2020-2021 Catalog and Student Handbook 
    
    Apr 20, 2024  
HELP
2020-2021 Catalog and Student Handbook [ARCHIVED CATALOG]

Course Descriptions

The following course descriptions are intended to briefly describe the nature of each of the courses. For more complete information, departments or faculty can provide specific course syllabuses.

In addition to these hours, students are expected to complete homework assignments on their own time. These assignments may include library research, computer utilization, field trips, cultural performances, and other instructional activities.
 

Cyber Security
  

  • CSEC 101B - Incident Handling & Response

    Credits: 3
    Description
    Students learn to design and manage key business information security functions including incident handling, response plans, incident response teams, disaster recovery plans, and discuss business continuity plans. Reporting, response planning and budgeting are all addressed. Students prepare an incident response, disaster recovery, or business continuity plan for a real-world organization such as a business or a government body or agency. CSEC 105B  taken concurrently is suggested.

    Student Learning Outcomes
    1. Examine the placement of security functions in a system and express the strengths and weaknesses.
    2. Develop contingency plans for various size organizations to include business continuity, disaster recovery, and incident response.
    3. Design system specific plans for the protection of intellectual property, the implementation of access controls, and patch/change management.
    4. Generate formal security policy models to real world scenarios.
    Prerequisite: ENG 100  or ENG 101  or ENG 107  or ENG 113  with a grade of C- or better
  

  • CSEC 104B - Security Essentials

    Credits: 3
    Description
    Learn to build a security roadmap that can scale today and into the future. Focus on the essential information security skills and techniques needed to protect and secure an organization’s critical information assets and business systems. Discuss prevention of an organization’s common security problems.

    Student Learning Outcomes
    1. Develop effective security metrics that create a focused playbook that IT can implement, auditors can validate, and executives can understand.
    2. Analyze the risk to environment in order to drive the creation of a security roadmap that focuses on the right areas of security.
    3. Examine practical tips and techniques to focus on high-priority security problems within an organization and on doing the right things that will lead to effective security solutions.
    4. Combine the core areas of security to create a security program that is anchored on PREVENT-DETECT-RESPOND.
    Prerequisite: CIT 112B  or Instructor approval
  

  • CSEC 105B - Introduction to Technical Ethics

    Credits: 3
    Description
    This course deals with ethical issues associated with the design, use, and propagation of technology. At virtually all stages of development and use, any technology can carry with it ethical dilemmas for both creators and users. Of interest is how such dilemmas are resolved (or complicated) according to how effectively they are communicated to stakeholders. Write reports, instructions, summaries, and e-mails; develop audience awareness skills; develop skills in document layout and design, and collaborate in a group project.

    Student Learning Outcomes
    1. Develop a sense of how purposes, audiences, situations, technologies, and methods affect writers’ and users’ perceptions of written documents.
    2. Demonstrate theories of document design (e.g. format, layout, graphics) in course projects.
    3. Demonstrate the recursive nature of writing process in terms of researching, drafting, reviewing/testing, editing, and revising.
    4. Discuss moral problems within Intellectual property, privacy and computer software.
    5. Discuss moral problems within Information Technology within the e-work place.
    Prerequisite: ENG 100  or ENG 101  or ENG 107  or ENG 113  with a grade of C- or better
  

  • CSEC 125B - Policy, Legal, & Compliance

    Credits: 3
    Description
    This course covers the laws governing business, contracts, fraud, crime, IT security, IT liability, IT policy, and ethics — all with a focus on electronically stored and transmitted records. Also covers how investigators prepare credible, defensible reports, whether for cyber, forensics, incident response, human resources, or other investigations. This course provides training and continuing education for many compliance programs such as GLBA, HIPAA, FISMA, and PCI-DSS.

