Curriculum
*Note: All eight courses in this certificate must be completed at Drexel University (no transfer credits are accepted for this program)
Course Descriptions
CT 300 - Security Technology Models & Architecture
This course will present the theory and techniques utilized by IT Security professionals to secure a wide range of diversified platforms. Solutions for securing Web Servers, Code, Communications, Applications, and Databases will be presented. Additional discussions, and research, will explore a multitude of solutions to the program.
Back to course list
CT 312 Access Control & Intrusion Detection Technology
This course will present the theory, methodology and hands on labs necessary for students to acquire fundamental knowledge of intrusion detection systems. The course will focus primarily on SNORT, an in depth, open-source network intrusion detection system. Students will learn the theory of various configuration schemas. How intrusion detection systems can be used to secure corporate and personal networks against attacks. This is a lab based course where approximately fifty percent of the time will be spent performing instructor lead labs on the configuration of IDS.
Back to course list
CT 325 - Operating Sys Security Architecture I
This course provides students with the requisite knowledge necessary to perform network security within a Windows based computing environment. Topics covered will include; how Assets Are Attacked and Secured, Trusted Computing Bases, Cryptography, Protecting Web Servers, Security for Web Browsers, Database Security, Protecting DNS, Security Policies and Procedures.
Back to course list
CT 336 - IP Security and VPN Technology
This course will cover the technological components of IP Security and its underlying architecture. Students will learn the theory behind symmetric-key cryptographic algorithms-including AES, CAST, Blowfish, IDEA, RC2, RC5, and Skipjack. Students will gain an understanding of PKI infrastructure and the managed certificate protocol as well as gaining insight into implementing VPN solutions in a variety of scenarios.
Back to course list
CT 402 - Network Security II
This course will present the theory, methodology and hands on labs necessary for students to acquire fundamental knowledge of Security firewalls. Topics covered will include; configuring firewall models, user interfaces, feature sets, configuration methods, firewall traffic inspection, firewall interfaces, routing, IP addressing services, IP multicast support, configuration files, manage users, monitor firewalls with SNMP, authenticate, authorize, and maintain accounting records for firewall users, control access through the firewall with transparent - routed firewall modes, address translation, traffic filtering, user authentication, content filtering, application inspection, traffic shunning, firewall failover operation, firewall load balancing, and firewall activity logs.
Back to course list
CT 472 - IT Security Defense Countermeasures
This course will present the theory, methodology and hands on labs necessary for students to acquire a fundamental working knowledge of Defense Countermeasures. Students will learn the reasons that lead to system vulnerabilities, and how criminals exploit those vulnerabilities. Labs that utilize security software to conduct penetration testing, audits, and system vulnerability tests will be taught. This is a technical lab based course that is designed to provide students with practical knowledge in the field of Information Security, specifically Defense Countermeasures.
Back to course list
CT 212 - Computer Forensics
This course will present the theory, methodology and hands on labs necessary for students to become competent in the basics of computer forensics. Topics covered will include, Computer Forensics as a Profession, Understanding Computer Investigations, Working with Windows and DOS Systems, The Investigator's Laboratory, Current Computer Forensics Tools, Digital Evidence Controls, Processing Crime and Incident Scenes, Data Acquisition, E-mail Investigations, Recovering Image Files, Written Investigation Reports, Becoming an Expert Witness, the Social and Economic impact of Computer Crime, Privacy issues Versus Law enforcements need to gather evidence. The Ethics involved in conducting a proper investigation. The Philosophical issues driving governments to continually seek additional surveillance and monitoring of their citizens. This is a technical course that will consist of lecture and hands on labs that are designed to provide students with practical knowledge in the field of Computer Forensics.
Back to course list
CT 222 - Security and Info Warfare
This course will present the theory and methodology of Information Warfare and Security. Topics covered will include intellectual property crimes, computer fraud, harassment, embezzlement, eavesdropping, sabotage, surveillance, identity theft, cryptography, risk management, incident handling, terrorism, and the protection of critical infrastructure. The course will be presented in a manner that is designed to foster critical thinking, and analysis of the topics.
Back to course list
CT 295 - Public Key Infrastructure Technology
This course will present the theory, methodology and hands on labs necessary for students to acquire fundamental knowledge of Public Key Infrastructure. Topics covered will include, symmetric and asymmetric cryptography, hashes, digital signatures, digital certificates, PKI basics, PKI services, key and certificate life cycles, PKIX, protocols and formatting standards, trust models, authentication methods, deployment and operation, and return on investment calculations. This is a technical lab based course that is designed to provide students with practical knowledge in the field of public key infrastructure.
