InfoSec Foundation (ISO/IEC 27001)

Pass the ITC-006: InfoSec Foundation (ISO/IEC 27001) exam. The InfoSec Foundation exam tests the candidate knowledge in Information Security. Terms and definitions commonly used in the ISMS family of standards, Information security policies, Organization of information security (information security roles and responsibilities, segregation of duties, mobile devices and teleworking), Human resource security (prior to employment, during employment and termination and change of employment), Asset management (responsibility for assets, information classification and media handling), Access control (user access management), Cryptography, Physical and environmental security (physical security perimeter, physical controls, securing offices, rooms and facilities, protecting against external and environmental threats, removal of assets, unattended user equipment, clear desk and clear screen policy), Operations security (operational procedures and responsibilities, protection from malware, backup, logging and monitoring and technical vulnerability management), Communications security, System acquisition, development and maintenance, Suppliers relationships, Information security incident management, Business continuity management, and Compliance. ISO/IEC 27002:2013 Information technology - Security techniques - Code of practice for information security controls.