ISTM - Information Systems and Technology Management
ISTM100A Preparation For An Education in I.T. and Cybersecurity 1 (Course offered online)
Credit 1Fall
This course is part of a three-course series that prepares students to meet the demanding nature of pursuing an education in the fields of information technology and cybersecurity. This series focuses on essential concepts and skills needed for academic success throughout the cybersecurity (ISTM) and computer information systems (CIS) programs. Students are given explicit support in their ISTM and CIS courses, while learning effective study, reading, and notetaking skills as it pertains to their technology related coursework. In ISTM100A students are introduced to college services and resources, college policies and procedures, time management concepts, different learning strategies, and are introduced to peer groups.
View Course Outcomes:
- Apply metacognitive and research-based study strategies to coursework to aid in students overall success as a technology student.
- Critically and actively read college-level, technology themed texts/resources, and demonstrate that they can extract the central ideas and processes from those texts/resources
- Draft a clear scope of assessments, routines, due-dates, and other important expectations for a college course
- Create digital or physical organizational tools to ensure that they are highly organized and have a clear sense of all the various assets for a course
- Distinguish between various departments, organizations, and support services within a typical college/university
ISTM100B Preparation For An Education in I.T. and Cybersecurity 2 (Course offered online)
Credit 1Winter
This course is part of a three-course series prepares students to meet the demanding nature of pursuing an education in the fields of information technology and cybersecurity. This series focuses on essential concepts and skills needed for academic success throughout the cybersecurity (ISTM) and computer information systems (CIS) programs. In ISTM100B students are reintroduced to concepts presented in ISTM100A along with test-taking skills and strategies needed to prepare for industry-level certification exams required in the field of information technology and cybersecurity. Also introduced are various troubleshooting tips and techniques used in the technology industry.
View Course Outcomes:
- Apply metacognitive and research-based study strategies to coursework to aid in students overall success as a technology student.
- Apply various exam-taking techniques to successfully study for and attempt industry-recognized certification exams found across the IT and information security sector
- Critically and actively read college-level, technology themed texts/resources, and demonstrate that they can extract the central ideas and processes from those texts/resources
- Demonstrate problem-solving and self-advocacy by accessing and utilizing appropriate college resources
ISTM100C Preparation For An Education in I.T. and Cybersecurity 3 (Course offered online)
Credit 1Spring
This course is part of a three-course series to prepare students to meet the demanding nature of pursuing an education in the fields of information technology and cybersecurity. This series focuses on essential concepts and skills needed for academic success throughout the cybersecurity (ISTM) and computer information systems (CIS) programs. In ISTM100C students are reintroduced to concepts presented in both ISTM100A and ISTM100B. Students also form meaningful and structured academic peer groups in preparation for cybersecurity competitions.
View Course Outcomes:
- Apply metacognitive and research-based study strategies to coursework to aid in students overall success as a technology student.
- Utilize various exam-taking techniques to successfully study for and attempt industry-recognized certification exams found across the IT and information security sector
- Critically and actively read college-level, technology themed texts/resources, and demonstrate that they can extract the central ideas and processes from those texts/resources
- Work effectively in a collaborative peer group in the pursuit of group-based assessments and as a general study group
ISTM133P Introduction to Python (Course offered online)
Credits 4Summer/Fall/Winter
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels.
An introduction to Python programming for majors and non-majors. Emphasizes the importance of program design as part of the software development life cycle. Provides examples of well-designed software projects and introduces the student to effective design techniques. Students are expected to design small programming projects and implement the designs in the Python programming language. Structured program construction techniques, object orientation, data validation and user interface issues are explored as part of introduction to a high-level scripting language.
View Course Outcomes:
- Demonstrate basic debugging techniques
- Demonstrate programming proficiency using simple scripts (e.g. linear, looping, automation)
- Describe basic Boolean operations (e.g. AND, OR, XOR, NOT)
- Describe data variable assignment.
- Describe Object Oriented programming and object creation.
- Differentiate various secure programming techniques (e.g. data validation, try/except, etc.)
- Properly apply basic programming constructs and concepts
- Solve programming problems using simple and compound conditional code (e.g. if/elif/else, switch, case, etc.)
- Write short error-free programs using variables, subroutines/functions, control structures, and arrays from a design document
ISTM140L Preparation for Linux (Course offered online)
Credits 4Winter/Spring
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels. Participation in this class is recommended before starting second-year cyber security training.
This course introduces students to the fundamentals concepts of the Linux operating system. This course serves two purposes: to introduce students to the Linux environment and build functional skills around command-line interfaces, and introduces students to Linux server and system administration concepts. The current version of this class focuses on Red Hat Enterprise Linux 8 (and preparation for the RHSCA exam). However, the skills developed in this course can be transferred to other Linux distributions as well.
