Information Security
Program Description
The Bachelor of Science in Information Security at Washington Technology University is designed to provide an in depth understanding of information technology as well as prepare students to address a wide range of vulnerabilities and threats that affect private, corporate and government computer information systems. This program prepares students to design and implement key technologies and processes needed to protect critical information in cyberspace.
The BSIS program provides the knowledge, skills and competency to successfully analyze, build, support, and defend information systems against cyber-attacks. While a foundational study of computer hardware, software, and networking is provided, the focus of the program is development of practical cyber security knowledge accumulated through lectures, interactive exercises and projects. The first series of courses emphasis technology. The second set builds on this core knowledge by concentrating exclusively on information security. An exclusive focus on security courses serves to improve the absorption and retention of critical concepts and encourages the development of a clear and interconnected understanding of Information Security and its impact on society.
The Information Security degree at WTU is designed to ensure proficiency of concepts and ideas related to modern Information Security. No prior technical knowledge is required to enter, it is designed for anyone interested in Information Security. Those seeking to enter the fields of cyber security, information assurance, computer forensic analysis, or network security should consider entering the program.
Program Learning Outcomes:
- Identify the elements of an information system and understand how software is developed and used within the information system
- Use and apply mathematical concepts appropriate to the development of software for a computer and information system
- Demonstrate background knowledge of Operating Systems, Networking, Data Communications, Database Technology, Information Systems Planning, and Project Management
- Analyze an information systems problem, define performance requirements and specifications needed to solve an information security problem
- Identify solutions while recognizing the social and ethical impact of computing on individuals, organizations and society
- Demonstrate effective team communication
- Use current techniques, skills, and tools necessary for information systems practices by recognizing the need for, and the ability to engage in, continuing professional development
- Understand professional, ethical, legal, security, social issues and responsibilities
- Demonstrate the use of various computer forensic software tools and techniques as well as follow proper legal procedures for obtaining, analyzing, and reporting digital forensic evidence
- Explain the findings of a cyber forensic investigation in both written form and in oral form
- Identify and analyze legal issues within technology, regarding standards, compliance, contracts, computer crime, privacy, obscenity, and intellectual property
- Compare and contrast techniques for preventing unauthorized access to computer networks and apply measures for minimizing the damage caused by network intruders.
- Evaluate and implement security controls for an information system to provide assurance where the security processes or controls are implemented
- Evaluate an implemented Governance Framework for its effectiveness and usefulness to an organization.
- Identify the security mechanisms contained within various computing devices used to protect it while allowing it access to external data and other connected devices.
Accreditation Objectives: Organization: ABET | Location: Bellevue | Group: Computing Accreditation Commission | Criteria: General Criteria Only (CAC)
The curriculum is designed around 6 blocks of 3 months each (1 quarter), and each block contains 3 one-month instructional content to allow students to focus each month on a single subject.
Identify the elements of an information system and understand how software is developed and used within the information system
Use and apply mathematical concepts appropriate to the development of software for a computer and information system
Demonstrate background knowledge of Operating Systems, Networking, Data Communications, Database Technology, Information Systems Planning, and Project Management
Analyze an information systems problem, define performance requirements and specifications needed to solve an information security problem
Identify solutions while recognizing the social and ethical impact of computing on individuals, organizations and society
Demonstrate effective team communication
Use current techniques, skills, and tools necessary for information systems practices by recognizing the need for, and the ability to engage in, continuing professional development
Understand professional, ethical, legal, security, social issues and responsibilities
Demonstrate the use of various computer forensic software tools and techniques as well as follow proper legal procedures for obtaining, analyzing, and reporting digital forensic evidence
Explain the findings of a cyber forensic investigation in both written form and in oral form
Identify and analyze legal issues within technology, regarding standards, compliance, contracts, computer crime, privacy, obscenity, and intellectual property
Compare and contrast techniques for preventing unauthorized access to computer networks and apply measures for minimizing the damage caused by network intruders.
