Online Graduate Certificate in Cybersecurity Technology

Students who have not taken a foundational computer networking course and/or lack previous experience in the networking technology field may be required to take CYBR 590 Computer Networking (3 cr.) as part of their program.

This course provides an overview and foundational understanding of concepts essential to the cybersecurity professional to evaluate best practices in implementing security systems within the enterprise. This course covers key bodies of knowledge in security, privacy, and compliance. Topics include security planning, risk management, security technologies, basic cryptography, digital forensics, application security, intrusion detection and prevention, physical security, and privacy issues.

Upon completion of the course, students are expected to be able to do the following:

1. Apply the principles of information technology security.
2. Analyze situations of computer and network usage from a security perspective to develop a security mindset.
3. Explain information security’s importance in our increasingly computer-driven world.
4. Identify appropriate strategies to ensure confidentiality, integrity, and availability of information.
5. Express management’s role in the development, maintenance, and enforcement of an information security program.
6. Describe the relationship among laws, regulations, and professional issues in information security.
7. Articulate how cryptography serves as the central language of information security.
8. Analyze how physical security fits within an information security program.
9. Define the roles of computer forensics in information security.
10. Apply basic software tools for assessing the security posture of a business.
11. Explain how issues of privacy relate to business information security.

This course provides a comprehensive overview of network security and intrusion detection. Students focus on methods for securing networks, and utilize these methods in basic architectural design. Students will apply these methods to a cohesive network security strategy. Topics include investigation of areas such as network analysis, perimeter defense strategies, network monitoring, vulnerability and intrusion detection, and security in mobile and wireless environments.

Upon completion of the course, students are expected to be able to do the following:

1. Implement secure design principles in network architectures.
2. Integrate secure network components through knowledge of the operation of hardware, transmission media, network access control devices, endpoint security, and content distribution networks.
3. Implement secure communication channels according to design that involve voice, multimedia collaboration, remote access, data communications, and virtualized networks.
4. Specify procedures to recover from attacks on network systems.
5. Conduct logging and monitoring activities to support intrusion detection and prevention, and event management.
6. Identify threats and vulnerabilities in networked systems.

This course introduces techniques for information distribution in such a way that data privacy is protected. It discusses models and frameworks for privacy protection that support privacy enhancements from economic, legal, and policy perspectives. Fundamentals of cryptographic theory and practice along with its applications are introduced in topics such as classical and contemporary ciphers, encryption and decryption, breaking ciphers, cryptographic protocols, and analysis tools.

Upon completion of the course, students are expected to be able to do the following:

1. Protect privacy and understand concepts such as data owners, processors, and collection limitations,
2. and ensure proper asset retention.
3. Analyze key laws designed to protect privacy.
4. Determine data security controls through an understanding of data states, standards selection, and data protection methods, and establish information and asset handling requirements.
5. Develop data standards related to the data life cycle, control, specification, storage, archiving, and responsible personnel.
6. Explain the basic principles of cryptography, including various cipher methods, hash functions, and cryptographic algorithms.
7. Identify the major protocols used for secure communications for both wired and wireless networks.

This course introduces the principles and best practices for incident response, along with an overview of digital forensics. Students understand the goals of incident response and learn how to prepare and respond to information security incidents and understand how the incident occurred. Students understand the process of collecting and analyzing data, and the process of remediation. The course outlines the investigative and analysis process, tools, digital evidence and applicable law with a focus on computer, mobile, network, and database forensics.

Upon completion of the course, students are expected to be able to do the following:

1. Implement the basics of evidence collection and documentation, reporting, investigative techniques, digital forensics tools, and procedures.
2. Interpret the requirements for investigation types of administrative, criminal, civil, regulatory, and industry standards and the associated costs.
3. Identify the implications of data location in responding to security incidents.
4. Conduct incident management through all stages of a breach with knowledge of detection, response, mitigation, reporting, recovery, and remediation.
5. Adjust preventative measures in response to security incidents.
6. Implement recovery strategies such as backup, recovery sites, multiple processing sites, and system resilience via high availability, Quality of Service (QoS), and fault tolerance.
7. Develop incident reports and analysis presentations.

This course includes a study of theoretical and practical aspects of network and web application penetration testing. Students are able to evaluate the security of a network or system's infrastructure and outline how hackers find and attempt to exploit any vulnerabilities. Included in the course are in-depth details on ethical hacking, including reconnaissance, vulnerability assessment, exploitation, maintaining access and covering tracks. Current tools and methodologies are stressed.

Upon completion of the course, students are expected to be able to do the following:

1. Explain the regulatory/legal requirements and rationale for penetration testing.
2. Interpret and differentiate cyber threats and exploits in a penetration testing context.
3. Distinguish key phases of ethical hacking: reconnaissance, scanning, gaining access, maintaining access, and covering the tracks.
4. Perform protocol analysis using packet captures and analysis data using a network sniffer.
5. Investigate and uncover network devices, operating systems, and services.
6. Discover network security issues using an intrusion detection tool.
7. Leverage penetration testing applications to recognize information targets across operating systems and services.
8. Implement scripts and tools to assist in penetration testing.
9. Deploy and test exploits targeting operating systems and services.
10. Identify and exploit various vulnerabilities in web applications.