Cybersecurity D.Sc. Course Descriptions

IT 530 Computer Security

Provides an overview for the computer security risks facing enterprises today and covers the many options available for mitigation of these risks. Topics include security concepts, controls, and techniques; standards; designing, monitoring, and securing operating systems; hardware; applications; databases; networks (wired and wireless); and the controls used to enforce various levels of availability, confidentiality and integrity. Computer security is taught in the context of the increasingly global and distributed environment of today’s enterprise. Business continuity and disaster recovery planning are also discussed. Prerequisite: IT 520. (3)

IT 535 Advanced Computer Security

A more advanced study of computer security, including coverage of topics such as authentication mechanisms, authorization techniques, security models, trusted computing, network architecture security, operating system security, cryptography, database security, physical security, Web security and network security protocols, such as IPSec and SSL. Prerequisite: IT 530. (3)

IT 537 Computer Forensics and Incident Response

Presents methods to properly conduct a computer forensics investigation and to handle a cybersecurity incident. The course begins with a discussion of ethics while map-ping to the objectives of the International Association of Computer Investigative Specialists (IACIS) certification or the International Society of Forensic Computer Examiners Certified Computer Examiner (CCE) certification exam. Students should have a working knowledge of hardware and operating systems to maximize their success on projects and exercises throughout the course. (3)

IT 547 Security and Privacy of Electronic Documents

Focuses on the security and privacy of issues (technical and managerial) associated with the collection, storage, and dissemination of electronic documents. Topics include analysis of business, technology, and legal concepts behind the storage, communication, and retrieval of electronic documents including text documents, email messages, and instant messages. Protection mechanisms include encryption, digital signature, watermarking, redaction, and security classification. The course addresses specific applications of the technology to include medical and e-discovery. (3)

IT 552 Operating Systems

Covers the major features of today’s multi-user operating systems, including topics such as concurrent processing, CPU scheduling, deadlocks, memory management, real and virtual memory, secondary storage management, security, and file management. (3)

IT 557 Monitoring, Auditing, and Penetration Testing

Examines best practices for identifying vulnerabilities and preventing attacks. This course is designed for cybersecurity personnel who are responsible for the management of cybersecurity in an organization and who will oversee processes and procedures that demonstrate the validity and quality of cybersecurity within an organization through monitoring, auditing, and penetration testing. Prerequisite: IT 530. (3)

IT 560 Cryptography

Presents a detailed understanding of symmetric and asymmetric cryptography. This course includes a discussion of the history of cryptography and cryptanalysis. It covers the algorithms for modern ciphers such as AES, DES, RSA, and RC4. The topics of key exchange and management, digital signatures, secure hashes, and steganography are covered. Prerequisite: IT 535. (3)

IT 567 Global Cybersecurity

Examines the global scope of the Internet and the security of cyberspace to ensure openness in a networked world, including areas such as business, politics, crime, and warfare. This is an emerging field and the focus of the course is identification of problems and the examination of global cybersecurity initiatives in the U.S., other countries, and the coordinating role of international organizations, both technical and strategic. Prerequisite: IT 570. (3)

IT 570 Cybersecurity: Law, Policy, Ethics, and Compliance

Focuses on the law, policy, ethics, and compliance issues concerning cybersecurity as information is collected and communicated in today’s networked world. International security law and legal principles are covered as well as topics such as ethics, privacy, and compliance. The theory and principles behind these topics are explored in depth, and students prepare a research paper on a contemporary topic relating to the field. Policy documents are critiqued and compliance issues are discussed. Students are expected to independently research the issues, make presentations to the class, and support their case. (3)

IT 575 Information Security Management

Covers the knowledge and skills for the management of security in today’s enterprise IT environments. It focuses on planning, designing, implementing, managing, and auditing security at all levels. Automated security management systems are discussed in detail. It examines the best practices and global standards in this emerging field. Prerequisite: IT 530. (3)

IT 577 Human Considerations in Cybersecurity

Explores the human aspects that have an impact on the practices, policies, and procedures that are in place in an organization to secure the firm’s information. Topics include human behavior, ethics, psychology, social engineering, and hacker culture. Emphasis is on the human element and the motivations for cyber crimes. Analysis covers techniques to prevent intrusions and attacks that threaten organizational data and techniques to identify potential insider threats. Prerequisite: IT 530. (3)

IT 580 Technology Leadership

Centers around the leadership knowledge and skills necessary for a chief information officer (CIO) or equivalent. Topics include strategic thinking, consulting, budget formulation, and effective management and leadership. In case studies and role-playing exercises, students have to practice leadership skills such as influence- and relationship-building. Students use questioning skills to gather information, analysis techniques, negotiation and influencing skills to make decisions, and communication skills to present the final proposal at an executive level. (3)

IT 585 Managing Technical People

Teaches the basic concepts and skills needed to manage technical people in high-performance environments. It is designed specifically for technical professionals who are planning to become team leaders, supervisors, and managers. (3)

IT 587 Cybersecurity Systems: Certification and Accreditation

Familiarizes students with the standards and processes required to certify and accredit information systems for compliance with federally mandated cybersecurity requirements and international standards. This course includes detailed analysis of the government’s Federal Information Security Management Act (FISMA) and provides students with practical experience with preparing reports under the regulations. The course also examines the National Security Agency’s “Common Criteria” requirements for security products. Prerequisite: IT 530. (3)

IT 590 Topics in Information Technology

Explores a contemporary topic relating to some aspect of information technology. This course can be repeated for credit with a new topic. (3)

