Having completed this course student will gain such a working knowledge of concepts, principles, techniques and methodologies needed to manage information security related risks within organizations. Therefore, it has been designed to provide the student with the required skills to perform a systematic information security risk management process including identification and evaluating operationally critical threats, assets, and vulnerabilities that are often rooted in organizational and business concerns. Topics include threats, vulnerabilities, exploits, and countermeasures, standards and best practices, risk assessment and mitigation, business impact analysis, and business continuity and disaster recovery planning and evaluating perimeter security such firewall technologies, Intrusion detection/prevention systems, SIEM technologies. Weekly lab session