    Student Learning Outcomes
    1. Determine the applicable laws and policies related to cyber defense of an organization.
    2. Explore the responsibilities related to the handling of information about vulnerabilities.
    3. Evaluate how the type of legal dispute (civil, criminal, private) affects the evidence used to resolve it.
    4. Explore the applicable laws for compliance in a given situation.
    5. Assess what the laws mandate and where they apply.
    6. Conduct audits to determine compliance with laws.
    7. Appraise the impact of legal/regulatory standards on a given system.
    Corequisite: CSEC 101B  
  

  • CSEC 131B - Operations & Physical Security

    Credits: 3
    Description
    This course introduces the basics of network/physical security. Computer network vulnerabilities and threats are introduced. This course exposes the student to network security planning, security technology, security organization, and monitoring. Familiarizes the student with physical security controls for a typical Information Technology (IT) infrastructure. Examines the need for physical security, types of physical security (physical barriers and site hardening; physical entry and access controls; security lighting; intrusion detection systems; video surveillance; security personnel), and physical security policies and procedures, as well as, physical security concerns such as access control systems, alarm systems, and environmental control systems.

    Student Learning Outcomes
    1. Evaluate position security components within a network and physical architecture to assemble a layered defense.
    2. Detect various types of malicious and unauthorized devices (rogue wireless access points) on a network.
    3. Demonstrate the ability to configure IDS/IPS systems to reduce false positives and false negatives.
    4. Examine a physically specific architecture and evaluate potential vulnerabilities.
    5. Design a physically secure architecture for a given scenario.
    6. Review various control schemes and physical security components and their differences.
    7. Summarize the ability to understand, evaluate, and incorporate physical security functionality.
    Prerequisite: CSEC 101B  with a grade of C or better; or Instructor approval
  

  • CSEC 225B - Governance & Risk Management

    Credits: 3
    Description
    Topics include fully aligning IT to business strategies and direction, identifying and controlling key risks, and demonstrating legislative and regulatory compliance. Also provides students with sufficient understanding of risk assessment models, methodologies, and processes such that they can perform a risk assessment of a particular system and recommend mitigations to identified risks.

    Student Learning Outcomes
    1. Develop formal security policy models to real world scenarios.
    2. Express the impact of legal/regulatory standards on a given system.
    3. Compare how standards, such as the Orange Book, may be applied to the requirements for a sub-contractor or customer.
    4. Determine how risk relates to a system security policy.
    5. Formulate various risk analysis methodologies.
    6. Evaluate risk 1) with respect to technology; 2) with respect to individuals; and 3) in the enterprise; and recommend appropriate responses.
    7. Compare the advantages and disadvantages of various risk assessment methodologies
    8. Construct the optimal methodology based on needs, advantages, and disadvantages.
    Prerequisite: CSEC 101B  with a grade of C or better; or Instructor approval
  

  • CSEC 226B - Compliance

    Credits: 3
    Description
    Introduces the student to Information Systems Security Compliance. Topics include what security compliance is, how to assess security controls (physical, procedural, and technical), and methods to remediate security gaps discovered during the security assessment using Control Objectives for Information and related Technology (COBIT), and International Standards Organization/International Electro Technical Commission (ISO/IEC 27000) as the control frameworks. Discussions conducted on compliance areas include Health Insurance Portability and Accountability Act (HIPAA), Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), Federal Information Security Management Act of 2002 (FISMA), Payment Card Industry Data Security Standard (PCI-DSS), Family Educational Rights and Privacy Act (FERPA), Children’s Online Privacy Protection Act (COPPA), and Children’s Internet Protection Act (CIPA).

    Student Learning Outcomes
    1. Produce formal security policy models to real world scenarios.
    2. Specify the applicable laws for compliance in a given situation.
    3. Determine what the laws mandate and where they apply.
    4. Perform audits to determine compliance with laws.
    Prerequisite: CSEC 125B  with a grade of C or better; or Instructor approval
  

  • CSEC 231B - Access Control

    Credits: 3
    Description
    Explores the concept of controlling access to information systems and applications. Topics include authorization; authentication; accounting for end-users, network devices, system, and administrators; and security controls for access control including tokens and public key infrastructures (PKIs).