Additional Course Fee: $35.00
View Course Outcomes:
- Perform basic to intermediate system administration tasks, including configuration, maintenance, deployment, and management
- Work with the Linux command line interface functionally and fluidly as a means to accomplish a range of given tasks
ISTM151N Preparation for Network+
Credits 4Fall/Spring
Registration Requirement: None. Basic computer literacy is recommended.
This class prepares students for the current version of the CompTIA Network+ certification exam. Training in this class is designed toward acquiring basic understanding and skills necessary to provide general networking support for a technician working in a general business environment. Students will leave with basic understanding of how networks are built and operate, and will have some experience with basic network analysis tools. Students are exposed to the concept of potential vulnerabilities in a network. Most contents of this class align with the CAE Core Knowledge Unit 'Basic Networking'.
View Course Outcomes:
- "Critically analyze various network security issues and vulnerabilities. (O6, T9)
- Describe the fundamental concepts, technologies, components and issues related to communications and data networks. (O1)
- Design a basic network architecture given a specific need and set of hosts/clients. (O2)
- Differentiate coming network media (wired, optical, wireless). (T2)
- ""Differentiate various """"Area Network"""" topologies. (T3)""
- Differentiate various network protocols (IP, TCP, UDP, ICMP). (T5)
- Differentiate various network services (DNS, NPT, VLAN). (T6)
- Identify and describe various network administrative tools. (T8)
- Identify and explain the networking models OSI and IP. (T1)
- Identify common network devices and explain their role in a network (Routers, Switches, Hosts, VPNs, Firewalls) . (T4)
- "
ISTM171 Introduction to Cloud and Virtualization Technologies (Course offered online)
Credits 3Spring
Registration Requirement: RD090, WR090, and MTH020 with a "C" grade or better.
This course will introduce students to the foundational principals of cloud and virtualization technology. Students will get access to real cloud computing platforms, and build and manage cloud infrastructure. Students will also learn the foundational of virtualization technologies, and the infrastructure of virtualized systems. This course will help to prepare students for industry certifications involving cloud and virtualization technologies.
View Course Outcomes:
- Configure and deploy cloud and virtualization technologies
- Define the risks, solutions, and considerations surrounding cloud and virtualization security
- Maintain and update existing cloud and virtualization instances and configurations
- Manage the logistics of implementing and maintaining cloud infrastructure
- Troubleshoot and resolve common cloud and virtualization-related issues
ISTM183A Preparation for A+ Essentials
Credits 3Fall/Winter
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels.
Students in this class receive training in the material appropriate to prepare for the CompTIA A+ Essential certification. Topics in this class include PC system components, storage devices, mobile computers, printer installation and configuration, operating systems features and interfaces, troubleshooting theory and preventative maintenance, as well as other topics leading to computer competency. Students are strongly encouraged to complete ISTM183A before enrolling in ISTM183B. However; co-enrollment or reverse ordering is permitted.
View Course Outcomes:
- Compare and contrast various computer network strategies.
- Compare and contrast various mobile computing devices
- Describe the hardware components of modern computing environments and their individual functions.
- Differentiate between troubleshooting theories.
- Identify and describe common primary storage devices.
- Identify various operating system features.
- Identify, describe and configure display devices.
- Prepare students to participate in the CompTIA A+ Essentials certification
- Properly use the Vocabulary associated with cyber security.
- Recommend an appropriate preventive maintenance protocol.
- Recommend operating system settings for optimal computer operation.
- Troubleshoot basic office computer devices (hardware, software, printers, etc.)
ISTM183B Preparation for A+ Practical Application (Course offered online)
Credits 3Winter/Spring
Registration Requirement: ISTM183A; or CompTIA Essentials Certification (220-901).
Students in this class will receive training in the material appropriate to prepare for the CompTIA A+ Practical Application certification (presently 220-902). Topics in this class include basic networking, networking security fundamentals, basic network installation, operational procedures, installation and maintenance of various computer components, resolving printer problems, system structures and commands, system security and fundamental CyberSecurity concepts. Students are strongly encouraged to complete ISTM183A before enrolling in ISTM183B. However; co-enrollment or reverse ordering is permitted.
View Course Outcomes:
- Apply troubleshooting skills
- Assemble components based on customer requirements
- Install, configure and maintain devices, PCs and software for end users
- Properly and safely diagnose, resolve and document common hardware and software issues
- Provide appropriate customer support
- Understand the basics of networking and security/forensics
- Understand the basics of virtualization, desktop imaging and deployment
ISTM183C Fundamentals of CyberSecurity
Credits 3Fall/Winter/Spring
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels.
