€¦ · Web viewUNIVERSITY OF WISCONSIN. Masters of Science in Cybersecurity. Course Syllabus. CYB 700: Fundamentals of Cybersecurity. COURSE DELIVERY MODE: ONLINE. PROFESSOR:

UNIVERSITY OF WISCONSINMasters of Science in Cybersecurity

Course Syllabus

CYB 700: Fundamentals of Cybersecurity

COURSE DELIVERY MODE: ONLINE

PROFESSOR: Shinping Tucker

PHONE: 715-394-8466

E-MAIL: [email protected]

COURSE DESCRIPTION: Introduces fundamental concepts and design principles in cybersecurity. Students will understand what, why, and how to protect in the cyberworld. Topics include CIA (Confidentiality, Integrity, and Availability), threats, attacks, defense, least privilege, access control and password management, security policies, critical controls, incident-handling and contingency planning, risk assessment and management.

COURSE CREDITS: 3

COURSE ALIGNMENT WITH PROGRAM OUTCOMES: This course addresses the following competencies and program outcomes of the Masters of Science in Cybersecurity:

● Competency A: Analyze security issues in networks and computer systems to secure an IT infrastructure

o Program Outcome 1: Interpret and analyze operating system and machine level structures

o Program Outcome 2: Interpret and analyze network protocols

● Competency D: Analyze the human role in security systems with an emphasis on ethics, social engineering vulnerabilities, and training

o Program Outcome 11: Assess trends in computer criminology and social behaviors related to technology use including physical security

o Program Outcome 12: Engage in ethical decision-making and apply ethical principles to cybersecurity

● Competency E: Interpret and forensically investigate security incidents

o Program Outcome 15: Identify and assess attacks through forensics

o Program Outcome 16: Interpret legal implications of security incidents

COURSE OBJECTIVES: At the end of this course, students will be able to:

● Understand key knowledge areas of Cybersecurity

● Understand what to protect, why to protect, and how to protect in the cyberworld

● Use the real-world examples and scenarios to reflect technology’s latest capabilities and trends

INTERNAL PREREQUISITES: NONE

TEXTS/LEARNING RESOURCES:

● William Stallings (2019). Effective Cybersecurity: A Guide to Using Best Practices and Standards, 1st Edition. Upper Saddle River, NJ: Pearson Education, Inc.

● Michael E. Whitman & Herbert J. Mattord (2018). Principles of Information Security, 6th Edition. Boston, MA: Course Technology, Cengage Learning. (ISBN-10: 1337281646 ISBN-13: 9781337281645)

COURSE GRADING:

1. Weekly Assignments 30% Submit weekly assignments2. Weekly Forums 20% Post at least two messages to weekly forum2. Three (3) exams 30% All exams are comprehensive3. Final Project 10% Your professional project on PowerPoint slides4. Video Presentation 10% Your professional presentation on the videoTotal 100%

GRADE SCALE:

A 94 and above

B 84-86

C 74-76

A- 90-93

B- 80-83

C- 70-73

B+ 87-89

C+ 77-79

F Below 60

FINAL EXAM: NO

Final project and video presentation will replace the final exam.

COURSE CONTENT/OUTLINE:Module 1 Introduction to Information Security a. History of Information Security b. Critical Characteristics of Information c. The Security Systems Development Life Cycle

Module 2 The Need for Security a. Business Needs First b. Threats and Attacks c. Secure Software Development

Module 3 Legal, Ethical, and Professional Issues in Information Security a. Laws and Ethics in Information Security b. Codes of Ethics and Professional Organizations

Module 4 Planning for Security a. Information Security Policy, Standards, and Practices b. The Information Security Blueprint c. Security Education, Training, and Awareness Program

Module 5 Risk Management a. Risk Identification b. Risk Assessment c. Risk Control Strategies

Module 6 Security Technology: Access Controls, Firewalls and VPNs a. Access Control Devices b. Firewalls c. Protecting Remote Connections

Module 7 Security Technology: Intrusion Detection and Prevention Systems, and Other Security Tools a. Intrusion Detection and Prevention Systems b. Scanning and Analysis Tools

Module 8 Physical Security a. Physical Access Controls b. Fire Security and Safety c. Mobile and Portable Systems

Module 9 Implementing Information Security a. Information Security Project Management b. Technical Topics of Implementation

Module 10 Security and Personnel a. Positioning and Staffing the Security Function b. Employment Policies and Practices

Module 11 Information Security Maintenance a. Security Management Models b. The Maintenance Model c. Digital Forensics

Module 12 Final Project and Final Presentation a. Final Project on PowerPoint slides b. Final Presentation on Video


Course Syllabus

CYB 703: Network Security


PROFESSOR(s): Ankur Chattopadhyay, PhD

PHONE(s): (920) 465-5679

E-MAIL(s): [email protected]

COURSE DESCRIPTION:

Examines network architectures, threats and attack surfaces exploited by these threats. Students will look at network traffic inspection, common attacks and defensive techniques like encryption, network segmentation, firewalls, application proxies, honeypots, DMZs, monitoring networks using: intrusion detection and intrusion prevention systems, and network access control.

COURSE CREDITS: 3


● Competency A: Analyze and resolve security issues in networks and computer systems to secure an IT infrastructure

o Program Outcome 1: Interpret and analyze computer operating systems in context of networking layers, architecture (OSI Model) and network communication protocols

o Program Outcome 2: Interpret and analyze network protocolso Program Outcome 3: Design, evaluate, and test systems including networks,

computers, and hardware for security requirements


● Understand essential Transmission Control Protocol/Internet Protocol (TCP/IP) behavior and applications used in IP networking

● Explain the fundamental concepts of network security

● Recognize the impact that malicious exploits and attacks have on network security

● Identify network security tools and discuss techniques for network protection

● Describe the fundamental functions performed by firewalls

● Assess firewall design strategies

● Describe the foundational concepts of VPNs

● Describe network security implementation strategies and the roles each can play within the security life cycle

● Appraise the elements of firewall and VPN implementation and management

● Identify network security management best practices and strategies for responding when security measures fail

● Grasp layered network security strategies, secure network design and best practices and strategies for network security and incident response

INTERNAL PREREQUISITES: None

TEXTS/LEARNING RESOURCES: (software, web-based resources, other required resources/materials)

●Required: Stewart, James M. Network Security, Firewalls, and VPNs. 2nd edition.

Burlington, MA: Jones & Bartlett Publishers, 2014 (ISBN-13: 978-1-284-03167-6) -

Including Virtual (Remote Online) Security Labs from Publisher

COURSE GRADING: Grades will be assessed using a variety of methods to include…

●Writing Assignments

●Lab Assignments

●Online Class Discussions

●Projects

●Final Exam

GRADE SCALE:

FINAL EXAM: YES

COURSE CONTENT/OUTLINE: (Create as Modules not as Weeks…Courses need to fit into 15 or 11 week formats):

I. Module 1: Essential TCP/IP Network Protocols and Applicationsa. Fundamentals of Network Security

i. IPv4 Versus IPv6 ii. DNS

b. Firewall Fundamentals i. TCP/IP Basics

c. Chapter 5, Network Security Implementation i. Seven Domains of a Typical IT Infrastructure ii. Protocols iii. Common Types of Addressing II. Module 2: Network Security Basics

a. Fundamentals of Network Securityb. Familiar Domainsc. Selecting Security Countermeasures

III. Module 3: Network Security Threats

a. Network Security Threats and Issuesb. NIST SP 800-30: Guide for Conducting Risk Assessmentsc. Social Engineering Defense Issues

