ISSC321 Computer Systems Organization: Intermediate (3 semester hours)

This course is a study of computer systems, computer organization, computer subsystems, and operating systems, This course examines CPUs, motherboards, basic input/output systems, memory subsystems, bus structures, expansion cards, ports, connectivity, interfaces, data storage subsystems, and multimedia interface devices. This course also evaluates computer monitoring, computer systems management, operating systems, networking, and security. This course covers the A+ Certification Essentials curriculum.

ISSC322 Computer Systems Organization: Advanced (3 semester hours)

This course is an advanced study of computer systems with a focus on operating systems, system administration, networking and security. Design, configuration techniques and troubleshooting skills techniques are covered utilizing a variety of hardware scenarios including: processor design, CPU architecture, number systems used in computing, storage subsystems, and memory subsystems, This course also examines the OSI model, networking, security, performance management, and capacity planning. This course covers the CompTIA A+ Certification curriculum. Prerequisite: ISSC321.

ISSC323 Computer Hardware Systems (3 semester hours)

This course is a technical study of the hardware systems and architectures in a computer system; it appraises expansion cards, storage subsystems, IO interface subsystems, operating system, Local Area Networking (LAN), Internet connectivity, and security. This course also examines the processes for analyzing problems and for synthesizing solutions related to computer hardware systems.

ISSC325 Biometrics (3 semester hours)

This course presents an introduction to biometrics, the study of recognizing individuals based on their unique physical or behavioral traits related to computer and information security. Authentication, authorization, identification, and access control through biometric perspective are emphasized. The course orients practical applications of biometrics in the real world, providing a realistic view of the use of biometrics within the emerging threats in information security.

ISSC326 Cloud Computing (3 semester hours)

This course will delve into all aspects of a Cloud Computing implementation, starting from a definition of what it actually means and assessment of whether it is suitable for a given company to the strategy alignment, implementation and operation of a working solution. It will cover Infrastructure-as-a-Service, Platform-as-a-Service, and Software-as-a-Service as the many integration and management components that are necessary to make this work together to fulfill business requirements.

ISSC331 Legal Issues in Information Security (3 semester hours)

This course examines information security issues and the law. The rapid growth of technology has given rise to legal issues surrounding technology. Information security is the practice of protecting information to ensure the goals of confidentiality, integrity and availability are met. Information security makes sure that accurate information is available to authorized individuals when it is needed. When governments, private organizations, and individuals do a poor job of protecting the information entrusted to them, legislatures respond with new laws. The course will examine key conflicts involving technology and the legal system toinclude: privacy issues, civil, criminal, and administrative law, Children’s Online Privacy Protection Act (COPPA), Sarbanes Oxley, and information security governance. This course examines current literature on such topics.

ISSC341 Introduction to Networking (3 semester hours)

This course is a study of the evolution, the concepts, and the principles of local, distributed and enterprise networking. This course examines Network design, topologies, architecture, media, interface cards, protocols, problem resolution, communications, administration, operations, and resources. It introduces the student to the concepts of wireless networking, and web-based networks. This course also explores the Open Systems Interconnection (OSI) and the Transmission Control Protocol/ Internet Packet (TCP/IP) reference models. This course also examines internetworking servers, and hardware and operating systems maintenance.

ISSC342 Operating Systems: Hardening and Security (3 semester hours)

