Security Concepts and Practices
Keep adding new skills with 10,000+ programs for $239 (usually $399). Save now.
Security Concepts and Practices
This course is part of ISC2 Systems Security Certified Practitioner (SSCP)
7,597 already enrolled
Ask Coursera
111 reviews
Recommended experience
111 reviews
Recommended experience
Skills you'll gain
- Cybersecurity
- Data Ethics
- Information Assurance
- Security Management
- Security Awareness
- Change Control
- Safety and Security
- Data Security
- Identity and Access Management
- Human Factors (Security)
- Authorization (Computing)
- Cyber Security Policies
- Computer Security Awareness Training
- Enterprise Security
- Cyber Security Assessment
- Security Controls
- Data Integrity
Details to know
See how employees at top companies are mastering in-demand skills
Build your subject-matter expertise
- Learn new concepts from industry experts
- Gain a foundational understanding of a subject or tool
- Develop job-relevant skills with hands-on projects
- Earn a shareable career certificate
There is 1 module in this course
Course 1 - Security Concepts and Practices
This is the first course under the specialization SSCP. In this course, we will focus on the core aspects of security concepts and practice, starting with the importance of codes of ethics. We will then cover the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also address the identification of corporate assets and the change management life cycle. We will then explain the importance of awareness and training and conclude with an exploration of physical security operations. Course 1 Learning Objectives After completing this course, the participant will be able to: - Recall the ISC2 Code of Ethics. - Explain the importance of an organizational code of ethics in the cybersecurity profession. - Compare the security concepts of confidentiality, integrity, and availability. - Apply accountability in the implementation of certain data protection controls. - Explain the concept of non-repudiation. - Discuss the concept of least privilege. - Indicate the importance of segregation of duties. - Differentiate technical, physical, and administrative security controls. - Relate security controls to considerations of assessing compliance requirements and organizational needs. - Indicate the importance of periodic audit and review of security controls. - Categorize various control types or technologies based on their different roles as part of an overall security structure and posture. - Summarize the security of assets all through the stages of their life cycle. - Examine operational requirements of change management. - Categorize security education and awareness strategies. - Define measurements for gauging the effectiveness of a security education and awareness program. - Indicate strategies that security professionals can use to collaborate with physical security operations. Who Should Take This Course: Beginners Experience Required: No prior experience required
This course will focus on the core aspects of security concepts and practice, beginning with a discussion of the importance of codes of ethics. We will then discuss the basic principles of information security and move on to describe security controls, their implementation, maintenance, and assessment. We will also discuss the identification of corporate assets as well as the change management life cycle. We will explain the importance of bolstering awareness and training and will conclude with a discussion on collaborating with physical security operations.
What's included
8 videos42 readings44 assignments
8 videos•Total 39 minutes
- Professional Ethics•2 minutes
- Confidentiality •5 minutes
- Integrity•6 minutes
- Privacy•4 minutes
- Security and Education Training and Awareness Strategy •6 minutes
- Layered Defense: Crime Prevention Through Environmental Design (CPTED) •6 minutes
- Fire Prevention, Detection, and Suppression •6 minutes
- Electrical Power•4 minutes
42 readings•Total 230 minutes
- ISC2 Code of Ethics•4 minutes
- Organizational Code of Ethics•6 minutes
- The Meaning of Information Security•6 minutes
- Security Strategy and Protecting Assets•6 minutes
- Availability•6 minutes
- Accountability•2 minutes
- Safety•6 minutes
- Defense in Depth•6 minutes
- Non-Repudiation•2 minutes
- Least Privilege•4 minutes
- Separation of Duties•4 minutes
- Technical Controls•2 minutes
