Curriculum Designed for Cyber Security Engineers

The 30-unit program will consist of ten courses, including an integrative capstone course. Courses will be offered year-round with three semesters every year; Spring, Summer, and Fall. Each semester will last 14 weeks.  Students will take two courses per semester. Courses will run for seven weeks each with a one or two week break in between semesters. Students will participate in the capstone course during their final semester, and it will run as a third course for the entire 14-weeks along with the other two courses.  This intensive format will allow student to focus on one course at a time and still complete the degree program in 20 months.

Course design will include 37.5 hours of core instructional time. Additional homework, research, and study time will be required. Students will be advised to spend 15-18 hours per week in each course in order to be successful.

NOTE: Courses and units/course subject to change until classes start. Some students may be required to take CYBR 505, Computational Roots of Cyber Security, as a prerequisite.

Program Learning Outcomes

The curriculum is designed to achieve the following learning outcomes, in addition to the graduate learning outcomes shared across all of USD’s Master’s level programs. The Master of Science in Cyber Security Engineering program provides knowledge and skill in architecting, developing and fielding secure network solutions against cyber security threats. Throughout their studies, students will:

  1. Develop and implement encryption methodologies into secure system solutions.
  2. Examine and assess the role policy plays in engineering secure systems, technology for policy implementation and the role of policy in driving the composition of cyber security solutions.
  3. Apply the foundational elements of cyber security and engineering principles in architecting, developing and fielding secure network solutions against advanced persistent threats.
  4. Explore the role assurance plays in security, particularly in the development and deployment of software products, and how one must account for this in security planning.
  5. Design and evaluate trusted systems and implement designs into secure systems.
  6. Perform system assessments using knowledge of network forensics, technical knowledge that incorporates incident response and continuity planning, as well as knowledge of various types of penetrations an adversary might attempt on an information system.

Position yourself for the future and contribute to the mitigation of modern threats.

Download the eBook:
Building in Security from the Start: Why Cyber Security Engineers Will Soon be in High Demand
Download
Curriculum

Program Courses

6 units

CYBR 505

Computational Roots of Cyber Security

Computational Roots of Cyber Security

This course is a prerequisite for the MS in Cyber Security Engineering program. Students without specific training in cyber engineering and/or an undergraduate degree in computer science, engineering or computer engineering may be required to take this course. Computational Roots of Cyber Security is an accelerated introduction to computer systems that provides essential education in the fundamentals. Three areas of computation are addressed in this course: Understanding how 1) programs work at a fundamental level (computer architecture), 2) how programs are managed and controlled (operating systems), and 3) how programs are constructed (programming) will be critical to the students’ ability to comprehend the material of subsequent courses.

6 units

CYBR 500

Foundations of Cyber Security

Foundations of Cyber Security

This is the essential prerequisite for all of the other courses in the program. Students will understand the fundamental science of cyber security and its application to the engineering of secure systems. Students will learn the Reference Monitor concept. The course will provide explanation of presence of witted adversary as the difference between security and other system properties, with subversion as adversary’s “tool of choice”. We will cover information as a protected asset. Students will understand security policy as the definition of “security” for a system, and we will review laws, regulations, standards, ethics, and other sources of security policies. The course will provide introduction to, and discussion of, the enforceability of, mandatory, discretionary, and role-based access-control policies. We will give definition and context to the terms threats, vulnerabilities, and risk. Students will undertake a survey of common, contemporary technical, administrative, and physical security controls. We will introduce basic concepts of cryptography, as well as basic concepts of network, operating system, and application security. Students will understand the need to build security into a system from the very beginning. We will examine the shortcomings of the common, contemporary cyber security model and “best practices”.  The course will afford a survey of common attacks and mitigations. It will serve as introduction to assurance, forensics, and incident response.

3 units

CYBR 520

Applied Cryptography

Applied Cryptography

This course provides an introduction to cryptographic theory and practice. It covers the application of cryptography to cyber security, beginning with historic review of cryptography from Caesar’s cipher to modern algorithms. We will discuss stream ciphers, block ciphers, and one-way hashing, along with the topic of message integrity. We will explore the differences in symmetric and asymmetric encryption. The course will also cover key exchange techniques, public key protocols, and key and certificate generation and management. We will learn how to assess the strength of cryptographic implementations, and about attacks on cryptographic systems.

