CS161 Computer Science I

Credits 4Fall/Winter

Registration Requirement: RD090 and WR090, or IECC201R and IECC201W; and MTH095, or MTH098; each with a "C" grade or higher, or placement above stated levels.

This course is an introduction to fundamental concepts of computer science including problem-solving, algorithm and program design, data types, control structures, repetition structures, functions and arrays. This course is designed for computer science majors and for students in other disciplines.

This course fulfills: Non-Lab Science

View Course Outcomes:

1. Design and write pseudocode algorithms and flowcharts to solve given problems.
2. Explain the structural components (syntax) and usage rules (semantics) of a programming language such as C++.
3. Trace program code, identifying and recommending corrections for any errors.
4. Write error-free programs using variables, constants, arrays, functions, control structures, repetition structures and files.

CS162 Computer Science II

Credits 4Winter/Spring

Registration Requirement: CS161 and MTH095 or higher, excluding MTH098.

This course is an introduction to object-oriented programming and to software engineering. Students will write programs that use structs, classes, inheritance and polymorphism to manage objects. Additional topics include recursion, information hiding, testing, and the use of debugging tools.

This course fulfills: Non-Lab Science

View Course Outcomes:

1. Apply the principles of object-oriented design in the development of a complete software package, given a set of customer specifications.
2. Develop and implement a plan for testing a program for correctness.
3. Implement advanced language concepts and syntax such as polymorphism and inheritance in class definitions.

ISTM284E Ethical Hacking

Credits 3Winter

Registration Requirement: ISTM183A, ISTM183B, ISTM183C and ISTM140L or equivalent knowledge.

This class demonstrates the ethical use of various "white hat" cyber penetration testing tools and techniques consistent with Ethical Hacking training. Network tools and techniques take place in an enclosed "sandbox" environment. Students are exposed to various computer hacking skills and analyze various protective measures and their effectiveness.

Additional Course Fee: $75.00

View Course Outcomes:

1. Apply a penetration a testing framework and methodology to find and act upon vulnerabilities in a given system
2. Be able to find, choose, and use the appropriate utility or series of steps for a given task or exploit in penetration testing activities.
3. Produce a formal written assessment at the end of penetration testing activities to be given and used by a client.

ISTM300 Issues in Cybersecurity  (Course offered online)

Credits 4Fall

Registration Requirement: CIS284S.

This cyber survey class is designed to prepare students with either existing IS, IT, or Cybersecurity AAS degree, or with equivalent IT industry experience, or returning student with advanced degree, to get foundational training on current cyber topics allowing successful entry into the Cybersecurity BAS program. An Associate Degree or better in any field OR at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.

View Course Outcomes:

1. Appraise the current cybersecurity landscape for strengths and weaknesses
2. Differentiate various cybersecurity players and their associative attack strategies
3. Assess the value of different kinds of cyber tools and describe how and when they should be appropriately applied
4. Justify how physical security is an essential component of cybersecurity
5. Using prior knowledge and training, be able to discuss cyber management topics (e.g., risk management, compliance, continuity, disaster recovery) and deliver actionable items (respond to questions, compile papers or reports, etc.).

ISTM310 Cyber Defense Strategies  (Course offered online)

Credits 3Fall

Registration Requirement: CIS151 or ISTM151N. Co-requisite: ISTM284E.

This class establishes common defense strategy concepts and designs. Students will learn the basics of hardening an IT environment, implement monitoring and alerting tools across a network, and also conduct basic threat hunting activities. Students will develop a rudimentary Security Operations Center (SOC) as well as work with a Security Information and Event Management (SIEM) platform. Independent lab work is required. An Associate Degree or better in any field AND at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.

View Course Outcomes:

1. Perform vulnerability assessments and continuous defensive monitoring of a moderately complex networking environment containing a range of system types (clients, servers, firewalls, and other endpoints)
2. Install, manage, configure, and tune a centralized logging and alerting tool to function as a centralized security monitoring tool
3. Find, investigate, and mitigate active attacks on a network that have occurred previously and are actively occurring

ISTM315 Cyber Offense Strategies  (Course offered online)

Credits 3Fall

Registration Requirement: ISTM233P. Co-requisite: ISTM284E.

