CISW 286 Intro to Cybersecurity Capstone

This course serves as a general introduction to the career of cybersecurity. Students will describe & demonstrate various aspects of the myriad fields that make up cybersecurity, learn how to manage their own digital identity, and learn how to assess and manage risk.

Credits

3 Credits

Prerequisite

CISW 125

CISW 286Intro to Cybersecurity Capstone

Please note: This is not a course syllabus. A course syllabus is unique to a particular section of a course by instructor. This curriculum guide provides general information about a course.

I. General Information

Department

Business Technical

II. Course Specification

Course Type

{D7A8FC71-978F-4003-9933-512C476323B2}

Credit Hours Narrative

3 Credits

Semester Contact Hours Lecture

45

Semester Contact Hours Lab

0

Prerequisite Narrative

CISW 125

Repeatable

No

III. Catalog Course Description

This course serves as a general introduction to the career of cybersecurity. Students will describe & demonstrate various aspects of the myriad fields that make up cybersecurity, learn how to manage their own digital identity, and learn how to assess and manage risk.

IV. Student Learning Outcomes

Upon completion of this course, a student will be able to:

V. Topical Outline (Course Content)

What is information security?

 Risk, and the personal & global impact of security

 History, Terminology, and Ethics of Hacking

 Think Like A Risk Analyst (or, Think Like A Hacker)

Digital hygiene for people and organizations

 How big is your digital footprint?

 When and what to share/the risks of sharing

 Ways To Protect Yourself

 The CIA Triad

 The Three (Five?) Factors of Authentication/Why Passwords Fail

 Ways To Protect Someone Else/Your Company

Cryptography: Securing Data

 Why does secrecy matter
(Understanding when data might unknowingly be public)

 A Brief History of crypto

 Implement, and then crack, a basic cipher (Caesar/Vigniere/etc.)

 Public key cryptography

 Hashing

Securing Software

 History of Malware and Exploits

 When Is A Vulnerability Not A Vulnerability (When It’s A Misconfiguration)

 Vulnerability & Mitigation Examples – including but not limited to:

Exploits of web apps

SQL Injection

Daemon/Server OS Exploits

Securing Networks

 Wired/Media-agnostic network attacks – including but not limited to:

 Man-in-the-middle/Arp spoofing

 DHCP

 DNS poisoning

 Wireless Issues

 Dealing with this added attack surface

 Safe wireless configuration options

 Securing Your Network

Firewalling, VLAN, Other basic network isolation techniques

IPS/IDS, Firewall & Server Logs

Preventative Maintenance Tools (vulnerability scanners, endpoint protection)

Careers in Cybersecurity

 ‘Hats’ and ‘Teams’ and terminology

Blue Team – Day-To-Day Defensive Security

DFIR – Blue Team’s First Responders

Penetration Testing – Hacking For Security

Non-Digital Aspects: Social Engineering, Training, Creating Good Security Policy

VI. Delivery Methodologies