This course is a study of the principles and concepts of Network Security from the perspective of the Operating System (OS). It places emphasis on discovering the vulnerabilities of the standard Operating Systems (OS) to attacks and focuses on the methodologies and measures necessary to take a proactive and preventive stance to address security vulnerabilities. Students will examine the principles, practices, and policies related to hardening and securing Operating Systems so they are impervious to security threats. It focuses on the vulnerabilities and the related countermeasures of various Windows components (Domain structures, domain trusts, security account manager, policies, profiles, file system, IP services (DHCP, DNS, IIS, TCP/IP printing, RPC, RIP for Internet protocol, SNMP), DCOM, Registry, Active Directory, Encrypting File System (EFS), IPSec, and public key certificate services). This course also discusses vulnerabilities and countermeasures related to UNIX (file This course is a study of the principles and concepts of Network Security from various aspects including but not limited to hardware, software, operation systems, and other critical elements relating to the CIA Triad. There is an emphasis on standard Operating System (OS) functions and discovering associated vulnerabilities. Upon completion of this course, students will be able to demonstrate an understating of methodologies and measures necessary to take a proactive and preventive stance to address security vulnerabilities. Students will examine the principles, practices, and policies related to hardening and securing Operating Systems so they are impervious to security threats. It focuses on the vulnerabilities and the related countermeasures of various Windows components (Domain structures, domain trusts, security account manager, policies, profiles, file system, IP services (DHCP, DNS, IIS, TCP/IP printing, RPC, RIP for Internet protocol, SNMP), DCOM, Registry, Active Directory, Encrypting File System (EFS), IPSec, and public key certificate services).

ISSC343 Wireless Networks (3 semester hours)

This course offers a framework for learning the latestdevelopments and trends in ad-hoc wireless and mobile communications. The course provides a complete coverage of the wireless ad-hoc networks: principles, protocols and applications. The course will look at the characteristics and operations of contemporary ad-hoc wireless network technologies. Students will study the impact of wireless transmission and user mobility with an emphasis on the design and management of ad-hoc wireless mobile systems. Students must have access to MS Visio software. Course software requirements with the appropriate versions are listed under the course materials site. This course meets the topical requirements of the DoD Directive 8570.1M Information Assurance Management (IAM) Technical I category.

ISSC344 Open Source System Security (3 semester hours)

This course is an introductory study of the principles, practices, procedures, and methodologies to provide security on Linux systems. It assesses the security risks, threats and vulnerabilities related to individual and enterprise Linux environments. Course topics include: user privileges and permissions, file systems volumes and encryption and kernel security risk mitigation. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.

ISSC345 Service Oriented Architecture (3 semester hours)

This course examines the various aspects of a Service-oriented Architecture (SOA). It explores the comprehensive plan to interrelate business with technology. It displays how SOA combines the talents and skills of an entire organization, with its requisite needs and computing know-how. It focuses on the necessary tools—processes, best practices, and standards—for developing a sound SOA, Service-Oriented Modeling: Service Analysis, Design, and Architecture. It also introduces a service-oriented modeling framework that employs an agile and universal business and technology language to facilitate analysis,design, and architecture initiatives.

ISSC351 Computer Forensics (3 semester hours)

The explosion in the use of the Internet and the ensuing growth in cybercrime have given rise to the field of computer forensics (also called digital forensics). Digital forensics is used to assemble digital evidence to prosecute cybercrime, analyze intrusions, mitigate risk, and for data recovery. This course examines the theory, best practices, and methodologies to conduct computer forensics investigations; it includes the ethical issues, data presentation, and chain-of-evidence procedures. It also appraises current tools and technologies to analyze, acquire, and organize digital evidence. This course maps to the general objectives of the International Association of Computer Investigative Specialists (IACIS) certification. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.

ISSC361 Information Assurance (3 semester hours)

This course is a study of the discipline of Information Assurancethat focuses on protecting information assets by ensuring availability, confidentiality, integrity, authenticity, and non- repudiation. This course delves into the deliberate engineering, planning and implementation of the five major areas in any enterprise: hardware, software, networks, people, and policies. This course meets the topical requirements of the DoD Directive 8570.1M Information Assurance Management (IAM) Technical III, Management II and Management III categories.

ISSC362 IT Security: Attack & Defense (3 semester hours)

This course examines the techniques and technologies for penetration of networks, detection of attacks, and prevention of attacks. This course addresses the techniques, the technologies, and the methodologies used by cyber intruders (hackers) to select a target and launch an attack. Students will gain insight into the motives and desired goals of hackers as well as effective tools and techniques used as countermeasures ensuring data assets remain secure. This course focuses on techniques and technologies to detect such attacks even while the attack is in progress; early detection enables the administrator to track the movements of the hacker and to discover the intent and goals of the hacker. This course assesses the various countermeasures to keep the system out of the “sights” of the hacker and to keep the hacker out of the perimeter of the target network. This course also explores the laws and the legal considerations in prosecuting computer crime.

