Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/func/func.logging.php on line 510
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/logging.php on line 54
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/logging.php on line 60
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/init.php on line 481
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/sessions.php on line 74
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/sessions.php on line 76
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/sessions.php on line 85
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/sessions.php on line 86
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/sessions.php on line 93
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/func/func.core.php on line 1836
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/cron.php on line 105
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/func/func.logging.php on line 49
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/func/func.logging.php on line 79
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/include/func/func.logging.php on line 86
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/include/get_language.php on line 165
Warning: Cannot modify header information - headers already sent by (output started at /var/www/html/include/func/func.logging.php:510) in /var/www/html/product.php on line 63
Warning: date() [function.date]: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'UTC' for 'UTC/0.0/no DST' instead in /var/www/html/product.php on line 82
INVALID SQL: 1064 : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'OPTION SQL_BIG_SELECTS=1' at line 1
SQL QUERY FAILURE:SET OPTION SQL_BIG_SELECTS=1
INVALID SQL: 1064 : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'OPTION SQL_BIG_SELECTS=1' at line 1
SQL QUERY FAILURE:SET OPTION SQL_BIG_SELECTS=1
eClasses.org�::�Course Catalog�::�Introduction to Web Security
eClasses.org :: Course Catalog :: Introduction to Web Security

Introduction to Web Security (S111)

Is your website secure? What are the security risks for web applications? How do you design for web security? What are the top ten security vulnerabilities and how do you mitigate them? If you need answers to these questions, this course provides the starting point.

This course presents the foundational principles of information and web security in the context of the systems development and security life cycle process. The focus is on both managerial as well as technical aspects. This course covers security principles; security needs, threats, and attacks; legal, ethical and professional issues; security technology including firewalls, VPNs, intrusion detection, access control; cryptography; physical security; security implementation; security maintenance and change management. The course is platform independent and supports the CISSP certification.

Course Objectives: at the completion of this course, you will:

  • Understand security concepts, security professional roles, and security resources in the context of systems and security development life cycle
  • Understand applicable laws, legal issues and ethical issues regarding computer crime
  • Understand the business need for security, threats, attacks, top ten security vulnerabilities, and secure software development
  • Understand risk management concepts, risk identification and assessment, risk control strategies, quantitative and qualitative risk control practices, risk management and risk control practices
  • Understand information security policies, standards and practices, the information security blueprint
  • Understand the use of firewall and VPN technologies in physical design
  • Understand the use of intrusion detection, access control and other security tools in physical design
  • Understand cryptography concepts, algorithms, and digital signatures used to protect information
  • Understand the concepts and techniques for establishing physical security
  • Understand how to implement and execute the information security blueprint
  • Understand the information security function within the organization, HR and staffing issues, security credentials, and privacy
  • Understand security maintenance issues, the use of security management models, and the use of digital forensics

Applicable Job Roles: web project manager, web programmers, and web application developers.

Outline
Week 1: Elements of Information and Web Security, Legal, Ethical, and Professional Issues in Information Security
  • Security and its history
  • NSTISSC Security Model
  • Information system components
  • Balancing security with access
  • Security implementation
  • System and Security Development Life Cycles
  • Law and Ethics
  • Relevant U.S. laws
  • International laws
  • Ethics and Codes of Ethics
Week 2: The Need for Security
  • Business needs
  • Threats
  • Attacks
  • Top ten security vulnerabilities
  • Secure software development
Week 3: Risk Management
  • Risk management overview
  • Risk identification
  • Quantitative and qualitative risk control
  • Risk management
  • Risk control practice
  • Risk assessment
  • Risk control strategies and selection
Week 4: Security Planning
  • Security policy, standards and practices
  • Information security blueprint
  • Security education, training and awareness
  • Continuity strategies
Week 5: Security Technology: Firewalls and VPN, and Intrusion Detection and Access Control
  • Physical design
  • Firewalls
  • Protecting remote connections
  • Intrusion detection and prevention systems
  • Honey pots, honey nets and padded cell systems
  • Scanning and analysis tools, access control devices
Week 6: Cryptography
  • Cryptography Foundations
  • Cipher methods
  • Cryptographic algorithms
  • Cryptographic tools
  • Protocols for secure communications
  • Attacks on cryptosystems
Week 7: Physical Security and Implementing Information Security
  • Physical access controls
  • Fire security and safety
  • Supporting utility failure and structural collapse
  • Data interception
  • Mobile and portable systems
  • Special considerations for physical security threats
  • Project management
  • Technical implementation topics
  • Nontechnical implementation topics
  • Certification and accreditation
Week 8: Security and Personnel, and Information Security Maintenance
  • Positioning and staffing
  • Information security professional credentials
  • Employment policies and practices
  • Security for nonemployees
  • Internal control strategies
  • Privacy and security of personnel data
  • Security management models
  • Maintenance model
  • Digital forensics
Prerequisites
This course requires general familiarity with core web technologies such as the Internet, logins, access, and HTML. Reading knowledge of JavaScript, Java, SQL, and programming logic is helpful but not required. Some knowledge of protocols especially TCP/IP will be helpful but not required.
Requirements

Students must submit assignments in a PDF file format.

Books:
Required Book: Principles of Information Security. 4th Edition

Additional information:

Your place in the course is confirmed by your payment. Introductory courses are intended for students with no experience in the subject matter and are seeking beginner level training.

Refund Policy: Please read our Terms and Refund Policy before registering for this course.

Additional Cost: Book and software might be required for the course. Read the Requirements and Book section for more information. Course fee does not include the book and software cost .

How eClasses Work:Instructors post lectures (text-based, no video or audio), reading selections, and hands-on assignments once a week in the online classroom. Students can discuss the assignments with the instructor and amongst themselves in the classroom area. This format has no set meeting time, which allows students to attend class at a time most convenient to them, yet still provides logically organized communication between class participants. Students can apply for the completion certificate after finishing the class.

Student CenterStudent Center
Cart is empty
Introduction to Web Security
Price: $200.00
Item No.: S111
Instructor: Sandra Perez
Open Courses: No other sessions are scheduled for this course. You can add to your wish list and you will be notified when other sessions are scheduled.

Instructor's ProfileInstructor
Sandra Perez holds an MS degree in Computer Science from Stevens Institute of Technology. She is currently CEO of Concept Technology, Inc. Ms Perez has over 30 years experience in information technology and related areas. She has also held numerous computer related academic positions including department chair and professor. She has extensive teaching experience in professional adult training as well as academic graduate and undergraduate settings in both online and in-class formats. Ms. Perez specializes in software applications, database, security and web technology areas.
Before you register for this class, please read the Outline, Prerequisites, Requirements, Books, and Refund Policy sections carefully.
 

Testimonials

Rating
No testimonial available!