Covers the concepts of information assurance, explicit and implicit policy design, use of basic computer security mechanisms, authentication, access control, policy types. Topics include: Design and use of basic network security mechanisms, asset identification and valuation, determining threats to assets and their vulnerabilities, prioritizing and selecting countermeasures, implementing and deploying countermeasures, and continuing maintenance and assessment of security mechanisms. In addition it covers cyber ethical standards for information system users and administrators, and their role as a driver in developing information system security policies.