ISSC363 IT Security: Risk Management (3 semester hours)

This course explores Networking Security from the perspective ofrisk management and confirms that assessment of IP based Network systems is critical to developing strategies to mitigate and manage risks. This course focuses on effective assessment strategies that ultimately help the student to implement effective and proactive risk mitigation measures and risk management practices. It exposes the vulnerabilities of TCP/IP; and appraises risk assessment, risk analysis, risk mitigation, risk management, networking components and Virtual Private Networks (VPN). This course examines the tools and techniques used to attack, test and assure the security of the remote information, maintenance, FTP, database, email, UNIX RPC, and IP VPN services. The studentwill apply this knowledge to develop an assessment methodology that identifies, attacks, and penetrates IP based network systems.

ISSC364 IT Security: Access Control and Authentication (3 semester hours)

This course examines a broad range of network security issues. Itexplores how access controls protect resources against unauthorized viewing, tampering, or destruction and serves as a primary means of ensuring privacy, confidentiality, and prevention of unauthorized access and disclosure. It focuses on access control, such as components, processes, controls, and authentication, as well as security breaches, organizational behavior and social engineering, physical security, remote access control, public key infrastructure and encryption, cryptography, testing, and information assurance. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.

ISSC366 IT Security: Cryptography (3 semester hours)

This course will provide an extensive overview of the field of cryptography, which includes but not limited to a historical perspective on early systems, building to the number theoretic foundations of modern day cryptosystems. Upon completion of this course students will have the ability to demonstrate a knowledge of how cryptosystems are designed, and to match cryptosystems to the needs of an application. Students will also study basic cryptanalysis and will be presented with real life breaches of common cryptosystems so that they better understand the dangers within cryptosystem design and in the design of systems that rely on cryptography. Students will also gain an understanding of the various methods of encryption and analyze the strength and weaknesses of various techniques to ensure data assets are protected and secure.

ISSC368 IT Security: Physical and Peripheral Defense (3 semester hours)

The course covers physical security requirements in a networkenterprise on varying levels including physical protection against internal and external threats that may impact people, property, and other data and networked assets. Students will learn how to assess and protect these assets via multiple layers of physical security.

ISSC386 Green Computing: Foundations and Strategies (3 semester hours)

This course provides a basic understanding of the overall environmental need for an organization to adopt a Green IT strategy including: Climate Change, dangerous and exploitive working practices, the effect of hazardous waste use and disposal, consumption of precious resources such as oil, gas and water. The course identifies an organization’s external drivers and opportunities for greening its IT including: political, environmental, social and legal.

ISSC387 Green Computing: Advanced Topics (3 semester hours)

This course provides an overview of the current research focusing on ways to make computing greener and more efficient, the reference used in this course is the first research-level book devoted to green computing and large-scale energy efficiency. With contributions from leading experts in the field, the book presents current research and developments in hardware, systems software, run-time systems, programming languages, data center management, and applications. It also covers the emerging green movement in computing, including the Green Grid and the Green 500 list, as well as important programs in grassroots organizations and government agencies. (Prerequisite: ISSC386)

ISSC411 Application Security (3 semester hours)

This course is an introductory study of the principles, practices,procedures, and methodologies to ensure security of data within web-based applications. It examines secure coding practices and processes, web application security configuration management techniques, and web application security standards. It appraises the convergence between web application security and associatedthreat vectors/attack methods. It appraises secure development processes, web application secure configuration techniques, and legal issues related to securing vital digital assets. Course topics include: Secure Configuration & Development, Vulnerability & Risk Mitigation, Vulnerability Assessments & QA Testing, and PCI DSS Compliance. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.