    Student Learning Outcomes
    1. Perform basic procedures such as probing, measuring, and data collection to assess functionality and to affect modifications.
    2. Express how systems are initialized, how software is loaded, and how software and hardware collaborate.
    3. Determine the role of intermediate software such as hardware abstraction layers or other forms of middleware.
    4. Evaluate the DoD system certification and accreditation processes.
    5. Compare the differences between certifications and accreditations.
    Prerequisite: CIT 173  or CIT 174  or CIT 212  or CIT 213  or CIT 214  or CIT 215  with a grade of C or better; or Instructor approval
  

  • CSEC 241B - Cryptography

    Credits: 3
    Description
    Introduces students to concepts of cryptographic systems and how to correctly use them in real-world applications. This course features a rigorous introduction to modern cryptography with an emphasis on the fundamental cryptographic primitives of public-key encryption, digital signatures, pseudo-random number generation, and basic protocols and their computational complexity requirements.

    Student Learning Outcomes
    1. Specify the elements of a cryptographic system.
    2. Compare the differences between symmetric and asymmetric algorithms.
    3. Determine which cryptographic protocols, tools, and techniques are appropriate for a given situation.
    4. Evaluate how cryptography can be used to identify strengths and weaknesses, modes, and issues.
    5. Differentiate how various cryptographic algorithms and protocols work.
    6. Evaluate security mechanisms based on cryptography.
    7. Summarize the application of cryptography in SSL, virtual private networks, secure storage, and other security applications.
    Prerequisite: MATH 124  or above with a grade of C or better; or Instructor approval
  

  • CSEC 245B - Device Hardening

    Credits: 3
    Description
    Provides the student access to tools and techniques to control, mitigate potential attacks, and provide confidentiality of personal and corporate data even on end-user owned devices. Covers the skills to track corporate property, and perform security and policy audits on devices owned by either the organization or by an individual without harm to the device.

    Student Learning Outcomes
    1. Perform basic procedures such as probing, measuring, and data collection to evaluate functionality and to affect modifications.
    2. Evaluate their knowledge of network technologies to design and construct a working network.
    3. Compare and contrast local resource requirements, local control, and network access.
    4. Express the steps necessary for hardening a given OS with respect to various applications.
    5. Demonstrate securely installing a given OS, remove or shut down unnecessary components and services, close unnecessary ports, and ensure that all patches and updates are applied.
    Prerequisite: CIT 274B  or CSEC 281B  with a grade of C or better; or Instructor approval
  

  • CSEC 271B - Security Programming & Scripts

    Credits: 3
    Description
    An in-depth study of the processes, standards, and regulations associated with secure software scripting. Plan, manage, document, and communicate all phases of a secure software development cycle. Topics include security requirements, secure software life development cycle, threat modeling, and Security Technical Implementation Guides (STIGs).

    Student Learning Outcomes
    1. Test proficiency in the use of a programming language to decipher complex problems in a secure and robust manner.
    2. Assess proficiency in the use of writing scripts to accomplish certain tasks (e.g., Python, PHP, and Ruby on Rails).
    3. Generate simple and compound conditions within a programming language or similar environment (e.g., scripts, macros, SQL).
    4. Illustrate the ability to design and develop basic programs for modern computing platforms (e.g., PC, cloud, mobile, web).
    5. Evaluate the importance of secure software, and the programming practices and development processes and methodologies that lead to secure software development.
    Prerequisite: IS 115 ; and either CIT 217  or CSEC 104B  all with a grade of C or better; or Instructor approval
  

  • CSEC 281B - Ethical Hacking

    Credits: 3
    Description
    Introduces students to concepts of penetration testing to validate security measures and identify vulnerabilities. Topics include IT security awareness, data confidentiality, data integrity, legislated privacy policies, and individual and institutional liability. Explores methods used by intruders to gain access to computer resources and methods to prevent/reduce vulnerabilities.

    Student Learning Outcomes
    1. Explain basic IT security concepts and models.
    2. Formulate a basic security policy.
    3. Demonstrate basic penetration attacks.
    4. Assess risks and countermeasures.
    5. Explain legal and ethical concerns as they apply to penetration testing.
    Prerequisite: CIT 112B  and CIT 211  with a grade of C or better; or Instructor approval
  

  • CSEC 285B - Evaluate Emerging Technologies

    Credits: 3
    Description
    A survey of emerging and leading technologies in the cybersecurity field. Research, evaluate, and recommend emerging technologies. Determine secure implementation strategies for best-fit business solutions. Topics include evolutionary technology development and adoption in organizations.

