Course Grade Received:Β A
Cybersecurity Fundamentals
Provides a comprehensive introduction to networking principles and their direct application to modern cybersecurity. The course begins with core Internet architecture and the protocol stack before transitioning into security vulnerabilities, defensive mechanisms, and applied cybersecurity operations.
The first half of the course builds foundational networking knowledge, including the Internet protocol stack, HTTP, DNS, TCP/IP, wireless networking, and IP addressing. The second half focuses on cybersecurity concepts such as cryptography, vulnerabilities and exploits, malware, wireless and application attacks, risk management, cyber operations, and defensive countermeasures.
Through hands-on labs, discussions, homework assignments, and exams, this course develops both conceptual understanding and practical analysis skills. The curriculum aligns closely with industry-recognized security principles and provides foundational preparation for certifications such as CompTIA Security+
Key Skills & Topics
Networking & Internet Architecture
- Internet protocol stack (Application, Transport, Network, Link layers)
- Client-server architecture
- HTTP and DNS functionality and vulnerabilities
- TCP connection establishment and transport-layer operations
- IP addressing and CIDR
- MAC addressing and packet traversal
- Wireless vs. wired LAN security considerations
Cybersecurity Foundations
- Common vulnerabilities in DNS, databases, and web applications
- Malware types and attack classification
- Wireless and application-layer attacks
- Vulnerabilities, exploits, and countermeasures
- Cyber kill chain and operational phases
Cryptography & Network Defense
- Fundamental cryptographic concepts
- Certificates and authentication mechanisms
- Transport Layer Security (TLS)
- Firewalls, VPNs, IDS/IPS
- Kerberos and network-layer security
Risk & Security Management
- Vulnerability mitigation strategies
- Risk assessment and management principles
- Defensive security architecture
Course Material
π Salt Typhoon: Chinaβs Persistent Telecom Espionage Campaign (CYSE 462)
This research paper analyzes Salt Typhoon, a PRC state-sponsored advanced persistent threat (APT) that breached major U.S. telecommunications providers including AT&T, Verizon, T-Mobile, and Lumen Technologies beginning in 2024. The paper examines the group’s six-stage attack sequence, targeted devices and protocols, societal impact, and mitigation strategies β arguing that the campaign’s scale resulted from preventable lapses in basic security hygiene rather than novel capabilities.
π Project Highlights
- Analyzed Salt Typhoon’s exploitation of CVE-2023-20198 and CVE-2023-20273 on Cisco IOS XE edge devices
- Documented the six-stage attack sequence: initial access β privilege escalation β persistence β credential harvesting β lateral movement β anti-forensics
- Examined JumbledPath malware and GRE tunnel abuse for evasion and persistence
- Assessed the breach of CALEA lawful intercept systems, exposing active government surveillance infrastructure
- Proposed mitigations: mandatory patch timelines, network segmentation, Zero Trust architecture, and centralized tamper-resistant logging
π Security Concepts Applied
- Advanced Persistent Threat (APT) analysis
- CVE exploitation and patch management failure
- Network edge device security
- Lateral movement and credential harvesting
- Anti-forensics and log evasion techniques
- Telecom infrastructure risk and national security policy
π§ What This Project Demonstrates
This paper demonstrates the ability to research, analyze, and communicate a complex, real-world nation-state cyberattack β connecting technical TTPs to broader national security implications and actionable defensive recommendations.
CS-462-Course-Project-Paper-FD__compressed