Information Security Basic Skills you will learn

  • Security and Risk Management
  • Asset Security
  • Security Architecture and Engineering
  • Communication and Network Security
  • Identity and Access Management IAM
  • Security Assessment and Testing
  • Security Operations
  • Software development security

Who should learn Information Security Basics

  • IT Security Professionals
  • Security Consultants
  • IT Directors
  • Security Auditors
  • Security System Engineers
  • Network Architects
  • CIOs
  • Security Managers
  • IT Managers

What you will learn in Information Security Basics

  • CISSP® - Certified Information Systems Security Professional

    • Lesson 01 - Course Introduction

      07:28
      • 1.01 CISSP Course Introduction
        07:28
    • Lesson 02 - Domain One: Security and Risk Management

      01:48:49
      • 1.01 Introduction
        01:13
      • 1.02 Introduction to Security and Risk Management
        04:39
      • 1.03 Understand, Adhere to, and Promote Professional Ethics
        01:43
      • 1.04 Knowledge Check
      • 1.05 Understand and Apply Security Concepts
        02:01
      • 1.06 Evaluate and Apply Security Governance Principles
        03:54
      • 1.07 Goals, Mission, and Objectives
        02:40
      • 1.08 Control Frameworks, Due Care, and Due Diligence
        03:59
      • 1.09 Knowledge Check
      • 1.10 Determine Compliance and Other Requirements
        01:34
      • 1.11 Understand Legal and Regulatory Issues that Pertain to Information Security in a Holistic Context
        01:37
      • 1.12 Types of Intellectual Properties (IP) Law
        04:52
      • 1.13 OECD Principles, GDPR, and Data Protection principles
        04:12
      • 1.14 Data Protection Principles
        03:06
      • 1.15 Understand Requirements for Investigation Types
        05:10
      • 1.16 Knowledge Check
      • 1.17 Develop, Document, and Implement Security Policy, Standards,Procedures, and Guidelines
        04:02
      • 1.18 Knowledge Check
      • 1.19 Need for Business Continuity Planning (BCP)
        02:06
      • 1.20 Business Continuity Planning Phases
        01:28
      • 1.21 Business Impact Analysis
        03:29
      • 1.22 Identify Preventive Controls
        03:40
      • 1.23 Knowledge Check
      • 1.24 Contribute and Enforce Personnel Security Policies and Procedures
        05:23
      • 1.25 Introduction to Risk Management Concepts
        02:34
      • 1.26 Risk Analysis
        01:58
      • 1.27 Risk Analysis and Assessment
        04:36
      • 1.28 Countermeasure Selection
        01:48
      • 1.29 Risk Handling and Security Control Assessment
        04:12
      • 1.30 Security Control Assessment (SCA)
        02:00
      • 1.31 Risk Monitoring and Continuous Improvement
        03:41
      • 1.32 Knowledge Check
      • 1.33 Understand and Apply Threat Modeling Concepts and Methodologies
        02:13
      • 1.34 Threat Modeling Steps
        04:43
      • 1.35 DREAD Rating
        02:09
      • 1.36 Knowledge Check
      • 1.37 Apply Supply Chain Risk Management (SCRM) Concepts
        02:01
      • 1.38 Third-Party Management and Risks
        02:47
      • 1.39 Third-Party Risk Management Life Cycle
        05:51
      • 1.40 Knowledge Check
      • 1.41 Establish and Maintain a Security Awareness, Education, and Training Program
        04:28
      • 1.42 Program Effectiveness: Evaluation
        01:49
      • 1.43 Knowledge Check
      • 1.44 Quick Recap
        01:11
      • 1.45 Knowledge Check
    • Lesson 03 - Domain Two: Asset Security