ISSC412 Mobile Application Security (3 semester hours)

This course explores security strengths and weaknesses of applications on various mobile operating systems running on PDAs and mobile devices. It identifies, analyzes and explores vulnerabilities, attacks, exploits, and insecurities of mobile applications running on operating systems such as iOS, Android, Windows, and Blackberry OS. What constitutes designing secure code for apps on these operating systems will also be covered.(Prerequisite: ISSC343)

ISSC415 Mobile Device Security (3 semester hours)

This course explores security strengths and weaknesses of devices running various mobile operating systems. It identifies, analyzes and explores vulnerabilities, attacks, exploits, and insecurities of mobile applications running on operating systems such as iOS, Android, Windows, and Blackberry OS. A comparative study of current mobile devices with respect to security and privacy capabilities will be covered.(Prerequisite: ISSC343)

ISSC421 Computer and Network Security (3 semester hours)

This course allows the student to obtain the knowledge required to analyze and mitigate threats in the organizational network environment. Upon completion of this course, students will be able to demonstrate a knowledge of both computer and network security, from the wetware (human), software, and hardware perspectives. The "wetware" component will deal with identification of potential risk situations, establishing policies for avoidance, recovery, and prosecution, and proactive measures to reduce causal factors for security breaches in an organization. The "software" perspective will examine types of inappropriate software activity, as well as asset protection issues (recognizing software assets). This component will also address software tools available to assist in reducing administrative costs due to both malicious and accidental loss. The "hardware" component will address hardware approaches to protecting assets, as well as hardware techniques used to compromise assets. Specific technologies discussed include firewalls, symmetric key encryption, public key encryption, digital certificates, and cryptographic systems (SSL/TLS, VPNs, and Kerberos).

ISSC422 Information Security (3 semester hours)

This course allows students to examine a broad range of computersecurity issues and provides the student with technical knowledge not normally addressed in traditional training. It explores the protection of proprietary information and security planning with an emphasis on networked computer vulnerabilities. It also focuses on detection (e.g. viruses, hackers, types of computer crime, computer forensic examination, etc.), as well as disaster recovery and technology law. A primary focus is put on security of systems and computer crime prevention. Also addressed is the maturingcriminal population with increased computer literacy, whose tendency is to move from violent actions to more profitable computer crime. Finally, issues of privacy and freedom of information are examined. This course meets the topical requirements of the DoD Directive 8570.1M Information Assurance Management (IAM) Technical II and Management I categories. Requires CITRIX CLIENT SOFTWARE INSTALLATION FOR ONLINE VIRTUAL LABS accessibility.

ISSC424 Virtualization Security (3 semester hours)

This course is an introductory study of virtualization security including the types of virtualization, the importance of securing virtualized networks and discussions of the various virtualization program offerings. The course will provide an overview of the current virtualization technologies in use in most environments. Course topics include: Introduction to Virtualization, VMware ESXi on Linux, Microsoft Virtualization, Citrix Xen Virtualization, Sun Virtualization, Red Hat Enterprise Linux Virtualization, and Virtualization Security.

ISSC426 Cloud Security and Privacy (3 semester hours)

This course will provide necessary guidance to build a proper audit to ensure that operational integrity and customer data protection, among other aspects, are addressed for cloud based resources. This course will serve as a cloud computing reference for auditors and IT Security Professionals. It will also provide information to assist in preparing for an audit addressing cloud computing.

ISSC431 Database Systems Security (3 semester hours)

This course is an introductory study of the principles, practices, procedures, and methodologies to ensure security of data at rest within databases. It appraises the convergence between database security and associated threat vectors and attack methods. It examines database types, security architecture, platform fundamentals, user administration, password management, security models, virtual private databases, and auditing models. It reviews database security processes, security configuration techniques, and auditing checklists. Course topics include: Secure Architecture, Privilege Management, and Auditing Processes.

