CIT 251 Computer Security Overview
A broad overview of Information Assurance in two parts: lecture/discussion related to information security basics, and a laboratory component in which students learn technology-related security. Course materials include topics such as types of attacks, hacker techniques, legal and privacy issues, security policy, information security best practices, and more. Students also learn security technologies related to three areas: operating systems, networks, and web and e-commerce. The course includes significant laboratory time, during which students experiment with various practical computer security tools.
CIT 352 Network and Internet Security
A practical approach to network security applications and standards that provides an in-depth understanding of current network security principles, features, protocols, and implementations. The course includes a detailed discussion on designing and maintaining a computer network from a security point of view. The emphasis is on applications that are widely used on the Internet and for corporate networks, and on standards, especially Internet standards that have been widely deployed.
CIT 354 Computer Forensics
Learn essential skills necessary to launch and complete a successful computer investigation. This course introduces the necessary steps in conducting a high-tech investigation, from acquiring digital evidence to reporting its findings. Students will learn about how to set up a forensics lab, how to acquire the proper and necessary tools, and how to conduct the investigation and subsequent digital analysis. The required textbook features free downloads of the latest forensic software, so students can become familiar with the tools of the trade.
CIT 361 Practical Guide to Computer File Systems Forensics
With much of our personal information now being recorded digitally, the field of computer forensics has grown exponentially. This course will provide students with a strong foundation in the principles of computer forensics. Learn how the field has evolved over time and why digital investigations have become more pervasive. Develop the keen understanding of file systems, including operating systems and registries, that is vital to understanding the evidence that a suspect leaves behind. The ultimate objective is to use digital evidence to prove control, ownership and intent to successfully prosecute a case. Gain practical experience with professional digital imaging tools, like Helix, X-Ways and FTK, as well as forensic imaging techniques for both Windows Personal Computers and Apple Macintosh machines.
CIT 363 Computer Forensics, Cyberlaw and Evidence Admissibility
Every computer forensics examiner must understand the interactions of people with hardware and software. Additionally, knowledge of the law is imperative to the successful conviction of a criminal. This course will detail the legal aspects of computer forensics investigations and evidence admissibility. Students will gain an understanding of the legal documentation required for gaining access to a suspect’s information, such as letters of preservations and warrants. Also included will be evidence custody and chain of custody forms. Finally, students will experience the intricacies of investigative report writing. A series of case studies will be incorporated into the course to explore reasons why some computer forensics investigations have been highly successful, and the pitfalls that caused others to fail.
CIT 365 Mobile Device Forensics
Computer forensics investigators no longer simply rely on traditional computers as sources of evidence. Incriminating evidence can be found on cell phones, smartphones, PDAs, cameras and even game systems. This course will introduce students to mobile forensic file systems. Students will learn methods of evidence extraction from the mobile devices and how these devices should be handled and analyzed. Lab sessions will allow students with hands-on analysis of phones, flash memory and SIM cards. Students will also learn about recovering deleted SMS text messages, call logs, etc. An introduction to CDMA and GSM networks will also be provided. This practical experience will be supplemented with exposure to the use of digital images and video investigations. Students will learn how to find photo metadata, identify whether images have been edited, reconstruct damaged image files and subsequently use these files as admissible evidence.
CS 331/CS 631S Security in Computing
Security in Computing investigates the perpetration of damages and theft using computers, and strategies for protection. The focus is on software that harms or steals from others, and schemes and mechanisms that are used for defense. Topics include viruses, cryptography, network security, protection in operating systems, database security, and intellectual property issues.
CS 397Q Securing and Managing Networks and Information Systems
Explore the technical and business concepts necessary to support and defend the network infrastructure and the business information systems within an organization. Students who complete this course will be able to develop an understanding of security threats and vulnerabilities on different platforms, and will learn to respond to and recover from security incidents. The course will emphasize collaborative learning through discussions with instructors and peers, self-learning through readings and research, and experiential learning through lab assignments. The course curriculum is mapped to the Collegiate Cyber Defense Competition (CCDC) model (http://www.nationalccdc.org). Students will be encouraged to participate in such competitions.
