Cybersecurity (CYB)

Operating systems (OS) provide the platform to run software and is used to manage computing resources. An OS is responsible for working with the underlying hardware to provide the baseline security capabilities of a system. Understanding the underlying theory of operating systems design is critical to cybersecurity as operating systems control the operation of a computer and the allocation of associated resources. This course provides students with an understanding of the role of an operating system, its basic functions, and the services it provides. Through lab exercises, this class will also identify the key issues and functions in administrating a Linux operating system.

The security of a system and the data depends in large part on the security of its software. The security of software depends on how well the requirements match the needs that the software must address, how well the software is designed, implemented, tested, and deployed and maintained. This course will first introduce C programming language, then explore software vulnerabilities using examples in C and last discuss fundamental principles and practices for software security.

This course will introduce the students to an overall view of network security and the latest defense techniques and strategies known in the enterprise. Starting with understanding network elements and architecture to how to identify and understand the different vector of attacks on a network. This includes sampling forensics and understanding the new concept of threat intelligence. Students will understand risk assessment and risk management for different components of the network and the impact of the different kinds of threats and attacks. In addition, the course will elaborate on the essentials of how to design, architect a secure enterprise network and how to define security policies, and how-to police it using intrusion detection/ prevention systems. The course is mainly a hands-on all along from examining network security, learning how to attack a network, and learn how to defend it. Policy design and enforcement lab as well as IDS/IPS set up and configuration.

This course will introduce students to cybersecurity operations which includes understanding of the cyberspace in the enterprise. Ethical hacking and penetration testing are at the center of cybersecurity operations. What are the common vulnerabilities and threats to web applications whether front the front- end (browser side) or the back-end (Server-side). All aspects of penetration testing and how to use it in order examine the security of online operation. The importance of data security and the different attacks on databases. Also, the course will illustrate the use of Identity and access management to enforce security and governance. This is a hands-on class, as it will use secure VPN to teach the students about the different topics in a lab environment. In addition, students will the arsenal of offensive security tools comes with Kali Linux to apply and examine the topics taught in class.

This capstone course focuses on research projects in cybersecurity. The goal of the capstone course is to provide an opportunity for students to incorporate cybersecurity knowledge and skills learned from previous courses and apply them to a real-world project. The project can come from a student’s internship experience, as an extension of a previous research project, or a project with an external client, such as a faculty or an industry expert. Students are expected to work in a team setting to plan, analyze and design a solution to the problem being explored in the project. Industry and academic experts in cybersecurity will be invited as project clients to provide project topic and define project scope.

This course is to introduce the fundamental concepts in cybersecurity. The courser will first introduce the vulnerabilities of computer systems and networks and then lead students to understand the fundamental principles in security using cases and examples. Various risk management strategies for organizations will then be introduced. In addition, the course will introduce methods to identify the potential threats from inside and outside of an organization and to deploy security technologies to mitigate the threats. Privacy, ethical and legal issues related to cybersecurity will be discussed. Students will gain hand-on experience by investigating security problems through laboratory exercises.

This course will introduce you to the fundamentals of incident response (IR), which sometimes includes digital forensic investigations. We will cover all types of incidents, from a stolen laptop to nation state cyber attacks to ransomware. Students will initially learn about the role of incident response in organization, its links to the security operations center (SOC) and its relationships with risk, compliance, legal and data privacy personnel. This course will highlight relevant digital forensic artifacts, including client computers, servers, the enterprise network, and Cloud storage. Students will gain hands-on experience with digital forensics and IR tools. The course will also detail the reporting requirements associated with data breaches. Furthermore, we will discuss best practices and protocols for responding to, and documenting incidents.

Operating systems (OS) provide the platform on which running software acquires and uses computing resources. OS are responsible for working with the underlying hardware to provide the baseline security capabilities of a system. Understanding the underlying theory of operating system design is critical to cybersecurity as operating systems control the operation of a computer and the allocation of associated resources. This course is to provide students with an understanding of the roles of an operating system, its basic functions, and the services it provides. Through lab exercises, this class will also identify the key issues and functions in administrating a Linux operating system.