3 units

CYBR 530

Security Policies

Security Policies

This course will cover advanced topics in security policies. We will look at the types of policies, including mandatory, discretionary, role-based, and information flow. We will also review confidentiality, integrity, and privacy policies. Students will understand mathematical models and formal reasoning about policies, and system architectural considerations for enforcing policies. The course will introduce traceability of mechanism to policy and of policy to mechanism. Students will understand and perform policy composition, as well as assessing the suitability of policies for particular uses.

3 units

CYBR 540

Security Assurance

Security Assurance

The course will introduce the assurance case as the basis for trusting that a system will correctly enforce a security policy. It will cover how to create an assurance case, assurance techniques for each stage of the system life cycle, and the strengths and weaknesses of each technique. The course will explore capability maturity models, threat modeling, modularization and layering, secure programming, security testing, covert channel analysis, and secure system operation and maintenance. It will provide introduction to formal methods as applied to security, and look at balancing cost and risk in building an assurance argument, demonstrating the difficulty of measuring security and assessing risk.

3 units

CYBR 550

Secure Network Engineering

Secure Network Engineering

This course will introduce the principles of network security. We will discuss network topology, theory of network governance and control. We will explore various methods of network modeling and simulation. Students will learn about development, design and validation framework for secure network topologies. We will examine security from a design viewpoint and network performance expectations contrasted against various types of attacks including adaptive malware and analyzing deceptive techniques for defeating access control models. The course will provide review of modern networks design approaches and postulate some improvements for future work in attack resistant networks without total reliance on cryptography.

3 units

CYBR 560

Trusted Systems Design, Development, and Analysis

Trusted Systems Design, Development, and Analysis

This course begins with an overview of why most systems are not secure, and why monitoring and surveillance alone do not work and why security must be built into a system from its foundation. We will then discuss how to build systems that are resistant to active, evolving adversaries. Students will be exposed to the design, evaluation, certification, and accreditation of trusted systems. We will look at hardware and software considerations for building trusted systems, and configuration management and systems administration of trusted systems. We will also study special considerations when building trusted applications, such as databases and distributed systems.

3 units

CYBR 570

Secure Systems Engineering

Secure Systems Engineering

The course will cover systems security considerations in functional analysis, decomposition and requirements processes, and practical techniques and methods for developing and fielding secure architectures. Students will understand how to incorporate threat and vulnerability analysis into the architecture and design process. We will undertake investigation of actual secure system solutions starting with the development of the organization’s security policy and tracing the development of the system through to deployment. Students will be presented with comparable secure system developments in varying degrees of completeness and challenged to complete the development. Among our focus will be developing assurance evidence, penetration analysis, and identification of architectural component. The course will then challenge students to take a security policy document and design criteria, and work to engineer and field a system.

3 units

CYBR 580

Digital Forensics and Incident Response

Digital Forensics and Incident Response

The course will introduce computer and network forensics as applied to cyber security and data analysis of a system intrusion. We will explore methods of attack and the tools available to conduct forensics investigations. Students will be exposed to Security Information and Event Management (SIEM) tools that enable sophisticated analysis of complex networks ranging from enterprise systems to mobile systems. The course will focus on forensics theory, the forensics process, and laboratory investigations with modern SEIM tools. Outcomes include solid understanding of modern network analytics, defenses, and approaches to discovery of data needed to conduct the evidence needed for intrusion affirmation cases

3 units

CYBR 590

Cyber Security Operations

Cyber Security Operations

This course will focus on contested cyber environments and simulated adversarial activity with regards to assessment of information systems. We will explore defense and operation of various types of systems in a test network, being able to employ tools to administer, monitor, fight through, and perform forensic analysis on attacks.  Students will understand how to setup an assessment process for systems and/or components, and how to effectively conduct a penetration test on a network and/or components. Students will be challenged to develop engineering solutions to stand up to threats and mitigate vulnerabilities.  The goal will be understanding the various strengths and weakness in selecting a system configurations for the purposes of information security, and the steps in the penetration testing process, including intelligence, threat modeling, vulnerability analysis, exploitation, and reporting.  The course will also include a practicum course project in which students will engage with industry in solving a real-world challenge.