Explore
For Enterprise
Join for Free
Log In

Imperial College London
Register today for Global Master of Public Health webinar
RSVP to Imperial's upcoming webinar to learn more about their GMPH program on Feb 11.
University of London
Bachelor of Computer Science
This bachelor's degree offers 7 concentrations so students can pick where their career goes

Coursera（コーセラ）内をすべて検索

閲覧
一番人気のコース
企業用
ログイン
参加は無料

Privacy Policy

Loading...

IT Security: Defense against the digital dark arts

4.8 (4,119 件の評価) | 41K在籍する学生

Google ITサポート専門講座における 5 の 5 コース

This course covers a wide variety of IT security concepts, tools, and best practices. It introduces threats and attacks and the many ways they can show up. We’ll give you some background of encryption algorithms and how they’re used to safeguard data. Then, we’ll dive into the three As of information security: authentication, authorization, and accounting. We’ll also cover network security solutions, ranging from firewalls to Wifi encryption options. Finally, we’ll go through a case study, where we examine the security model of Chrome OS. The course is rounded out by putting all these elements together into a multi-layered, in-depth security architecture, followed by recommendations on how to integrate a culture of security into your organization or team. At the end of this course, you’ll understand: ● how various encryption algorithms and techniques work as well as their benefits and limitations. ● various authentication systems and types. ● the difference between authentication and authorization. ● how to evaluate potential risks and recommend ways to reduce risk. ● best practices for securing a network. ● how to help others to grasp security concepts and protect themselves.

シラバスを表示

学習するスキル

Cybersecurity, Wireless Security, Cryptography, Network Security

レビュー

4.8 (4,119 件の評価)

5 stars
3,410 ratings
4 stars
579 ratings
3 stars
89 ratings
2 stars
21 ratings
1 star
20 ratings

TE

Oct 05, 2018

Thank you to all the instructors. I learned concrete and useful IT skills from the courses and especially from the projects. After completing this course, I feel I want to learn more and more.

DS

Jan 30, 2019

Course 1 and 5 are probably my favorite of the courses because i feel i learned a lot in these two the most, all are great i just really wanted to learn more about security which was course 5

レッスンから

Creating a Company Culture for Security

Congratulations, you've made it to the final week in the course! In the last week of this course, we'll explore ways to create a company culture for security. It's important for any tech role to determine appropriate measures to meet the three goals of security. By the end of this module, you will develop a security plan for an organization to demonstrate the skills you've learned in this course. You're almost done, keep up the great work!

Security Goals7:34

Measuring and Assessing Risk5:22

Privacy Policy3:52

講師

Google

字幕

When you're supporting systems that handle customer data, it's super important to protect it from unauthorized and inappropriate access. It's not just to defend against external threats, it also protects that data against misuse by employees. This type of behavior would fall under your company's privacy policies. Privacy policies oversee the access and use of sensitive data. They also define what appropriate and authorize use is, and what provisions or restrictions are in place when it comes to how the data is used. Keep in mind that people might not consider the security implications of their actions, so both privacy and data access policies are important to guiding and informing people how to maintain security while handling sensitive data. Having defined and well established privacy policies is an important part of good privacy practices. But you also need a way to enforce these policies. Periodic audits on cases where sensitive data was accessed can get you there. This was enabled by our logging and monitoring systems. Auditing data access logs is super important, it helps us ensure that sensitive data is only accessed by people who are authorized to access it, and that they use it for the right reasons. It's good practice to apply the principle of least privilege here, by not allowing access to this type of data by default. You should require anyone that needs access to first make an access request with a justification for getting the data. But it can't just be vague or generic requests for access, they should be required to specify what data they need access to. Usually, this type of request would also have a time limit that should be called out in a request. That way, you can ensure that data access is only permitted for legitimate business reasons which reduces the likelihood of inappropriate data access or usage. By logging each day the access request and actual data access, we can also correlate requests with usage. Any access that doesn't have a corresponding request should be flagged as a high-priority potential breach that needs to be investigated as soon as possible. Company policies act as our guidelines in informational resources on how and how not to access and handle data. They're equally important here. Policies will range from sensitive data handling to public communications. Data handling policies should cover the details of how different data is classified. What makes some data sensitive as opposed to non sensitive? What's considered confidential data? Well, once different data classes are defined, you should create guidelines around how to handle these different types of data. If something is considered sensitive or confidential, you probably have stipulations that this data shouldn't be stored on media that's easily lost or stolen, like USB sticks or portable hard drives. They're also commonly used without any encryption at all. Imagine if one of your employees lost an unencrypted portable hard drive full of customer information, disaster. That's exactly the situation a data access policy tries to avoid. It might also make sense to include laptops and mobile devices, like phones and tablets in the removable media classification, since these devices are easily lost or stolen. Even though they're more commonly encrypted these days, the loss and theft rate is much higher. You may not like users storing sensitive data on a removable media, but sometimes you're out of luck. There may be an occasion where that's the only solution to accomplish a task. If this is the case, it would help to have recommendations on how to handle the situation in a secure way. So, you could offer an appropriate encryption solution, and provide instructions, and support on its use.

コース一覧で検討

サインアップは無料です。今すぐサインアップして、パーソナライズされたお勧め、更新、サービスを利用しましょう。

Coursera

このコースについて
リーダーシップ
キャリア
カタログ
修了証
MasterTrack™の修了証
学位
企業用
政府向け
キャンパス向け

コミュニティ

受講生
パートナー
開発者
ベータテスター
翻訳者
ブログ
技術ブログ

さらに表示

規約
プライバシー
ヘルプ
アクセシビリティ
報道関係者
お問い合わせ
ディレクトリ
アフィリエイト

場所を選ばす学習する

フォローする

©＃{currentYear} Coursera Inc.All rights reserved.