IV. Module 4: Network Security Tools and Techniques

a. Network Security Implementation i. Controlling Communication Pathways

b. Firewall Basics

i. Intrusion Detectionc. Host-Based vs. Network-Based IDSs/IPSs

V. Module 5: Firewall Fundamentals

a. Firewall Fundamentalsb. Ingress and Egress Filtering

VI. Module 6: Firewall Design Strategies

a. Firewall Basicsb. Firewall Deployment Considerationsc. Firewall Security Strategies

VII. Module 7: VPN Fundamentals

a. VPN Fundamentalsb. VPN Managementc. VPN Technologies

VIII. Module 8: Network Security Implementation Strategies

a. Network Security Implementationb. System Hardeningc. Security Concerns and Mitigation Strategies

IX. Module 9: Firewall and VPN Implementation and Management

a. Firewall Management and Securityb. Using Common Firewallsc. Firewall Implementationd. Real-World VPNs

X. Module 10: Network Security Management

a. Network Security Managementb. Perspectives, Resources, and the Futurec. NIST SP 800-61: Computer Security Incident Handling Guide


Course Syllabus

CYB 705: Sociological Aspects of Cybersecurity


PROFESSOR(s): Chad R. Johnson

PHONE(s): 715-346-2020


COURSE DESCRIPTION (50-word limit):

Presents the principles of applied sociology that account for the human factors in security systems. Topics include an examination of the human role in cybersecurity, the role of security in the context of an organization, and a special focus on the development and implementation of cybersecurity policies.

COURSE CREDITS: 3


● Competency C: Develop policies and procedures to manage enterprise security riskso Program Outcome 9: Evaluate and create security policies and processes for an

organization and apply appropriate security frameworkso Program Outcome 10: Implement identity and access management controls

● Competency D: Evaluate and communicate the human role in security systems with an emphasis on ethics, social engineering vulnerabilities, and training




● Develop cybersecurity policies that are effective and ethical.

● Analyze security systems and solutions for weaknesses related to human interaction.

● Develop and implement effective security awareness training programs.

● Recognize the role of information assurance and security in the context of a larger organization.

● Explain the impact and influence of technology on human behavior, with emphasis on privacy and compliance.

● Develop appropriate identity and access managements policies and recognize access control models.



● Social Theory After the Internet: Media, Technology, and Globalization. Ralph Schroeder. ISBN: 9781787351226 (https://www.uclpress.co.uk/products/95132) (Open-Access PDF)

● Technology and Social Theory. Steve Mathewman. ISBN: 9780230577572.

COURSE GRADING: Grades will be assessed using a variety of methods to include:

● 2 exams (mid-term and final) – 20% each (40%)

● 2 writing assignments (1500-4000 words) – 10% each (20%)

● 4 article abstracts – 10% each (40%)

GRADE SCALE:

A: score >= 90 A-: 87 <= score < 90

B+: 83 <= score < 87

B: 80 <= score < 83

B-: 77 <= score < 80

C+: 73 <= score < 77

C: 70 <= score < 73

C-: 65 <= score < 70

D: 60 <= score < 65

F: score < 60

FINAL EXAM: YES

COURSE CONTENT/OUTLINE:

I. Introduction to Social Theory a. Social Theory After the Internet b. Technology Use and Society

II. Sociological Theories of Technology Use

III. Human Factors in Technology a. Security – Human Technology Interaction b. Influence of Human Behavior

IV. Cybersecurity Ethics a. Human Elements in Security c. Ethical Responsibilities of the Cybersecurity Professional

V. Cybersecurity Policiesa. Role of Cybersecurity in Organizationsb. Role of Cybersecurity for Individualsc. Security Metrics / Analysis

VI. Security Awareness

VII. Access Control Models

VIII. Identity and Access Management Principlesa. Access Control Policies

IX. Social Engineering

X. Physical Security

XI. Cybersecurity Philosophy


Course SyllabusCYB 707: Cybersecurity Program Planning and Implementation


PROFESSOR(s): Susan Lincke, PhD CISA CRISC

PHONE(s): (XXX) XXX-XXXX


COURSE DESCRIPTION:

Provides instruction on the process used to develop and maintain appropriate security levels for an organization with a focus on implementing a comprehensive security program, a documented set of security policies, procedures, guidelines, and standards. Topics include security planning, strategies, controls, and metrics for measuring the effectiveness.

COURSE CREDITS: 3



o Program Outcome 3: Design, evaluate, and test systems including networks, computers, and hardware for security requirements

● Competency C: Develop policies and procedures to manage enterprise security riskso Program Outcome 7: Conduct security risk management assessmentso Program Outcome 8: Develop and implement threat management frameworko Program Outcome 9: Evaluate and create security policies and processes for an


● Competency E: Interpret and forensically investigate security incidentso Program Outcome 14: Develop and implement an incident response strategy


● Design security for an organization from a business perspective, including information security, network security, physical security, business continuity, audit, metrics, and risk. (Overall course objective)

Detailed course objectives:

● Develop an action plan to combat security fraud

● Apply HIPAA privacy and security rules and controls to a practical scenario

● Analyze business impact of disaster recovery and plan for business continuity

● Select technologies to implement security controls and monitor security incidents

● Define and discuss the concepts for network security controls and secure network services

● Analyze and select technical and policy solutions for physical and personnel security

● Assess security risks and conduct financial analysis for business risk

● Develop an incident response plan and apply concepts of incidence response

● Describe business-driven and technology-driven metrics for security

● Conduct a security audit and prepare/present the audit report

● Document security policies, standards, procedures and guidelines.

INTERNAL PREREQUISITES: CYB 700: Fundamentals of Cybersecurity

REQUIRED TEXT(S) AND/OR LEARNING MATERIALS:

● Textbook: Susan Lincke, Security Planning: An Applied Approach, Springer, 2015, ISBN: 978-3-319-16027-6.

● Additional software or other materials: Associated with text: Security Workbook, Health First Case Study


● Homework: 35%

● Quizzes: 15%

● Two Exams: 25% each

GRADE SCALE:

A= 90% B=80% C=70% D=60% F<60%

Plus grades are assigned for grades within 2% of the next higher grade.Minus grades are assigned for grades within 2% of the next lower grade.

FINAL EXAM: YES


I. Security Awareness (Chapter 1)a. With Security, Every Person Counts b. Protecting Yourself c. Criminal Attacks to an Organization

II. Fraud (Chapter 2)

a. Internal Fraudb. Defenses Against Internal Fraud c. Recognizing Fraud d. External Fraude. Identity Theftf. Social Engineering g. Receipt, Check, and Money Order Scamsh. Developing an Action Plani. Advanced: A Fraud Investigation

III. HIPAA (Chapter 14, optional Chapter 3)a. Introduction and Vocabulary b. HITECH Breach Notification c. HIPAA Privacy Rule d. Patient Rights e. Disclosures f. HIPAA Security Rule g. Administrative Requirements h. Physical Security i. Technical Controls

IV. Business Continuity & Disaster Recovery (Chapter 5)a. Analyzing Business Impact b. Planning for Business Continuity c. Recovery Sites d. High-Availability Solutions e. Cloud Services f. Disk Backup and Recoveryg. Preparing for IT Disaster Recovery h. Advanced: Business Continuity for Mature Organizations

i. Advanced: Considering Big Data Distributed File Systems

V. Information Security (Chapter 7)a. Important Concepts and Roles b. Design: Classifying Data for CIA c. Selecting Technology and Implementation Options d. Authentication: Login or Identificatione. Access Control: Permissions f. Logs: Accountability g. Audit h. Advanced: Administration of Information Securityi. Advanced: Designing Specialized Information Security j. Big Data: Data Warehouses k. Designing Highly Secure Environments