This class will extend student’s understanding of penetration testing concepts from previous courses and learn how to engage in a more complex set of attack types, tools, and processes. An emphasis will be placed on “Red Team” activities and learning how to attack an active and complex network with a wider attack surface.

View Course Outcomes:

1. Review "Red Team" and/or pentesting methodology to determine a target’s attack surface, gain initial access, escalate privileges, and then act on any objectives
2. Determine the right tools for a given Red Team activity
3. Initiate launch attacks that attempt to evade defenses and only minimally raise alarms
4. Develop, configure, launch, and analyze the results of a phishing campaign

ISTM320 Digital Forensics and Incident Response  (Course offered online)

Credits 4Winter

Registration Requirement: ISTM283F, ISTM183A, and ISTM183B.

In this course students learn the fundamentals of digital forensics and incident response. They are introduced to digital forensic tools and techniques to analyze data collected from electronic devices (including computers, media, and other digital sources). They will become familiar with proper techniques and tools utilized for securing, handling and preserving digital and multimedia evidence. Students are also introduced to the incident response process. An Associate Degree or better in any field AND at least 2 years experience in Cybersecurity, Information/Computer Information Systems, Computer Science, Information Technology or equivalent fields is highly recommended.

View Course Outcomes:

1. Discuss the rules, laws, policies, and procedures that affect digital forensics
2. Define steps included in a digital investigation from the initial recognition of an incident through the steps of evidence gathering, preservation and analysis, and the completion of legal proceedings
3. Identify important file metadata and apply their use in a forensic investigation
4. Perform a forensic investigation on a forensic image, using various tools to recover evidence, resulting in a report documenting the investigation
5. Describe the incident response process

ISTM321 Mobile Forensics  (Course offered online)

Credits 4Spring

Registration Requirement: ISTM183A, ISTM183B, and ISTM283F.

This course introduces students to the fundamentals of mobile forensics. Presented are techniques, tools, and procedures for conducting digital and network forensics of mobile devices. Topics include mobile forensics procedures, related legal issues, mobile platforms, bypassing locks, rooting/jailbreaking process, logical acquisition, physical acquisition, data recovery, analysis, and reporting.

View Course Outcomes:

1. Summarize rules, laws, policies, and procedures that affect mobile forensics
2. Describe various file system structures that are utilized in different mobile devices
3. Identify the common artifacts found on mobile devices to look for during forensic investigation
4. Define steps in a forensic investigation on a mobile device and the various tools used to recover evidence

ISTM322 Critical Infrastructure  (Course offered online)

Credits 4Spring

Registration Requirement: CIS151 or ISTM151N. Co-requisite: ISTM300.

This class is an overview of the impact of cybersecurity critical infrastructure. Topics include attack targets, vulnerabilities, and actors. Various methodologies are appraised for mitigation of attacks and reduction of attack profiles. Lab work includes introduction to “ladder logic programming” and other Critical Infrastructure-based techniques. Prior programming experience in any modern language is recommended.

View Course Outcomes:

1. Recognize cybersecurity requirements, issues, and needs specific to Critical Infrastructure organizations
2. Demonstrate elementary Industrial Control Systems (ICS) and how they function
3. Describe and differentiate Supervisory Control and Data Acquisition (SCADA) systems
4. Apply various protocols and standards typically based on CI specific litigations and compliance
5. Create elementary Ladder Logic Programs suitable for Programmable Logic Controllers (PLCs)

ISTM323 Practical Malware Analysis  (Course offered online)

Credits 4Spring

Registration Requirement: Recommended requisite: CS162 preferred.

This course analyzes malware - including trojans and rootkits - using basic static and/or dynamic analysis through tools such as IDA Pro or similar.

View Course Outcomes:

1. Describe types of malware including rootkits, Trojans, and viruses
2. Articulate how malware operates at the binary level
3. Analyze the behavior of malware running in a virtual machine or similar environment
4. Perform basic static analysis with antivirus scanning and strings
5. Perform advanced static analysis with IDA Pro or similar tools

ISTM330 Cybersecurity Compliance  (Course offered online)

Credits 4Winter

Registration Requirement: ISTM300. Co-requisite: ISTM284E.

