Master of Science in Cyber Security Operations and Leadership

The Master of Science in Cyber Security Operations and Leadership program (and elements of cyber security as a whole) presents the learner with tremendous ability to mitigate threats, but also with knowledge that could be utilized to cause damage to a system. Therefore, in every course there is continuous teaching and application of generally accepted ethical conduct in the field, the University, and society. There are nuances in the cyber security domain that could be reasoned, and for this purpose, it is essential that each course provides a constant thread of ethical logic that develops student judgment, conduct, and decision making consistent with the best practices in the field and the highest moral standing. Every course developed has this learning outcome: Gain an understanding of professional and ethical responsibility.

The program course design includes 37.5 hours of core instructional time for each three-unit course. Additional homework, research, and study time will be required. Students are advised to spend 15-18 hours per week in each course in order to be successful.

There is a total of eleven courses in the Master of Science in Cyber Security Operations and Leadership program, with ten 3-unit courses and a 1-unit integrative Capstone course.

CSOL 101New Student Orientation0
CSOL 500Foundations of Cyber Security3
CSOL 510Applied Cryptography3
CSOL 520Secure Systems Architecture3
CSOL 530Cyber Security Risk Management3
CSOL 540Cyber Security Operational Policy3
CSOL 550Management and Cyber Security3
CSOL 560Secure Software Design and Development3
CSOL 570Network Visualization and Vulnerability Detection3
CSOL 580Cyber Intelligence3
CSOL 590Cyber Incident Response and Computer Network Forensics3
CSOL 599Capstone1

Courses

CSOL 500 | FOUNDATIONS OF CYBER SECURITY

Units: 3 Repeatability: No

This course will provide an overview and fundamental understanding to the concepts essential to the cyber security professional. Students will understand how to categorize and value organizational assets, and how to mitigate risk to these resources. Within this context, students will be introduced to various types of security policies, understand how security controls must follow the policy, and the application of security controls to enforce policy. We will explore how cyber security policy can be enforced in the operating system, in software development, in networks, and through various mechanisms such as cryptography. Student will engage with the concept incident response, and the process of handling a breach including investigation and forensics. Finally, students will learn the roles leaders can play in enhancing, supporting, and promoting cyber security in organizations. It is vitally important for students to have both a conceptual understanding of cyber security and applied practice. Therefore, this course will have a significant hands-on element that will introduce students to a plethora of cyber security tools and allow them to immerse themselves in cyber security operations. We will explore basic cyber security scripting utilizing Python; threat analysis; vulnerability assessment; traffic analysis, encryption; penetration testing; and several other topics.

CSOL 510 | APPLIED CRYPTOGRAPHY

Units: 3 Repeatability: No

This course will provide in introduction to modern applied cryptographic theory and practice, and how cryptography is used to support information security missions. It will be based upon open literature discussions that are most similar or applicable to advanced multi-level security systems and military grade defenses.

CSOL 520 | SECURE SYSTEMS ARCHITECTURE

Units: 3 Repeatability: No

This course will introduce the student to the importance of security architecture design in enterprise security. Security architecture frameworks will then be used to explore and develop information system security architectures. Students will be presented with a structured approach to the steps and processes involved in developing security architectures. Also considered will be how major organizational issues likely to be encountered can be resolved.

CSOL 530 | CYBER SECURITY RISK MANAGEMENT

Units: 3 Repeatability: No

This course is an introduction to risk management as the principles and practices pertain to the cyber domain. Topics include an overview of traditional risk management processes, requirements, objectives and tools. The course also covers the NIST-driven Risk Management Framework (RMF) – the current US national guidance on Cyber Security standards and practices – and will include overviews of DITSCAP/DIACAP as background reference to previous government/defense efforts in Cyber Certification and Accreditation and their influence on current cyber security practices.