This course focuses on introducing students to the critical concepts and principals that surround cyber security. The primary purpose of this course functions as a survey of major topics in the cybersecurity field, but also introduces a range of interrelated industry vocabulary, tools, frameworks, and methodologies. This class should be taken prior to any 200-level security courses.
Additional Course Fee: $35.00
View Course Outcomes:
- Define and understand the context and importance of core principles of cyber security
- Evaluate various security systems, practices, and frameworks for overall effectiveness, usability, and feasibility
- Properly and intentionally use and understand the vocabulary associated with cyber security
ISTM189 Wireless Security (Course offered online)
Credits 3Fall
Registration Requirement: RD090, WR090, and MTH020 with a "C" or better. CIS151 preferred, but not required.
This course focuses on securing wireless networks through encryption, analysis, and performance-based metrics. Students will be able to configure and troubleshoot wireless network systems with specific configuration needs determined by the activity.
Additional Course Fee: $35.00
View Course Outcomes:
- Develop a report that will analyze the impact of wireless technologies on radio-based devices
- Evaluate wireless security risks for personal and enterprise networks
- List terminology associated with wireless security, including acronyms
- Recommend appropriate mitigation actions for any identified risks as well as the potential impact
- Research and develop an enforceable wireless security policy, including encryption and monitoring methods
- Use physical port security, access control lists, and firewall settings to prevent unauthorized access
ISTM197IIT Internet Infrastructure and Technologies (Course offered online)
Credits 3Summer/Spring
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W, with a grade of "C" or higher; and MTH020 or higher; or placement above stated levels. Recommended requisite: Programming language experience recommended but not required.
The purpose of this course is to introduce students to the fundamental infrastructure that powers the Internet. It focuses on both the physical and logical infrastructure that the Internet relies on. Students examine major programming languages used to develop web applications and, by the end of the course, are able to develop small web applications. Various protocols that powers the Internet, as well as other peripheral technologies that impact the overall experience of using and maintaining the Internet are covered. This is a not a web development course, rather, it focuses on the underlying infrastructure that powers the internet.
View Course Outcomes:
- Identify and categorize the underlying physical and logical infrastructure of the internet
- Create and modify basic web applications using modern web programming languages
- Relate peripheral technologies and protocols to each other and illustrate how those technologies impact web applications and the infrastructure of the internet
ISTM233P Python for Cyber Security (Course offered online)
Credits 4Winter/Spring
Registration Requirement: ISTM133P, CIS122 (if less than 5 years old), or instructor consent.
This class introduces students to intermediate Python programming skills utilizing a variety of cyber security related activities and techniques. Utilizing Python programs and libraries in a virtualized "sandbox" environment, students will create Python programs to scan network vulnerabilities, perform cryptography, perform password cracking, and more. Students participating in this class must sign an MHCC "White Hat Agreement".
View Course Outcomes:
- "Demonstrate proficiency in using Python for fundamental ""white hat"" security techniques
- Design a virtual testbed environment for safe testing of security techniques
- Develop intermediate level Python programming skills
- "
ISTM235MA Mobile Apps 1: Introduction to iOS Mobile Applications Development
Credits 3Winter
This class forwards the student into the creation of several intermediate level mobile applications and a class project of their own design. Topics in this class include working with lists, creating assets, and creating simple games. Students will design and create their own project using Apple oriented design techniques. Finished projects will be presented to the class. Much of the curriculum for this training is provided by Apple Corporation designed for Career Technical preparation.
Additional Course Fee: $20.00
View Course Outcomes:
- Compare and contrast looping structures such as For In, While, Stride, and Repeat While
- Critically analyze a conditional programming scenario and choose the best structure to lead to a conclusion
- Demonstrate common data manipulation techniques such as data types, math, and string manipulation
- Demonstrate how the use of Functions creates efficiency in code
- Design a simple mobile application
- Design an intermediate mobile application
- Differentiate between a variety of Controls, and chose the appropriate control for a particular design requirement
- Present a completed intermediate mobile app
ISTM235MB Mobile Apps 2: Intermediate iOS Mobile Applications Development
Credits 3Spring
Registration Requirement: Completion of ISTM235MA with a grade of "C" or better; OR, demonstrated prior programming skills or experience using Swift.
This class forwards the student into the creation of several intermediate level mobile applications and a class project of their own design. Topics in this class include working with lists, creating assets, and creating simple games. Students will design and create their own project using Apple oriented design techniques. Finished projects will be presented to the class. Much of the curriculum for this training is provided by Apple Corporation designed for Career Technical preparation.