This cyber management class explores the realm of cyber and legal compliance required for both business and government. Presented from the perspective of a layperson with no prior knowledge of concepts, topics in this class will include: the Health Insurance Portability and Accountability Act (HIPAA), Family Educational Rights and Privacy Act (FERPA), personally identifiable information (PII) concepts, the Payment Card Industry (PCI), and various legal issues involving privacy directed toward how companies can effectively maintain a compliant stance.

View Course Outcomes:

1. Identify the various US cyber privacy laws (e.g. HIPAA, FERPA, PCI) and apply measures or rules which bring a system into compliance
2. Prepare, design, and create a basic plan for a common IT compliance audit
3. Differentiate compliance requirements between organizational types and technical domains
4. Identify the ethical and educational requirements for an individual seeking a career as an IT Auditor

ISTM331 Risk Analysis  (Course offered online)

Credits 4Winter/Spring

Registration Requirement: Co-requisite: ISTM300.

This cyber management class takes an in-depth approach to understanding how to perform risk analysis and differentiate various kinds of risk affecting a particular organization. In this manner, all risks can be enumerated and then mitigated appropriately based on the technology and/or resources available to that organization.

View Course Outcomes:

1. Perform an assessment of an existing computer system for vulnerabilities
2. Apply common vulnerability testing tools appropriate to a specific environment (organizational, system, or platform)
3. Create a proposal for developing and managing a vulnerability and asset database
4. Create a proposal for the identification, ranking, and mitigation of critical vulnerabilities in a system

ISTM333 Identity and Access Management (IAM)  (Course offered online)

Credits 4Winter

Registration Requirement: CIS279S or ISTM279A.

This course introduces the concept of access control to information systems, whether local or remote. Applications, authentication, and accounting for end users and system administrators will be covered. In addition, security controls for access control including tokens, biometrics, and the use of public key infrastructures (PKI) will be covered. The overriding objective is to provide a foundation for access control and identity management methods used to secure networks, data, and information systems in both the public and private sectors and in organizations large and small.

View Course Outcomes:

1. Perform an assessment of an existing access management system
2. Design a new access management system appropriate for a small or medium sized business
3. Demonstrate in a lab environment the encryption and decryption of files using Public Key Infrastructure (PKI)

ISTM340 Artificial Intelligence  (Course offered online)

Credits 4Fall

Registration Requirement: CS161. Co-requisite: CS162.

This course covers the important concepts artificial intelligence is bringing to society. Topics to be covered include: terminology and scope of learning systems, mathematics of machine learning, classification of tasks, regression strategies, and evaluation of learning systems.

View Course Outcomes:

1. Identify and evaluate approaches to machine learning and identify their strengths and weaknesses
2. Justify the implementation of appropriate algorithms to solve problems, and implement that solution
3. Analyze datasets for insufficiencies
4. Demonstrate effective partitioning of datasets

ISTM345 Assembly Language for Cybersecurity  (Course offered online)

Credits 4Spring

Registration Requirement: CS161. Co-requisite: CS162.

This course is an introduction to assembly language programming, as it applies to Cybersecurity professionals. Topics to be covered include: C programming, assembly instruction set architectures (x86-64, IA32, and ARM), conditional and repetition structures, functions, and arrays in assembly.

View Course Outcomes:

1. Design, implement and test assembly language code written to solve specific problems
2. Describe and discuss how assembly language code can be used by Cybersecurity professionals to reduce vulnerabilities and improve the security of software applications
3. Analyze C code to determine appropriate locations to insert assembly code and implement assembly language code within C to solve a specific problem
4. Compare code solutions to solve a problem using different instruction set architectures and provide translation of code written in one assembly language to another

ISTM346 Secure Programming  (Course offered online)

Credits 4Spring

Registration Requirement: CS161. Co-requisite: CS162 and ISTM300.

This course introduces the secure software development process, including designing secure applications, writing secure code that can withstand attacks, and security testing and auditing. The course also focuses on the security issues a developer faces, common security vulnerabilities and flaws, and security threats. The course explains security principles, strategies, coding techniques, and tools that can help make code resistant to attacks. Students will write and analyze code that demonstrates specific security development techniques.

View Course Outcomes:

1. Describe the role secure programming plays in software development and cybersecurity
2. Design and implement code that uses secure programming strategies to protect data and its access
3. Discriminate among common code vulnerabilities identified by software tools and make recommendations for corrections

ISTM350 Preparation for Cybersecurity Analyst  (Course offered online)

Credits 4Fall

Registration Requirement: ISTM300 and ISTM310.

