This course provides an overview and foundational understanding of concepts essential to the cybersecurity professional to evaluate best practices in implementing security systems within the enterprise. This course covers key bodies of knowledge in security, privacy, and compliance. Topics include security planning, risk management, security technologies, basic cryptography, digital forensics, application security, intrusion detection and prevention, physical security, and privacy issues.

Upon completion of the course, students are expected to be able to do the following:

• Apply the principles of information technology security
• Analyze computer and network usage situations from a security perspective to develop a security mindset
• Explain information security’s importance in our increasingly computer-driven world
• Identify appropriate strategies to ensure confidentiality, integrity, and availability of information
• Express management’s role in the development, maintenance, and enforcement of an information security program
• Describe the relationship among laws, regulations, and professional issues in information security
• Articulate how cryptography serves as the central language of information security
• Analyze how physical security fits within an information security program
• Define the roles of computer forensics in information security
• Apply basic software tools for assessing the security posture of a business
• Explain how issues of privacy relate to business information security

This course introduces the domains of cloud security in both theoretical and practical applications. Students are presented with a structured approach to cloud architecture and design requirements along with applications involved in developing layered cloud security strategies. Students evaluate the data organization, data security, cloud applications, operations, and compliance used in deploying cloud-based security architecture that supports the objectives of the enterprise.

Upon completion of the course, students are expected to be able to do the following:

• Create a plan for an organization’s strategic security objectives
• Apply architectural frameworks and design principles
• Identify methods, roles, responsibilities, and accountabilities of personnel governing compliance of security policies
• Evaluate data security strategies and data classification controls
• Differentiate cloud-based security models

Prerequisite(s): CYBR590 Network Technology and Infrastructure

This course provides a comprehensive overview of network security and intrusion detection. Students focus on methods for securing networks, and utilize these methods in basic architectural design. Students apply these methods into a cohesive network security strategy. Topics include investigation of areas such as data analysis and interpretation, threat/intrusion detection, vulnerability management, incident response and security architecture. The course also prepares students for the CompTIA CySA+ Certification Exam.

Upon completion of the course, students are expected to be able to do the following:

• Implement security operations and monitoring design principles in network architectures
• Integrate software and systems security components through knowledge of hardware, transmission media, cryptography, network access, honeypot, endpoint security, and content-distribution networks
• Implement secure communication channels according to design that involve voice, multimedia collaboration, remote access, data communications, and virtualized networks
• Specify incident response and forensic procedures to recover from attacks on network systems
• Conduct logging and monitoring activities to support intrusion detection and prevention, and event management
• Identify threats and vulnerabilities in networked systems
• Understand compliance and assessment practices

This course describes the business context in which a cybersecurity professional must function within an organization. Students examine the interplay between business processes and cybersecurity issues in mitigating security threats. An overview of audit, compliance, regulation, and liability for business security is provided, along with how to construct effective continuity and disaster recovery plans.

Upon completion of the course, students are expected to be able to do the following:

• Manage business decisions affected by changing and diverse external and internal security threats
• Align security functions to business strategy, goals, mission, and objectives
• Determine compliance requirements among contractual, legal, regulatory, privacy requirements, and industry standards
• Outline legal and regulatory issues that pertain to information security in a global context in areas such as cyber-crimes and data breaches, licensing and intellectual property requirements, import/export controls, trans-border data flow, and privacy
• Identify, analyze, and prioritize business continuity requirements through developing a scope and plan and business impact analysis
• Implement disaster recovery processes and understand concepts of response, recovery personnel, communications methods, damage assessment, system restoration and training, and security awareness
• Address security concerns related to personnel safety, travel, security training and awareness, and emergency management
• Develop a security awareness and training program

In this course, students examine the roles of security policies, standards, and procedures in addressing business and technical security risks. Students explore the policies that are part of an overall security strategy. Policies are discussed that drive computer security, including discretionary access control, mandatory access control, and role-based access control policies, and how these are used in organizations. Students develop policies and deployment plans as part of the comprehensive strategic plan for the enterprise.

Upon completion of the course, students are expected to be able to do the following:

• Develop high-level security policies that directly support the mission, vision, and direction of an organization
• Develop issue-specific policies to control the use of resources, assets, and activities to support the organization’s goals and objectives
• Develop system-specific policies that express technical details for the implementation, configuration, and management of the system, including configuration rules and access control
• Develop, document, and implement security policies, standards, procedures, and guidelines
• Create security procedures and administrative controls for the enterprise
• Evaluate physical and logical access to assets such as information, systems, devices, and facilities
• Manage identification, authentication, and authorization of people, devices, and services

This course includes a study of the existing risk management frameworks, models, processes, and tools to provide students with the theory and practical knowledge needed to operationalize risk management in an organization or government agency. Additionally, fundamental concepts in information technology security audit and control processes for an organization are discussed. Students learn to create a control structure and audit an information technology infrastructure.