Evaluate and implement security controls for an information system to provide assurance where the security processes or controls are implemented
Evaluate an implemented Governance Framework for its effectiveness and usefulness to an organization.
Identify the security mechanisms contained within various computing devices used to protect it while allowing it access to external data and other connected devices.
Courses Available
Foundations (15 Credits)
This class provides students with foundational concepts needed to succeed in the program. Analytical and numerical methods are covered as well as legal and ethical issues in information systems and information security are covered.
Content Block 1: Statistics and Calculus
TOPICS: Summarized Descriptive Data, Frequency Distributions, Measures of Central Tendency and Dispersio, Curve Fitting, Sampling Theory and Distributions, Chi-Square Testing, Hypothesis Testing, Linear Equations, Matrices, Linear Programming, Differential Equations, Exponential Functions
Content Block 2: Computing Methods and Data Management
TOPICS: Discrete Mathematics, Computer Networks, Computer Hardware, Databases, Database Design, Number Systems
Content Block 3: Information Ethics and Legal Issues in Information Security
TOPICS: IT Ethics, Moral and Social Issues, Information Privacy, Data Privacy, Legal Liability, International Information Privacy Laws.
| INSE 300 | Legal and Ethical Issues in Information Systems | 5 |
Software Platforms (15 Credits)
This course covers software platforms necessary for program completion. The student learns tools and techniques used in software development including data structures and algorithms and operating systems. Finally, students cover the software used to manage and run data needed by the software.
Content Block 1: Programming and Web Development
TOPICS: Introduction to Python, Development Environments, Type Declarations, Control Statements, Structured Programming Concepts, Object Oriented Concepts, File Creation, Searching and Sorting Algorithms, Web Page Creation, HTML/DHTML Basics, CSS, XML, Deployment Environments, JavaScript, Event Handling.
Content Block 2: Operating Systems
TOPICS: Introduction to Windows, Linux, UNIX. PowerShell and Bash basics, Concurrency, Threads, Swapping, Memory Management, Scheduling, I/O, File Systems
Content Block 3: Databases
TOPICS: DBMSs, MS Access, SQL, Relational, Normalization, Data Modeling
Systems (15 Credits)
This class is dedicated to the study of the management, analysis, design and implementation of data communications systems. Tools and techniques related to its development along with key concepts needed to describe, model, and develop data communications systems.
Content Block 1: Project Management
TOPICS: Project Life Cycle, Triple Constraint, Project Charter, WBS, Gantt Chart, Cost, Budgeting, Scope Creep, SWOT, PMBOK, Risk Analysis, Network Diagrams, Earned Value, Outsourcing, Negotiations, Project Sponsors, Executive Report Outs.
Content Block 2: Systems Analysis and Design
TOPICS: Business Models, Information Models, Structured Analysis, Object-Oriented Analysis, Agile Methods, SDLCs, Requirements Engineering, UML, FDD, JAD, RAD, DFDs, Data Dictionaries, CASE tools, RFP, RFQ, Design Patterns
Content Block 3: Data Communications Systems (Networking)
TOPICS: OSI and IP models, QoS, Error Correction, VLANs, Ethernet, LAN Protocols and Topologies, IP Addressing, IPv4/6, Bluetooth
| INSE 320 | Data Communications and Networking | 5 |
Security (15 Credits)
This course covers the basic concepts in information security. It also develops advanced security concepts needed to understand how organizations manage their information systems to prevent unauthorized access.
