This course provides an overview of the field of cybersecurity. It covers core cybersecurity topics including computer system architectures, critical infrastructures, cyber threats and vulnerabilities, cryptography, information assurance, network security, and risk assessment and management. Students are expected to become familiar with fundamental security concepts, technologies and practices, and develop a foundation for further study in cybersecurity.
- Basic Cybersecurity Concepts
Understanding the CIA Triad (Confidentiality, Integrity, Availability)
Overview of cyber threats and types of attacks (e.g., malware, phishing, DoS, DDoS, etc.)
Differentiating between cybersecurity, information security, and network security
Understanding risk management and threat assessment - Cyber Threats and Attack Vectors
Identifying common cyber threats (viruses, worms, ransomware, spyware, etc.)
Recognizing social engineering attacks (e.g., phishing, spear phishing, vishing)
Understanding attack vectors (e.g., email, web applications, network vulnerabilities)
Exploring advanced persistent threats (APTs) and their impact - Network Security Fundamentals
Basic concepts of networking (e.g., TCP/IP, DNS, DHCP, VPN, firewalls)
Understanding network defense mechanisms (e.g., IDS/IPS, firewalls, NAT, VPNs)
Recognizing and preventing man-in-the-middle (MITM) attacks
Overview of Wi-Fi security (e.g., WPA2, WPA3, encryption) - Cryptography Basics
Introduction to encryption and decryption (symmetric vs. asymmetric)
Understanding public key infrastructure (PKI) and SSL/TLS
Exploring hashing (e.g., MD5, SHA) and its role in data integrity
Learning about digital signatures and certificates in cybersecurity - Security Policies and Governance
Understanding the role of security policies, standards, and frameworks (e.g., NIST, ISO 27001)
Recognizing the importance of security awareness training for employees
Overview of compliance requirements (e.g., GDPR, HIPAA, PCI-DSS)
Implementing basic security protocols and security policies in an organization - Authentication and Access Control
Understanding the principles of authentication (something you know, something you have, something you are)
Configuring multi-factor authentication (MFA) for enhanced security
Implementing access control models (e.g., RBAC, DAC, MAC)
Managing password security (e.g., password policies, password hashing) - Incident Response and Reporting
Recognizing cybersecurity incidents and how to respond effectively
Understanding incident response procedures (e.g., identification, containment, eradication, recovery)
Introduction to forensics (e.g., data collection, evidence handling, analysis)
Understanding the importance of post-incident reporting and root cause analysis