This textbook presents a practical introduction to information security
using the Competency Based Education (CBE) method of teaching. The
content and ancillary assessment methods explicitly measure student
progress in the three core categories: Knowledge, Skills, and
Experience, giving students a balance between background knowledge,
context, and skills they can put to work. Students will learn both the
foundations and applications of information systems security;
safeguarding from malicious attacks, threats, and vulnerabilities;
auditing, testing, and monitoring; risk, response, and recovery;
networks and telecommunications security; source code security;
information security standards; and compliance laws. The book can be
used in introductory courses in security (information, cyber, network or
computer security), including classes that don't specifically use the
CBE method, as instructors can adjust methods and ancillaries based on
their own preferences. The book content is also aligned with the
Cybersecurity Competency Model, proposed by department of homeland
security. The author is an active member of The National Initiative for
Cybersecurity Education (NICE), which is led by the National Institute
of Standards and Technology (NIST). NICE is a partnership between
government, academia, and the private sector focused on cybersecurity
education, training, and workforce development.