VI. Network Security (Chapter 8)a. Important Concepts b. How Crackers Attack c. Filtering Packets to Restrict Network Access d. Defining Network Services

i. Step 1: Determine Services: What, Who, Where? 138ii. Step 2: Determine Sensitivity of Services

iii. Step 3: Allocate Network Zones iv. Step 4: Define Controls

e. Defining Controls f. Confidentiality Controls g. Authenticity and Non-repudiation h. Integrity Controls i. Anti-hacker Controls j. Defining the Network Architecturek. Advanced: How It Works

VII. Physical & Personnel Security (Chapter 9, 10)a. Selecting Availability Controls b. Selecting Confidentiality/Integrity c. Controls Building Entry Controls d. Room Entry Controls e. Computer and Document Access Control f. The Public Uses Computers g. The Public and Point of Sales Devices h. Controlling Employee Threats i. Preventive Controls j. Detective (and Deterrence) Controlsk. Corrective Controls l. Training for Security m. Tools to Manage Security n. Configuration Management and Change Control o. Service Level Agreements

VIII. Risk (Chapter 4)a. Risk Management Overview b. Assessing Risk

i. The Ethics of Risk

c. Advanced: Financial Analysis with Business Riski. Advanced: Risk for Larger Organizations

IX. 9. Incident Response (Chapter 11)a. Important Statistics and Concepts b. Developing an Incident Response Plan c. Preparation Stage d. Identification Stage e. Containment and Escalation Stage f. Analysis and Eradication Stage g. Notification and Ex-Post Response Stages h. Recovery and Lessons Learned Stages i. Preparing for Incident Response j. Advanced: Computer Investigation and Forensics k. The Judicial Procedure

X. Metrics (Chapter 12)a. Considering Business-Driven Metricsb. Implementing Technology-Driven Metrics

XI. Audit (Chapter 13)a. Testing Internally and Simple Auditsb. Gathering Information, Planning the Audit c. Reviewing Internal Controls d. Performing Compliance and Substantive e. Preparing and Presenting the Report f. Example: PCI DSS Audits and Report on Complianceg. Professional and External Auditing h. Audit Resources i. Sampling j. Evidence and Conclusions k. Variations in Audit Types

XII. Security Governance (Chapter 6) a. Documenting Security: Policies, Standards, b. Procedures and Guidelines

i. Maturing the Organization via Capability Maturity c. Models and COBIT d. Strategic, Tactical and Operational Planning e. Allocating Security Roles and Responsibilities


Course Syllabus

CYB 710: Introduction to Cryptography

COURSE DELIVERY MODE: Online

PROFESSOR(s): David Penniston

PHONE(s): (920)-424-3012


COURSE DESCRIPTION:

Introduces fundamentals of applied cryptography, including encryption and decryption, symmetric and asymmetric systems, pseudorandom functions, block ciphers, hash functions, common attacks, digital signatures, key exchange, message authentication and public key cryptography. Covers implementation of cryptographic systems in approved programming

language, and survey of relevant mathematical concepts, including elementary number theory.

COURSE CREDITS: 3


● Competency B: Design, develop, test, and evaluate secure softwareo Program Outcome 5: Implement effective cryptographic systems and assess their

vulnerabilities

● Competency B: Design, develop, test, and evaluate secure software o Program Outcome 4: Implement best practices in secure software development

COURSE OBJECTIVES: Upon successful completion of this course, students will be able to do the following.

● Identify the elements and desired properties of a cryptographic system.● Understand the roles of, and differences between, symmetric and asymmetric systems.● Identify cryptographic tools and techniques appropriate for a given task.● Describe the strengths and weaknesses of various cryptographic algorithms and the issues

involved in their effective implementation.



● Understanding Cryptography: A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl, Springer (ISBN-13: 978-3642041006)

● Course materials posted on Canvas

COURSE GRADING: The course grade will be based on homework assignments (50%), class discussion (10%) and a final project (40%). Homework will be assigned on an ongoing basis during the term, with students periodically submitting subsets of this work for grading (some assignments will include a programming component). Discussion will be more informal, providing an opportunity for students to participate in dialog that allows them to solidify and demonstrate their mastery of the material. The final project will require students to exhibit both a theoretical and a practical understanding of the central course topics.

GRADE SCALE: A: 90-100 B: 80-89 C: 65-79 F: 64 and lower FINAL EXAM: NO

A final project will be used in place of a final exam.


I. Uses of cryptography a. Securing data and communications b. Confirming identity of senders and integrity of messages

II. Mathematical foundations a. Functions b. Elementary number theory

III. Elements of cryptographic systems a. Encryption and decryption b. Pseudorandom functions c. Hash functions d. Block and stream ciphers

IV. Types of cryptographic systems a. Symmetric and asymmetric systems b. Public key cryptography

V. Security

a. Key management b. Message authentication c. Digital signatures d. Common attacks VI. Cryptographic protocols, algorithms, modes and standards a. Advanced Encryption Standard and Data Encryption Standard b. RSA, ElGamal and others


Course Syllabus

CYB 715: Managing Security Risk


PROFESSOR(s): Joshua Yue

PHONE(s): 608-342-3864


COURSE DESCRIPTION:

Covers risk management processes and tools, risk assessment and analysis models, economic and control implications, risk measurement, and the ethics of risk. Students will communicate the technical and management-aspects of risk, based on research of their chosen industry, related regulation, recent industry reports, and risk implications to organizations, individuals and the nation.

COURSE CREDITS: 3


● Competency C: Develop policies and procedures to manage enterprise security riskso Program Outcome 7: Conduct security risk management assessmentso Program Outcome 8: Develop and implement threat management frameworko Program Outcome 9: Evaluate and create security policies and processes for an



● Understand the importance of risk management in an organizational IT security management

● Apply cybersecurity risk management standards and best practices

● Apply risk management tools and techniques to cybersecurity risk assessments

● Adapt risk management methods and skills to their current area of expertise in cybersecurity

● Express cybersecurity risks to a decision maker of any level in an understandable manner



● Risk Assessment: Theory, Methods, and Applications by Marvin Rausand, ISBN-13: 978-0470637647

COURSE GRADING: Grades will be assessed using a variety of methods to include quizzes, homework assignments, discussions, and reports.

GRADE SCALE: Graduate-level A-F Grading:A : > 94% A- : > 90%B+ : > 87.5% B : > 85% B- : > 80%C+ : > 77.5% C : > 70% F : < 70%

FINAL EXAM: NO

Students need to submit a final report.


I. Fundamentals of risk management a. Definition of risk b. Measurement scales c. Basics of risk and decision theory d. Elements of probability theory e. Risk management process

II. Risk management tools and techniquesa. Cause and Consequences Analysis (CCA)b. Preliminary Hazard Analysis (PHA)c. Hazard and Operability Analysis (HAZOP)d. Failure Mode and Effects Analysis (FMEA)e. Fault Tree Analysis (FTA)f. The principle of “as low as reasonably practicable” (ALARP)

III. DOD risk management framework (RMF)a. Component of the frameworkb. Concepts and principles of RMFc. RMF lifecycle – 6 stepsd. Application of risk management frameworke. Comparison of DoD RMF and Information security management system (ISMS)

IV. Ethics rules for risk management


Course Syllabus

CYB 720: Communication in Cybersecurity


PROFESSOR(s): Dr. Jennifer Butler Modaff

PHONE(s): 608-785-6717


COURSE DESCRIPTION: Research, organize, and present technical information to audiences with varying goals and technical needs. Emphasis on ethics, critical thinking, listening skills, and feedback to develop effective messages utilizing verbal and nonverbal communication strategies and visual aids. Individual and group presentations and projects will emulate professional scenarios in cybersecurity.

