Security Across the Lifecycle
This module introduces the Solution Architect to the various security concerns and considerations when embarking on a new development project all the way to in-service support.
The Basics of Security Architecture
This module lays down the basic principles of security architecture and provides an understanding of what it means to be a security architect. It describes the relationship to Enterprise Architecture Frameworks and how these frameworks address security.
Being an SA is a technical job, without doubt, but the key to success in these areas comes from detailed knowledge of what comprises security technology in terms of product assurance, network and technical design/development work, and the trade-off between physical, logical and procedural controls. Unlike technical architecture, where components are added together to create an endsolution based on technical know-how, security architecture adopts a framework approach for deploying patterns of risk-reducing technology that provide varying levels of assurance depending on the underlying security requirements.
Advanced Security Architecture Concepts
This module builds on Module 2, laying down the next level of detail for a variety of architectural concepts. It starts with security mechanisms such as cryptography. It then goes on to a wide range of security services. Finally the module describes how the security services can be applied within a system and how design patterns are an important tool for a SA.
Topics covered include:
- Common methods for identification, authentication, access control
- Common methods for content control, such as anti-virus and data loss prevention
- Common cryptographic based services, such as a public key infrastructure
- Intruder detection and prevention services and their placement in systems
- The role of directories in a system
- Functions of security management within a system
- Network security controls and the threats they counter, including layer 2 controls, packet filtering, firewalls
- Common methods for resilience and recovery capabilities and techniques, including back-up and audit trails
- Security aspects of virtualisation
- Distinguish between different cryptographic mechanisms and techniques
- Use of threat modelling techniques to establish where security services should be positioned within a system
- Design patterns to explain the threats and security controls used to counter the threats
Information Security Methodologies
This module covers various methodologies and techniques that can be used to assure the implementation of a system or a product. This includes Information Assurance Frameworks and the purpose of vulnerability and penetration testing.
Preparation for the SASP exam
The final module provides preparation for the SASP examination.