Approved Course Outline

CTS 4124 - Threat Detection and Mitigation

College of Computer & Information Technology
Credit(s): 3
Contact Hours: 47
Summer 2021 (590)
Requisites
Admission to Technology Development and Management (Bachelor of Applied Science) (TMGT-BAS) or
Admission to Cybersecurity (Bachelor of Applied Science) (CYSEC-BAS)
Course Description
This course examines threats to computer networks, network vulnerabilities, techniques for strengthening passive defenses, tools for establishing an active network defense, and policies for enhancing forensic analysis of crimes and attacks on computer networks. Topics include private and public key cryptography, digital signatures, secret sharing, security protocols, formal methods for analyzing network security, electronic mail security, firewalls, intrusion detection, internet privacy and public key infrastructure. This course contains foundational coverage in preparing for CompTIA’s CySA+. Students will need additional remediation to ensure success on the exam.
Learning Outcomes and Objectives
  1. Students will prioritize the potential cybersecurity threat environment by:
    1. applying environmental reconnaissance techniques using appropriate tools and processes.
    2. analyzing the results of a network reconnaissance.
    3. implementing or recommending the appropriate response and countermeasure.
    4. explaining the purpose of practices used to secure a corporate environment.
  2. Students will evaluate organizational cybersecurity vulnerability by:
    1. implementing an information security vulnerability management process.
    2. analyzing the output resulting from a vulnerability scan.
    3. comparing and contrasting common vulnerabilities found in various hardware and software targets within an organization.
  3. Students will formulate a suitable cyber incident response by:
    1. distinguishing threat data or behavior to determine the impact of an incident.
    2. preparing a toolkit and using appropriate forensics tools during an investigation.
    3. explaining the importance of communication during the incident response process.
    4. analyzing common symptoms to select the best course of action to support incident response.
    5. summarizing the incident recovery and post-incident response process
  4. Students will appraise organizational security architecture by:
    1. explaining the relationship between frameworks, common policies, controls, and procedures.
    2. recommending remediation of security issues related to identity and access management
    3. reviewing security architecture and making recommendations to implement compensating controls.
    4. using application security best practices while participating in the Software Development Life Cycle (SDLC).
    5. comparing and contrasting the general purpose and reasons for using various cybersecurity tools and technologies.
Criteria Performance Standard
Upon successful completion of the course the student will, with a minimum of 70% accuracy, demonstrate mastery of each of the above stated objectives through classroom measures developed by individual course instructors.
History of Changes
C&I Approval: 09/05/2019, BOT Approval: 09/24/2019, Effective Term: Spring 2020 (570).
C&I Approval: , BOT Approval: , Effective Term: Summer 2021 (590)
Related Programs
  1. Cybersecurity (CYSEC-BAS) (610) (Active)