IT 603 Overview of Information Security
A broad introduction to information security, including aspects of computer networking, the OSI network reference model, TCP/IP, and web architecture. Students will also receive an overview of operating system (both Windows and Linux) security, network security, web security, social engineering, and legal and ethical issues.
IT 612 Web Server Setup, Configuration and Security Issues
This course provides a thorough introduction to the architecture of a web server. Students will learn how to set up a web server, configure it and understand the security issues. Conduct hands-on work either in the department labs or on your own personal web server. Topics include functions of a web server; planning a server; configuring for CGI; and servlets, log files, and server maintenance. Security issues will be discussed with a focus on encryption, Secure Socket Layer (SSL), firewalls, and secure online transactions.
IT 628 The Linux Environment and Security
Linux is the fastest growing operating system today. This course starts with an overview of the structure of the Unix/Linux operating system and Unix/Linux commands. Topics include installation of Linux, working with file systems, Linux shells, file permissions, simple administration, and basic security issues. Introduction to an open source programming such as Perl or PHP. Students will be writing several practical applications using this programming language.
IT 660 Network Security
This course covers the most important issues and topics within computer and network security. Topics include encryption techniques, (DES, AES, Contemporary Symmetric Ciphers, Public Key Cryptography and RSA), message authentication and hash functions, digital signatures and authentication protocols, IP security (IPsec), SNMP vulnerabilities, e-mail security, secure socket layer (SSL) and transport layer security, web security, intruders, malicious software, and firewalls.
IT 662 Web and Internet Security
IT 664 Computer and Internet Forensics
A general overview of the theory and application of information warfare and forensic computing. The background information on information warfare highlights the inherent problems in today's computing environment and emphasizes the necessity of forensics to complement computer security. The course focuses on information warfare arsenal and tactics, defensive strategies, and causalities; network surveillance tools for information warfare; fundamentals of computer forensics; computer forensics services and technologies; search and seizure; data recovery and identification; digital evidence collection, duplication, and preservation; computer image verification and authentication; reconstruction of past events; legal issues; and advanced topics in forensics.
IT 666 Information Security Management
This course discusses information security from organizational and managerial perspectives. For an organization, information security is a continuous management process. Security technology alone cannot facilitate this process without security professionals being aware of the tradeoffs and various policy issues embedded in this process. This course will provide students with a background in managing information security in organizations. Topics include risk identification and assessment, security policy and planning, personnel and security, privacy, security auditing, and legal issues.
IT 668 Building Secure Software I
This course is intended to provide students with an introduction to expert perspectives and techniques that will help them to ensure the security of essential software. Students will learn how to consider threats and vulnerabilities early in the development cycle so that they can learn how to build security into their software systems. Discover how to determine an acceptable level of risk, how to develop security test, and how to plug security holes before software is even shipped.
IT 669 Building Secure Software II
This course is a continuation of . Some of the topics that have been introduced in will be revisited. In addition, students will learn how to padlock their applications throughout the entire development process - from designing secure applications to writing robust code that can withstand repeated attacks and testing applications for security flaws. Learn the process and techniques of writing secure code, effective authentication and authorization techniques, the most common web application vulnerabilities (and how to avoid them!), secure user management systems, and data validation strategies. Students will have access to information about threat modeling, designing a security process, international issues, file-system issues, adding privacy to applications, and performing security code reviews. They will also learn about buffer overruns, and Microsoft .NET security. Students will be provided with easy-to-reference, practical checklists for secure software development.
