Bachelor of Science in Computer Security and Forensics The Bachelor of Science in Computer Security and Forensics (BSSF) program prepares students for careers as security specialists and information technology investigators. Students are able to understand and perform investigative activities needed to isolate security incidents and recognize the situation that caused them. Students are also able to recognize risks and develop an effective Risk Management Plan. BSSF students focus on computer networks and their vulnerabilities, with special emphasis on intrusion detection methods and the countermeasures that can be taken to minimize them. In addition, students learn how to work in teams and how to communicate effectively both orally and in writing. Graduates are able to understand network designs and their security implications, intrusion detection methods, legal and ethical aspects of security and forensic activities, encryption, cryptography, investigative tools and methods, vulnerability analysis, and incident handling. An ability to recognize risks within an organization or within a project is part of the program, and graduates will be able to develop an effective Risk Management Plan and develop skills to analysis end-to-end network security in their workplace. There are no elective requirements in the BSSF degree.
Degree Overview
The BSSF degree program includes core technology requirements and general education requirements. The total requirement is 180 quarter credits. It typically takes 120 weeks (2.5 years) to complete the entire bachelor’s program without breaks.
Arts and Sciences Requirements
Bachelor of Science (BS) Degree in Computer Security and Forensics: Core Requirements
Business Communications - BUS220
Credits: 4.5Prerequisites: None
This course prepares the student for communication in the workplace. The student will prepare memorandums, letters, proposals, presentations, newsletters, and flyers. Discussions will focus on information exchange in and outside of the organization. Students presentations will be critiqued on message intended and message received.
Project Management - BUS380
Credits: 4.5Prerequisites: None
This course will allow students to manage a project within their major field of study. Students prepare a project plan that includes details of their project, deliverables, dates when they will be completed, and the associated learning that will be exhibited. Students implement their plan and record weekly status on their progress, issues, decisions, and learning. At the conclusion of the course, students complete their projects and summarize their results in a final report.
Fundamentals of Information Systems - CIS103
Credits: 4.5Prerequisites: None
Students learn to analyze systems and quality concepts and learn how information technology can be used to design, facilitate, and communicate organization goals and objectives. An overview of hardware and software with its relation to information technology is also presented.
Fundamentals of IT Networking - CIS116
Credits: 4.5Prerequisites: None
This course presents the essential elements of IT networking to the student. Topics include planning a network, understanding TCP/IP, setting up a server, understanding wireless concepts, running a mail server, managing user accounts and network storage, solving network problems, and protecting the network.
Hardware and OS Architecture - CIS140
Credits: 4.5Prerequisites: None
This course provides knowledge in preventative maintenance, troubleshooting and repair of expansion buses, multimedia, video, modems, SCSI controllers, laptops, and printers. In addition, this course provides a brief introduction to networking technology, including the components necessary to attach a client to a local area network LAN).
Data Communications - CIS143
Credits: 4.5Prerequisites: CIS140
This course covers the basic concepts of networking technology within Local Area Network (LAN) and Wide Area Network (WAN) environments. Topics include the dominant network topologies (Ethernet, Token Ring, FDDI), network protocols (TCP/IP, SPX/IPX and NetBIOS), cabling systems (coaxial, twisted pair, fiber optic), as well as wireless communication. The course introduces the primary features of internetworking devices (bridges, routers, repeaters, hubs, gateways, and switches) and the OSI software model for computer communication. All topics are related to the historical development of the field.
Linux Operating Systems - CIS162
Credits: 4.5Prerequisites: CIS140
In this course, students will learn how to install and optimize Red Hat Linux, a multi-user and multitasking Unix-like operating system. In particular each student will become familiar with: the Linux file system; shell programming; filters and pipelines; GUI desktop and application environments; and virtual memory. Through a series of laboratory exercises, each student will configure a server for remote access using the standard suite of TCP/IP tools and application packages.
Internetworking Technologies - CIS170
Credits: 4.5Prerequisites: None
This course provides students with an understanding of how the Internet, e-mail, e-learning, and telephony work. It explains network security and how to make a network safe, how traffic gets from here to there. By completion of the course, the student will learn about disaster recovery and other ways to keep a network running, how businesses share data. It covers a broad variety of internetworking topics-from e-mail to VPNs.