COURSE CREDITS: 3


● Competency D: (Evaluate and communicate the human role in security systems with an emphasis on ethics, social engineering vulnerabilities, and training)

● Program Outcome 12: Engage in ethical decision-making and apply ethical principles to cybersecurity

● Program Outcome 13: Engage in professional collaboration and communication with technical and nontechnical stakeholders on issues related to security


● Analyze an audience and adjust presentations to meet the needs of that audience● Plan and implement ethical communication strategies to obtain desired results● Critically evaluate and provide feedback to messages


TEXTS/LEARNING RESOURCES (software, web-based resources, other required resources/materials)

COURSE GRADING: Grades will be assessed using a variety of methods to include presentations, portfolios, small group activities, and written projects.

GRADE SCALE

Letter Grade Percentage

A 93-100%

A/B 89-92.99%

B 83-88.99%

B/C 78-82.99%

C 70-77.99%

D 60-69.99%

F 0-59.99%

FINAL EXAM: No, instead of an exam there will be a final project.

COURSE OUTLINE (11 week format)

I. Communication and Ethics in Cybersecuritya. Communication Competenceb. Ethical Communicationc. Ethical Codes and Frameworks

II. Nonverbal Communicationa. Proxemicsb. Vocalics

III. Communication and Culturea. Influence of organizational culture on message/communicationb. Influence of societal culture on message/communication

IV. Interpersonal Communicationa. Relationships at Workb. Interpersonal conflict

V. Listening and Feedback

a. Barriers to listeningb. Giving verbal and nonverbal feedback

VI. Audience Analysisa. Assessing topic and situationb. Assessing audience needs (Technical and Nontechnical Audiences)

VII. Informative Presentationsa. Researching and writing informative presentationb. Supporting materialsc. Presentations Types: Technical and Policy

VIII. Presentational Skillsa. Delivery methodsb. Ethical language

IX. Presentational Aidsa. Planning and using presentational aidsb. Accessibility

X. Anxiety, Technology, and Other Obstaclesa. Public Speaking Anxietyb. Adapting to Audience Communication Needs

i. Technical and Nontechnical Audiences ii. Reluctant or Hostile Audiences

XI. Persuasive Presentationsa. Foundations of Persuasionb. Persuasive Communicationc. Presentation Types: Technical, Policy, and Strategy/Change

XII. Group Communicationa. Group Presentationsb. Conflict Management

XIII. Training and Developmenta. Developing and Delivering Training Sessionsb. Creating Training Materials

(Note: Any local policies required by your individual campus….e.g. disability policy language… should be added to all courses following your receipt of the final Combined Syllabi document and prior to distribution to your campus governance approval groups.)


Course Syllabus

CYB 725: Computer Forensics and Investigations


PROFESSOR(s): JACK TAN

PHONE(s): (715) 836-2408


COURSE DESCRIPTION: Provides instruction on the investigative and forensics processes of digital evidence with a focus on identifying indicators of compromise, the use of common forensics tools, and the preservation of forensics tools. Topics include forensics iconology, and the analysis of disk, memory, chip-off, mobile device, and OS artifacts.

COURSE CREDITS: 3



o Program Outcome 1: Interpret and analyze operating system and machine level structures

● Competency E: Interpret and forensically investigate security incidentso Program Outcome 14: Develop and implement an incident response strategyo Program Outcome 15: Identify and assess attacks and reverse engineer them

through forensicso Program Outcome 16: Interpret legal implications of security incidents and

conduct sound investigations

COURSE OBJECTIVES:

● Understand different aspects of digital evidence: ways to uncover illegal or illicit activities left on disk and recovering files from intentionally damaged media with computer forensics tools and techniques.

INTERNAL PREREQUISITES: CYB 700: Cybersecurity Fundamentals; CYB 703: Network Security


● Digital Forensics with Open Source Tools. Cory Altheide and Harlan Carvey, ISBN: 978-1-59749- 586-8, Elsevier publication, April 2011 2.

● Computer Forensics and Cyber Crime: An Introduction (3rd Edition) by Marjie T. Britz, 2013.

COURSE GRADING:

CANVAS-submitted assignments

GRADE SCALE: A: 90 - 100B: 80 – 89C: 70 – 79F: 0 - 69

FINAL EXAM: NO

Final assessment of tools and processes for a complete digital forensic analysis of each topic covered by the modules.


I. Introduction to Computer Forensics a. Computer Forensics vs. E-Discovery b. Clients/employers interactions

i. Client Contractsii. Legal and privacy issues

c. Software Licensing d. Ethical Conduct Issues e. Cases that may include digital evidence f. Forensic Examination Procedures g. Determining Scope of Examinations h. Hardware and Imaging Issues i. USB and Optical Media Examination j. Forensically Sterile Examination Media k. Examination Documentation and Reports

l. General Overview of Boot Process and Operating Systems m. BIOS History n. Networked Computers o. Media Acquisition p. Acquisition Documentation q. Chain of Custody

II. Imaging a. Imaging Theory and Process b. Imaging Methods c. Write Blocking d. Imaging Flash Drives e. Wiping, Hashing, Validation, Image Restoration, Cloning, Unallocated Space f. Drive Partitioning

III. File Signatures, Data Formats & Unallocated Space a. File Identification/Headers/Types/Viewers b. Compressed Files Analysis c. Data Carving

IV. FAT File System a. Logical structures of DOS and Windows Operating System b. Master Boot Record c. File Allocation Table d. Directory Entries e. Clusters f. Unallocated Space

V. NTFS a. Basic Terms b. Basic Boot Record Information c. Time Stamps d. Recycle Bin e. File Manipulation f. Examining NTFS Drives

VI. Registry & Artifacts a. Boot Disk b. Data Recovery c. Windows Swap and Page Files d. Windows Registry Analysis e. Internet Cache Files, Cookies and Internet Sites f. Microsoft Outlook g. MSMAIL h. Logical Structures i. Tracking User Specific Computer Use j. Internet Explorer Cache Index k. Basic Mail Issues

l. Basic Internet Issues m. Common Situations Encountered during Examinations n. Password Protection and Defeating Passwords o. Compound Documents p. Examining CDR Media

VII. Forensic Policy, Case Writing, Legal Process & Forensic Tool Kits a. Use of Policy and Checklists in Forensic Practice b. Case Report Writing c. Legal Process d. Expert Admission e. Going to Court f. Use of Forensic Tools and Software

VIII. Introduction to Mobile Data Exploitation a. Mobile Phone Extraction Process

i. Collection/Isolation/Interrogation/Imaging/Analysis b. Mobile Networks c. International Mobile Subscriber Identity d. Use of Forensic Tools and Software


Course Syllabus

CYB 730: Computer Criminology


PROFESSOR(s): Chad R. Johnson

PHONE(s): 715-346-2020



A primer on modern criminology with specific attention to the aspects of technology that facilitate criminal behaviors. Topics include computer crime laws, criminological theories of computer crime, court room and evidentiary procedure, idiographic and nomothetic digital profiling, computer crime victimology, habit/authorship attribution, stylometry, and case linkage analysis.

COURSE CREDITS: 3




● Competency E: Interpret and forensically investigate security incidents o Program Outcome 15: Identify and assess attacks through forensicso Program Outcome 16: Interpret legal implications of security incidents and

conduct investigations using industry best practices


● Examine and interpret digital evidence.

● Perform case linkage analysis and understand the process of idiographic and nomothetic digital profiling.

● Perform stylometric and forensic iconological analysis of text and images, with the goal of habit/authorship attribution and behavioral analysis.

● Understand the legal process and procedure relevant to expert testimony of digital evidence.

● Understand and apply existing computer crime laws and constitutional law as it applies to technology usage.

● Interpret the legal implications of security incidents, including evidence chain of custody and the steps of the investigative process.

● Apply criminological theory to the investigation, apprehension, and study of computer criminals.