- Firewalls as Network Security Devices•10 minutes
- Physical Controls•2 minutes
- Administrative Controls•6 minutes
- Assessing Compliance Reports•6 minutes
- Periodic Audit and Review•4 minutes
- Functional Security Controls•8 minutes
- Asset Management Life Cycle•8 minutes
- Configuration Management Databases (CMDBs)•4 minutes
- Data Classification and Categorization Policy•4 minutes
- Data Life Cycle •6 minutes
- Development and Acquisition•6 minutes
- Inventorying and Licensing•6 minutes
- Implementation and Assessment•6 minutes
- Maintenance and End-of-Life Phases •6 minutes
- Archival, Retention, Disposal, and Destruction Requirements •6 minutes
- Change Management Roles and Responsibilities •6 minutes
- Security Impact Analysis •6 minutes
- Configuration Management •8 minutes
- Training Tabletop Exercises •6 minutes
- Social Engineering •4 minutes
- Training for Social Engineering Defense •4 minutes
- Building Codes, Design, and the Construction of Dedicated Data Centers •4 minutes
- Data Center Standards and Assessment •4 minutes
- Perimeter Security Controls: Control of People and Machines •6 minutes
- Evacuation and Personnel Safety Assurance Measures •2 minutes
- Heating, Ventilation, and Air Conditioning (HVAC) •4 minutes
- Communications and Server Rooms •6 minutes
- Securing the Workspace •8 minutes
- Key Takeaways•10 minutes
- Security Concepts and Practices Terms and Definitions•10 minutes
44 assignments•Total 330 minutes
- ISC2 Code of Ethics•2 minutes
- Organizational Code of Ethics•2 minutes
- Security Strategy and Protecting Assets•2 minutes
- Confidentiality •2 minutes
- Integrity •2 minutes
- Availability•4 minutes
- Accountability•4 minutes
- Safety•2 minutes
- Defense in Depth•2 minutes
- Non-Repudiation•2 minutes
- Least Privilege•4 minutes
- Separation of Duties•4 minutes
- Technical Controls•4 minutes
- Firewalls as Network Security Devices •2 minutes
- Physical Controls•2 minutes
- Administrative Controls•6 minutes
- Assessing Compliance Reports•4 minutes
- Periodic Audit and Review •2 minutes
- Functional Security Controls•14 minutes
- The Asset Management Life Cycle•4 minutes
- Configuration Management Databases (CMDBs)•2 minutes
- Data Classification and Categorization •2 minutes
- Data Life Cycle •2 minutes
- Development and Acquisition•2 minutes
- Inventorying and Licensing•4 minutes
- Implementation and Assessment •4 minutes
- Maintenance and End-of-Life Phases •180 minutes
- Archival, Retention, Disposal, and Destruction Requirements •6 minutes
- Change Management Roles and Responsibilities •4 minutes
- Security Impact Analysis •4 minutes
- Configuration Management•4 minutes
- Training Tabletop Exercises •2 minutes
- Social Engineering •4 minutes
- Training for Social Engineering Defense•2 minutes
- Layered Defense: Crime Prevention Through Environmental Design (CPTED) •2 minutes
- Building Codes, Design, and the Construction of Dedicated Data Centers •2 minutes
- Data Center Standards and Assessment •2 minutes
- Perimeter Security Controls: Control of People and Machines •2 minutes
- Evacuation and Personnel Safety Assurance Measures •2 minutes
- Electrical Power •2 minutes
- Heating, Ventilation, and Air Conditioning (HVAC) •2 minutes
- Communications and Server Rooms •2 minutes
- Securing the Workspace •2 minutes
- End of Course Quiz•20 minutes
Earn a career certificate
Add this credential to your LinkedIn profile, resume, or CV. Share it on social media and in your performance review.
Instructor
Explore more from Security
- Status: Free Trial
Course
- Status: Free Trial
Course
- Status: Free TrialI
ISC2
Course
- Status: Free Trial
Course
Why people choose Coursera for their career
Learner reviews
- 5 stars
81.08%
- 4 stars
11.71%
- 3 stars
1.80%
- 2 stars
2.70%
- 1 star
2.70%
Showing 3 of 111
Reviewed on Apr 17, 2025
this appears to be a well-structured introductory module covering a significant range of fundamental security knowledge necessary for the field.
Reviewed on Mar 15, 2025
Some of the answers are incorrect. For example, the purpose of a countermeasure is to what? Answer should be to prevent incident.
Frequently asked questions
To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.
When you enroll in the course, you get access to all of the courses in the Certificate, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.
More questions
Financial aid available,