Content Block 1: Fundamentals of Information Security
TOPICS: Security Life Cycle, Confidentiality, Integrity, Availability, EAA, Authentication, Risks, Cyber Attackers, Laws, Regulations, Attack Methodologies, Attack Types, Cryptography, Organizational Culture, Vulnerability Assessment
| INSE 400 | Fundamentals of Information Security | 5 |
Content Block 2: Corporate Governance, Policy, Risk, CyberCrime
TOPICS: Risk Classification and Identification, Response, Recovery, Management, IT Infrastructure Compliance, Business Drivers, Policy Creation and Frameworks, Data Classification, Handling Policy, Enforcement
| INSE 410 | Corporate Governance, Policy, Risk, and Cybercrime | 5 |
Content Block 3: Computer and Network Security
TOPICS: CIA Model, Security Levels, Access Control Lists, Device Hardening, Computing Service Management, Perimeter Construction and Hardening, Thread Identification and Classification, Stealth Firewalls, Authentication and User Account Management, Network Intrusion Detection, Cloud Security
Detection, Investigation and Prevention (15 Credits)
This course develops tools and techniques used to detect information security breaches. It also provides the students with concepts used to investigate security incidents as well as the tools and techniques to build in safeguards to protect the organization from electronic and social vulnerabilities.
Content Block 1: Security Strategies for Windows, Linux and Applications
TOPICS: Threat identification, User Privileges and Permission Hardening, Filesystem, Kernel Security and Risk Management, Image Baselining, Networked File System Securing, Platform Encryption, Malware Detection, System Administration
| INSE 420 | Security Strategies for Operating Systems and Applications | 5 |
Content Block 2: Computer and Network Forensics, Investigation and Response
TOPICS: Computer Crime, Computer Forensic Methods, Data Collection, Email Mining, Seizure, and Protection, Data Recovery Techniques, Windows- Linux-Mac Data Recovery, Mobile Platform Specific Forensic Techniques, Incident Response
Content Block 3: Auditing IT Infrastructure for Compliance
TOPICS: Compliance Laws, Scope of Compliance, Auditing Standards, Audit Planning, Conducting Audits, Infrastructure Audits, User Domain, Workstation, LAN, LAN-to-WAN, WAN Domain Compliance, Remote Access Compliance and Standards, Application Compliance, IT Audit Certifications
| INSE 430 | Compliance Auditing IT Infrastructure | 5 |
Hacking and Capstone (15 Credits)
This final course in the sequence explores hacking and the tools and techniques used to exploit common vulnerabilities of modern information systems. The course also investigates security for wireless and mobile networking technology. Finally, the course includes a capstone project where students get an opportunity to apply their knowledge to a project of their choosing.
Content Block 1: Hacker Techniques, Tools, and Incident Hacking
TOPICS: Footprinting Overview and Tools, Port Scanning Techniques, Enumeration and Computer Hacking, Wireless Vulnerability Detection Techniques and Exploitations, Web and Database Attacks, Malware Concepts, Hacking Tools Sniffers, Session Hijacking, and DoS, Penetration Testing, Social Engineering
Content Block 2: Internet, Wireless and Mobile Device Security
TOPICS: Securing Web Applications, Site Migration Risks, Reducing Web Application Vulnerabilities, Site Vulnerability Testing and Assessment, Securing Communications, WLAN Security, WLAN Auditing, WLAN Risk Assessment, Mobile Device Hardening, Mobile Footprinting, Wireless Attack Vectors and Mitigations
| INSE 440 | Internet, Wireless, and Mobile Device Security | 5 |
Content Block 3: Capstone Project
TOPICS: Topic Identification and Selection, Team Building, Project Development, Weekly Statusing, Team Presentation, Project Collaboration and Report Generation.