Risk Management - CIS175
Credits: 4.5Prerequisites: None
This course provides students with a firm understanding of the theories and principles of software risk management. Topics include identifying large and small risks, analyzing risks, planning around risks, tracking risks, and resolving risks. Students learn to use the Spiral Model of software development with very risky projects and are shown how to develop a risk management plan.
Configuration Management - CIS180
Credits: 4.5Prerequisites: None
This course provides students with a firm understanding of the theories and principles of software configuration management. Topics include the role that configuration management plays in the software life cycle, software and documentation baseline identification and control, configuration control, auditing and accounting. Students learn what information is critical to include in a configuration management plan and practice creating and implementing a usage model based on a simulated software development project. Students are shown how to develop a configuration management plan and are introduced to the source code control system.
Quality Management - CIS185
Credits: 4.5Prerequisites: None
This course provides students with theoretical knowledge about concepts of software quality, about the quality - models, - standards and – methodologies used in software industry. By completion of the course, students will be able to understand software quality in its complexity, to see the differences and interconnections among the most popular software quality models, standards, approaches. They will have a solid basis that enables them to make the right selection among software quality models, based on a software company’s own characteristics.
Fundamentals of IT Security - CIS201
Credits: 4.5Prerequisites: None
This course will prepare students to pass the current CompTIA Security+ 2008 certification exam. After taking this course, students will understand the field of network security and how it relates to other areas of information technology. This course also provides the broad-based knowledge necessary to prepare for further study in specialized security fields, or it can serve as a capstone course that gives a general introduction to the field.
Java Programming - CIS207
Credits: 4.5Prerequisites: None
In this course, the student will gain an understanding of object-oriented programming concepts with specific emphasis on Java. This hands-on training class focuses on applet and application development. Basic constructs are explained with greater detail than in regular programming courses. Students will learn how to create Java applets and applications; enhance a Web site with Java applets; write multithreaded Java applets and applications; develop platform-independent graphical user interfaces. Lab exercises reinforce ideas and concepts learned with Java.
Advanced Data Communications - CIS210
Credits: 4.5Prerequisites: CIS143
In this class the student develops an understanding of the advantages and disadvantages of various communication protocols and datalink subnetworks, including TCP/IP, SNA, SPX/IPX, X.25, frame relay and ATM. Students design and analyze a wide area network infrastructure. This analysis includes congestion, bandwidth versus performance trades, bandwidth versus cost trades, equipment specifications, protocol standards, LAN/WAN integration, and network performance in terms of latency and jitter.
Network Security Infrastructure Design - CIS230
Credits: 4.5Prerequisites: CIS201
Students learn to analyze the business requirements for security and to design security solutions that meet business requirements. The student learns best practices in security including: controlling access to resources, auditing access to resources, authentication, and encryption. Security topics include: audit policy, encryption file system, authentication strategy, security group strategy, public key infrastructure, DNS, SNMP, terminal services, remote access, signing, and IPSec. The student design a security baseline for a Windows 2003 network that includes domain controllers, operations masters, application servers, file and print servers, RAS servers, desktop computers, portable computers, and kiosks.
IT Security Policies & Standards - CIS231
Credits: 4.5Prerequisites: None
This course provides the student with the knowledge of FISMA, NIST, DISA security standards and requirements. It is a new course concentrating on policies to enforce access security, hardening of network devices and servers. This topic is a national requirement for secure networks. It is a new course that we are developing in lights of the experience of implementing a vast range of security measures as mandated by OMB.
Network and Intrusion Forensics - CIS235
Credits: 4.5Prerequisites: CIS201
The student will develop a comprehensive understanding of forensics as it relates to data communication networks and intrusions. Students will learn the relationship between computer security, computer crimes, and forensics. Special emphasis will be placed on computer crimes and forensics in law enforcement and financial accounting practices. Forensic tools will be discussed and used in lab sections.
Forensics Tools and Technology - CIS244
Credits: 4.5Prerequisites: None
This course provides the student with an understanding of what industry tools and technologies are available for analyzing computer problems. Topics include incident response tools, NFR security, analysis of both Windows and UNIX operating systems, network analysis (including wireless), embedded systems analysis, and computer intrusions.