This course introduces students to methods and practices to develop policies and plans for managing personnel, systems and processes related to information security in an organization. This course will first introduce methods to identify information assets, prioritize threats to information assets, and define an information security strategy and architecture. The course will then introduce methods and practices to develop system specific plans against various threats. Most importantly, students will learn about legal and public relations implications of security and privacy issues. Last but not the least, the course will present a disaster recovery plan for recovery of information assets after cybersecurity incidents.

This course will introduce the students to an overall view of network security and the latest defense techniques and strategies known in the enterprise. Starting with understanding network elements and architecture to how to identify and understand the different vector of attacks on a network. This includes sampling forensics and understanding the new concept of threat intelligence. Students will understand risk assessment and risk management for different components of the network and the impact of the different kinds of threats and attacks. In addition, the course will elaborate on the essentials of how to design, architect a secure enterprise network and how to define security policies, and how-to police it using intrusion detection/ prevention systems. The course is mainly a hands-on all along from examining network security, learning how to attack a network, and learn how to defend it. Policy design and enforcement lab as well as IDS/IPS set up and configuration.

This course will introduce students to cybersecurity operations which includes understanding of the cyberspace in the enterprise. Ethical hacking and penetration testing are at the center of cybersecurity operations. What are the common vulnerabilities and threats to web applications whether front the front-end (browser side) or the back-end (Server-side). All aspects of penetration testing and how to use it in order examine the security of online operation. The importance of data security and the different attacks on databases. Also, the course will illustrate the use of Identity and access management to enforce security and governance. This is a hands-on class, as it will use secure VPN to teach the students about the different topics in a lab environment. In addition, students will the arsenal of offensive security tools comes with Kali Linux to apply and examine the topics taught in class.

This course is designed to acquaint students interested in learning about system administration using tools such as Python and PowerShell. No prior experience in either is required, and a good deal of time will be spent introducing students with topics of general interest and their coding equivalents using these tools. Students will be introduced to topics such as Python and PowerShell automation, NSA Top 10 Mitigations, CIS Critical Security Controls, MITRE ATT&CK mitigations, application of the NSA/DISA Secure Host Baseline, deployment and managing PKI and smart cards.

This course provides fundamental knowledge of secure software development methodologies and applied security topics related to compiled programs. In-depth coverage of source code auditing, fuzzing, introduction to reverse engineering, and exploitation will be emphasized.

The modern security boundary revolves around digital identity. Identity and Access Management (IAM) serves as the fundamental framework for securing access to digital resources. This course is designed to equip students with the essential capabilities to understand the fundamentals of authentication and authorization and for effectively creating and deploying access control measures within enterprise systems. It explores the foundational principles and mechanisms integral to a comprehensive IAM system, leveraging cutting-edge technology that aligns with concepts like Federated Identity, Role-based Access Controls (RBAC), and Attribute-based Access Controls (ABAC) and Zero Trust.

Organizations all over the world are moving to the cloud as their computation platform. This course will focus on cloud security which covers the important aspects of protecting organizational data within the cloud computing environments. The course topics will include fundamental cloud terminology, cloud models, roles and responsibilities matrix, compliance frameworks and regulations such as GDPR, FERPA, SOC2, etc, cloud control implementation including access management, data backups, and encryption, types of cloud platforms (GCP, AWS, Azure), detecting and preventing threats and anomalies and building/evaluating a proper cloud security program for an organization.

This course introduces students to identify the sources of cyber intelligence, including open source information, system logs/files, dark web forum, etc. In addition, the course will guide students to analyze these information to gain insights in solving cybersecurity problems using methods and techniques from textual analysis, data mining and machine learning.

This capstone course focuses on research projects in cybersecurity. The goal of the capstone course is to provide an opportunity for students to incorporate cybersecurity knowledge and skills learned from previous courses and apply them to a real-world project. The project can come from a student’s internship experience, as an extension of a previous research project, or a project with an external client, such as a faculty or an industry expert. Students are expected to work in a team setting to plan, analyze and design a solution to the problem being explored in the project.