Additional Course Fee: $20.00
View Course Outcomes:
- "Compare and contrast several apps of a similar genre for positive and negative functionality
- ""Create a class project app and design a """"story board"""" for its function""
- Create a new method for an existing control
- Create icons and images using Asset Maker or equivalent software
- Deliver a class presentation on the final product of the app
- ""Demonstrate several testing a debugging techniques to """"proof"""" an app""
- Demonstrate the use of internal lists to store data across events
- Differentiate intermediate controls and adapt them into a User Interface (UI)
- Differentiate various methods of making a new app available for distribution in the Store
- "
ISTM283A Fundamentals of Disaster Recovery and Business Continuity (Course offered online)
Credits 3Winter
Students in this class receive instruction and lab assignments on Incident Response (IR), Disaster Recovery (DR) and Business Continuity (BC) which are directed to the creation of fundamental protocols necessary for the recovery and continuity of a business in the event of a severe cyber failure, disaster or attack. Students will be exposed to various laws applicable to cyber security breeches and how to maintain compliance to said laws. Students will be exposed to basic risk assessment techniques appropriate for designing a cyber security policy and procedures manual. Some outcomes of this class map to NIST/CAE Knowledge Units Cybersecurity Foundations (CSF), and IT Systems Components (ISC).
View Course Outcomes:
- Describe an organization's responsibilities related to the handling of data as it pertains to legal, ethical and/or agency auditing issues.
- Describe appropriate measures to be taken should a system compromise occur.
- Describe how the type of legal dispute (civil, criminal, private) affects the evidence used to resolve it.
- List the applicable laws and policies related to cyber defense and describe the major components of each pertaining to the storage and transmission of data.
- Understand the Federal, State and Local Cyber Defense partners/structures.
ISTM283B Firewall Implementation
Credits 3Winter
Registration Requirement: Recommended: ISTM183C, AND; ISTM151N OR CIS151; OR Instructor Approval
This course provides the student with a general understanding of how to install, configure, and manage firewalls for defense of enterprise network architecture. Students will: learn the theory and configuration steps for setting up the security, networking, threat prevention, logging, and reporting features of next generation firewall technologies; learn the nature and scope of today's cybersecurity challenges, strategies for network defense, as well as detailed information about next-generation cybersecurity solutions; deploy a variety of security methodologies as well as technologies and concepts used for implementing a secure network environment. Components of this class map to CAE KUs Network Defense and Cyber Foundations.
Additional Course Fee: $35.00
View Course Outcomes:
- Apply advanced filtering methodologies such as user, application, and content ID to protect against all known and unknown attack vectors
- Design a network defense strategy using a variety of tools (e.g. firewalls, DMZ, VPNs, Honeypots, etc.)
- Examine and compare mobile and cloud-based connection technologies
ISTM283CC Cyber Competition
Credits 3Fall
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels.
This course introduces students to capture-the-flag (CTF) cyber competitions, and teaches students who to pull their knowledge from other courses to solve cyber-related puzzles. This course will demand that students test their knowledge of various security domains, their problem solving skills, and learn a range of ethical hacking and reverse engineering tools to overcome the presented challenges. The current iteration of this course will have students competing in the National Cyber League (NCL) during the fall season. For student success, students should have taken ISTM140L, CIS122, and ISTM183C.
Additional Course Fee: $60.00
View Course Outcomes:
- Students will use critical thinking and research skills to overcome CTF-style challenges
- Students will work with a range of ethical hacking and reverse engineering tools
ISTM283CO1 Cyber Operations 1
Credits 3Winter
Registration Requirement: Corequisite: CIS153
Cyber Ops 1 introduces the core security concepts and skills needed to monitor, detect, analyze and respond to cybersecurity issues facing an organization. This course will emphasize the practical application of skills needed to maintain and ensure security operational readiness of secure networked systems. The skills developed in the curriculum prepares students for a career as Security Op Center analyst or Incident Responder.
Additional Course Fee: $35.00
View Course Outcomes:
- Explain and and use hands on skills to show how to detect and respond to security incidents
- Explain how organizations deal with cybercrime, cyberespionage, insider threats, advanced persistent threats, regulatory requirements, and related issues
- Practice job-ready skills for in-demand job roles in cybersecurity operations
ISTM283CO2 Cyber Operations 2
Credits 3Spring
Registration Requirement: ISTM283CO1
Cyber Ops 2 takes the student deeper into the practical application of skills needed to maintain and ensure security operational readiness of secure networked systems. The skills developed in the curriculum prepares students for a national cyber competition.
