Steganography (3 min)
Virtualization Explained (5 min)
Cybersecurity Architecture: Who Are You? Identity and Access Management (30 min)
Cloud security guidance (30 min - reading)
Full SANS Webcast | Decoding the Shared Responsibility Model (49 min)
Buffer Overflows (3 min)
Stack vs Heap Memory - Simple Explanation ( 5 min)
What are hardware security modules (HSM), why we need them and how they work. (7 min)
How Access Control Systems Work | Point Monitor Corporation (6 min)
4 - Communication and Network Security (2 - 3 hrs)

Network Security basics
Understanding the OSI Model (12 min)
Cybersecurity Architecture: Networks (27 min)
Internet Networks & Network Security | Google Cybersecurity Certificate (1 hr)
How does HTTPS work? What's a CA? What's a self-signed Certificate? (11 min)
Kerberos (3 min)
5 - Identity and Access Management (1- 2hr)

Identity and Access Management (12 min)
Cybersecurity Architecture: Who Are You? Identity and Access Management (31 min)
OAuth terminologies and flows explained (24 min)
6. Security Assessment and Testing

Key Terminology
Building a Cybersecurity Framework (8 min)
NIST Cybersecurity Framework 2.0 (5 min)
SOC 1 vs SOC 2 Audits: What’s the Difference? (5 min)
CertMike Explains SOC Audits (8 min)
7 - Security Operations

The Incident Scene & Evidence Collection
Malware (21 min)
Attack Frameworks (8 min)
How Hackers Steal Passwords: 5 Attack Methods Explained (13 min)
Examples: Data resilience, RAID and storage
8- Software Development Security

Software Development Security
Cybersecurity Architecture: Application Security (16 min)
Container Security Explained (6 min)
Threat Modeling in the Age of AI - Susanna Cox (45 min)

The Incident Scene & Evidence Collection

The Incident Scene & Evidence Collection

Locard’s Exchange Principle: A fundamental forensic concept stating that perpetrators always leave something behind and take something with them.
Evidence Lifecycle: To ensure evidence is accepted in court, a strict lifecycle must be followed: Discovery->Protection->Recording->Collection->Analysis->Storage->Presentation->Return
Chain of Custody: It is critical to document who handled the evidence, when, and where. This proves the proof has not been tampered with.

B. Types of Evidence

The reliability of evidence determines its weight in legal proceedings:

Best Evidence: The original document or object. This is the most reliable form (e.g., the original contract, not a photocopy).
Secondary Evidence: Copies of original documents or oral testimony about a document. It is generally not permitted if the "Best Evidence" is available.
Direct Evidence: Prove a fact on its own without requiring inference (e.g., witness testimony of what they saw).
Conclusive Evidence: Irrefutable evidence that requires no corroboration.
Circumstantial Evidence: Evidence that implies a fact but cannot prove it directly; it requires inference.
Hearsay: Second-hand evidence (e.g., "I heard him say..."). It is generally inadmissible, with the notable exception of business records (such as audit logs) created in the normal course of business.

Extended Insight on Digital Evidence:

Digital evidence is fragile. The notes emphasise the Order of Volatility—collect evidence from the most volatile sources first (like RAM) before less volatile sources (like hard drives). Never analyse the original media; always create a bit-level copy (image) and analyse the copy to preserve integrity