Program Overview

This course is an introduction to the field of cyber security. Students will be given an introductory overview of the various domains, concepts and principles of cyber security. Topics include security foundation concepts, threats, attacks and vulnerabilities, identity and access management, risk management, personal devices (BYOD), incident response and recovery, networks and communications, systems and application security.

This course is designed to provide an understanding of Windows systems and Active Directory domains. Students will become familiar with operating system security in general, and Windows security in particular. Students also will learn to use PowerShell, Windows Management Instrumentation (WMI), command-line and graphical tools to analyze Windows systems. Topics include PowerShell command essentials, password management, user right assignments, system security settings, file and share permissions, registry permissions and settings, Windows logging and continuous monitoring for Windows.

This course explores Linux and Unix security issues that include specific configuration guidance and practical, real-world examples, tips, and techniques. Students will learn how to mitigate or eliminate general problems that apply to Unix-like operating systems, including vulnerabilities in the password authentication system, file system, virtual memory system, and applications that commonly run on Linux and Unix. Topics include Linux basics, command-line tools and scripting, file permissions, file integrity, groups and privileges, patching, logging, and monitoring.

Students who complete the course will understand how networks work and generally how they should be secured. Students will learn how to securely configure VLANs, how to determine perimeter firewall requirements, how to configure routers and various network devices. In addition, students are guided through industry best practices for using network mapping tools and vulnerability scanners to assist the organization in securing the network. Topics include VLAN, Nmap, routers and switches confirm security, firewall, wireless and vulnerability assessment.

This course provides the opportunity to study the pool of technologies that make modern web applications work and the tools with which security practitioners can secure applications. Students are aided to learn the technologies which make the web work, including the basics of HTML, HTTP, AJAX, web servers and databases. Students also will learn the resources available from the Open Web Application Security Project (OWASP), focusing on their Top 10 vulnerabilities list. Topics include secure development practices, OWASP Top 10 list, authentication, session handling, data handling, logging and monitoring.

This course provides coverage of various cloud computing delivery models, security tools and implementations. It helps the students to advance their technical skills and knowledge to secure data, applications, and infrastructure in the cloud. Topics include cloud concepts, cloud data security, cloud platform & infrastructure security, cloud application security, Amazon Web Service (AWS), operations, legal issues, and compliance.

This course covers the use of various cybersecurity controls, implementations, and security operations. Students will be introduced to various proven techniques and tools needed to monitor and maintain the cybersecurity controls. Topics include monitoring specified cybersecurity controls, cybersecurity procedure execution, collecting event data, sending and receiving event data, and verifying identities and credentials.

This course is designed to provide an introduction of key concepts and procedures in digital forensic matters. Students will become familiar with key forensic investigation scenarios and will be directed to apply the techniques to acquire hands-on experience. Topics include the computer forensics investigation process, understanding file systems, operating system forensics, network forensics, and malware forensics.

This course introduces hacking tools and techniques used by hackers and information security practitioners. Introduction to the tools, techniques, and methodologies for penetration testing. Topics include introduction to penetration testing, scanning networks, enumeration, system testing, sniffing, denial-of-service, session hijacking, social engineering, scanning wireless networks and mobile platforms.

Students who complete the course will know the disaster recovery options and procedures used for various system restorations. This course ensures that students are exposed to several procedures and methods that help secure a network. Topics include disaster recovery and business continuity, cyber system restoration, backup site preparation and utilization, deficiency and error reporting.