Additional Course Fee: $35.00
View Course Outcomes:
- Compete in a national cyber team competition
- Develop knowledge base for industry recognized CCNA Cybersecurity Operations certification
- Explain and use hands on skills to show how to detect and respond to severe security incidents
- Explain how organizations deal with cybercrime, cyberespionage, insider threats, advanced persistent threats, regulatory requirements, and related issues
- Practice job-ready skills for in-demand job roles in cybersecurity operations
ISTM283F Practical Digital Forensics
Credits 3Spring
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH020; each with a grade of "C" or better, or placement above stated course levels.
This intermediate level course presents digital forensics instruction from a systems security perspective using a variety of software. Students participating in this class will use a variety of digital forensics tools; and are exposed to drive image making, working with various PC and Mobile device hardware, and investigations of files and documents. Investigative techniques practiced in this class are performed in a secure environment.
Additional Course Fee: $35.00
View Course Outcomes:
- Analyze various cases to determine digital actions of a user
- Compare and contrast analysis differences between common computer operating systems
- Demonstrate analysis techniques to open SAM, SYSTEM and SECURITY files
- Demonstrate the creation of a digital image of a physical storage device
- Describe an appropriate evidence handling process
- Describe how analysis of computer logs demonstrate attribution
- Describe various laws affecting the pursuance of a forensic analysis.
- Explain how deleted digital information can be recovered
- Using an existing report template, write a report of an analysis of digital evidence for a case
- Using common digital forensics tools, demonstrate the technique for locating a variety of file types
ISTM284E Ethical Hacking
Credits 3Winter
Registration Requirement: ISTM183C and ISTM140L or equivalent knowledge. Instructor approval required to override these .
This class demonstrates the ethical use of various "white hat" cyber penetration testing tools and techniques consistent with Ethical Hacking training. Network tools and techniques take place in an enclosed "sandbox" environment. Students are exposed to various computer hacking skills and analyze various protective measures and their effectiveness.
Additional Course Fee: $35.00
View Course Outcomes:
- Apply a penetration a testing framework and methodology to find and act upon vulnerabilities in a given system
- Be able to find, choose, and use the appropriate utility or series of steps for a given task or exploit in penetration testing activities.
- Produce a formal written assessment at the end of penetration testing activities to be given and used by a client.
ISTM285E Advanced Ethical Hacking
Credits 3Spring
Registration Requirement: ISTM284E and MTH060 with a "C" grade or higher.
This advanced course will build upon students understanding of ethical hacking and penetration testing concepts. Students will understand and know how to look for weaknesses and vulnerabilities in target systems and use the same knowledge and tools as a malicious hacker, but in a lawful and legitimate manner to assess the security posture of a target system(s). Objectives of this class will directly related to DoD recognized certification exams.
View Course Outcomes:
- Analyze cryptography algorithms and encryption techniques, and design implementation strategies for securing information
- Analyze different phases of hacking and recommend the strategy to use ethical hacking for assessing security of various components of information system
- Assess various network security techniques and tools and implement appropriate level of information security controls based on evidence, information, and research.
- Compare and contrast different hacking techniques and analyze the legal implications of hacking
- Compare and contrast various network security assessment and hacking tools
- Examine different vulnerabilities, threats and attacks to information systems and recommend the countermeasures.
- Assess ethical and legal requirements of security assessment and penetration testing and determine a strategy to comply with these requirements.
ISTM285W Web Application Penetration Testing
Credits 3Spring
Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH060; each with a grade of "C" or better, or placement above stated course levels.
This course will focus on understanding common vulnerabilities in modern web applications. Students will learn how to enumerate and scan a web application, discover vulnerabilities, and craft exploits to launch against the application. Students will also learn the basics of how to secure web applications and how to document their findings.
View Course Outcomes:
- Analyze vulnerable code to consider defenses and exploits
- Execute discovery scans against a web application to enumerate services and technologies
- Exploit and analyze client-side vulnerabilities
- Successfully select and use the correct tool or series of steps to engage in web application penetration testing activities
- Understand and analyze the basics of the HTTP protocol and its inherent vulnerabilities
- Understand the flow of and analyze web traffic, and also how to modify it
ISTM300 Issues in Cybersecurity (Course offered online)
Credits 4Fall
Registration Requirement: Co-requisite: ISTM284E.
This cyber survey class is designed to prepare students with either existing IS, IT, or Cybersecurity AAS degree, or with equivalent IT industry experience, or returning student with advanced degree, to get foundational training on current cyber topics allowing successful entry into the Cybersecurity BAS program. An Associate Degree or better in any field OR at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.
