We Bring Our University To You

In this course, students will be introduced to the eight domains of the (ISC) 2 Common Body of Knowledge (CBK) in information security. These domains will be used as a framework to analyze critically security awareness issues and to evaluate best practices in implementing security systems within the enterprise.

In this course, students examine common attack methods, technologies, and countermeasures. Students also gain skills needed to recognize various stages and methods of attack on the enterprise.

In this course, students analyze the principles of change management as they apply to the requirements and regulations of information security. Students evaluate the factors that affect corporate decision-making when implementing security programs and the ability of the manager to translate corporate needs into information security projects.

This course provides students with an overview of risk management principles. Methods to identify, quantify, and qualify internal and external risks to the organization are examined. Students apply these principles and methods to the current business and risk environment.

In this course, students utilize PMI’s Project Management Body of Knowledge (PMBOK) as a framework to apply project management concepts in the information security arena. Each student develops a project plan for a security assessment, which incorporates the technical and behavioral characteristics of high-performance teams.

In this integrative course, students’ asses the information security risk associated with an identified management problem. Students then develop a risk mitigation strategy which integrates principles and techniques of risk analysis, project planning and change management.

In this course, students transform high-level policies and procedures into quantifiable and measurable controls and mechanisms that enforce data and process integrity, availability and confidentiality.

In this course, students examine the role of security policies, standards, and procedures in addressing business and technical risks and develop a security governance report to evaluate compliance across the enterprise.

This course provides students with the expertise and skills in development of information assurance policies and deployment plans as part of the comprehensive strategic plan and operational objectives of the enterprise.

In this course, students evaluate the procedures and results of risk analysis, as well as the compliance processes that address the regulatory requirements, which drive the need for risk analysis within the enterprise. Security-related regulations such as SOX, GLBA, FISMA, and HIPAA are examined.

In this course, students analyze an enterprise-wide view of information systems and the establishment of appropriate, cost-effective information protection programs. Within this context, students examine a set of standard policies, procedures, activities and a management structure to certify and accredit information systems for the protection of the data as well as the systems.

(Prereq. MSC560) In this course, students will explore how laws, ethics, and technology interact within an organization. Students will develop an understanding and awareness into issues that arise from privacy, silence, access control, and policy development and enforcement, as well as other legal and ethical dilemmas that reside within organizations.

(Prereq. MSC620) The purpose of this course is to help prepare students for a successful career in public practice, industry or government by understanding how to manage, use and participate in the design of information systems. The course will also help students learn how to assess and consider the impact of IT governance, risk and compliance on accounting functions, focusing on how IT affects business processes and controls. This course serves as a preparation course for the Certified Information Systems Manager (CISM) exam certification.

In this course, students will be introduced to the eight domains of the (ISC)2 Common Body of Knowledge (CBK) in secure software development. These domains will be used as a framework to critically analyze information security and assurance awareness issues in software development and to evaluate best practices in implementing security and assurance concepts systems in the Software Development Lifecycle.

(Prereq. MSC640) This course analyzes the principles and techniques associated with the cybersecurity practice known as penetration testing. The course covers planning, reconnaissance, scanning, exploitation, post-exploitation, and result reporting and prepares students for the Licensed Penetration Tester (LPT) and Certified Ethical Hacker (CEH) certifications.

This course uses the 9 domains of the CCFE as the foundation to educate students in the field of Computer Forensics and to provide the necessary skills to the student so they can be an effective Computer Forensics Investigator. The skills learned in the course will include practical skills for handson computer forensics investigations as well as preparation skills for legal examination and chain-ofcustody delivery under the Federal Rules of Civil Procedure. Additionally, the student will learn detailed techniques for examining digital evidence from computer equipment to mobile phones and any device that deals with a microprocessor.

In this course, students will explore how contingency planning is an important element of information security. This course will provide insight into an overall strategic plan for information security, including risk management processes to guide the appropriate managerial and technical controls.