This course provides an overview and foundational understanding of concepts essential to the cybersecurity professional to evaluate best practices in implementing security systems within the enterprise. This course covers key bodies of knowledge in security, privacy, and compliance. Topics include security planning, risk management, security technologies, basic cryptography, digital forensics, application security, intrusion detection and prevention, physical security, and privacy issues.

Upon completion of the course, students are expected to be able to do the following:

• Apply the principles of information technology security
• Analyze situations of computer and network usage from a security perspective to develop a security mindset
• Explain information security’s importance in our increasingly computer-driven world
• Identify appropriate strategies to ensure confidentiality, integrity, and availability of information
• Express management’s role in the development, maintenance, and enforcement of an information security program
• Describe the relationship among laws, regulations, and professional issues in information security
• Articulate how cryptography serves as the central language of information security
• Analyze how physical security fits within an information security program
• Define the roles of computer forensics in information security
• Apply basic software tools for assessing the security posture of a business
• Explain how issues of privacy relate to business information security

This course describes the business context in which a cybersecurity professional must function within an organization. Students examine the interplay between business process and cybersecurity issues in mitigating security threats. An overview of audit, compliance, regulation, and liability for business security, along with how to construct effective continuity and disaster recovery plans, is provided.

Upon completion of the course, students are expected to be able to do the following:

• Manage business decisions affected by changing and diverse external and internal security threats
• Align security functions to business strategy, goals, mission, and objectives
• Determine compliance requirements among contractual, legal, regulatory, privacy requirements, and industry standards
• Outline legal and regulatory issues that pertain to information security in a global context in areas such as cyber-crimes and data breaches, licensing and intellectual property requirements, import/export controls, trans-border data flow, and privacy
• Identify, analyze, and prioritize business continuity requirements through development of a scope and plan and business impact analysis
• Implement disaster recovery processes and understand concepts of response, recovery personnel, communications methods, damage assessment, system restoration and training, and security awareness
• Address security concerns related to personnel safety, travel, security training and awareness, and emergency management
• Develop a security awareness and training program

In this course, students examine the role of security policies, standards, and procedures in addressing business and technical security risks. Students explore the types of policies that are part of an overall security strategy. Policies are discussed that drive computer security, including discretionary access control, mandatory access control, and role-based access control types of policies, and how these are used in organizations. Students develop policies and deployment plans as part of the comprehensive strategic plan for the enterprise.

Upon completion of the course, students are expected to be able to do the following:

• Develop high-level security policies that directly support the mission, vision, and direction of an organization
• Develop issue-specific policies to control use of resources, assets, and activities to support the organization’s goals and objectives
• Develop system-specific policies that express technical details for the implementation, configuration, and management of the system that includes configuration rules and access control
• Develop, document, and implement security policy, standards, procedures, and guidelines
• Create security procedures and administration controls for the enterprise
• Evaluate physical and logical access to assets such as information, systems, devices, and facilities
• Manage identification, authentication, and authorization of people, devices, and services

This course includes a study of the existing risk management frameworks, models, processes, and tools to provide students with the theory and practical knowledge to operationalize risk management in an organization or government agency. Additionally, fundamental concepts in information technology security audit and control processes for an organization are discussed. Students learn to create a control structure and audit an information technology infrastructure.

Upon completion of the course, students are expected to be able to do the following:

• Perform a risk assessment to determine the extent that an organization’s technology assets are exposed to risk
• Demonstrate the concepts of risk appetite and residual risk as they apply to information assets of an organization
• Complete a threat assessment that identifies asset vulnerabilities and ranks threats based on likelihood and financial impact
• Apply the risk control strategies of transfer, mitigation, acceptance, and termination and how a cost-benefit analysis is utilized in determining which strategy to implement
• Employ risk assessment and analysis techniques that include risk response and countermeasure selection and implementation
• Apply risk-based management concepts to the supply chain with an understanding of risks associated with hardware, software, and services
• Conduct a security control testing plan that involves a vulnerability assessment, penetration testing, log reviews, synthetic transactions, code review, and interface testing
• Verify controls are applied consistently
• Define how business alignment, risk appetite, and risk aversion affect the security program implementation

This course introduces the principles and best practices for incident response, along with an overview of digital forensics. Students understand the goals of incident response and learn how to prepare and respond to information security incidents and understand how the incident occurred. Students understand the process of collecting and analyzing data, and the process of remediation. The course outlines the investigative and analysis process, tools, digital evidence, and applicable law with a focus on computer, mobile, network, and database forensics.

Upon completion of the course, students are expected to be able to do the following:

• Implement the basics of evidence collection and documentation, reporting, investigative techniques, digital forensics tools, and procedures
• Interpret requirements for investigation types of administrative, criminal, civil, regulatory, and industry standards and the associated costs
• Identify the implications of data location in responding to security incidents
• Conduct incident management through all stages of a breach with knowledge of detection, response, mitigation, reporting, recovery, and remediation
• Adjust preventative measures in response to security incidents
• Implement recovery strategies such as backup, recovery sites, multiple processing sites, and system resilience via high availability, Quality of Service (QoS), and fault tolerance
• Develop incident reports and analysis presentations