This course establishes foundational knowledge of the methodologies, nomenclature, communication skills, principles, and practices related to information assurance and security. This course also introduces current and future technological tools and practices designed to assess vulnerabilities while protecting information technology assets and intellectual property. Must be taken during the first quarter by learners who have been admitted to the MS in Information Assurance and Cybersecurity degree program. Cannot be fulfilled by transfer or credit for prior learning.

In this course, learners examine the technology and security principles that apply throughout system and product life cycles. Learners identify the basic network components in an information technology system, analyze how they interact, and evaluate their role in system operation. Learners explore the basic role and function of network devices including routers, switches, firewalls, VPNs, and intrusion detection as well as the underlying protocols and controls that contribute to their operation. In addition, learners demonstrate their ability to use network security tools and network analysis.

Learners apply foundational concepts of cybersecurity and information assurance to select appropriate information security policies, procedures, and controls to defend enterprise information assets from breaches of confidentiality and integrity. Learners identify specific points of vulnerability that may be mitigated through the use of administrative security policies and operational information security tools. Learners also examine principles of cryptography and some of the security controls and methods that use it. Prerequisite(s): Completion of or concurrent registration in IAS5010 or PM5018 and ITEC5020.

Learners apply cyber-defense and information assurance controls in context of the rules and guidelines that influence them and with an understanding of the security standards, responsibilities, rules, regulations, and issues that impact a particular organization. Learners identify laws and policies related to cyber-defense and how they relate to the storage and transmission of data. Learners also study basic concepts of audit, evidence collection, and chain of custody rules.  Prerequisite(s): Completion of or concurrent registration in IAS5015.

Learners in this course explore the fundamental security issues related to operating system (OS) defense. Learners also employ best practices to harden operating systems and associated software applications using various tools as a part of a layered defense-in-depth strategy. Prerequisite(s): Completion of or concurrent registration in IAS5020.

Learners identify common information security risk analysis methodologies, their characteristics, pros and cons, and applications. Learners examine the sources of risk, including external malicious attackers, intentional and accidental attacks by internal users, and threats from environmental and structural sources. Learners also identify vulnerabilities in hardware, software, locations, and procedures that provide an opening to attackers and create risk to organizations. Learners demonstrate risk assessment techniques through hands-on application of software vulnerability testing tools.  Prerequisite(s): IAS5025.

Learners in this course examine core programming concepts such as variables, iteration structures, decision structures, data structures (such as arrays), and how to combine these core concepts to write simple scripts and programs. Additionally, learners apply secure coding practices using C and the Python scripting language in their associated integrated development environments. In working with the C language, learners apply defensive coding practices designed to prevent many security vulnerabilities. Using Python, learners write scripts that perform important network administration tasks such as monitoring network traffic.

Learners in this course study common security architectures to help identify potential vulnerabilities in architectures, and learn to design secure architectures. Learners identify issues related to the design and implementation of operating system concepts, components and interfaces, and design and implement significant architectural changes to an existing operating system. Learners also examine the authorities, roles, and steps associated with cyber operations, and develop a working knowledge regarding the security issues associated with building complex systems out of third-party components of unknown origin.

In this course, learners gain an understanding of core concepts, technologies, components, and security issues related to mobile and wireless networks. Learners also evaluate approaches to digital communication and analyze how mobile systems operate to facilitate secure access and voice. Finally, learners examine wireless and mobile network principles, architectures, and protocols.

Learners study cryptographic algorithms, protocols, and how they protect information in various states. Learners apply methodology to detect, analyze, and mitigate vulnerabilities and threats within a network environment, and examine the latest network technologies and security issues involved in network communications. Finally, learners identify and demonstrate ways of exploiting vulnerabilities to gain access to a system through penetration testing and network forensics techniques.

Learners investigate abstract data types and how to address them in solving cyber security problems related to network design and engineering. Learners also analyze security requirements while designing network operational systems in order to gain approvals in recognition and compliance with organizational governance and processes. Finally, learners articulate how virtualization and network architecture is implemented, deployed, and used, and describe the implications that interfaces between major components of virtualized systems have for security.

Learners demonstrate their mastery of the program and specialization objectives through application of information security and assurance tools and methodologies. For MS in Information Assurance and Cybersecurity learners only. Must be taken during the learner’s final quarter. Prerequisite(s): Completion of all required coursework. Cannot be fulfilled by transfer or credit for prior learning.