Back to course list
CT 315 Security Management Practice
This course will address managerial issues involved in the daily operations of an IT Security department. Topics will include staffing, budgets, job descriptions, long term planning, resource allocation, training of security personnel, motivational techniques, interaction with other departments including upper management. While the course will focus on the management of an IT Security department, the information presented in this course is applicable to any Security Department or Consultancy. Additional discussions, and research, will explore a multitude of solutions to the problem.
Back to course list
CT 326 - Operating Sys Security Architecture II
This course provides students with the knowledge necessary to design a security framework for small, medium, and enterprise networks utilizing Windows based computing technologies. Emphasis will be on designing and implementing an effective network security plan based on an organization's business needs. Topics will include; GPO's, AD, and Auditing.
Back to course list
CT 355 - Wireless LAN Security Technology
This course will present the theory, methodology and hands on labs necessary for students to acquire fundamental knowledge of Wireless Network Security. The course will focus on the unique security issues of Wireless Networks. Protocol and signal vulnerabilities will be discusses. Audit and exploit tools will be utilized to discover security flaws. Further, the methods to secure those vulnerabilities will also be covered. Students will learn the limitations and risks of Wireless Networks. This is a lab based course where approximately fifty percent of the time will be spent performing instructor lead labs on the auditing and hardening of a Wireless test lab.
Back to course list
CT 362 - Network Auditing Tools
This course will present the theory, methodology and hands on labs necessary for students to acquire fundamental knowledge of the Nessus Network Auditing Tool. The course will focus primarily on Nessus, an advanced multi-functional Network Auditing Tool. Students will learn the methods of using Nessus to uncover Network Security problems, with the purpose of closing these vulnerabilities. This is a lab based course where approximately fifty percent of the time will be spent performing instructor lead tasks related to the use of the Nessus Network Auditing Tool.
Back to course list
CT 382 - Applied Cryptography
This course will present the theory, methods, strengths, weaknesses, and effective strategies necessary for students to acquire a fundamental knowledge of Cryptography and Steganography. This is a hands on course that will utilize several tools, and software programs, in order to gain practical working knowledge that can be applied to solve problems requiring encryption of computer data. While math skills are required for success, this is not a math intensive or theoretical course. Emphasis will be placed on formulating effective strategies, such as when and how to protect computer data through the use of Cryptography and Steganography.
Back to course list
CT 393 - IT Security Risk Assessment
This course will address risk management methodology, the specific procedures for determining assets valuation, vulnerabilities, and threats. Risk mitigation methods that security professionals use to protect valuable ‘IT' assets will also be studied. Issues, designed to foster critical thinking, will be explored. Standardized approaches to risk management utilizing a framework will effectively link security strategies and related costs to realistic threat assessment. The course will focus on risk assessment and decision support processes for business and government. Additional discussions, and research, will explore potential solutions to these problems.
Back to course list
CT 412 - IT Security Policies
This course will present the theory, and legal issues necessary for students to acquire fundamental knowledge of Computer Policies for Information Security. Topics covered will include, E-Mail, Employee Privacy, Labor Organization Activities (Fair Use), Avoiding Discrimination and Harassment, Copyright, Defamation, Spamming, Trade Secrets & Confidential Information, Attorney Client communication via Email, Computer Security, Preventing Waste of Computer Resources, Essentials For Good Policy, and Ensuring Employee Compliance.
Back to course list
CT 415 - Disaster Recovery and Continuity Planning
This course will address Disaster Recovery & Continuity Planning specific to Emergency Recovery Procedures. Techniques that security professionals can utilize to manage potential risk within multiple environments will be discussed. Issues, designed to foster critical thinking, will be explored. Strategies that can be used by businesses to assure that sensitive data will not be lost in the event of a disaster. The course will focus on the techniques used by security professionals to develop disaster recovery plans, procedures and testing methods. Additional discussions, and research, will explore a multitude of solutions to the problem.
Back to course list
CT 422 - Incident Response Best Practices
This course will present the theory, and legal issues necessary for students to acquire fundamental knowledge of how to design an effective incident response policy. Topics covered will include: forming an incident response team, types of response, honey pots, training employees, legal issues, selecting tools, computer attacks, and the cost of an incident.
Back to course list
CT 432 - IT Security System Audits
This course will present the theory, methodology, procedures and hands on labs necessary for students to acquire a fundamental working knowledge of IT System Audits. Student will learn the reasons why IT Audits are necessary, how to discover system vulnerabilities with proper audit procedures, and how to document their findings properly for upper management. This is a technical lab-based course that is designed to provide students with practical knowledge in the field of Information Security, specifically IT System Security Audits.
Back to course list