View Course Outcomes:
- Appraise the current cybersecurity landscape for strengths and weaknesses
- Differentiate various cybersecurity players and their associative attack strategies
- Assess the value of different kinds of cyber tools and describe how and when they should be appropriately applied
- Justify how physical security is an essential component of cybersecurity
- Using prior knowledge and training, be able to discuss cyber management topics (e.g., risk management, compliance, continuity, disaster recovery) and deliver actionable items (respond to questions, compile papers or reports, etc.).
ISTM310 Cyber Defense Strategies (Course offered online)
Credits 3Fall
Registration Requirement: Co-requisite: ISTM284E.
This class establishes common defense strategy concepts and designs. Students will learn the basics of hardening an IT environment, implement monitoring and alerting tools across a network, and also conduct basic threat hunting activities. Students will develop a rudimentary Security Operations Center (SOC) as well as work with a Security Information and Event Management (SIEM) platform. Independent lab work is required. An Associate Degree or better in any field AND at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.
View Course Outcomes:
- Perform vulnerability assessments and continuous defensive monitoring of a moderately complex networking environment containing a range of system types (clients, servers, firewalls, and other endpoints)
- Install, manage, configure, and tune a centralized logging and alerting tool to function as a centralized security monitoring tool
- Find, investigate, and mitigate active attacks on a network that have occurred previously and are actively occurring
ISTM315 Cyber Offense Strategies (Course offered online)
Credits 3Fall
Registration Requirement: Co-requisite: ISTM284E.
This class will extend student’s understanding of penetration testing concepts from previous courses and learn how to engage in a more complex set of attack types, tools, and processes. An emphasis will be placed on “Red Team” activities and learning how to attack an active and complex network with a wider attack surface.
View Course Outcomes:
- Review "Red Team" and/or pentesting methodology to determine a target’s attack surface, gain initial access, escalate privileges, and then act on any objectives
- Determine the right tools for a given Red Team activity
- Initiate launch attacks that attempt to evade defenses and only minimally raise alarms
- Develop, configure, launch, and analyze the results of a phishing campaign
ISTM320 Digital Forensics and Incident Response (Course offered online)
Credits 4Winter
Registration Requirement: Co-requisite: ISTM284E.
In this course students learn the fundamentals of digital forensics and incident response. They are introduced to digital forensic tools and techniques to analyze data collected from electronic devices (including computers, media, and other digital sources). They will become familiar with proper techniques and tools utilized for securing, handling and preserving digital and multimedia evidence. Students are also introduced to the incident response process. An Associate Degree or better in any field AND at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.
View Course Outcomes:
- Discuss the rules, laws, policies, and procedures that affect digital forensics
- Define steps included in a digital investigation from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, and the completion of legal proceedings
- Identify important file metadata and apply their use in a forensic investigation
- Perform a forensic investigation on a forensic image, using various tools to recover evidence, resulting in a report documenting the investigation
- Describe the incident response process
ISTM321 Mobile Forensics (Course offered online)
Credits 4Spring
Registration Requirement: Co-requisite: ISTM284E.
This course introduces students to the fundamentals of mobile forensics. Presented are techniques, tools, and procedures for conducting digital and network forensics of mobile devices. Topics include mobile forensics procedures, related legal issues, mobile platforms, bypassing locks, rooting/jailbreaking process, logical acquisition, physical acquisition, data recovery, analysis, and reporting.
View Course Outcomes:
- Summarize rules, laws, policies, and procedures that affect mobile forensics
- Describe various file system structures that are utilized in different mobile devices
- Identify the common artifacts found on mobile devices to look for during forensic investigation
- Define steps in a forensic investigation on a mobile device and the various tools used to recover evidence
ISTM322 Critical Infrastructure (Course offered online)
Credits 4Spring
Registration Requirement: Co-requisite: ISTM300.
This class is an overview of the impact of cybersecurity critical infrastructure. Topics include attack targets, vulnerabilities, and actors. Various methodologies are appraised for mitigation of attacks and reduction of attack profiles. Lab work includes introduction to “ladder logic programming” and other Critical Infrastructure-based techniques. Prior programming experience in any modern language is recommended.
View Course Outcomes:
- Recognize cybersecurity requirements, issues, and needs specific to Critical Infrastructure organizations
- Demonstrate elementary Industrial Control Systems (ICS) and how they function
- Describe and differentiate Supervisory Control and Data Acquisition (SCADA) systems
- Apply various protocols and standards typically based on CI specific litigations and compliance
- Create elementary Ladder Logic Programs suitable for Programmable Logic Controllers (PLCs)
ISTM323 Computer Architecture for Cybersecurity (Course offered online)
Credits 4Spring
Registration Requirement: CIS284S and ISTM233P and MTH065.