IT 770 Mobile Forensics Investigation
The field of mobile forensics has expanded over the past few years as a growing volume of our lives are captured on smartphones and other mobile devices. This course provides an overview of cellular networks and the various devices that operate on these networks. Moreover, an in-depth analysis of the file systems and operating systems, including the iOS and Android platforms will be explained. Students will have the opportunity to use professional mobile forensic tools to examine mobile phones, SIM cards, media cards, and synced data on paired computers in a forensic manner. The course will introduce students to professional investigative techniques, legal procedures, and reporting standards necessary to build a successful case. Other topics in the course will include investigations involving tablet computers, digital cameras, multimedia players and Global Positioning System (GPS) electronics.
IS 641 Information Security and Controls
This course provides an in-depth overview of the security and privacy issues associated with information systems, security management goals, prevention, recovery, avoidance, security policy, data integrity, operational controls, risk management, and risk avoidance. Students will learn about identification and authorization techniques, passwords, authorization matrix, access controls, encryption, key systems, Data Encryption Standards (DES), key management, public keys, statistical databases, and computer crime.
IS 642 Information Security Planning and Policy: NIST Standards
The United States government requires all federal systems to have a customized security plan. In addition, the National Training Standard for Information Systems Security (INFOSEC) Professionals requires programs that meet this standard to produce students capable of developing a security plan. This course provides an introduction to security planning as recommended by NIST guidelines on developing security plans. The student is required to conduct a case study where a security plan is developed for a fictitious or real small size organization. The purpose of this course is to provide an overview of the security requirements on existing computing environment and describe the controls in place or planned for meeting those requirements. The security plan presents all managerial, operational, and technical controls an organization will need in the next three years. The purpose, scope, and content of a security plan are covered in the first week of lecture. Several outlines for a security plan are shown from the following sources: OMB Circular A-130 (2), NIST Special Publication 800-18 (1), and Director of Central Intelligence (DCID) 6/3.
IS 647 Legal Issues in Information Systems
This course will introduce the student to the legal environment of business with primary focus on legal issues affecting information systems. Among the topics to be covered are an introduction to the American legal system; jurisdiction; constitutional law; the law of crimes, such as pertaining to destruction of data and unlawful appropriation; computer torts, including defamation and invasion of privacy; securities, antitrust and taxation issues; and intellectual property issues relating to computer and Internet technology.
IS 648 Cyber and Professional Ethics
The pervasiveness of computers, technology, and the web have made it imperative that we be aware of and understand the ethical and legal implications of these forces on our personal and professional lives. Through readings, discussions and case studies, this course examines the ethical and legal issues involved in computing by investigating topics like free speech, privacy, intellectual property on the Internet, cyber-crimes, employer/employee issues, and professional codes of ethics.
CS 653 Cryptography and Computer Security
This course covers the most important issues and topics in cryptography and computer security. Topics include: Mathematics of Cryptography, Traditional Symmetric-Key Ciphers, Modern Symmetric-Key Ciphers, DES, AES, Asymmetric-Key Cryptography. RSA, Rabin, ElGamal and Elliptic Curve Cryptosystems, Message Integrity and Message Authentication, Cryptographic Hash Functions, Digital Signature, Entity Authentication and Key Management.
CS 654 Security in Computer Networking
This course focuses on the most important issues and topics in network security. In network security, a good balance between theory and practice is sought. The course covers attacks and threats in computer networks, including network mapping, port scanning, sniffing. DoS, DDoS, reflection attacks, attacks in DNS and leveraging P2P deployments for attacks, operational security, including firewalls and intrusion-detection systems. It also takes a layered approach to network security, covering topics such as Security at the Application Layer, PGP and S/MIME, security at the Transport layer, SSL and TLS, Security at the Network Layer, and IPSec. Students will use software tools to participate in an important simulated lab component that includes packet sniffing, network mapping, firewalls, SSL and IPsec.
Other Courses with an IA component:
- CIT 396B Advanced Information Technology for Accounting Applications
- ACC 060B CPA Review - Auditing and Attestation
- ACC 375 Accounting Information Systems
- ACC 470 Accounting Research Project