CS3600 Introduction to Cybersecurity

This course provides a comprehensive overview of cybersecurity terminology, concepts, software, hardware, and policies. It covers information threats, vulnerabilities, risks and safeguards and shows how these safeguards establish the confidentiality, integrity, authenticity, availability and non-repudiation of information. It addresses the protection of information using a combination of software and hardware mechanisms, while it is being processed and stored on computing platforms and transmitted across networks. This is the entry point (prerequisite) for all other Cybersecurity and Defense Track courses.

Prerequisite

CS2011, CS3030, or EC2700.

Lecture Hours

4

Lab Hours

1

Course Learning Outcomes

Upon completion of this course, students will be able to:

  • Apply the definitions and describe the mechanisms associated with security from the standpoints of confidentiality, integrity and availability of systems and data in various states.
  • Depict the mechanics of One-Time Pad ciphers, stream ciphers, and block cipher modes and assess the level of security (confidentiality) that can be obtained with each.
  • Determine which cryptographic Message Authentication Code or hash function properties are being leveraged in specific scenarios to achieve security requirements.
  • Trace a website certificate chain to the certificate authority certificate to determine the website's authenticity.
  • Combine secure symmetric or asymmetric encryption and authenticity to provide authenticated encryption.
  • Utilize common password attacks and employ mechanisms to make those attacks less effective.
  • Employ multi-factor authentication to leverage the strengths of each factor to mitigate other factors' vulnerabilities.
  • Utilize exemplar Discretionary Access Control approaches or formal Mandatory Access Control policies to determine subject-object permissions.
  • Characterize malware and network attack scenarios based on the type of malware or attack employed, its means of propagation, the vulnerabilities it exploits, and potential mitigations.
  • Develop or assess network Access Control List rules to defend against specific network-based attacks.
  • Employ end-to-end encryption, link encryption, or virtual private networks to ensure confidentiality and authenticity.
  • Describe the security concerns associated with different forms of cloud services.
  • Describe ways in which the security kernel, memory segmentation, and CPU privilege levels can be utilized to achieve security objectives.
  • Describe the conduct and purpose of each step in the Risk Mitigation Framework process.