Program Requirements (90 credits)
Technology Core (45 Credits)
MATH 200, CPSC 210: Pre-requisites: None
CPSC 220, CPSC 250, CPSC 310, INSE 300, INSE 310, INSE 320, INSE 335: Pre-requisites: MATH 200 & CPSC 210
Depth of Study (40 Credits)
| INSE 400 | Fundamentals of Information Security | 5 |
| INSE 410 | Corporate Governance, Policy, Risk, and Cybercrime | 5 |
| INSE 420 | Security Strategies for Operating Systems and Applications | 5 |
| INSE 425 | Computer and Network Forensics | 5 |
| INSE 430 | Compliance Auditing IT Infrastructure | 5 |
| INSE 435 | Hacker Tools and Techniques | 5 |
| INSE 440 | Internet, Wireless, and Mobile Device Security | 5 |
INSE 400: Pre-requisites: MATH 200, CPSC 210, CPSC 220, CPSC 250, CPSC 310, INSE 300, INSE 310, INSE 320 & INSE 335
INSE 410, INSE 415, INSE 420, INSE 425, INSE 430, INSE 435, INSE 440: Pre-requisite: INSE 400
Capstone Requirement (5 Credits)
Pre-requisites: All Program Courses
Washington Technology University
Program Design Specification
in Information Security
Credits
Approved: 6/26/2018 6:42:04 PM
Program Name:
Information Security
Program Description
The Bachelor of Science in Information Security at Washington Technology University is designed to provide an in depth understanding of information technology as well as prepare students to address a wide range of vulnerabilities and threats that affect private, corporate and government computer information systems. This program prepares students to design and implement key technologies and processes needed to protect critical information in cyberspace.
The BSIS program provides the knowledge, skills and competency to successfully analyze, build, support, and defend information systems against cyber-attacks. While a foundational study of computer hardware, software, and networking is provided, the focus of the program is development of practical cyber security knowledge accumulated through lectures, interactive exercises and projects. The first series of courses emphasis technology. The second set builds on this core knowledge by concentrating exclusively on information security. An exclusive focus on security courses serves to improve the absorption and retention of critical concepts and encourages the development of a clear and interconnected understanding of Information Security and its impact on society.
The Information Security degree at WTU is designed to ensure proficiency of concepts and ideas related to modern Information Security. No prior technical knowledge is required to enter, it is designed for anyone interested in Information Security. Those seeking to enter the fields of cyber security, information assurance, computer forensic analysis, or network security should consider entering the program.
Program Learning Outcomes:
- Identify the elements of an information system and understand how software is developed and used within the information system
- Use and apply mathematical concepts appropriate to the development of software for a computer and information system
- Demonstrate background knowledge of Operating Systems, Networking, Data Communications, Database Technology, Information Systems Planning, and Project Management
- Analyze an information systems problem, define performance requirements and specifications needed to solve an information security problem
- Identify solutions while recognizing the social and ethical impact of computing on individuals, organizations and society
- Demonstrate effective team communication
- Use current techniques, skills, and tools necessary for information systems practices by recognizing the need for, and the ability to engage in, continuing professional development
- Understand professional, ethical, legal, security, social issues and responsibilities
- Demonstrate the use of various computer forensic software tools and techniques as well as follow proper legal procedures for obtaining, analyzing, and reporting digital forensic evidence
- Explain the findings of a cyber forensic investigation in both written form and in oral form
- Identify and analyze legal issues within technology, regarding standards, compliance, contracts, computer crime, privacy, obscenity, and intellectual property
- Compare and contrast techniques for preventing unauthorized access to computer networks and apply measures for minimizing the damage caused by network intruders.
- Evaluate and implement security controls for an information system to provide assurance where the security processes or controls are implemented
- Evaluate an implemented Governance Framework for its effectiveness and usefulness to an organization.
- Identify the security mechanisms contained within various computing devices used to protect it while allowing it access to external data and other connected devices.
Accreditation Objectives: Organization: ABET | Location: Bellevue | Group: Computing Accreditation Commission | Criteria: General Criteria Only (CAC)
The curriculum is designed around 6 blocks of 3 months each (1 quarter), and each block contains 3 one-month instructional content to allow students to focus each month on a single subject.