    Student Learning Outcomes
    1. Evaluate emerging technologies and their security relevant issues.
    2. Specify the laws that enable U.S. entities the authority to perform cyber operations.
    3. Review the phases of a well-organized cyber operation and determine the goals and objectives of each phase.
    4. Explain specific phases of a cyber operation in network traffic.
    5. Review potential motivations that might prompt an entity to perform a cyber operation.
    Prerequisite: CSEC 105B ; and either CIT 274B  or CSEC 281B  all with a grade of C or better; or Instructor approval
  

  • CSEC 286B - Network Analytics

    Credits: 3
    Description
    Create, analyze, and report network analytics for information security. Conduct network analytics using available tools and accepted methods for analyzing the seven domains of a typical Information Technology (IT) infrastructure. Monitoring, reporting, and escalation are emphasized.

    Student Learning Outcomes
    1. Interpret the packets involved in a simple TCP connection.
    2. Evaluate the various concepts in network defense.
    3. Demonstrate the ability to incorporate network defense measures.
    4. Analyze a trace of packets to detect the establishment of a TCP connection.
    5. Test the use of a network monitor to display packets.
    6. Perform a task with a network monitoring tool (e.g., WireShark).
    7. Perform an operation with network mapping tools (e.g., Nmap).
    8. Perform a task with a network filtering tool (e.g., Snort).
    Prerequisite: CIT 112B  with a grade of C or better; or Instructor approval
  

  • CSEC 287B - Security Analysis

    Credits: 3
    Description
    Conduct a vulnerability analysis upon a network in order to practice or refine the attack methodologies with the hacker tools and techniques to which the student was exposed during the various program courses. Prepare a written report of the security design, attack methodology, tools, and techniques. Focus on testing and the documentation process in order to prepare post-test reports.

    Student Learning Outcomes
    1. Evaluate the importance of each principle of security.
    2. Analyze common security failures and determine specific design principles that have been violated.
    3. Recommend formal security policy models to real world scenarios.
    4. Analyze system components and assess how they will interact in a composed system.
    5. Create post-test written reports.
    6. Perform vulnerability assessments to include all written reports.
    Prerequisite: CIT 274B  or CSEC 281B  with a grade of C or better; or Instructor approval
  

  • CSEC 289B - Malware Analysis

    Credits: 3
    Description
    Covers the tools and methodologies used to perform malware analysis on executables found on Windows systems using a practical, hands-on approach.

    Student Learning Outcomes
    1. Determine the functionality of a program by analyzing disassembly and by watching how it modifies a system and its resources as it runs in a debugger.
    2. Perform a host and network-based indicator extraction from a malicious program.
    3. Assess dynamic analysis and the Windows APIs most often used by malware authors.
    Prerequisite: CIT 217  or CSEC 104B  with a grade of C or better; or Instructor approval
  

  • CSEC 290B - Security Capstone

    Credits: 3
    Description
    A comprehensive project-driven study of network design and security with an emphasis on the integration of knowledge, practical applications, and critical thinking. Topics include advanced concepts in network and security design. This class must be taken in the student’s final semester.

    Student Learning Outcomes
    1. Demonstrate the ability to develop a security program, identify goals, objectives, and metrics.
    2. Demonstrate the ability to effectively manage a security program.
    3. Assess the effectiveness of a security program.
    4. Perform the integration of ISO 27000 series standards to given scenarios.
    5. Summarize the characteristics of malware.
    6. Classify the various forms of malware.
    7. Incorporate tools and techniques for identifying vulnerabilities.
    Prerequisite: Program Director approval
 

Catalog Navigation
  Catalog Home
  me3 Career Exploration Tool from NSHE
  About CSN
  Semester Calendars
  Admissions Information
  Office of Student Accounts and Cashiering Services
  Financial Aid
  Services Offered to Students
  International Student Services
  Limited Entry and Health Sciences Programs
  Transfer Student Information
  Veterans Educational and Transition Services (VETS)
  Schools, Departments and Divisions
  Areas of Study
  Course Descriptions
  Degrees and Certificates (A-Z)
  Academic Degrees By Program
  Apprenticeship Degrees By Program
  Office of eLearning
  Honors Program
  Policies and Procedures
  College Administration and Faculty
  My Portfolio