      51:32
      • 2.01 Introduction
        01:15
      • 2.02 Introduction to Asset Security
        05:32
      • 2.03 Identify and Classify Information and Assets
        01:58
      • 2.04 Information Classification Objectives
        04:58
      • 2.05 Knowledge Check
      • 2.06 Establish Information and Asset Handling Requirements
        05:31
      • 2.07 Provision Resources Securely
        03:45
      • 2.08 Manage Data Life Cycle
        02:38
      • 2.09 Data Life Cycle: Create, Store, and Use
        04:01
      • 2.10 Data Life Cycle: Share, Archive, and Destroy
        03:38
      • 2.11 Data Remanence and Data Destruction
        03:59
      • 2.12 Knowledge Check
      • 2.13 Ensure Appropriate Asset Retention
        02:49
      • 2.14 Data and Data Security Controls
        02:29
      • 2.15 How to Select Controls
        03:14
      • 2.16 Digital Rights Management (DRM)
        00:44
      • 2.17 Data Loss Prevention (DLP)
        03:51
      • 2.18 Quick Recap
        01:10
      • 2.19 Knowledge Check
    • Lesson 04 - Domain Three: Security Architecture and Engineering

      02:05:31
      • 3.01 Introduction
        01:28
      • 3.02 Introduction to Security Engineering
        01:16
      • 3.03 Research, Implement, and Manage Engineering Processes Using
        02:46
      • 3.04 Trust but Verify and Zero Trust
        01:41
      • 3.05 Privacy by Design
        02:40
      • 3.06 Knowledge Check
      • 3.07 Understand the Fundamental Concepts of Security Models
        01:08
      • 3.08_State Machine Model, Multilevel Lattice Model, Non-Interference Model, and Information Flow Model
        03:31
      • 3.09 Types of Security Models
        06:45
      • 3.10 Composition Theories, Covert Channels, and Open and Closed Systems
        03:34
      • 3.11 Knowledge Check
      • 3.12 Select Controls Based on System Security Requirements
        00:52
      • 3.13 Security Capabilities of Information Systems
        05:42
      • 3.14 Knowledge Check
      • 3.15 Assess and Mitigate the Vulnerabilities of Security Architectures
        03:19
      • 3.16 SCADA
        02:39
      • 3.17 Security Concerns of ICS
        04:01
      • 3.18 Cloud Computing
        01:58
      • 3.19 Categorization of Cloud
        03:17
      • 3.20 Internet of Things
        06:33
      • 3.21 Fog and Edge Computing
        03:37
      • 3.22 Knowledge Check
      • 3.23 Select and Determine Cryptographic Solutions
        02:44
      • 3.24 Cryptosystem Elements
        05:32
      • 3.25 Encryption Methods
        04:27
      • 3.26 Data Encryption Standards
        03:28
      • 3.27 Output Feedback, Counter, and Triple DES
        02:28
      • 3.28 Advanced Encryption Standards
        04:16
      • 3.29 Asymmetric Cryptography
        07:25
      • 3.30 Public Key Infrastructure
        02:12
      • 3.31 PKI Certificate and Processes
        02:36
      • 3.32 PKI Process: Steps
        01:09
      • 3.33 Hashing, MAC, and Digital Signatures
        04:15
      • 3.34 Key Management Principles
        02:28
      • 3.35 Knowledge Check
      • 3.36 Methods of Cryptanalytic Attacks
        04:44
      • 3.37 Knowledge Check
      • 3.38 Apply Security Principles to Site and Facility Design
        03:52
      • 3.39 Design Site and Facility Security Controls
        02:13
      • 3.40 Personnel Access Controls
        02:41
      • 3.41 Environmental Security Controls
        01:55
      • 3.42 Classes of Fires
        02:45
      • 3.43 Other Security Controls
        03:31
      • 3.44 HVAC, Power Supply, and Training
        01:50
      • 3.45 Knowledge Check
      • 3.46 Quick Recap
        02:13
      • 3.47 Knowledge Check
    • Lesson 05 - Domain Four: Communication and Network Security