ISSC442 Wireless and Mobile Network Security (3 semester hours)

The mobile communication market has grown so rapidly keeping up security in wireless networks has become a challenge. Maintaining secure connectivity on mobile devices as well as retaining flexibility, mobility, and resilience are critical to keeping files, data, and information secure and private. This course explores security issues surrounding mobile cellular communication technologies. Hands-on labs are also included as practical examples of wireless network security. (Prerequisite: ISSC343)

ISSC451 Cybercrime (3 semester hours)

The rapid change in technology and the exponential growth in the use of the Internet have resulted in an increase in the number of computer and technology related crimes. This course is designed to provide students with the foundational knowledge and technologies needed to detect, investigate, and prevent computer related crimes. Topics to be covered include: cybercrime classification (hacking, denial of service attacks, cyberstalking, cyberbullying, virus dissemination, identity theft, electronic funds transfers, phishing, spoofing, Internet fraud, access device fraud and salami attacks), vulnerability of computer systems and computer applications, computer intrusions and attacks, the impact of cybercrime (social, economic, and legal), investigation of digital evidence, computer forensics, and the prevention of cybercrime.

ISSC452 Cybersecurity (3 semester hours)

This course examines the practices for assuring information security. The various roles and functions within the Cybersecurity practice will be combined and leveraged to produce a secure organization. Case studies will be used to examine theories and practices drawn from real world situations. The numerous pitfalls of Cybersecurity will be presented with everyday practices of securing companies resources from attack. This course will examine the frameworks, roles, and competencies involved with information security. The fundamentals of Cybersecurity will be examined to include: network and security concepts, attacker techniques, data security, system and applications security and incident response techniques. Current literature will be examined on such topics.

ISSC455 Digital Forensics: Investigation Procedures and Response (3 semester hours)

This course is an introduction to Computer Forensics Investigation Procedures and Response. It provides a basic understanding of the importance of computer forensics, how to set up a secure lab, the process for forensic investigation including first responder responsibilities, how to handle various incidents and information on the various reports used by computer forensic investigators.

ISSC456 Digital Forensics: Investigating Wireless Networks and Devices (3 semester hours)

The growth of wireless networking technologies has given rise to many security issues. Wireless technology has become popular because of its convenience and low cost. This course pertains to the study of Computer Forensics Students will be introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. An overview of cybercrime and security will be addressed by explaining the basic security procedures and will include discussions of the various security threats that today’s users face. This course will prepare students to gather all necessary information and evidence to support prosecution in a court of law. This course will examine wireless networks and devices and will discuss how to investigate wireless attacks, as well as PDA, iPod, iPhone, iPad, and Blackberry forensics. Current literature will be examined on such topics.

ISSC457 Digital Forensics: Investigating Network Intrusions and Cybercrime Security (3 semester hours)

The increase in the use of the Internet and ensuing growth in cybercrime have given rise to the field of digital forensics. Students will be introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. This course examines computer related crime and abuse cases in order to gather all necessary information and evidence to support prosecution in a court of law. Collection of evidence, investigating information hiding, and intrusion response techniques will be explored. This course will examine network intrusions, network traffic, web attacks, DoS attacks and corporate espionage. Current literature will be examined on such topics.

ISSC458 Digital Forensics: Investigating Data and Image Files (3 semester hours)

This course is designed to expose the student to the process of detecting attacks and collecting evidence in a forensically sound manner with the intent to report crime and prevent future attacks. Learners are introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. The course provides a basic understanding of steganography, data acquisition and duplication. It examines how to recover deleted files and partitions and image file forensics.

ISSC459 Digital Forensics: Hard Disc and Operating Systems (3 semester hours)

This course is designed to expose the student to the process of detecting attacks and collecting evidence in a forensically sound manner with the intent to report crime and prevent future attacks. Learners are introduced to advanced techniques in computer investigation and analysis with interest in generating potential legal evidence. The course provides a basic understanding of file systems, hard disks and digital media devices. Boot processes, Windows and Linux Forensics and application of password crackers.