CSOL 540 | CYBER SECURITY OPERATIONAL POLICY

Units: 3 Repeatability: No

This course will provide an understanding of the concept of policy in information security. Students will explore the types of policy that are part of an overall security strategy, from policy that determine rules and best practices, to those which drive computer security, including discretionary access control, mandatory access control, and role-based access control types of policies, and how these are used in organizations. Through this course, students will understand the basic elements of policy construction.

CSOL 550 | MANAGEMENT AND CYBER SECURITY

Units: 3 Repeatability: No

The course will be taught around a set of established engineering, economic and management processes and practices to fill a gap in planning for improved cyber security within organizations. Students will understand the role of management and leadership in mitigating threat and achieving organizational goals in information protection. The course will provide an overview of audit, compliance, and regulation, and how cyber can affect the legal responsibility and liability for business. It will demonstrate how to construct effective continuity and disaster recovery plans, as well as exploring acquisition and procurement of technology with security in mind. Students will understand economic factors surrounding cyber security, as well as how to build effective teams and lead in contested cyber environments.

CSOL 560 | SECURE SOFTWARE DESIGN AND DEVELOPMENT

Units: 3 Repeatability: No

This course will provide an in-depth study of the principals and tenets of the design and development process of secure software used to provide enhanced cyber security. It will review the traditional models of software development, with the idea that a developer or project manager must strategize for security before starting development. Students will understand how to gather and plan for security requirements in development. The course will explore how vulnerabilities can be mapped and planned for. Students will understand how to run an effective development process, culminating with implementation, and how to review and test software. Finally, the course will introduce the concept of software assurance and its role in the cyber security paradigm.

CSOL 570 | NETWORK VISUALIZATION AND VULNERABILITY DETECTION

Units: 3 Repeatability: No

The course will introduce the concept and principles of network security. It will provide a conceptual construct of how to think about securing networks, how to translate this into basic architectural design, and then a survey of some component level considerations. It will then move into deeper investigation of specific topics in network security, including: network visualization, network analysis, perimeter defense strategies, network monitoring, vulnerability detection, and security in mobile and wireless environments. Within this context, students will understand how to apply the various pieces/topics into a cohesive network security strategy.

CSOL 580 | CYBER INTELLIGENCE

Units: 3 Repeatability: No

This course will present and discuss how information superiority and information dominance is key to influencing operations associated with establishing and maintaining cyber security. Topics include overview of current and historical intelligence efforts and how those processes in various domains (human, electronic, digital) apply to cyber operations and security. Course specifically includes exploitation of “big data” and multi-format information collections (text, video, structured/unstructured) to support cyber situation awareness. It will feature discussions of modern versus classic data collection methods and Intelligence examples from current events.

CSOL 590 | CYBER INCIDENT RESPONSE AND COMPUTER NETWORK FORENSICS

Units: 3 Repeatability: No

This course will introduce the principles and general practice of incident response, including an overview to digital and network forensics. It will define what constitutes an incident, what is meant by incident response, the attack lifecycle, and goals of incident response. The course will discuss building an incident response team, the steps in the process, and preparing for incident response. Students will understand the process of detecting and characterizing an incident, collecting and analyzing data, and the process of remediation. The course will then provide a deeper dive into the practice digital forensics, specifically focusing on computer, mobile, network, and database forensics. It will outline the investigative and analysis process, survey tools, digital evidence, and briefly touch on the law.

CSOL 599 | CAPSTONE

Units: 1 Repeatability: No

This course will be given at the end of the MS Cyber Security Operations and Leadership degree to bring the entire body of knowledge in cyber security into greater focus. Students will be given parts of a complete set of functional and design documentation for an enterprise-wide system. They will be asked over the course of the semester to perform an increasingly thorough security analysis of the system to identify security shortcomings and develop a detailed remediation plan. The analysis and plan must contain such features as a threat analysis, risk assessment, policy review, detailed security requirements, identification of mechanisms to satisfy the requirements, and a description of methods for assessing the effectiveness of the mechanisms.