Cybersecurity (CYB)

This course introduces the basic concepts of computer security for undergraduate students who possess an introductory background in computing. Computer security is important in an era when computer systems are handling most of personal information, organizational transactions, and critical infrastructure. Information technology professionals should be able to recognize vulnerabilities in their computer systems, possible threats from inside and outside of the organization and security technologies to mitigate the threats. Students will gain hands-on experience by investigating security problems through lab exercises. Using a group project, the class will encourage students to develop generate an interest in specific topics in computer security.

This course covers the domains of human security and organizational security. The course will begin with discussing topics related to protecting an individual’s data and privacy and personal life in the context of organizations. Following the concepts of human security, the course will discuss potential cyber risks and threats targeting at organizations, and strategies and methods to protect organizations from cybersecurity threats, while managing risk to support the organization’s mission. In terms of organizational security, this course will first introduce methods to identify information assets, prioritize threats to information assets, and define an information security strategy and architecture. The course will then introduce methods and practices to develop system specific plans to protect against various threats. Most importantly, students will learn about the legal and public relations implications of security and privacy issues. Finally, the course will present a disaster recovery plan for recovery of information assets after cybersecurity incidents.

Operating systems (OS) provide the platform to run software and is used to manage computing resources. An OS is responsible for working with the underlying hardware to provide the baseline security capabilities of a system. Understanding the underlying theory of operating systems design is critical to cybersecurity as operating systems control the operation of a computer and the allocation of associated resources. This course provides students with an understanding of the role of an operating system, its basic functions, and the services it provides. Through lab exercises, this class will also identify the key issues and functions in administrating a Linux operating system.

The security of a system and the data depends in large part on the security of its software. The security of software depends on how well the requirements match the needs that the software must address, how well the software is designed, implemented, tested, and deployed and maintained. This course will first introduce C programming language, then explore software vulnerabilities using examples in C and last discuss fundamental principles and practices for software security.

This course is designed to prepare students for participation in Cyber Defense Competitions and similar events. The goal of the course is to enable students learning about cyber defense through hands-on practice and team exercises. Students will learn about network security, system administration, and incident response techniques, and will gain hands-on experience by simulating real-world scenarios in a lab environment.

This course will introduce the students to an overall view of network security and the latest defense techniques and strategies known in the enterprise. Starting with understanding network elements and architecture to how to identify and understand the different vector of attacks on a network. This includes sampling forensics and understanding the new concept of threat intelligence. Students will understand risk assessment and risk management for different components of the network and the impact of the different kinds of threats and attacks. In addition, the course will elaborate on the essentials of how to design, architect a secure enterprise network and how to define security policies, and how-to police it using intrusion detection/ prevention systems. The course is mainly a hands-on all along from examining network security, learning how to attack a network, and learn how to defend it. Policy design and enforcement lab as well as IDS/IPS set up and configuration.

This course will introduce students to cybersecurity operations which includes understanding of the cyberspace in the enterprise. Ethical hacking and penetration testing are at the center of cybersecurity operations. What are the common vulnerabilities and threats to web applications whether front the front- end (browser side) or the back-end (Server-side). All aspects of penetration testing and how to use it in order examine the security of online operation. The importance of data security and the different attacks on databases. Also, the course will illustrate the use of Identity and access management to enforce security and governance. This is a hands-on class, as it will use secure VPN to teach the students about the different topics in a lab environment. In addition, students will the arsenal of offensive security tools comes with Kali Linux to apply and examine the topics taught in class.

This course provides a comprehensive introduction to Industrial Control System (ICS) cybersecurity principles, practices, and technologies. Students will gain an understanding of ICS architecture, common vulnerabilities, security best practices, incident response procedures, and emerging threats within the industrial sector. The course combines theoretical knowledge with practical exercises and real-world case studies.

This capstone course focuses on research projects in cybersecurity. The goal of the capstone course is to provide an opportunity for students to incorporate cybersecurity knowledge and skills learned from previous courses and apply them to a real-world project. The project can come from a student’s internship experience, as an extension of a previous research project, or a project with an external client, such as a faculty or an industry expert. Students are expected to work in a team setting to plan, analyze and design a solution to the problem being explored in the project. Industry and academic experts in cybersecurity will be invited as project clients to provide project topic and define project scope.