RichardWu520/Security-Management

Security concepts and fundamentals security policies physical, technical and social security controls usable security security standards and certifications, governance and compliance security roles and responsibilities, culture and awareness raising, and professionalism recognising security needs across platforms (including Operating Systems, Applications, and Cloud systems) Risk Assessment threat, vulnerability and risk concepts asset valuation and management risk analysis methodologies Types of threats threat agents and motivations, adversarial thinking common human and technical attacks, insider threat, malicious code situational awareness, threat trends and landscape, CERTs Risk Management handling risk and selecting countermeasures/controls to mitigate risk understanding impacts and consequences third party management risk communication security economics Auditing, and Continuity planning and management (including backup and disaster recovery)