● Assess trends in computer criminology and the evolution of victimology in computer crimes.



● The Human Factor of Cybercrime (Routledge Studies in Crime and Society). Rutger Leukfeldt (Editor), Thomas J. Holt (Editor). ISBN: 9781138624696.

● Prosecuting Computer Crimes. Office of Legal Education Executive Office for United States Attorneys. https://www.justice.gov/sites/default/files/criminal-ccips/legacy/2015/01/14/ccmanual.pdf


● 2 exams (mid-term and final) – 20% each (40%)

● 2 writing assignments (1500-4000 words) – 10% each (20%)

● 4 article abstracts – 10% each (40%)

GRADE SCALE:

A: score >= 90 A-: 87 <= score < 90

B+: 83 <= score < 87

B: 80 <= score < 83

B-: 77 <= score < 80

C+: 73 <= score < 77

C: 70 <= score < 73

C-: 65 <= score < 70

D: 60 <= score < 65F: score < 60

FINAL EXAM: YES


I. Introduction to Computer Criminology a. Forensic and Investigative Processes b. Sociological Aspects of Technology Use

II. The Role of Computers in Crime a. Qualities of Evidence b. Deductive and Inductive Reasoning

III. Forensic Iconology

IV. Computer Crime Laws b. Intellectual Property c. Privacy

V. Constitutional Law a. Obscenity b. Search and Seizure c. Fifth Amendment, passwords, and encryption

VI. Criminological Theories & Cybercrimea. Nomothetic Profiling

VII. Idiographic Digital Profilinga. Correlates of Computer Crimeb. Digital Behavioral Analysisc. Establishing Behavioral Profiles

VIII. Connecting Computer Crimes to Criminalsa. Correlated Usage Patternsb. Case Linkage Analysis

IX. Stylometry

X. Legal Process and Procedure

XI. Habit/Authorship Attribution


Course Syllabus

CYB 735: Network Forensics


PROFESSOR(s): Susan Lincke, PhD CISA CRISC

PHONE(s): (XXX) XXX-XXXX


COURSE DESCRIPTION:

Covers protocol analysis, identification of malicious behavior in systems, and forensic investigations through event log aggregation, correlation and analysis. Students will analyze clips of wired and wireless network protocol analysis to discern methods of attacks and malicious activities.

COURSE CREDITS: 3



o Program Outcome 2: Interpret and analyze network protocols

● Competency E: Interpret and forensically investigate security incidentso Program Outcome 15: Identify and assess attacks through forensicso Program Outcome 16: Interpret legal implications of security incidents and



● Analyze clips of network protocol analysis to discern methods of attacks and malicious activities;

● Aggregate and correlate logs to discern methods of attacks and malicious activities.

INTERNAL PREREQUISITES: CYB 703 Network Security

TEXTS/LEARNING RESOURCES: Network Forensics (TBD)

COURSE GRADING: Grades will be assessed using a variety of methods to include…Problem Set Quizzes: 30%Paper 20%Presentation & Participation 10%Two Exams: 20% x 2 = 40%

GRADE SCALE: A= 90% B=80% C=70% D=60% F<60%

Plus grades are assigned for grades within 2% of the next higher grade.Minus grades are assigned for grades within 2% of the next lower grade.

FINAL EXAM: YES


I. Sniffing: IP/ICMP Protocol & Attacks: Includes protocol analysis

II. TCP Protocol & Attacks

III. Other Protocols & Attacks: Ethernet, ARP, DHCP, SMTP, DNS, NetBIOS, …

IV. Wireless Protocols & Attacks

V. Investigation and Evidence Acquisition

VI. Flow Analysis

VII. Network Intrusion Detection & Analysis

VIII. Event Log Aggregation, Correlation and Analysis

IX. Devices: Switches, Routers, Firewalls and Web Proxies

X. Network Tunneling: IPsec

XI Malware Forensics


Course Syllabus

CYB 740: Incident Response and Remediation


PROFESSOR(s): Anthony Varghese

PHONE(s): 715-425-3335



Students will learn about the phases of an incident response system, and the use of IDS and forensics, dealing with false alarms and the remediation process to minimize business impact, plan business continuity, and work with law enforcement, auditors, insurance, and compliance in how to prevent future incidents.

COURSE CREDITS: 3




● Competency C: Develop policies and procedures to manage enterprise security risks.o Program Outcome 7: Conduct security risk management assessmentso Program Outcome 8: Develop and implement threat management frameworko Program Outcome 9: Evaluate and create security policies and processes for an

organization and apply appropriate security frameworks




o Program Outcome 13: Engage in professional collaboration and communication with technical and nontechnical stakeholders on issues related to security

● Competency E: Interpret and forensically investigate security incidentso Program Outcome 14: Develop and implement an incident response strategyo Program Outcome 16: Interpret legal implications of security incidents and



● Understand the steps involved responding to a cybersecurity incident

● Build an incident response team within an organization

● Plan for actions to minimize impacts of incidents on business

● Understand how to work with law enforcement and external organizations after an incident



COURSE GRADING: Grades will be assessed using a variety of methods to include quizzes, papers, discussions, and labs.


FINAL EXAM: NO, students will submit a final report.

COURSE CONTENT/OUTLINE (Create as Modules not as Weeks…Courses need to fit into 15 or 11 week formats):

I. Planning and Preparation for Incident Response a. Overview of Incident Response b. Setting up a Cross-Functional Organization-Wide Incident Response Team c. Preparation and Communications for Incidents

II. Identification of Threat and Notification a. Use of Intrusion Detection and Forensics Tools b. Gathering Intelligence c. Raising Alarms Without Alerting Attackers

III. Threat Containment and Eradication a. Containing an Active Attack b. Isolating the Threat

IV. Recovery and Reporting a. Data and Service Recovery b. Reporting an Attack and Lessons Learned c. Privacy Implications

V. Law Enforcement, Auditors, Insurance, and Compliance Bodies a. Reporting Cybercrimes and Working with Legal Teams b. Reporting Incidents to Compliance Bodies, Insurance Underwriters and Auditors


Course Syllabus

CYB 745: Secure Operating Systems

COURSE DELIVERY MODE: Online

PROFESSOR(s): George Thomas

PHONE(s): (920)-424-2069


COURSE DESCRIPTION:

Covers operating systems security infrastructure. Topics include, for a given operating system (Windows/Linux), updates and patches, access controls and account management, configuration management, hardening and securing services, and the use of scripting languages to automate security management. Additional topics may include auditing and forensics, virtualization and cloud computing.

COURSE CREDITS: 3




● Competency B: Design, develop, test, and evaluate secure software o Program Outcome 4: Implement best practices in secure software development

● Competency C: Develop policies and procedures to manage enterprise security riskso Program Outcome 10: Implement identity and access management controls


● Securely install a given OS, remove or shut down unnecessary components and services, close unnecessary ports, and ensure that all patches and updates are applied.

● Set up user accounts, and configure appropriate authentication policies and audit capabilities, and review security logs.

● Perform back-ups and restore the system from a backup.

● Demonstrate proficiency in the use of scripting languages to automate system administration tasks.



● UNIX and Linux System Administration Handbook (5th Edition) by Evi Nemeth, Garth Snyder, Trent R. Hein, Ben Whaley, Dan Mackin, Addison-Wesley Professional.

● Mastering Windows PowerShell Scripting: Automate and manage your environment using PowerShell Core 6.0, 3rd Edition by Chris Dent, Packt Publishing

COURSE GRADING: The course grade will be based on homework assignments and labs (60%), class discussion (10%) and projects (30%). Homework and labs will be assigned on an ongoing basis during the term. Discussion will be more informal, providing an opportunity for students to participate in dialog that allows them to solidify and demonstrate their mastery of the material. Projects will focus on longer programming and design components.