Program Outcomes:
Identify the elements of an information system and understand how software is developed and used within the information system
Use and apply mathematical concepts appropriate to the development of software for a computer and information system
Demonstrate background knowledge of Operating Systems, Networking, Data Communications, Database Technology, Information Systems Planning, and Project Management
Analyze an information systems problem, define performance requirements and specifications needed to solve an information security problem
Identify solutions while recognizing the social and ethical impact of computing on individuals, organizations and society
Demonstrate effective team communication
Use current techniques, skills, and tools necessary for information systems practices by recognizing the need for, and the ability to engage in, continuing professional development
Understand professional, ethical, legal, security, social issues and responsibilities
Demonstrate the use of various computer forensic software tools and techniques as well as follow proper legal procedures for obtaining, analyzing, and reporting digital forensic evidence
Explain the findings of a cyber forensic investigation in both written form and in oral form
Identify and analyze legal issues within technology, regarding standards, compliance, contracts, computer crime, privacy, obscenity, and intellectual property
Compare and contrast techniques for preventing unauthorized access to computer networks and apply measures for minimizing the damage caused by network intruders.
Evaluate and implement security controls for an information system to provide assurance where the security processes or controls are implemented
Evaluate an implemented Governance Framework for its effectiveness and usefulness to an organization.
Identify the security mechanisms contained within various computing devices used to protect it while allowing it access to external data and other connected devices.
Program Requirements:
Courses Available
Foundations (15 Credits)
This class provides students with foundational concepts needed to succeed in the program. Analytical and numerical methods are covered as well as legal and ethical issues in information systems and information security are covered.
TOPICS: Summarized Descriptive Data, Frequency Distributions, Measures of Central Tendency and Dispersio, Curve Fitting, Sampling Theory and Distributions, Chi-Square Testing, Hypothesis Testing, Linear Equations, Matrices, Linear Programming, Differential Equations, Exponential Functions
TOPICS: Discrete Mathematics, Computer Networks, Computer Hardware, Databases, Database Design, Number Systems
TOPICS: IT Ethics, Moral and Social Issues, Information Privacy, Data Privacy, Legal Liability, International Information Privacy Laws.
| INSE 300 | Legal and Ethical Issues in Information Systems | 5 |
Software Platforms (15 Credits)
This course covers software platforms necessary for program completion. The student learns tools and techniques used in software development including data structures and algorithms and operating systems. Finally, students cover the software used to manage and run data needed by the software.
TOPICS: Introduction to Python, Development Environments, Type Declarations, Control Statements, Structured Programming Concepts, Object Oriented Concepts, File Creation, Searching and Sorting Algorithms, Web Page Creation, HTML/DHTML Basics, CSS, XML, Deployment Environments, JavaScript, Event Handling.
TOPICS: Introduction to Windows, Linux, UNIX. PowerShell and Bash basics, Concurrency, Threads, Swapping, Memory Management, Scheduling, I/O, File Systems
TOPICS: DBMSs, MS Access, SQL, Relational, Normalization, Data Modeling
Systems (15 Credits)
This class is dedicated to the study of the management, analysis, design and implementation of data communications systems. Tools and techniques related to its development along with key concepts needed to describe, model, and develop data communications systems.
TOPICS: Project Life Cycle, Triple Constraint, Project Charter, WBS, Gantt Chart, Cost, Budgeting, Scope Creep, SWOT, PMBOK, Risk Analysis, Network Diagrams, Earned Value, Outsourcing, Negotiations, Project Sponsors, Executive Report Outs.
TOPICS: Business Models, Information Models, Structured Analysis, Object-Oriented Analysis, Agile Methods, SDLCs, Requirements Engineering, UML, FDD, JAD, RAD, DFDs, Data Dictionaries, CASE tools, RFP, RFQ, Design Patterns
TOPICS: OSI and IP models, QoS, Error Correction, VLANs, Ethernet, LAN Protocols and Topologies, IP Addressing, IPv4/6, Bluetooth
| INSE 320 | Data Communications and Networking | 5 |
Security (15 Credits)
This course covers the basic concepts in information security. It also develops advanced security concepts needed to understand how organizations manage their information systems to prevent unauthorized access.
