Overview

Included in degrees & certificates

• 198
• 256
• 367

Prerequisites

• CS2011
• CS3030
• EC2700

Learning Outcomes

Upon completion of this course, students will be able to:

• Apply the definitions and describe the mechanisms associated with security from the standpoints of confidentiality, integrity and availability of systems and data in various states.
• Depict the mechanics of One-Time Pad ciphers, stream ciphers, and block cipher modes and assess the level of security (confidentiality) that can be obtained with each.
• Determine which cryptographic Message Authentication Code or hash function properties are being leveraged in specific scenarios to achieve security requirements.
• Trace a website certificate chain to the certificate authority certificate to determine the website's authenticity.
• Combine secure symmetric or asymmetric encryption and authenticity to provide authenticated encryption.
• Utilize common password attacks and employ mechanisms to make those attacks less effective.
• Employ multi-factor authentication to leverage the strengths of each factor to mitigate other factors' vulnerabilities.
• Utilize exemplar Discretionary Access Control approaches or formal Mandatory Access Control policies to determine subject-object permissions.
• Characterize malware and network attack scenarios based on the type of malware or attack employed, its means of propagation, the vulnerabilities it exploits, and potential mitigations.
• Develop or assess network Access Control List rules to defend against specific network-based attacks.
• Employ end-to-end encryption, link encryption, or virtual private networks to ensure confidentiality and authenticity.
• Describe the security concerns associated with different forms of cloud services.
• Describe ways in which the security kernel, memory segmentation, and CPU privilege levels can be utilized to achieve security objectives.
• Describe the conduct and purpose of each step in the Risk Mitigation Framework process.