Security evaluation methodologies, security evaluation of software, cyber forensics.
Description
Security evaluation of information systems, security evaluation of software, security evaluation of products. Security code inspection, security testing, security standards, preparation of a security evaluation: impact scale, likelihood scale, severity scale. Vulnerability analysis, risk analysis, security plan elaboration. ITSEC, MARION, and MEHARI methods, OCTAVE, common criteria, target of evaluation, protection profile, security functional requirement, security factors, errors, accidents, assurance requirements, assurance levels, evaluation process, compliance with the protection profile, IT security ethics, privacy, digital copyright, licensing IT security products, computer fraud and abuse, incident handling, business records, security forensics, security evaluation case studies. Information security governance: risk management, business strategy, standards, COBIT. Situation awareness. A project.