ISSC461 IT Security: Countermeasures (3 semester hours)

This course is a study of Network Security attacks and countermeasures. This course examines various security technologies, such as: intrusion detection, authentication, session hijacking, sniffing, spoofing, denial of service, buffer overflow attack, port scanning, encryption, IPSec, DES encryption, triple DES encryption, message digest 5 algorithm, point-to-point tunneling protocol (PPTP), layer 2 tunneling protocol (L2TP), Kerberos, RSA Pretty Good Privacy(PGP), Secure Shell (SSH), Secure Sockets Layer (SSL), Stateful Packet Inspection (SPI), Network Address Translation (NAT), proxies, content filters, public/private keys, Public Key Infrastructure (PKI), Virtual Private Networks (VPN), security policies, security tokens, digital certificates, viruses, worms, Trojan horses, virus scanners, virus protection, vulnerability assessment, and vulnerability scanners.

ISSC471 IT Security: Auditing (3 semester hours)

Security is one of the most important concerns in the world of Information Technology. This course examines the technical issues and the administrative practices to implement and manage security; in particular, this course focuses on the principles of security auditing. This course explores the various technologies and tools to assist with discovery and auditing in the world of security management. This course also assesses the audit practices, audit processes, audit plans, discovery process, discovery software, penetration strategies, identification of potential attacks, log analysis, user baseline analysis, activity analysis, risk assessment, roles and responsibilities, and the roles and responsibilities of security auditing professionals.

ISSC481 IT Security: Planning and Policy (3 semester hours)

This course examines the principles of security planning and policy; it offers a holistic approach to cybersecurity for an organization. It focuses on a variety of security guidelines, policies and plans (security requirements, internal users, external users, operational costs, geography, capacity plan, growth plan, business organization, business scenarios, business factors, business processes, business functions, business products, product life cycle, technical factors, roles and responsibilities, and organizational authority). This course addresses physical security, authentication, network security, encryption, software development, email, Internet, acceptable use, acceptable speech, and viruses/worms. It also covers the need for actionable and maintainable policies and the need for periodic audits of policies and configurations.

ISSC483 Privacy and Cyberethics in Mobile and Wireless Networks (3 semester hours)

The Internet’s explosive growth and the availability of a myriad of devices that connect each of us with one another using a various mobile network technologies empowering us to great capabilities, has given rise to questioning if any limitations do exist. The manners by which we use our devices for the purposes we desire to accomplish, may also disarm us with what is still unknown to us. Concerning ethical issues, cyber governance, and cyber and privacy policies are eminent to keeping order for a chaotic realm of cyber communications. In this course you will explore some of these policies, the ethical approach and our moral duties in cyber obligations.

ISSC490 IT Security: Business Continuity (3 semester hours)

This course discusses both business continuity and disaster recovery planning. Business continuity investigates Risk Assessment & Management, Business Impact Analysis, and Continuity Strategy Development. The strategy component focuses on incorporating preventive measures, sustaining critical functions, planning for emergency response operations, and implementing recovery plans. This course analyzes employee training & development, chain-of-command, communications, policies & procedures, and fire-drills.

ISSC498 IT Security: Implementation Plan: Capstone (3 semester hours)

This Capstone course is a senior level course designed to allow the student to review, analyze and integrate the work the student has completed toward a degree in Information Systems Security. Students will complete various security related plans and policies that demonstrate mastery of their program of study and results in a meaningful culmination of their learning; these plans and policies will be used to assess their level of mastery of the stated outcomes of their degree requirements. This is a capstone course to be taken after all other Information Systems Security courses have been satisfactorily completed. Prerequisite: Completion of a minimum of 106 hours towards your program including ENGL101 or ENGL110.

ISSC499 Senior Seminar in Cybersecurity (3 semester hours)

This Capstone course is a senior level course designed to allow the student to review, analyze, and integrate the work the student has completed toward the Bachelors of Science in Cybersecurity degree. Students will examine a number of real-world scenario cases related to various aspects of Cybersecurity to complete various cybersecurity related plans and policies that demonstrate mastery of their program of study in a meaningful culmination of their learning and to assess their level of mastery of the stated outcomes of their degree requirements. Prerequisite: Completion of a minimum of 106 hours towards your program including ENGL101 or ENGL110.