      01:27:31
      • 4.01 Introduction
        01:24
      • 4.02 Introduction to Communications and Network Security
        01:58
      • 4.03 Assess and Implement Secure Design Principles
        03:17
      • 4.04 Physical Layer and Data Link Layer
        04:33
      • 4.05 Network Layer
        05:10
      • 4.06 Transport Layer
        06:03
      • 4.07 Session Layer and Presentation Layer
        01:54
      • 4.08 Application Layer and Protocols
        03:48
      • 4.09 Knowledge Check
      • 4.10 IP Addressing
        04:58
      • 4.11 IPv6 and Its Address Structures
        07:02
      • 4.12 Knowledge Check
      • 4.13 Internet Security Protocol(IPsec)
        02:32
      • 4.14 IPsec Security Protocols
        03:47
      • 4.15 Secure Access Protocols
        02:39
      • 4.16 Implementation of Multilayer Protocol, Fiber Channels, and Micro-Segmentation
        02:51
      • 4.17 SDN and Wireless Technologies
        03:44
      • 4.18 Cellular Network and CDN
        03:38
      • 4.19 Knowledge Check
      • 4.20 Secure Network Components
        04:16
      • 4.21 Understand Network Access Control (NAC) and Endpoint Security
        04:42
      • 4.22 Knowledge Check
      • 4.23 Implement Secure Communication Channels
        02:27
      • 4.24 Application-Level Gateway, Circuit-Level Gateway, and Network Security Terms
        02:25
      • 4.25 Remote Access Technologies
        02:07
      • 4.26 VPN Protocols
        01:40
      • 4.27 VPN Protocols: Comparison
        04:38
      • 4.28 Multimedia Collaboration, Network Function Virtualization, and Network Attacks
        04:04
      • 4.29 Quick Recap
        01:54
      • 4.30 Knowledge Check
    • Lesson 06 - Spotlight Video One

      10:50
      • CISSP Spotlight One
        10:50
    • Lesson 07 - Domain Five: Identity and Access Management (IAM)

      46:03
      • 5.01 Introduction
        00:57
      • 5.02 Introduction to Identity and Access Management (IAM)
        01:35
      • 5.03 Control Physical and Logical Access to Assets
        01:32
      • 5.04 Manage Identification and Authentication of People Devices and Services
        03:53
      • 5.05 Biometrics and Accuracy Measurement
        02:08
      • 5.06 Passwords and Its Types
        03:39
      • 5.07 Tokens, Token Devices, and Authorization
        05:26
      • 5.08 Federated Identity Management (FIM) and Credential Management System
        02:36
      • 5.09 Single Sign-On (SSO) and Just-In-Time (JIT)
        03:07
      • 5.10 Knowledge Check
      • 5.11 Federated Identity with a Third-Party Service
        01:48
      • 5.12 Implement and Manage Authorization Mechanisms
        02:45
      • 5.13 Attribute-Based Access Control (ABAC) and Risk-Based Access Control
        03:00
      • 5.14 Knowledge Check
      • 5.15 Manage the Identity and Access Provisioning Life Cycle
        02:18
      • 5.16 Privilege Escalation
        02:33
      • 5.17 Implement Authentication Systems
        03:12
      • 5.18_Kerberos and Its Steps, RADIUS, TACACS, and TACACS Plus
        03:42
      • 5.19 Quick Recap
        01:52
      • 5.20 Knowledge Check
    • Lesson 08 - Domain Six: Security Assessment and Testing

      01:01:18
      • 6.01 Introduction
        01:04
      • 6.02 Introduction to Security Assessment and Testing
        00:49
      • 6.03 Design and Validate Assessment, Test, and Audit Strategies
        05:12
      • 6.04 SOC Reports and Security Assessments
        05:28
      • 6.05 Internal Audit and Assessment
        03:43
      • 6.06 External Audit and Assessment
        02:15
      • 6.07 Third-Party Audit and Assessment
        02:57
      • 6.08 Knowledge Check
      • 6.09 Vulnerability Assessment
        01:45
      • 6.10 Network Discovery Scan
        01:20
      • 6.11 Network Vulnerability Scan and Web Vulnerability Scan
        02:41
      • 6.12 Penetration Testing
        01:00
      • 6.13 Penetration Testing Process and Testing Types
        03:27
      • 6.14 Log Management and Review
        05:11
      • 6.15 Security Testing in SDLC
        03:32
      • 6.16 Code Review and Testing
        01:41
      • 6.17 Testing Methods
        05:41
      • 6.18 Interface Testing
        03:16
      • 6.19 Knowledge Check
      • 6.20 Collect Security Process Data
        03:11
      • 6.21 KPI Process
        02:36
      • 6.22 Knowledge Check
      • 6.23 Analyze Test Output and Generate Report
        03:09
      • 6.24 Quick Recap
        01:20
      • 6.25 Knowledge Check
    • Lesson 09 - Domain Seven: Security Operations