GRADE SCALE: 90-100 A, 80-89 B, 65-79 C, 64 and lower F

FINAL EXAM: NO

Projects will be used in place of exams.

COURSE CONTENT/OUTLINE:I. Secure OS Installation and Hardening

a. Patch Management and Software Updatesb. Hardening through removal of unnecessary services, components and ports

II. User Account Managementa. User restrictions, access controls and authorizationsb. Password Policies, Authentications Methods, and Group Policies

III. Configuration Managementa. Managing System Servicesb. Command line interfacesc. Event Logging and Auditing

IV. File System Security

a. File system maintenance and isolation of sensitive datab. Backup and Restoring Data

V. Scriptinga. Scripting languages and Regular expressionsb. Implementation of basic security concepts - Permissions, bounds checking, input

validation, type checking and parameter validationc. Automation of secure system administration tasks

UNIVERSITY OF WISCONSINMaster of Science in Cybersecurity

Course Syllabus

CYB 750: Offensive Security & Threat Management


PROFESSOR(s): Jack Tan

PHONE(s): (715) 836-2408



Covers active defenses such as penetration testing, log management, hacking, threat management and system posturing. Students completing this course will have an understanding of, and the ability to preemptively secure computer and network resources by utilizing information about threats, actors and attack vectors and the ethics behind using this data.

COURSE CREDITS: 3

COURSE ALIGNMENT WITH PROGRAM OUTCOMES: This course addresses the following competencies and program outcomes of the Master of Science in Cybersecurity:

● Competency A: Analyze and resolve security issues in networks and computer systems to

secure an IT infrastructure o Program Outcome 1: Interpret and analyze operating system and machine level

structures o Program Outcome 3: Design, evaluate, and test systems including networks, computers,

and hardware for security requirements

● Competency D: (list the competencies and the program outcomes under each competency here)



● Competency E: (list the competencies and the program outcomes under each competency here)

o Program Outcome 14: Develop and implement an incident response strategyo Program Outcome 15: Identify and assess attacks through forensicso Program Outcome 16: Interpret legal implications of security incidents and conduct

investigations using industry best practices

COURSE OBJECTIVES: At the end of this course, students will be able to create and manage a purple team exercise. Students will also be able to create and utilize an offensive security program and demonstrate understanding of the ethics of offensive security.

INTERNAL PREREQUISITES: CYB 700: Cybersecurity Fundamentals; CYB 703: Network Security

TEXTS/LEARNING RESOURCES

● Software: Virtual infrastructure to support 4 vm, two servers, access point router and switch Internet access to connect into Palo alto vpn client and computer to access VM infrastructure.

● Cybersecurity and Cyberwar: What Everyone Needs to Know

● Cyber Warfare, Second Edition: Techniques, Tactics and Tools for Security Practitioners

COURSE GRADING: Grades will be assessed using a variety of methods to include…Labs and CANVAS submitted assignments

GRADE SCALE:

A 90 - 100B 80 - 89C 70 - 79F 69 - 0

FINAL EXAM: NO

Final task will be to complete a Purple team assessment of the opposing team’s network. This will be a two-castle attack and defend project. Over the course the team will secure their network infrastructure and then attach the opponent. The assessment will be a written report of what was completed, what was successful and how the opponent could remediate the vulnerability.

COURSE CONTENT/OUTLINE (Create as Modules not as Weeks…Courses need to fit into 15 or 11 week formats):

I. Intro Legala. Permissionb. Hack your own

II. Ethics POV (Point of View)a. Apple Glassb. Breaking it may be a good thing

III. Hardeninga. Patching OSb. Updating Softwarec. Firmware updating

IV. System usabilitya. Least Privilegeb. Controlled access

V. Blue teama. Monitoringb. Logging and Log managementc. Information and event awarenessd. Documentatione. SIEM

VI. Profiling Recona. Toolsb. Processes

VII. Vulnerability assessment a. Toolsb. Processesc. Services

VIII. Red teama. Teamworkb. Attack Plansc. Documentation

IX. Exploitationa. Once in what do we do

1 Data2 Accounts3 Ransom

b. Guarantee your continued accessc. Internal Recon

X. Purple teama. What is itb. Documentation processc. People involved


Course Syllabus

CYB 755: Security Administration



PHONE(s): 715-425-3335



Covers the policy and governance aspects of security. Topics include application of security policies, standards, procedures and guidelines to administration of IT and communications, assessment of compliance including contractual, legal, industry standard, privacy and regulatory requirements, and implementation of security audits and assessment of security performance and security policy efficacy.

COURSE CREDITS: 3











● Develop organization-wide security policies

● Understand the importance of good governance for security

● Assess the application of a security framework to an organization

● Understand how to create procedures, guidelines and processes

● Assess security performance and efficacy in an organization






COURSE CONTENT/OUTLINE :

I. Security Policiesa. Overview of Security Policies in an Organizationb. Communications and Network Securityc. Asset Security and BYOD issuesd. Identity and Access Managemente. Roles, Responsibilities, and Security Administration

II. Governance, Risk and Compliancea. Governance: Principles vs. Policiesb. Enterprise Risk Management: Security Standards, Procedures, and Guidelinesc. Compliance: Industry Regulations and Lawsd. Data Lifecycle and Administration

III. Contractual and Legal Requirementsa. State, US, and International Standards and Jurisdictionsb. US regulations: Sarbanes-Oxley, Gramm-Leach-Bliley, HIPAA, FERPA, Homeland

Security Act 2002, PIPEDA 2005, Cybersecurity Act of 2015c. International regulations: European Union NIS Directive and GDPR, Chinese

Cybersecurity and Antiterrorism Lawsd. Data Breach Disclosure Laws and Contractual obligationse. Privacy and Personally Identifiable Information

IV. Security Audit Administrationa. IT and security auditsb. Audit process and standardsc. ISACAd. Security Assessment and Testing

V. Security Performance and Awarenessa. Security Goals and Objectivesb. Data Driven Securityc. Assessing Policies and Implementationd. Reporting and Corrective Actione. Security Training and Awareness

VI. Technology Contextsa. Virtualizationb. Cloud Computingc. Mobile and Embedded Computing and the Internet of Thingsd. Software-Defined Networkinge. Containers


Course Syllabus

CYB 760: Cybersecurity Leadership and Team Dynamics


PROFESSOR(s): Dr. Jennifer Butler Modaff

PHONE(s): 608-785-6717


COURSE DESCRIPTION:

Focuses on leadership best practices and the interpersonal processes and structural characteristics that influence the effectiveness of teams. Emphasis will be placed on leadership models, principles of team building, group dynamics, problem solving, and crisis management in cybersecurity issues. Course will include case studies of modern security incidents.

COURSE CREDITS: 3


● Competency D: (Evaluate and communicate the human role in security systems with an emphasis on ethics, social engineering vulnerabilities, and training)




● Apply small group communication theory and concepts to real life scenarios

● Demonstrate increased awareness of your own and others’ communication behaviors in group and team settings

● Analyze and implement problem solving strategies to crisis situations

● Identify leadership models and strategies appropriate for relevant contexts



COURSE GRADING: Grades will be assessed using a variety of methods to include presentations, portfolios, and small group projects.

GRADE SCALE:

Letter Grade Percentage

A 93-100%

A/B 89-92.99%

B 83-88.99%

B/C 78-82.99%

C 70-77.99%

D 60-69.99%

F 0-59.99%

FINAL EXAM: No, instead of an exam there will be final project.