Legal and Ethical Aspects in Digital Forensics - CIS245
Credits: 4.5Prerequisites: None
This course uses current events to exploit the impact of civil, criminal, and regulatory law on network and intrusion forensics. Current and future affairs are s of information include articles, journals and papers. Other topics discussed include legislative concerns affecting digital forensics, a study of the legislative process, ethics are discussed. Sources of information include articles, journals and papers. Other topics discussed include legislative concerns affecting digital forensics, a study of the legislative process, ethical issues and standards. This course uses current events to exploit the impact of civil, criminal, and regulatory law on network and intrusion forensics. Current and future affairs are discussed. Sourcecal issues and standards.
Encryption and Cryptography in Digital Forensics - CIS265
Credits: 4.5Prerequisites: None
This course covers the basics of cryptography. The differences between symmetric and asymmetric encryption will be examined and examples of each type of algorithm are discussed. This course also examines the fundamental sciences behind cryptography. Other topics discussed include encryption and security standards.
Incident Handling and Computer Forensics - CIS275
Credits: 4.5Prerequisites: None
Students learn how to identify an attack in progress or that an attack has occurred and how to properly handle each situation. Students learn to monitor different types of computer systems and platforms for evidence of crime and learn how to gather and preserve such evidence.
Managing Information Systems - CIS300
Credits: 4.5Prerequisites: None
This course will focus on information system which supports business decisions, internal business processes, customer relations, and interaction with suppliers. It deals with the organizational foundations of such systems, their strategic role, and the organizational and management changes driving electronic commerce, electronic business and the emerging digital firm. The course includes an overview of the hardware, software, data storage, and telecommunications technologies needed for information systems. The impact of such systems on the reengineering of critical business processes and on the decision making cycle are discussed in detail.
Fundamentals of RF Identification Technology - CIS308
Credits: 4.5Prerequisites: None
This course presents essential elements of radio frequency identification and the technologies that help to do it. Topics include communication protocols and modulation, transmitters, receivers, radio propagation, antenna fundamentals, LAN, WAN, voice over Wi-Fi, and security.
Managing Cisco Network Security - CIS350
Credits: 4.5Prerequisites: None
This course reviews the development and evaluation of a network security policy and best practices in securing a Cisco network infrastructure. Specific topics include, but are not limited to, dialup security (AAA, ACS, TACACS/RADIUS), hardening perimeter device (routers, PIX firewalls), encryption technology, and VPNs with IPSec. The impact of security systems of system scalable is discussed.
Database Security Administration - CIS373
Credits: 4.5Prerequisites: None
This course presents approaches and methods to help ensure that your database integrity is not violated. Technical security algorithms are not part of this course, with the focus on the management of overall database security. Topics include hardening various database environments, installing audit checklists, tracking security issues, recognizing intrusion possibilities, eliminating unnecessary software and data, firewall concepts, authentication and password security, and regulation and compliance requirements.
Virtual Private Networks & Firewalls - CIS410
Credits: 4.5Prerequisites: None
This course includes the theoretical foundation of Virtual Private Networks (VPNs) including Insect and IKE. Students review Cisco VPN technology, including IOS Software Router and PIX firewalls. Students configure routers and firewalls for site-to-site VPNs and remote access using both preshared keys and digital certificates. The course includes configuration and advanced configuration of the Cisco PIX firewall including AAA, attack guards, IPSec, and context-based access control. Students learn how to monitor and scale Cisco VPN technology.
Intrusion Detection - CIS420
Credits: 4.5Prerequisites: None
This course includes the major aspects of the Cisco Secure Intrusion Detection System (CSIDS). Students review network security concepts, installation and major components of the Cisco Secure IDS, alarm management and intrusion detection signatures, CSIDS Configuration, and installation and configuration Cisco Secure Intrusion Detection Director (CSIDD). This course is part of the Cisco Security Specialist 1 sequence.
Business Information Systems Security - CIS435
Credits: 4.5Prerequisites: None
This course focuses on the development of a security policy that balances access, protection and cost, and the importance of a global policy that is consistent and of even strength throughout the organization. Topics include security threats, security tools, system security, firewalls, voice systems, and security deployment and management. This course deals primarily management and enforcement of security system requirements, rather than with the actual configuration of hardware.
Information Technology Senior Project - CIS490
Credits: 4.5Prerequisites: None
Students will work under the supervision of a faculty advisor to further refine and develop their skills and knowledge through a student-created independent project. Project proposals must be submitted to the faculty advisor of the student's choosing and approved by the advisor and the dean before the student may register for this course. Faculty committee will determine the student's final grade for the project.