TOPICS: Security Life Cycle, Confidentiality, Integrity, Availability, EAA, Authentication, Risks, Cyber Attackers, Laws, Regulations, Attack Methodologies, Attack Types, Cryptography, Organizational Culture, Vulnerability Assessment
| INSE 400 | Fundamentals of Information Security | 5 |
TOPICS: Risk Classification and Identification, Response, Recovery, Management, IT Infrastructure Compliance, Business Drivers, Policy Creation and Frameworks, Data Classification, Handling Policy, Enforcement
| INSE 410 | Corporate Governance, Policy, Risk, and Cybercrime | 5 |
TOPICS: CIA Model, Security Levels, Access Control Lists, Device Hardening, Computing Service Management, Perimeter Construction and Hardening, Thread Identification and Classification, Stealth Firewalls, Authentication and User Account Management, Network Intrusion Detection, Cloud Security
Detection, Investigation and Prevention (15 Credits)
This course develops tools and techniques used to detect information security breaches. It also provides the students with concepts used to investigate security incidents as well as the tools and techniques to build in safeguards to protect the organization from electronic and social vulnerabilities.
TOPICS: Threat identification, User Privileges and Permission Hardening, Filesystem, Kernel Security and Risk Management, Image Baselining, Networked File System Securing, Platform Encryption, Malware Detection, System Administration
| INSE 420 | Security Strategies for Operating Systems and Applications | 5 |
TOPICS: Computer Crime, Computer Forensic Methods, Data Collection, Email Mining, Seizure, and Protection, Data Recovery Techniques, Windows- Linux-Mac Data Recovery, Mobile Platform Specific Forensic Techniques, Incident Response
TOPICS: Compliance Laws, Scope of Compliance, Auditing Standards, Audit Planning, Conducting Audits, Infrastructure Audits, User Domain, Workstation, LAN, LAN-to-WAN, WAN Domain Compliance, Remote Access Compliance and Standards, Application Compliance, IT Audit Certifications
| INSE 430 | Compliance Auditing IT Infrastructure | 5 |
Hacking and Capstone (15 Credits)
This final course in the sequence explores hacking and the tools and techniques used to exploit common vulnerabilities of modern information systems. The course also investigates security for wireless and mobile networking technology. Finally, the course includes a capstone project where students get an opportunity to apply their knowledge to a project of their choosing.
TOPICS: Footprinting Overview and Tools, Port Scanning Techniques, Enumeration and Computer Hacking, Wireless Vulnerability Detection Techniques and Exploitations, Web and Database Attacks, Malware Concepts, Hacking Tools Sniffers, Session Hijacking, and DoS, Penetration Testing, Social Engineering
TOPICS: Securing Web Applications, Site Migration Risks, Reducing Web Application Vulnerabilities, Site Vulnerability Testing and Assessment, Securing Communications, WLAN Security, WLAN Auditing, WLAN Risk Assessment, Mobile Device Hardening, Mobile Footprinting, Wireless Attack Vectors and Mitigations
| INSE 440 | Internet, Wireless, and Mobile Device Security | 5 |
TOPICS: Topic Identification and Selection, Team Building, Project Development, Weekly Statusing, Team Presentation, Project Collaboration and Report Generation.
Program Requirements (90 credits)
Technology Core (45 Credits)
Depth of Study (40 Credits)
| INSE 400 | Fundamentals of Information Security | 5 |
| INSE 410 | Corporate Governance, Policy, Risk, and Cybercrime | 5 |
| INSE 420 | Security Strategies for Operating Systems and Applications | 5 |
| INSE 425 | Computer and Network Forensics | 5 |
| INSE 430 | Compliance Auditing IT Infrastructure | 5 |
| INSE 435 | Hacker Tools and Techniques | 5 |
| INSE 440 | Internet, Wireless, and Mobile Device Security | 5 |
Capstone Requirement (5 Credits)