This course introduces tools and strategies for mitigating cybersecurity risks, recognizing prevalent threats, assessing organizational security, gathering and scrutinizing cybersecurity intelligence, and responding to incidents in real-time. The curriculum aims to equip students with the requisite skills and knowledge to adeptly analyze and address security threats within the context of a contemporary digital landscape.

View Course Outcomes:

1. Explore methods for identifying and assessing vulnerabilities in systems
2. Understand the architecture and functionality of security tools commonly used in cybersecurity analysis
3. Develop skills in detecting and responding to security incidents
4. Interpret and analyze security logs to identify and respond to suspicious activities
5. Develop incident response strategies to effectively mitigate and recover from security incidents
6. Leverage threat intelligence to enhance security defenses
7. Understand the importance of compliance with relevant laws, regulations, and policies
8. Evaluate and improve the security posture of an organization

ISTM380 Cyber Competition Alpha  (Course offered online)

Credits 2Spring

Registration Requirement: ISTM310 and ISTM320. Co-requisite: ISTM284E.

This course is the first in a series of four total cyber competition courses offered for the AB in Cybersecurity program. This course will allow students to compete individually and in teams based on concepts / subject materials presented. Note: Competitions for this course may be with national (National Cyber League, etc.) or local (capture the flag-type or other) events and may include intercollegiate competitions.

View Course Outcomes:

1. Diagnose and apply solutions to cyber challenges using critical thinking and research skills
2. Demonstrate skills with a range of ethical hacking tools to determine issues for and/or implement a solution based on a scenario
3. Hypothesize ways to gather intelligence on subjects including identifying the cybersecurity landscape, analyzing log files and reporting tools, and performing a phishing campaign

ISTM381 Cyber Competition Bravo  (Course offered online)

Credits 2Spring

Registration Requirement: ISTM310 and ISTM320. Co-requisite: ISTM284E.

This course is the second in a series of four total cyber competition courses offered for the AB in Cybersecurity program. This course will allow students to compete individually and in teams based on concepts / subject materials presented. Note: Competitions for this course may be with national (National Cyber League, etc.) or local (capture the flag-type or other) events and may include intercollegiate competitions.

View Course Outcomes:

1. Diagnose and apply solutions to cyber challenges using critical thinking and research skills
2. Hypothesize ways to gather intelligence on subjects including identifying the cybersecurity landscape, analyzing log files and reporting tools, and performing a phishing campaign
3. Hypothesize ways to gather intelligence on subjects including identifying regulations for digital forensics, using programmable logic controllers to assess information gathered, and analyzing an IT compliance audit

ISTM431 Information Technology Project Management  (Course offered online)

Credits 3Winter

Registration Requirement: Co-requisites: ISTM300 and WR227.

This course introduces foundational concepts in project management, with an emphasis on IT projects. Topics and skills include determining a project’s scope, specifications and assumptions; identify appropriate methods and processes for initiating, planning, and controlling projects. This course prepares students for (but does not guarantee success on) the CompTIA Project+ exam.

View Course Outcomes:

1. Demonstrate project management activities typically practiced during each phase of a project lifecycle
2. Describe best practices in project cost control
3. Identify common project team organizational structures
4. Practice using appropriate project management tools, including tools for data gathering, data analysis, data representation, decision-making, and communication with internal and external stakeholders
5. Explain relevant information security concepts informing best practices in project planning
6. Implement effective meeting management techniques

ISTM490 Senior Project  (Course offered online)

Credits 3Spring

Registration Requirement: Instructor signature required.

As a bridge from college to career, this capstone experience provides students with the opportunity to apply and expand on the knowledge and skills gained during their academic career. Students participate as teams in a virtual environment where they must defend a network with multiple devices while attempting to compromise the opposing team's network and devices. In this hands-on experience, they must rely on learned skills, industry best practices, and the teammates to be successful. Students work with the faculty member to reflect on and assess performance in this course.

View Course Outcomes:

1. Demonstrate effective teamwork skills through critical thinking, problem solving, and communication
2. Evaluate systems and data resources to prioritize their value and respond strategically
3. Assess attack strategies and recommend defenses to those attacks
4. Determine a target’s attack surface, gain initial access, escalate privileges, and then act on any objectives