Overview of security management: assets, vulnerabilities, threats, attacks, security tools, models and procedures. Role of policy making in the context of information security. Common practices to risk management and analysis. Fundamentals of cryptology, secure networking and access control. Problems and potential solutions associated with designing and implementing operating system and application security. Frameworks commonly used for governance and compliance control. Incident and disaster response.