      01:34:04
      • 7.01 Introduction
        01:08
      • 7.02 Introduction to Security Operations
        00:51
      • 7.03 Understand and Comply with Investigations
        03:39
      • 7.04 Digital Forensics
        03:31
      • 7.05 Understand the Digital Evidences
        04:34
      • 7.06 Knowledge Check
      • 7.07 Conduct Logging and Monitoring Activities
        02:51
      • 7.08 Knowledge Check
      • 7.09 Continuous Monitoring
        01:53
      • 7.10 Digital Forensics Tools, Tactics, Procedures, Artifacts, and UEBA
        04:34
      • 7.11 Knowledge Check
      • 7.12 Perform Configuration Management
        01:53
      • 7.13 Apply Foundational Security Operation Concepts
        01:15
      • 7.14 Identity and Access Management with Various Types of Accounts
        01:55
      • 7.15 Apply Resource Protection
        01:55
      • 7.16 Controls for Protecting Assets
        02:34
      • 7.17 Conduct Incident Management
        02:17
      • 7.18 Understand Incident Response Life Cycle
        03:36
      • 7.19 Knowledge Check
      • 7.20 Operate and Maintain Detective and Preventive Measures
        03:26
      • 7.21 Understand Anti-Malware Systems, AI, Machine Learning, and Deep Learning
        03:23
      • 7.22 Implement and Support Patch and Vulnerability Management
        04:07
      • 7.23 Understand and Participate in Change Management Processes
        02:51
      • 7.24 Implement Recovery Strategies
        02:37
      • 7.25 Types of Recoveries
        02:37
      • 7.26 Operational Recovery
        02:16
      • 7.27 Recovery Partner Strategies
        01:56
      • 7.28 Redundancy and Fault Tolerance
        04:49
      • 7.29 Knowledge Check
      • 7.30 Implement Disaster Recovery (DR) Processes
        06:47
      • 7.31 Knowledge Check
      • 7.32 Test Disaster Recovery Plans (DRP)
        03:07
      • 7.33 Knowledge Check
      • 7.34 Participate in Business Continuity (BC) Planning and Exercises
        03:21
      • 7.35 Implement and Manage Physical Security
        04:55
      • 7.36 Importance of Lighting in Security Management
        00:58
      • 7.37 Access Control
        04:52
      • 7.38 Knowledge Check
      • 7.39 Address Personnel Safety and Security Concerns
        02:10
      • 7.40 Quick Recap
        01:26
      • 7.41 Knowledge Check
    • Lesson 10 - Domain Eight: Software Development Security

      01:00:08
      • 8.01 Introduction
        01:03
      • 8.02 Introduction to Software Development Security
        00:46
      • 8.03 Integrate Security in the Software Development Life Cycle
        01:17
      • 8.04 Software Development Models
        04:42
      • 8.05 Extreme Programming Model
        01:28
      • 8.06 DevOps and DevSecOps
        02:44
      • 8.07 CMM and SAMM
        02:23
      • 8.08 Change Management and Integrated Product Team (IPT)
        02:49
      • 8.09 Knowledge Check
      • 8.10 Security Controls in Software Development Ecosystems
        04:58
      • 8.11 Other Security Controls in Software Development Ecosystems
        03:21
      • 8.12 Software Configuration Management (SCM)
        04:25
      • 8.13 Database and Data Warehousing Environments
        03:27
      • 8.14 Knowledge Check
      • 8.15 Assess the Effectiveness of Software Security
        02:20
      • 8.16 Software Security and Assurance: Granularity of Controls and Separation of Environments
        02:18
      • 8.17 Software Security and Assurance: TOC or TOU, Prevention of Social Engineering, Backup, Software Forensics, Cryptography
        02:51
      • 8.18 Software Security and Assurance: Password Protection, Mobile Mode Controls, and Sandbox
        01:41
      • 8.19 Software Security and Assurance: Strong Language Support, XML, and SAML
        01:12
      • 8.20 Assessing the Effectiveness of Software Security
        02:51
      • 8.21 Knowledge Check
      • 8.22 Assess Security Impact of Acquired Software
        01:26
      • 8.23 Free and Open Source Software
        03:13
      • 8.24_Knowledge Check
      • 8.25 Define and Apply Secure Coding Guidelines and Standards
        04:31
      • 8.26 Web Application Environment
        02:54
      • 8.27 Knowledge Check
      • 8.28 Quick Recap
        01:28
      • 8.29 Knowledge Check
    • Lesson 11 - Spotlight Video Two

      11:51
      • Spotlight Two
        11:51

Get a Completion Certificate

Share your certificate with prospective employers and your professional network on LinkedIn.

