This course introduces general cybersecurity principles for majors or non-majors. This includes understanding cybersecurity offense and defense, the role of cybersecurity professionals, and legal and ethical principles.

Computer and communications networks are the very environment in which cyber operations are conducted. An understanding of these networks is essential to any discussion of cyber operations activities. Specific topics to be covered to satisfy this knowledge unit must minimally include: Routing, network, and application protocols (TCP/IP (versions 4 and 6), ARP, BGP, SLL/TLS, DNS, SMTP, HTTP), network architectures, network security, wireless network technologies, network traffic analysis, protocol analysis (examining component-to-component communication to determine the protocol being used and what it is doing), and network mapping techniques (active and passive).

An overview of wireless and mobile security providing students with practical and theoretical experiences. Topics include threat analysis, security infrastructure, security services, wireless network security components. Topics include, but not limited to: overview of smart phone technologies, overview of embedded operating systems (e.g., iOS, Android), Wireless technologies (mobile: GSM, WCDMA, CDMA2000, LTE; and Internet: 802.00b/g/n), Infrastructure components (e.g., fiber optic network, evolved packet core, PLMN), Mobile protocols (SS7, RR, MM, CC), Mobile logical channel descriptions (BCCH, SDCH, RACH, AGCH, etch.), Mobile registration procedures, mobile encryptions standards, Mobile identifiers (IMSI, IMEI, MSIDN, ESN, Global Title, E.164), and Mobile and Location-based services.

Topics include computer hardware and software, communication and networks, databases, e-commerce technology, design and development of information systems, Cloud computing, information security, privacy, ethics, and social impact.

An overview of operating systems will then lead to a systematic approach to incident response will be reviewed, focusing on a six step process (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned.) Network Forensics (tcpdump, Wireshark, nfsen,) and legal aspects of both investigation and preservation will be discussed.

Virtualization technology has rapidly spread to encompass workstations, servers, infrastructure devices, storage, and networks, and such has become critical to cyber operations. Specific topics to be covered in this knowledge unit must minimally include, but are not limited to: Virtualization techniques, Virtual machine architectures, uses of virtualization for: security, efficiency, simplicity, and resource savings (space, admin overhead).

An introduction to the study of the basic structure and language of machines. Topics include basic concepts of Boolean algebra, number systems, language, addressing techniques, data representation, file organization, symbolic coding and assembly systems, using of macros, batch operation and job handling.

Topics covered include: security fundamental principles, vulnerability assessment, intrusion detection, cryptography protocols, network defense, trust relationships, and legal and ethical issues in computer security. A balance between theory and current practice will be presented. Topics to be covered include, but are not limited to: identification of reconnaissance operations, anomaly/intrusion detection, anomaly identification, identification of command and control operations, identification of data exfiltration activities, identifying malicious code based on signatures, behavior, and artifacts, networking security techniques and components (e.g., firewalls, IDS, etc.), cryptography (include PKI cryptography) and its uses in cybersecurity, malicious activity detection, system security architectures and concepts, defense in depth, and virtualization.

Embedded software vulnerabilities and secure programming methods are introduced through hands-on projects. Buffer overflow attacks are discussed. After completing the course content mapped to this knowledge unit, students will be able to develop programs that can be embedded into an OS kernel, such as a device driver, with the required complexity and sophistication to implement exploits for discovered vulnerabilities. Students will be able to write a program that implements a network stack to manage network communications.

This course introduces penetration testing for the purposes of learning about cyber security vulnerabilities. Topics include: vulnerability taxonomies, buffer overflow attacks, password attacks, trust relationship exploitation, race condition exploitations, and local vs remote exploitations. The topics will be enhanced with hands-on examples using Linux.

Aspects of computer systems, such as pipelining, memory hierarchy, and input/output systems. Performance metrics. Examines each component of a complicated computer system. Topics include: performance evaluation, instruction set architecture, machine arithmetic, data paths and pipelining, memory hierarchy, branch prediction, scheduling techniques, multiprocessors.

Techniques in modern cryptography will be presented such as stream ciphers, DES, AES, block ciphers, etc. The course will discuss the level of security that various protocols provide and how to select an appropriate protocol for a specific application with an understanding of the limitations of key management systems, such as symmetric and asymmetric encryption, will be presented. Select protocols will be implemented in appropriate programming languages or systems.

This course will provide an overview to large scale distributed systems. Topics include: concepts of distributed systems (threads, concurrency, dead/live lock, consistency, scalability, fault tolerant, etc.), design and development of large scale distributed systems (TCP/IP, UDP, networking data transfer, synchronization, threads, distributed locking, etc.), basic distributed algorithms that can be applied in practical systems, different kinds of cloud computing architecture models, services, and security issues, components (logical and physical) of cloud architecture, data paths within a given cloud design.

An overview of the principles and methodologies of secure programming and the techniques involved in creating, debugging, and testing secure software to ensure it is capable of mitigating vulnerabilities.

This course will address the interaction of human behavior, cybersecurity controls, and the resulting security and privacy concerns. Topics covered in the class include: development and analysis of information security policies for user governance, ethical considerations of the impact of security policies on employee privacy, and security training and compliance for employees.

This course provides an overview for Information Security and Assurance to allow students to understand the key issues associated with protecting information assets, determining the levels of protection and response to security incidents, and designing a consistent, reasonable information security system, with appropriate intrusion detection and reporting features. Topics include but are not limited to: inspection and protection of information assets, detection of and reaction to threats to information assets, and examination of pre- and post- incident procedures.

This course will provide a high-level explanation of the legal issues governing the authorized conduct of cyber operations and the use of related tools, techniques, technology and data. Both international and U.S. laws that operations in cyberspace must be in compliance, will be introduced. Specific topics to be covered in this knowledge unit must minimally include: International Law: Jus ad bellum, United Nations Charter; Jus in bello, Hague and Geneva Conventions. U.S. Laws: Constitution, Article I (Legislative Branch), Article II (Presidency), Article III (Judiciary), Amendment 4 (Search and Seizure), and Article 14 (Due Process); Statutory Laws: Title 10 (Armed Forces), Title 50 (Espionage and Covert Action), and Title 18 (Crimes) 18 USC 1030 (Computer Fraud and Abuse Act), 18 USC 2510-22 Electronic Communications Privacy Act, 18 USC 2701-12 Stored Communications Act, 18 USC 1831-32 Economic Espionage Acts.

This is a lab designed to support CSEC 4243.

An integrative and intensive learning project which culminates the cyber security program during the senior year. Student will build on program course work to develop a strategic evaluation and plan for the management of secure information systems in an organization, either real or hypothetical. Student may use a start-up project as well. At the end of the project, the student will present their proposals or finding and recommendations to a panel of faculty and fellow students.

A supervised, practical experience providing cybersecurity majors with hands-on professional experience in a position relating to an area of career interests. The student should secure an approved internship prior to course enrollment. During the internship, the student will submit regular reports regarding their internship experience.

A supervised, practical experience providing cybersecurity majors with hands-on professional experience in a position relating to an area of career interests. The student should secure an approved internship prior to course enrollment. During the internship, the student will submit regular reports regarding their internship experience.

A supervised, practical experience providing cybersecurity majors with hands-on professional experience in a position relating to an area of career interests. The student should secure an approved internship prior to course enrollment. During the internship, the student will submit regular reports regarding their internship experience.