Provides an understanding of IT infrastructure and services, their vulnerabilities as well as the size and complexity of security threats faced by enterprises. Course will focus on the tenets of cybersecurity of confidentiality, integrity, availability and governance. Building on an understanding of these infrastructures, the development of security practices, policies, awareness and compliance programs, and legal and regulatory issues will be examined. Development of a threat assessment mapped to a solution that is supported with a cost/benefit analysis will also be developed. Formerly: TECH 5350/MGT 5387.
Provides students with a working knowledge of fundamental data protection techniques for protecting data at rest, data in motion, and data in processing. Techniques include encryption algorithms and systems (symmetric, asymmetric, standard, digital certificates, and hashes), Steganography, data masking, and data obfuscation. The course will also examine access controls, availability, authentication, confidentiality, data integrity, and non-repudiation are covered and defenses against DDOS and other data attacks. Security by diversity and security in depth will be presented as fundamental requirements. Formerly: TECH 6350 Cryptography.
This course examines legal, privacy and compliance environments facing organizations globally. Students will build an understanding of the complexities of these compliance and legal obligations starting with a general foundation of laws and industry standards that apply across most organizations that handle sensitive data. Examination of industry verticals will expand the student's knowledge of particular federal and state regulatory and industry-based obligations. Course also examines the relevant laws and regulations with regard to law enforcement and civil investigation of digital crimes. Replaces: TECH 6355 Trusted Systems.
This course examines the current topics of cybersecurity attacks and defenses from a global perspective. Security incidents (cases) will be analyzed and technologies and processes studied to better understand how to prevent or minimize a similar threat in the future. Course will be a mixture of traditional concerns around virus protection and spam prevention mixed with new threats introduced by technology such as mobile devices and cloud computing. Corequisite: CYBS 6350. Replaces: TECH 6357 Securing Electronic Business.
This course focuses on operational cybersecurity management issues such as business continuity planning, disaster recovery, identity management, change management, metrics, accreditation, certification, and validation. Examines in detail effective risk assessment programs, disaster recovery planning, how to interpret the sources and levels of risk, how to apply appropriate defensive systems employing security in depth and diversity concepts, and back-up and recovery procedures. Corequisite: CYBS 6350. Replaces: TECH 7350 Managing Information Security.
Students are required to examine cybersecurity at a program and architectural level regarding issues such as risk management, audit, privacy, Information Security Management System (ISMS), and identity management within an organizational context; and be able to define a risk assessment, security awareness, metrics and education strategy; and then present it to the executive board. Prerequisite: CYBS 6350.
Course provides an in-depth understanding of penetration (pen) testing and "ethical hacking", including requirements and reporting. Students will examine the business impact of testing and will conduct security testing (including network and web application penetration testing) in the lab environment that includes: intelligence gathering, identifying and exploiting vulnerabilities, conducting post-exploitation exercises, and reporting results. Students will be required to create a comprehensive report summarizing the findings including recommendations to mitigate the risks identified. Topics will include social engineering, web application testing, managing a security test, and rools of attack. Prerequisite: CYBS 6350. Replaces: TECH 7355 Information Security Risk Mitigation. Course requires a $100.00 Software Materials Fee.
Course provides an in-depth analysis use of industry tools, technologies, and practices involved in gathering, protecting and analyzing digital evidence. The class uses industry tools to perform forensic analysis and examines how various operating systems store data on storage media - hard disk drives and other digital media. The course will highlight how computers are used in crimes and how this can be linked to criminal motivations to focus a digital investigation. Prerequisite: CYBS 6350. Equivalent to TECH 7358 and TECH 7359 (Fall 2008 through Summer 2012). The course requires a $100.00 Software Materials Fee.