Enterprise Security

Course Description

This course covers the managerial and technical considerations related to access controls, authentication, external attacks and other risk areas facing the enterprise. This course will also survey the techniques to prevent unauthorized computer and facility access as well the concepts for protecting the hardware and software assets of the enterprise.

Topics and Objectives

Enterprise System Architecture - Overview

• Understand the unique design, operation, and management conditions associated with an Enterprise System Architecture (ESA).
• Identify core operational priorities associated with the development and management of cross-functional enterprise systems.
• Recognize the major elements of Enterprise Application Architecture (EAA).
• Examine major security issues associated with Enterprise Application
• Integration (EAI) and Enterprise Collaboration Systems (ECS).

Enterprise System Risks, Controls, and Access

• Identify components of internal control systems.
• Apply enterprise-level risk assessment methodologies.
• Recognize a universal framework for Enterprise Security Architecture (ESA) development.
• Distinguish the technical and operational differences between Authentication and Access principles.
• Identify various access control concepts: Discretionary Access Control (DAC), Mandatory Access Control (MAC), and Role-Based Access Control (RBAC).

Distributed Systems: Architecture, Threats, Control, and Roles

• Recognize security issues and considerations associated with Distributed
• Computing Environments (DCEs).
• Identify seven types of distributed systems.
• Understand enterprise role life-cycle concepts as related to security management.
• Apply role-based security principles through case study analysis.

Securing Distributed Computing Environments

• Consider security issues associated with different enterprise network storage and processing architectures.
• Understand and apply strategies for securing eBusiness networks and enterprise Web Site Assets.
• Understanding distributed trust management systems.
• Understanding VPN vulnerabilities.
• Security issues associated w/ enterprise network storage and processing architectures, especially in the context of 'fee for service' arrangements, where network storage is outsourced.

Enterprise Security

• Comprehend core principles associated with an Enterprise Security (ES).
• Comprehend Enterprise Security Architecture (ESA) risk analysis, management, and control.
• Understand and apply high-level access control design methodologies.
• Recognize enterprise vulnerabilities associated with eBusiness networks and other web-based technologies.