Courses in Cybersecurity

C YBR 124X (= C INF 124X) Computer Security Basics (3)
An introduction to security in computer and network systems for a general audience. The operation of computers and networks is explained to show how they are the basis for attacks. The course will confer a basic but comprehensive understanding of how cybersecurity attacks (e.g., viruses, worms, denial of service) work. It will also cover aspects of privacy and other human elements of cybersecurity. Takes a general approach that will result in students prepared to learn about and defend themselves from current and future attacks. Only one version may be taken for credit.

C YBR 242 (= C EHC 242) Cybersecurity (3)
The purpose of this class is to acquaint students with the policy issues associated with cybersecurity, this includes issues like cyber-attacks, network security, incident response, cyber crime, cyber espionage, and cyber conflict. Students will look at how government agencies and private sector entities assess and respond to the changing cybersecurity landscape -- how they assess the risks they face, how they manage those risks through security procedures and practices, and how they mitigate the impact of attacks that do happen on their systems. Only one version may be taken for credit. Prerequisites(s): C EHC/R PAD 101 or C INF/C YBR 124X.

C YBR 306 (= C INF 306) Information Security and Assurance (3)
Technical aspects of cybersecurity in computer and network systems. The nature of attacks and defense in digital systems; models of vulnerabilities, threats, and security; cryptography; forensics; security policies and procedures; software and network security. Only one version may be taken for credit. Prerequisite(s): C INF/C YBR 124X or C INF 203 or C EHC/C YBR 242.

C YBR 403 (= C INF 403) Advanced Networking and Security (3)
This course is designed to provide an advanced coverage of networking with a specific focus on network security and cryptography. Networking security is examined through a study of digital signatures and certificates, authentication protocols, and firewalls and key establishment and management. Also considered are security issues related to people's use of computer networks, communication channels, mobile devices, and the Internet. Also examined are new access control paradigms such as Java security and .NET security. Only one version may be taken for credit. Prerequisite(s): C INF 108, C INF 303, and C INF/C YBR 306.

C YBR 436 Information Security Compliance Auditing (3)
This course focuses on information security and privacy compliance auditing from technical, legal, and business perspectives. The main objective of information security compliance auditing is to ensure business systems, electronic management of data, and critical electronic processes used to achieve organizational goals are adequately controlled, monitored, and accessed in such way to be compliant with government legislation (e.g. HIPM, COPPA, SOX, EU- GDPR, etc.), and industry standards (e.g. JSO, PCI-DSS, etc.). Students are introduced to principle security-related laws, regulations, standards, policies, and guidance. Students learn how to plan audit services in accordance with information security audit standards, guidelines, and best practices as well as how to assess whether an organization has the structure, policies, accountability, mechanisms, and monitoring practices in place to achieve the requirements of corporate governance of IT, and ensuring that the safety and effectiveness of computer systems and their related security components. Prerequisite(s): C INF/C YBR 306.

C YBR 445 (= C EHC 445 & R PAD 445) Principles and Practices of Cybersecurity (3)
This course provides a broad introduction to cybersecurity and the way in which cybersecurity is viewed, studied, or executed by professionals in industry, government, the military, and academia. For students that approach the topic from a policy management perspective, this class will enhance their understanding of the interaction between social, technical, policy, and management factors that affect the creation and management of secure cyber infrastructure. A brief introduction to the technical side of cybersecurity will be provided. The course will offer technically advanced students an opportunity to better understand management, policy, and political equities involved in cybersecurity. Students approaching the subject from either the technical or policy/management perspective will be equipped to take more advanced technical courses in a multitude of disciplines that make up cybersecurity. Only one version may be taken for credit. Prerequisite(s): junior or senior standing or permission of instructor.

C YBR 449 (= C HEC 449 & R PAD 449) Cybersecurity: Long Term Planning and Risk Management
The goal of this course is to equip decision makers with the principles and methods that will allow for more informed budget decisions as it relates to cybersecurity. First this class will review budgeting basics as well as the core of budgeting for information technology and cybersecurity. Then the class will examine risk management as a total program component of cybersecurity as well as apply it to the budgeting process. Finally the class will take a comprehensive approach to managing IT/IS projects from a risk management, budgeting, and procurement point of view. Only one version may be taken for credit. Prerequisite(s): junior or senior standing or permission of instructor.

C YBR 450 (= C EHC 450) Cybersecurity Policy, Law & Institutions (3)
This course examines some of the key debates and issues in cybersecurity - including legal, policy, and economic concerns. Additionally, it will look at key stakeholders; including a variety of enforcement and regulatory institutions at different levels of government, businesses and industries across many sectors, as well as civil society organizations and other non-profit organizations. Some of the topics that will be considered include cybersecurity information sharing, breach notification, the dated legal underpinnings of current cyber enforcement, vulnerability disclosure, encryption and law enforcement access, attribution, liability, and international norm building and coordination. Classroom activities include student debates or mock congressional hearings on many of these issues. Only one version may be taken for credit. Prerequisite(s): C YBR/C EHC 242 or C YBR/CINF 124X.

C YBR 452 (= C INF 452) Computer and Network Security (3)
Theoretical, conceptual and practical aspects of computer and network security. The role of algorithms, systems, humans, software and hardware in computer and network vulnerabilities and defense. The two primary focuses of the course will be on the computer and networks, as centers of vulnerability and defense. The course will emphasize hands-on analysis of security issues. Only one version may be taken for credit. Prerequisite(s): C YBR/C INF 306.

C YBR 453 (= C INF 453) Information Security and Privacy (3)
Security and privacy issues in computer and networked systems. The role of systems, design, implementation, etc. on data security in digital systems. Case studies of these roles and how they affect both data security and vulnerability. The legal and ethical aspects of data security and privacy. Only one version may be taken for credit. Prerequisite(s): C YBR/C INF 306.

C YBR 454 (= C INF 454) Human Aspects of Cybersecurity (3)
The roles of individuals, groups, organizations and governments in computer and network security. How the interactions of these with the technical nature of digital systems in many cases forms the core of vulnerabilities. The trade-offs between security and various measures of utility. Conflicting definitions of security at different levels (e.g., governmental vs. individual). Societal measures and values of security. The course will feature case studies to explore many of these issues. Only one version may be taken for credit. Prerequisite(s): C YBR/C INF 306.

C YBR 455 (= C INF 455) Prevention and Protection Strategies in Cybersecurity (3)
The role of security policies and design strategies to minimize security vulnerabilities in computer and networked systems. The affected areas range from the overall design of systems, networking protocols, operating systems, and applications software on individual computers to the role of coding standards and end user education in security. Only one version may be taken for credit. Prerequisite(s): C YBR /C INF 306.

C YBR 469 (= C EHC 469 & R PAD 469) Cyber Threats and Intelligence (3)
Cyber threats currently are posed by state and non-state actors whose motivations include financial gain, notoriety, social activism, espionage, and even revenge. This course will examine cyber threats from different angles to introduce students to today's actors; motivations; tactics, techniques, and procedures (TTPs); and mitigation techniques, while providing insight into the impact of cyber crimes on victim organizations and employees. A variety of case studies will used to study how TTPs are applied, and aid students in understanding attack consequences, responding agency abilities, and the various protection, mitigation, and remediation measures. The course will also examine models of cyber activity, as well as how models from other fields can be applied to thinking about cyber threats. The objective of the course is to provide students with a foundation for leading their organization in prevention, mitigation, and remediation of cyber-attacks. Only one version may be taken for credit. Prerequisite(s): junior or senior standing or permission of the instructor.