Course Advisors

  • Dean Pompilio

    Dean Pompilio

    Technical Trainer, Owner- Steppingstonesolutions Inc

    Mr.Pompilio has been an IT Professional since 1989. He has worn many hats along the way and holds over 20 IT certifications which include EC-Council CEI, CEH, CHFI, CISSP, CISA, CISM. His passion is to help IT professionals achieve their training goals and career growth.

prevNext

Why you should learn Information Security Basics

3.5 million jobs

in cyber security by 2021

$282 billion projected

Global cyber security market by 2024

Career Opportunities

FAQs

  • What are the requirements to learn the Introduction to Information Security program?

    Professionals are recommended to have prior work experience in fields like Security and Risk Management, Asset Security, Security Engineering, or other related fields before taking this Introduction to Information Security program.

  • How do beginners learn CISSP fundamentals?

    Information Security is one of the top career choices in the IT industry, and it is crucial to learn about this field from its foundations. Simplilearn helps you learn the CISSP fundamentals by offering various articles, YouTube videos, and tutorials that are suitable for beginners.

  • How long does it take to learn information security?

    Information Security is a vast domain and involves various aspects that you can start with. Our 18 hours of detailed video lectures covered in this Introduction to Information Security program give you the perfect start and you can learn it at your own pace.

  • What should I learn first in the Introduction to Information Security program?

    This Introduction to Information Security program begins with an overview of topics like Security and Risk Management, Information Security Management and Governance, and Network Architecture and Design.

  • Is the CISSP program easy to learn?

    If you don’t have prior knowledge of Information Security, then you may find it a bit difficult to grasp the concepts covered in this program. However, you can refer to our supported articles and tutorials on information security to get the basics right. 

  • What are the basics in an Introduction to Information Security training program?

    The basics covered in this Introduction to Information Security training program are Security, Privacy, Third-Party management, data loss prevention, security engineering, cryptanalysis, and IP addressing. 

  • What is information Security used for?

    Information security is all about the practice of protecting the information assets of an organization from all kinds of threat. It ensures that unauthorized individuals or entities do not get access to a company’s systems, servers, and other assets to manipulate the sensitive information they store. 

  • Why is Information Security so popular?

    Data breaches are increasing at a rapid rate and companies have realized the need for keeping their systems, networks, and sensitive data secure and prevent hackers from accessing them. As a result, the demand for Information Security has surged for large companies and startups alike. Ensuring information security means effectively dealing with hackers and preventing any possible cyberattack on the company’s assets.

  • Can I complete this Introduction to Information Security program in 90 days?

    Yes, the concepts covered in this Introduction to Information Security program are quite straightforward, and you can complete the course well within 90 days.

  • What are my next best learning options after completing this CISSP program?

    After completing this CISSP training program, you can get ahead with other courses like Cyber Security Expert Master’s Program or Post Graduate Program in Cyber Security

  • What are the career opportunities in Information Security?

    Companies are seeking Information Security professionals like never before due to the alarming increase in the number of cyberattacks and the amount of financial losses they are bringing to the organization. Job roles like Information Security Analyst, Security Consultant, Security Architect, and Forensic Computer Analyst are popular career opportunities in this field. 

  • Will I get a certificate after completing the free CISSP® course?

    Yes, You will receive a Course Completion Certificate from SkillUp upon completing the free CISSP® course. You can unlock it by logging in to your SkillUp account. As soon as the certificate is unlocked, you will receive a mail with a link to your SkillUp learning dashboard on your registered mail address. Click the link to view and download your certificate. You can even add the certificate to your resume and share it on social media platforms.

  • Disclaimer
  • PMP, PMI, PMBOK, CAPM, PgMP, PfMP, ACP, PBA, RMP, SP, and OPM3 are registered marks of the Project Management Institute, Inc.