Upon completion of the course, students are expected to be able to do the following:

• Perform a risk assessment to determine the extent to which an organization’s technology assets are exposed to risk
• Demonstrate the concepts of risk appetite and residual risk as they apply to the information assets of an organization
• Complete a threat assessment that identifies asset vulnerabilities and ranks threats based on likelihood and financial impact
• Apply the risk control strategies of transfer, mitigation, acceptance, and termination and how cost-benefit analysis is utilized in determining which strategy to implement
• Employ risk assessment and analysis techniques, including risk response and countermeasure selection and implementation
• Apply risk-based management concepts to the supply chain with an understanding of risks associated with hardware, software, and services
• Conduct a security control testing plan that involves a vulnerability assessment, penetration testing, log reviews, synthetic transactions, code review, and interface testing
• Verify that controls are applied consistently
• Define how business alignment, risk appetite, and risk aversion affect the security program implementation

This course introduces students to the foundations of communication in a business setting as a critical component for success in the workplace. Students develop a foundation for designing effective written and oral messages, from concept to delivery. This course emphasizes elements of persuasive communication: how to design messages for diverse and possibly resistant audiences and how to present that information credibly and convincingly.

Upon completion of the course, students are expected to be able to do the following:

• Develop a persuasive argument to promote change
• Apply the principles of communication theory to interpersonal and group communication
• Deliver a message that is both transformational and motivational to an audience
• Demonstrate a professional manner and style in all communications
• Communicate priorities facing leaders in response to changing conditions in computer security
• Establish and maintain a security awareness, education, and training program
• Address conflict strategically to advance organizational security
• Present data in a visual format

This course introduces techniques for information distribution in such a way that data privacy is protected. It discusses models and frameworks for privacy protection that support privacy enhancements from economic, legal, and policy perspectives. Fundamentals of cryptographic theory and practice and its applications are introduced in topics such as classical and contemporary ciphers, encryption and decryption, breaking ciphers, cryptographic protocols, and analysis tools.

Upon completion of the course, students are expected to be able to do the following:

• Protect privacy and understand concepts such as data owners, processors, and collection limitations, and ensure proper asset retention
• Analyze key laws designed to protect privacy
• Determine data security controls through an understanding of data states, standards selection, and data protection methods, and establish information and asset handling requirements
• Develop data standards for the data life cycle, control, specification, storage, archiving, and responsible personnel
• Explain the basic principles of cryptography, including various cipher methods, hash functions, and cryptographic algorithms
• Identify the major protocols for secure communications for wired and wireless networks

This course introduces the principles and best practices for incident response, along with an overview of digital forensics. Students understand the goals of incident response and learn how to prepare and respond to information security incidents and understand how the incident occurred. Students understand the process of collecting and analyzing data and the process of remediation. The course outlines the investigative and analysis process, tools, digital evidence, and applicable law with a focus on computer, mobile, network, and database forensics.

Upon completion of the course, students are expected to be able to do the following:

• Implement the basics of evidence collection and documentation, reporting, investigative techniques, digital forensics tools, and procedures
• Interpret requirements for investigation types of administrative, criminal, civil, regulatory, and industry standards and the associated costs
• Identify the implications of data location in responding to security incidents
• Conduct incident management through all stages of a breach with knowledge of detection, response, mitigation, reporting, recovery, and remediation
• Adjust preventative measures in response to security incidents
• Implement recovery strategies such as backup, recovery sites, multiple processing sites, and system resilience via high availability, Quality of Service (QoS), and fault tolerance
• Develop incident reports and analysis presentations

This course includes theoretical and practical aspects of network and web application penetration testing. Students can evaluate the security of a network or system’s infrastructure and outline how hackers find and attempt to exploit any vulnerabilities. The course includes in-depth details on ethical hacking, including reconnaissance, vulnerability assessment, exploitation, maintaining access, and covering tracks. Current tools and methodologies are stressed.

Upon completion of the course, students are expected to be able to do the following:

• Explain the regulatory/legal requirements and rationale for penetration testing
• Interpret and differentiate cyber threats and exploits in a penetration testing context
• Distinguish key phases of ethical hacking: reconnaissance, scanning, gaining access, maintaining access, and covering the tracks
• Perform protocol analysis using packet captures and analyze data using a network sniffer
• Investigate and uncover network devices, operating systems, and services
• Discover network security issues using an intrusion detection tool
• Leverage penetration testing applications to recognize information targets across operating systems and services
• Implement scripts and tools to assist in penetration testing
• Deploy and test exploits targeting operating systems and services
• Identify and exploit various vulnerabilities in web applications

This course allows students to integrate their learning across the program into a case study project. Students complete a risk analysis, vulnerability and threat analysis, security infrastructure requirements, logical design, physical design, management design, pricing, and implementation planning.

Upon completion of this course, students are expected to be able to do the following:

• Evaluate the information security needs of an organization
• Use secure design principles through an understanding of the fundamental concepts of security models
• Complete the risk management process that adequately protects an organization’s critical information and assets
• Provide recommendations for logical, physical, and management design
• Develop an implementation plan.
  Prepare complete documentation and executive summary of the case study analysis
• Present case analysis with narrative and visual aids

Prerequisite(s): All required coursework completed or co-requisite

The course focuses on core programming concepts such as classes and objects, controlling flow, batch processing, and error handling while working in data processing, analysis, and visualization. The course explores a variety of Python packages and integration for project development. Using Python to automate workflows and create custom visualizations is discussed, and students can explore tabular data, spatial data, and/or cybersecurity applications of Python.

Upon completion of the course, students are expected to be able to do the following:

• Develop custom visualizations that communicate data and results of an analysis
• Respond to specific scripting requirements to address analytical problems and improve workflows
• Apply the concepts and logic of object-oriented programming