I. Team Dynamicsa. Features and types of small groupsb. Team socialization and roles

II. Diversity in Organizationsa. Cohesion and climate on teamsb. Strength and challenge of different perspectives

III. Virtual Teamsa. Planning and Managementb. Resources and challenges

IV. Team Decision Makinga. Ethics based decision making modelsb. Power and influence

V. Leadership a. Leadership Modelsb. Contingency Planning

VI. Project Management in Cybersecuritya. Planning, development, goal settingb. Strategic Planningc. Implementation

VII. Creativity and Innovation on Teamsa. Barriers to creativityb. Creating creative/innovative climate

VIII. Crisis Management in Cybersecuritya. Proactive crisis managementb. Crisis action teamsc. Communicating crisis

IX. Team Challengesa. Groupthink, Diversity Challenges, Resource Barriersb. Conflict Management

X. Performance Evaluationa. Active listening and feedbackb. Constructive criticism

XI. Current Leadership Issues in Cybersecuritya. Ethical Issues

i. Ethics & Cyberspaceii. Cybersecurity and Social Responsibility

b. Changing/evolving nature of Cybersecurity


Course Syllabus

CYB 765: Cybersecurity Management



PHONE(s): 715-425-3335



Covers management of cybersecurity policies and strategies at the organizational, national, and transnational levels. Examines the implications of key domestic and international regulations and changes in information technology and communications on security operations. Includes development of organizational security preparation, processes, and responses, and developing a disaster recovery program.

COURSE CREDITS: 3











● formulate a management strategy for cybersecurity

● assess cybersecurity risks for organizations

● assess the application of a security framework to an organization

● implement security policies using procedures and guidelines

● plan and manage cybersecurity operations







I. Information Technology and Cybersecuritya. Assets, IT Operations and Security b. IT and Communications Infrastructurec. Vulnerabilities, Threats, Risks, and Countermeasuresd. Authorization, Authentication and Nonrepudiation

II. Business Drivers, Security Policies and Controlsa. Overview of Security Policies in an Organizationb. Risk Management and Securityc. Business Process Reengineering for Securityd. Policy Lifecycle and Continuous Improvement: Tracking, Monitoring, and Reviewinge. Implications of Local, National, and Transnational laws

III. Security Frameworks and Auditinga. NIST and ISO/IECb. COBIT and COSOc. FISMA, FFIEC, and ITILd. PCI DSS and SSAE

IV. Cybersecurity Planninga. Attacks and Attack Surfacesb. Monitoring Assets: Preventive, Detective, and Corrective controlsc. Physical and Environmental Securityd. Disaster Recovery Planning

V. Cybersecurity Operations a. Hardening Resources and Enforcementb. Host and Network Forensicsc. PII, Consumer Rights, and Privacyd. Cybersecurity Assessmente. Security Failure and Incident Handling


Course Syllabus

CYB 770: Security Architecture


PROFESSOR(s): Joshua Yue

PHONE(s): 608-342-3864


COURSE DESCRIPTION:

Focuses on security architectures for the protection of information systems and data. Students completing this course can identify potential vulnerabilities in system architectures and design secure architectures. Topics include common enterprise and security architectures and their key design elements, such as secure cloud computing and virtualization infrastructures.

COURSE CREDITS: 3



o Program Outcome 2: Interpret and analyze network protocolso Program Outcome 3: Design, evaluate, and test systems including networks,

computers, and hardware for security requirements

● Competency B: Design, develop, test, and evaluate secure softwareo Program Outcome 4: Implement best practices in secure software developmento Program Outcome 6: Assess security implications for emerging software

technologies


● Understand security principles of domain separation, Least privilege, layered defense, resource encapsulation, psychological acceptability, and etc.

● Assess existing designs for security flaws and suggest improvements

● Evaluate security implications for common system architectures, such as cloud computing and edge computing

● Identify violations of security principles in existing system architectures

● Apply security principles and best practices to the design of system architectures

INTERNAL PREREQUISITES: CYB 703 Network Security


● Designing Security Architecture Solutions, by Jay Ramachandran

● Supplementary materials

COURSE GRADING: Grades will be assessed using a variety of methods to include quizzes, homework assignments, discussions, and reports


FINAL EXAM: NO

Students need to submit a final report.


I. Architecture and securitya. Security architecture basicsb. Architecture reviewsc. Security assessmentsd. Architecture patterns in securitye. Security componentsf. Security and architectural goalsg. Enterprise security architectures

II. Security design principlesa. Least privilegeb. Process isolationc. Separation of privileged. Least common mechanisme. Layered defensef. Resource encapsulation

g. Psychological acceptability

III. Security in common system architecturesa. Recent Cyber Incidents in the Cloudb. Analysis of typical attack methods in the Cloudc. Secure design in Cloud Computingd. Recent Cyber Incidents with IoTe. Analysis of typical attack methods in IoTf. Secure design in IoTg. Virtualization security


Course Syllabus

CYB 775: Applied Cryptography


PROFESSOR(s): Jonathan Totushek

PHONE(s): (715) 394-8066


COURSE DESCRIPTION:

Provides an in-depth study of modern cryptography. Topics include public key and private key cryptography, types of attacks, cryptanalysis, perfect secrecy, hashing, digital signatures, virtual private networks, and quantum key cryptography. Topics from number theory and discrete probability necessary for understanding current cryptosystems and their security will be covered.

COURSE CREDITS: 3


● Competency B: Design, develop, test, and evaluate secure softwareo Program Outcome 5: Implement effective cryptographic systems and assess their

vulnerabilitieso Program Outcome 4: Implement best practices in secure software development


● Identify and use public key and private key cryptosystems

● Understand different attacks and vulnerabilities for a cryptosystem

● Determine whether a cryptosystem is secure

● Understand and implement hash functions

● Understand how errors propagate through a cryptosystem.

INTERNAL PREREQUISITES: CYB 710 Introductory Cryptography

TEXTS/LEARNING RESOURCES: ● Applied Cryptography (29th Anniversary Edition) by Bruce Schneier. Wiley Publishing ISBN-10:

1119096723

● Some video lectures found on Canvas

COURSE GRADING: The grade will be determined from course discussions, homework assignments, and a project using the following:

1) Assignments 50% Typically weekly2) Discussions 30% Must contribute in each discussion topic each week3) Final Project 20%

GRADE SCALE:

A 94 and above

B 84-86C 74-76

A- 90-93

B- 80-83

C- 70-73

B+ 87-89

C+ 77-79

F Below 70

FINAL EXAM: NO

A final project will be used in place of a final exam.


Module I. Introductiona. Types of cryptosystems (Public Key and Private Key)b. Classical cryptography

Module II. Symmetric (private) Key Cryptographya. AES/DESb. Other Block Ciphers

Module III. Asymmetric (public) Key Cryptographya. Some Number Theoryb. Discrete Log Problemc. Public Key Exchanged. Elgamal PKCe. RSA PKCf. Elliptic Curvesg. Digital Signaturesh. One Way Hash Functionsi. Attacks on cryptosystems

Module IV. Additional Topicsa. Discrete Probability and Statisticsb. Perfect Secrecyc. Quantum Key Cryptographyd. Virtual Private Networks


Course Syllabus

CYB 780: Software Security


PROFESSOR(s): Ankur Chattopadhyay, PhD

PHONE(s): (920) 465-5679


COURSE DESCRIPTION:

Covers the foundations of engineering secure applications, including techniques used to engineer secure software and assess the security of applications. Topics include exploiting web vulnerabilities, secure development processes, implementing security features such as secure data storage and transmission, threat modeling, security requirements, code analysis, and penetration testing.