This course is an introduction to computer architecture, as it applies to cybersecurity professionals. Topics to be covered include: von Neumann architecture, pipelining, multithreading, storage, memory hierarchy, caching, cache analysis, operating systems, parallel systems, and emerging architectures.
View Course Outcomes:
- Identify and differentiate among the roles of the major computer system components in traditional and emerging architectures
- Analyze and propose solutions to address potential security risks to a computer's architecture
- Explain ways performance-enhancing techniques, virtualization and specialized domains can impact the security of a computer system and prioritize strategies to ensure system security
ISTM330 Cybersecurity Compliance (Course offered online)
Credits 4Winter
Registration Requirement: Co-requisite: ISTM284E.
This cyber management class explores the realm of cyber and legal compliance required for both business and government. Presented from the perspective of a layperson with no prior knowledge of concepts, topics in this class will include: the Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA), personally identifiable information (PII) concepts, the Payment Card Industry (PCI), and various legal issues involving privacy directed toward how companies can effectively maintain a compliant stance.
View Course Outcomes:
- Identify the various US cyber privacy laws (e.g. HIPAA, FERPA, PCI) and apply measures or rules which bring a system into compliance
- Prepare, design, and create a basic plan for a common IT compliance audit
- Differentiate compliance requirements between organizational types and technical domains
- Identify the ethical and educational requirements for an individual seeking a career as an IT Auditor
ISTM331 Risk Analysis (Course offered online)
Credits 4Winter/Spring
Registration Requirement: Co-requisite: ISTM284E.
This cyber management class takes an in-depth approach to understanding how to perform risk analysis and differentiate various kinds of risk affecting a particular organization. In this manner, all risks can be enumerated and then mitigated appropriately based on the technology and/or resources available to that organization.
View Course Outcomes:
- Perform an assessment of an existing computer system for vulnerabilities
- Apply common vulnerability testing tools appropriate to a specific environment (organizational, system, or platform)
- Create a proposal for developing and managing a vulnerability and asset database
- Create a proposal for the identification, ranking, and mitigation of critical vulnerabilities in a system
ISTM333 Identity and Access Management (IAM) (Course offered online)
Credits 4Winter
Registration Requirement: Co-requisite: ISTM284E.
This course introduces the concept of access control to information systems, whether local or remote. Applications, authentication, and accounting for end users and system administrators will be covered. In addition, security controls for access control including tokens, biometrics, and the use of public key infrastructures (PKI) will be covered. The overriding objective is to provide a foundation for access control and identity management methods used to secure networks, data, and information systems in both the public and private sectors and in organizations large and small.
View Course Outcomes:
- Perform an assessment of an existing access management system
- Design a new access management system appropriate for a small or medium sized business
- Demonstrate in a lab environment the encryption and decryption of files using Public Key Infrastructure (PKI)
ISTM340 Artificial Intelligence (Course offered online)
Credits 4Fall
Registration Requirement: CS161. Co-requisite: CS162.
This course is the first of a 2-course sequence in machine learning (artificial intelligence). Topics to be covered include: terminology and scope of learning systems, mathematics of machine learning, classification of tasks, regression strategies, and evaluation of learning systems.
View Course Outcomes:
- Identify and evaluate approaches to machine learning and identify their strengths and weaknesses
- Justify the implementation of appropriate algorithms to solve problems, and implement that solution
- Analyze datasets for insufficiencies
- Demonstrate effective partitioning of datasets
ISTM345 Assembly Language for Cybersecurity (Course offered online)
Credits 4Spring
Registration Requirement: CS161. Co-requisite: CS162.
This course is an introduction to assembly language programming, as it applies to Cybersecurity professionals. Topics to be covered include: C programming, assembly instruction set architectures (x86-64, IA32, and ARM), conditional and repetition structures, functions, and arrays in assembly.
View Course Outcomes:
- Design, implement and test assembly language code written to solve specific problems
- Describe and discuss how assembly language code can be used by Cybersecurity professionals to reduce vulnerabilities and improve the security of software applications
- Analyze C code to determine appropriate locations to insert assembly code and implement assembly language code within C to solve a specific problem
- Compare code solutions to solve a problem using different instruction set architectures and provide translation of code written in one assembly language to another
ISTM346 Secure Programming (Course offered online)
Credits 4Spring
Registration Requirement: CS161. Co-requisite: CS162.
This course introduces the secure software development process, including designing secure applications, writing secure code that can withstand attacks, and security testing and auditing. The course also focuses on the security issues a developer faces, common security vulnerabilities and flaws, and security threats. The course explains security principles, strategies, coding techniques, and tools that can help make code resistant to attacks. Students will write and analyze code that demonstrates specific security development techniques.
