CYB - Cybersecurity

This course provides a conceptual and hands-on introduction to the cybersecurity field. It covers the main areas of interest in cybersecurity, programming, networking, and network security. In the conceptual part, students will be exposed to the fundamental concepts of cybersecurity, common vulnerabilities, threats, and attacks, and technical and administrative control - getting a general overview of the field. In the hands-on part of the class, students will be exposed to the basics of programming and networking. Students will be using common cybersecurity tools to simulate well-known attacks and related security measures.

This course provides the conceptual and technical foundations to the cybersecurity field. It covers areas of computer and Internet security. Students are exposed to inner workings of operating systems and fundamentals of web security and database security. The operating systems content covers areas such as file systems, identity and access management, and client-server architecture. The web and database security content is supplemented with hands-on activities with a focus on related attacks. Students will also be exposed to command languages and scripting for security-related task automation.

Introduction to the important concepts pertaining to securing cloud-based information technology infrastructure.  Covers architectural and design requirements of cloud systems.  Includes data, platform and application security topics.  Cloud operations and legal and compliance issues are examined.  Experiential labs and assignments using a large cloud service provider is integrated in the course.

An overview of the processes and considerations required to properly prepare organizations for significant disruptions to operations and IT infrastructures.  A comprehensive risk management framework will be covered to prepare students to conduct both enterprise and IT risk assessments.  Students will then learn how to design, implement and test contingency plans including business impact analyses, business continuity plans, and disaster recovery plans.  To apply knowledge obtained in the course, students will participate in case discussions, simulations, and projects.

Introduction to incident response management and digital forensics.  The course examines the skills and knowledge needed to conduct formal investigations and manage incident response teams.  Attention is given to system breaches, advanced persistent threats, and anti-forensic practices.  The course covers the skills needed to collect and analyze data from Windows and Linux systems.  Experiential labs and assignments using forensic tools is integrated in the course.

The course introduces students to the applications of analytics in the cybersecurity field. Students use scripting and programming languages to collect and prepare data from computer/network logs and external threat intelligence sources. A security information and event management tool is used to store and manage the data. Students also learn the applications of machine learning in cybersecurity. The course provides a foundation for data-driven cybersecurity.

This course covers a broad range of topics relating to processes and procedures for developing secure software systems and common vulnerabilities found in software applications.  Taking a holistic approach to application security, the course discusses common technical vulnerabilities found in software, procedures for mitigating such vulnerabilities, and general procedures to ensure software is developed in a secure manner.  Content is based on the Certified Secure Software Lifecycle Professional (CSSLP) curriculum and is supplemented by hands-on experience in finding and remediating vulnerabilities in software solutions.

The course covers the strategic role of cybersecurity managers within an organization. Students will learn how to implement various governance frameworks and security concepts in a business environment.  Students develop leadership skills to be more effective managers including Chief Information Security Officers of organizations.  The course will prepare students how to design, operate, maintain, and assess holistic information security programs. Moreover, students learn how to provide effective information security consulting to organizations.

A course covering offensive security and hacking techniques.  The course takes a hands-on approach to penetration testing and vulnerability scanning in a lab environment.  Topics include scripting, target reconnaissance, scanning, exploitation and post-exploitation.  Open source tools are used throughout the course.  Ethics and legal considerations are emphasized.

Taking this course will expose students to a range of historic and current research in cybersecurity to understand problems of interest to the field and methods used to address them. Students will learn how to conduct high quality research for both academic and practitioner purposes. Students will utilize state-of-the-art software to conduct data analysis and will gain a better understanding of how to interpret the results.

Qualified students working in class meetings and individually with professors who have agreed to supervise such work. The thesis must be a substantial piece of work demonstrating the use of research methods and presentation of research results. Students are expected to present their work to their peers and participate in research events organized by the university. This course is a six-credit hour thesis and is expected to take two semesters to complete.

For graduate students only. Contemporary topics in cybersecurity and information systems.

A course offered at the discretion of Cybersecurity faculty. Subject may focus on a topic of current interest in the field, training in a specific area of the field, or a topic that is of interest to a particular group of students.