Cybersecurity [Fundamentals] Certificate Curriculum

This course is an advanced survey of modern topics of theory, foundations, and applications of modern cryptography. One-way functions, pseudo-randomness, encryption, authentication, public-key cryptosystems, and notions of security are covered. The course also covers zero-knowledge proofs, multiparty cryptographic protocols, and practical applications.

This course covers theory and practice of network security. Topics include static packet filter, stateful firewall, proxy firewall, IDS, VPN Device, DMZs and screened subnets, networks defense components, internal network security, host hardening, configuration management, audit, human factors, and security policies. The course also covers cryptographic protocols, privacy, anonymity and various case studies.

This course introduces students to the fundamental concepts and models in Artificial Intelligence that can be applied to cybersecurity data and applications. Topics include analysis of computer viruses, network traffic, financial crime investigations, clustering user activities, and adversarial learning. Students will develop a robust understanding of machine learning’s capabilities and limitations in cybersecurity contexts, including insights into how adversaries use adversarial ML models to target ML-based security systems. The course will equip students with the skills to construct their own AI-based security tools and automate their workflows through the use of AI.

This course focuses on the fundamentals of Blockchain Technology. It provides a conceptual insight into the role of Blockchains as a means for securing distributed systems, how consensus on their blocks is reached, and the new applications that they empower. It includes the technological foundations of blockchain functionalities such as distributed data structures and decision-making models, their operations, and various architectures. The course presents a brief discussion on current Smart Contract (SM) techniques and platforms, and studies their future directions, prospects, challenges, and risks. Students will learn how blockchain systems are constructed, how to interact with them, and how to design and implement secure distributed applications. Students apply the knowledge they gain by implementing a detailed blockchain system that includes transactions, blocks, cryptography, and a consensus mechanism using a popular programming language such as Java or Python.

This course will provide students exposure to the key legal and policy issues related to cybersecurity. It includes such topics as data security laws and enforcement actions, cybersecurity litigation, anti-hacking laws, cybersecurity and corporate governance, privacy law, the Fourth Amendment, surveillance, and international cybersecurity law.

This course covers key risks to information systems and business data. Students will apply data analytics techniques across different dimensions to provide effective information security analytics. Threats to normal user behavior are compared and contrasted by utilizing the user behavior analytics approach Normal behavior.

This course will address various issues (attacks and defense strategies) in wireless and mobile security, including WEP and WPA, wireless jamming attacks, and mobile privacy. Topic coverage will include vulnerabilities, attacks, security mechanisms, and trade-offs at various layers of the network protocol stack, from aspects of physical communication to application and service security issues; examples include MAC-layer misbehavior, selective packet dropping, decentralized trust and reputation, and cross-layer holistic attacks. Systems of interest include (but are not limited to) personal devices, connected vehicles, embedded and IoT systems, wireless infrastructure, and ad hoc networks.

This course covers methods and tools used for network programming and simulation. Covered topics include operating system support for network protocols, inter-process communication tools (such as pipes, sockets and remote procedure calls), and design of client and server sides of network protocols.

This course introduces students to a wide range of topics related to ethical hacking and penetration testing. The topics cover the tools and penetration testing methodologies used by ethical hackers. The course provides a thorough discussion of what and who an ethical hacker is and how important they are in protecting corporate and government data from cyber-attacks. Students will immerse in a “Hacker Mindset” in order to teach them how to think like a hacker and defend against future cyber-attacks. Students will utilize hands-on applications of security techniques by employing systematic and ethical hacking processes in a professional manner. Various tools for scanning, penetration testing, and securing target systems will be demonstrated. The five phases of ethical hacking will be presented including reconnaissance, gaining access, enumeration, maintaining access, and covering tracks.

This course covers the fundamentals of reinforcement learning using a problem-based approach by addressing goal-directed problems on automated learning in an uncertain environment. Topics include finite Markov decision processes, dynamic programming, Monte-Carlo simulations, temporal-difference learning including Q-learning, function approximation, and policy gradient methods.

This course focuses on the variety of elements needed to address and implement secure software acquisition and development throughout the software development life cycle (SDLC). The course addresses people, technology, tools, and processes to design and develop consistently secure applications from start to finish. Additionally, it underscores the importance and value of the Defense-in-Depth principle across the entire SDLC. Topics covered include security in requirements engineering; secure designs; risk analysis; the SQUARE process model; threat modeling; defensive coding; fuzzing; static analysis and security assessment; memory leaks, buffer and heap overflow attacks, and injection attacks. The course also introduces techniques to adapt common security activities to modern software development practices such as Agile and DevSecOps.