View Course Outcomes:
- Describe the role secure programming plays in software development and cybersecurity
- Design and implement code that uses secure programming strategies to protect data and its access
- Discriminate among common code vulnerabilities identified by software tools and make recommendations for corrections
ISTM350 Preparation for Cybersecurity Analyst (Course offered online)
Credits 4Fall
Registration Requirement: Co-requisite: ISTM284E.
This course introduces tools and strategies for mitigating cybersecurity risks, recognizing prevalent threats, assessing organizational security, gathering and scrutinizing cybersecurity intelligence, and responding to incidents in real-time. The curriculum aims to equip students with the requisite skills and knowledge to adeptly analyze and address security threats within the context of a contemporary digital landscape.
View Course Outcomes:
- Explore methods for identifying and assessing vulnerabilities in systems
- Understand the architecture and functionality of security tools commonly used in cybersecurity analysis
- Develop skills in detecting and responding to security incidents
- Interpret and analyze security logs to identify and respond to suspicious activities
- Develop incident response strategies to effectively mitigate and recover from security incidents
- Leverage threat intelligence to enhance security defenses
- Understand the importance of compliance with relevant laws, regulations, and policies
- Evaluate and improve the security posture of an organization
ISTM380 Cyber Competition Alpha (Course offered online)
Credits 2Spring
Registration Requirement: Co-requisite: ISTM284E.
This course is the first in a series of four total cyber competition courses offered for the AB in Cybersecurity program. This course will allow students to compete individually and in teams based on concepts / subject materials presented. Note: Competitions for this course may be with national (National Cyber League, etc.) or local (capture the flag-type or other) events and may include intercollegiate competitions.
View Course Outcomes:
- Diagnose and apply solutions to cyber challenges using critical thinking and research skills
- Demonstrate skills with a range of ethical hacking tools to determine issues for and/or implement a solution based on a scenario
- Hypothesize ways to gather intelligence on subjects including identifying the cybersecurity landscape, analyzing log files and reporting tools, and performing a phishing campaign
ISTM381 Cyber Competition Bravo (Course offered online)
Credits 2Spring
Registration Requirement: ISTM380.
This course is the second in a series of four total cyber competition courses offered for the AB in Cybersecurity program. This course will allow students to compete individually and in teams based on concepts / subject materials presented. Note: Competitions for this course may be with national (National Cyber League, etc.) or local (capture the flag-type or other) events and may include intercollegiate competitions.
View Course Outcomes:
- Diagnose and apply solutions to cyber challenges using critical thinking and research skills
- Hypothesize ways to gather intelligence on subjects including identifying the cybersecurity landscape, analyzing log files and reporting tools, and performing a phishing campaign
- Hypothesize ways to gather intelligence on subjects including identifying regulations for digital forensics, using programmable logic controllers to assess information gathered, and analyzing an IT compliance audit
ISTM431 Information Technology Project Management (Course offered online)
Credits 3Winter
Registration Requirement: Co-requisites: ISTM300 and WR227.
This course introduces foundational concepts in project management, with an emphasis on IT projects. Topics and skills include determining a project’s scope, specifications and assumptions; identify appropriate methods and processes for initiating, planning, and controlling projects. This course prepares students for (but does not guarantee success on) the CompTIA Project+ exam.
View Course Outcomes:
- Demonstrate project management activities typically practiced during each phase of a project lifecycle
- Describe best practices in project cost control
- Identify common project team organizational structures
- Practice using appropriate project management tools, including tools for data gathering, data analysis, data representation, decision-making, and communication with internal and external stakeholders
- Explain relevant information security concepts informing best practices in project planning
- Implement effective meeting management techniques
ISTM490 Senior Project (Course offered online)
Credits 3Spring
Registration Requirement: ISTM322.
As a bridge from college to career, this capstone experience provides students with the opportunity to apply and expand on the knowledge and skills gained during their academic career. Students participate as teams in a virtual environment where they must defend a network with multiple devices while attempting to compromise the opposing team's network and devices. In this hands-on experience, they must rely on learned skills, industry best practices, and the teammates to be successful. Students work with the faculty member to reflect on and assess performance in this course.
View Course Outcomes:
- Demonstrate effective teamwork skills through critical thinking, problem solving, and communication
- Evaluate systems and data resources to prioritize their value and respond strategically
- Assess attack strategies and recommend defenses to those attacks
- Determine a target’s attack surface, gain initial access, escalate privileges, and then act on any objectives
Course fees are subject to change. Additional section fees (web, hybrid, etc.) may apply.
Online option regularly offered
Cultural Literacy course