COURSE CREDITS: 3


● Competency B: Design, develop, test, and evaluate secure softwareo Program Outcome 4: Implement best practices in secure software developmento Program Outcome 6: Assess security implications for emerging software

technologies


● Describe the importance of secure software, and programming practices, development processes and methodologies that lead to a secure software

● Describe how system design and architecture affects security

● Apply security design principles

● Create a system design optimized to meet appropriate security requirements

● Apply modeling and vulnerability assessment to create a secure design

● Apply their knowledge to perform software security analysis, using common tools, against previously unknown software components



● Textso Software Security – Building Security In by Gary McGraw ISBN 978-

0321356703o Computer Security, 2nd Edition, by Matt Bishop ISBN 9 78-0321712332o Software Security – principles, policies, and protection by Mathias Payer [link]o Security Engineering by Ross Anderson [3rd Edition to be finished in early 2020,

previous edition is available] [link]o Hacking: The Art of Exploitation, 2nd Edition ISBN 978- 1593271441

● Other resourceso OWASP Zed Attach Proxy Project:

https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Projecto Attack sites

▪ www.webscantest.com

▪ www.insecurelabs.org

▪ hack.me

▪ hackthissite.org

▪ www.insecurelabs.org

COURSE GRADING: Grades will be assessed using a variety of methods to include quizzes, CTF-like assignments, exams, discussions, and projects.

GRADE SCALE:

FINAL EXAM: NO

Final project will take the place of a final exam.


I. Module 1: Security Principlesa. Separation (of domains)b. Isolationc. Encapsulationd. Least Privilege e. Simplicity (of design)f. Minimization (of implementation)g. Fail safe defaultsh. Modularityi. Layering j. Open Designk. Usability l. Reduce attack surfaces

II. Module 2: Secure Design Principlesa. Secure Software Lifecycle Phases and Issuesb. Compare and Contrast the Security of Alternative Designs c. Secure Design Patternsd. Design Reviews

III. Module 3: Security and Threat Modeling a. Software Assurance Maturity Modelb. Vulnerability Mapping, Management, and Traceability c. Auditing and Logging d. Audit Trails e. Attack Vectors

IV. Module 4: Security Testing Methodologies a. Software Bugs b. Common Analysis Tools and methods c. Static and Dynamic Analysis Techniques and Fuzzingd. Increase Resiliency

V. Module 5: Security, Privacy, and Usability a. Privacy Policies b. GDPR c. Security in the Cloud and Web d. Smartphone, wearable, and IoT security e. Security for System Data

VI. Module 6: Vulnerability Case Studies a. Building Security in Maturity Model, OWASP SAMM, and SAFECode b. OWASP top 10 application vulnerabilities

i. Injectionii. Broken Authentication

iii. Sensitive Data Exposureiv. Broken Access Controlv. Cross-site scripting

vi. Insecure Deserialization vii. XML External Entities

viii. Security Misconfigurationix. Components with known vulnerabilities x. Insufficient Logging and monitoring

c. Software Security Design Flaws


Course Syllabus

CYB 785: Cyber Physical System Security


PROFESSOR(s): Lotfi ben Othmane

PHONE(s):

E-MAIL(s):


Covers the fundamentals and techniques to design and implement cyber-physical systems. Topics include the architecture of cyber-physical systems, exploiting software vulnerabilities, secure coding, microservices security, cloud services security, reverse engineering, security assessment of cyber-physical systems, and data analytics for security.

COURSE CREDITS: 3


● Competency 1: Design, develop, test, and evaluate secure softwareo Program Outcome 1: Implement best practices in secure software developmento Program Outcome 2: Implement effective cryptographic systems and assess their

vulnerabilitieso Program Outcome 3: Assess security implications for emerging software

technologies


● Analyze the threats of cyber-physical systems

● Understand security flows for cyber-physical systems

● Develop secure code for cyber-physical systems

● Develop security features for cyber-physical systems

● Assess the security of cyber-physical systems

INTERNAL PREREQUISITES: CYB 775: Applied Cryptography


COURSE GRADING: Grades will be assessed using a variety of methods to include quizzes,labs, assignments and exams.


FINAL EXAM: YES


I. Risk analysisa. Software vulnerabilities b. Threat modelingc. Risk assessmentd. Security requirements

II. Security architecturea. Overview of software architectureb. Microservice securityc. Cloud services securityd. Principles of designing secure software

III. Implementing security featuresa. Overview of security featuresb. Use of cryptographic algorithms for security featuresc. Testing security features

IV. Secure codinga. Overview of secure codingb. Common secure coding practices for language Cc. Common secure coding practices for language Java

V. Reverse engineeringa. Review of assembly languageb. Overview of reverse engineering

c. Identification of Common flaws from code

VI. Security assessment a. Overview of security assuranceb. Penetration testingc. Static code analysisd. Dynamic code analysis

VII. Data analytics for security a. Data collection from cyber-physical systemb. Overview of common analytics methodsc. Attack detection using data analytics


Course Syllabus

CYB 789: Cybersecurity Pre Capstone


PROFESSOR: Jonathan Totushek

PHONE: (715) 394-8066


COURSE DESCRIPTION:

Prepares student for capstone experience. Drawing on skills learned, students will submit a written project proposal - with organization, timeline, learning objectives, and specific deliverables identified – for faculty approval. This course is a pre-requisite for the capstone course.

COURSE CREDITS: 1





● Demonstrate competency in defining project milestones and creating project plans.

● Define deliverables and communicate with key stakeholders to refine project goals.

● Engage in quantitative and qualitative research methodologies to support analysis, design, and planning.

INTERNAL PREREQUISITES: Completion of core courses.

TEXTS/LEARNING RESOURCES: Varies, dependent on the project.

COURSE GRADING: Grades will be assessed using a variety of methods to include

● Bi-weekly progress reports 30%

● Project Plano Draft 1 15%o Draft 2 15%o Final Draft 30%

● Active Participation 10%

GRADE SCALE:

A: 100 - 93% A-: 93 – 90% B+: 90 – 87%

B: 87 – 83% B-: 83 – 80% C+: 80 – 77%

C: 77 – 73% C-: 73 – 70% F: < 70%

FINAL EXAM: NO

Written project plan will take the place of the final exam.


I. Components of a Project Plana. Survey of current statusb. Needs analysisc. Project proposals (with time and cost estimates)d. Post deployment plan

II. Communicating with Stakeholdersa. Establishing a common lexicon with clientb. Negotiating scope

III. Writing the Project Plana. Audienceb. Level of detailc. Flexibility vs specificity


Course Syllabus

CYB 790: Cybersecurity Capstone


PROFESSOR: Jonathan Totushek

PHONE: (715) 394-8066


COURSE DESCRIPTION:

Students present project identified in Capstone Preparation and submit a written report plus oral presentation to both faculty and host organization. Students will be assessed on clarity and content of written report and presentation.

COURSE CREDITS: 3





● Practice interpersonal skills working in security environments

● Demonstrate application of research as outlined in the project plan

● Asses the effectiveness of project implementation

● Demonstrate mastery of skills and concepts in prior coursework

INTERNAL PREREQUISITES: CYB 789

TEXTS/LEARNING RESOURCES: Varies, dependent on the topic.

COURSE GRADING: Grades will be assessed using a variety of methods to include: communication with client(s), rough draft(s), final presentation, and the final report. The grade will be determined using the following:

● Effective communication with the client 10%

● Rough Draft(s) 20%

● Final Presentation (including live demo) 30%

● Final Report 40%

GRADE SCALE:

A: 100 - 93% A-: 93 – 90% B+: 90 – 87%

B: 87 – 83% B-: 83 – 80% C+: 80 – 77%

C: 77 – 73% C-: 73 – 70% F: < 70%

FINAL EXAM: NO

Final Project will take the place of a final exam.


I. Begin Projecta. Review project proposal and timelineb. Initial meeting with client

II. Project Developmenta. Continued communication with client (as needed)b. Status updates

III. Final Projecta. Final presentationb. Q & A with instructor and client(s)