IT 670 Computer Network Defense

Provides hands-on experience for students to defend computer networks against attacks such as viruses; worms; Trojan horses; denial-of-service attacks; password cracking; key loggers; buffer overflow attacks; and reconnaissance, such as sniffing, DNS, SNMP, scanning, fingerprinting, and war driving. Students execute attack-and-defend scenarios and document their results. Prerequisite: IT 535. (3)

IT 680 IT Master’s Project

Requires the student to integrate and apply knowledge acquired in the degree program to a particular project. The student works individually to complete the project for a sponsor and under the direction of a full-time faculty member of his or her choice. The results are presented orally and communicated in writing. The project outcomes are critiqued by the faculty. Prerequisite: completion of at least 27 credits in the program. (3)

IT 727 Managing Cybersecurity Risk

This doctoral-level course covers all aspects of the management of the risk of cyberattack and covers the foundations for the thoughtful and purposeful development of cyber defense strategies in any organization. In general, there are too many threats and potential vulnerabilities but not enough money and resources to protect all the digital assets in organizations, particularly those connected to the Internet. This course covers the strategic decision making process, including formal methodologies, as to which assets to defend and why.

IT 737 Securing the Evolving Technology Infrastructure

This doctoral-level course examines the cybersecurity challenges of the constantly
changing computing infrastructure with its increasing reliance on the Internet and the rise of additional threats posed by cloud computing, mobile computing, integration of the Internet of Things, automated industrial control systems, use of hardware built in other countries, and the risk of other critical infrastructures. This course examines the cybersecurity challenges of interrelated systems across the global landscape and the different techniques used to protect computers and data, with particular emphasis on sectors such as transportation, utilities, healthcare, financial services, and manufacturing.

IT 747 Cybersecurity in the System’s Lifecycle

This doctorate-level course integrates cybersecurity concepts, principles, tools, and
techniques into the system life-cycle including acquisition and purchasing of technology, security requirements definition during requirements analysis, secure software coding practices, auditing processes for production systems, cyber-insurance considerations, and communication security issues with upper management and the board.

IT 757 Cyber Threat Intelligence

This doctoral-level course covers the cyber threat intelligence landscape including
tactical, operational and strategic dimensions. It includes open source intelligence
techniques and social media intelligence techniques as well as mobile app
intelligence gathering techniques. Investigational strategies such as counter intelligence methods and attribution are also discussed.

IT 767 Workforce Development: Cybersecurity Education, Training, and Certification

This doctoral-level course strategically examines the cybersecurity workforce of today and examines the leadership and educational skills necessary to grow the nascent workforce effectively. The course looks at the difference between cybersecurity education and training and examines the education requirements at all levels (K-12 through doctorate). The industry’s current reliance on certifications is also discussed.

IT 777 Malware Analysis

This doctoral-level course covers all aspects of the field of malware analysis. It is an advanced hands-on class that includes delineating the role of malware analysis, cybersecurity defenses, developing policies to handle malware, and performing dynamic and static analysis to recognize existing and potential malware. Students learn how and when to use malware analysis techniques to mitigate risks associated with malware.

IT 787 Cybersecurity Applied Research Practicum

This course facilitates the advancement of cybersecurity expertise to supplement the program for doctoral candidates. It provides an opportunity to practice higher-order thinking on an applied research project in government or industry, taking advantage of the university’s location near the nation’s capital. Students must complete at least 240 hours in the university-approved work environment, report monthly on their activities and progress, and present their work to the doctoral students. Prerequisite: completion of at least 18 credits in the program.

IT 797 Advanced Topics in Cybersecurity

This doctoral course explores a contemporary topic in the cybersecurity field. Topics will vary each semester but will reflect the emerging issues in the growing field both in technical areas and in related areas such as the social sciences. The focus will be research on the selected topic and involve student’s predictions of its future impact in protecting cyberspace. Doctoral students will be expected to research the emerging topic, predict its impact in cybersecurity globally, and prepare a quality paper. Experts in the topic will be engaged in the student’s discussion of the topic.

IT 800 Beginning Applied Research in Cybersecurity

This doctoral-level course prepares doctoral students for the applied research process in the cybersecurity field. Students review APA guideless and look at the special requirements for academic writing. They start thinking of issues in the field that could benefit from additional research and they begin to examine the literature research
and writing process to develop these ideas into potential dissertation topics. Students also analyze past work and consider ethical issues which might occur during the conduct of cybersecurity research.

IT810 Applied Research Topics and Methods in Cybersecurity

In this course, doctoral students will begin to develop the applied research concept in the cybersecurity field. Students examine the state of cybersecurity research and the roadmaps established at the national and international levels. It is designed to provide an increased understanding of the philosophy of science and the nature of scientific thinking. The doctoral students identify researchable topics, the use of existing knowledge to act as a basis for the research project, and the use of information systems to support the identification of known information and data. The course prepares students to be cybersecurity leaders who are able to use applied research to refine and improve the cybersecurity practices, through evidence-based techniques. Prerequisite: IT800

IT820 Applied Research: Qualitative and Quantitative Research Designs

In this course, doctoral students will be exposed to the overall research design process through the analysis of knowledge claims, strategies of inquiry, and the development phases of the research project. The course examines how to consider external factors and how they are applied to the quantitative, qualitative, and mixed methods research methodologies. In addition, this course will provide the student with an introduction to questionnaire design. Prerequisite: IT810

IT830 Applied Research: The Dissertation Proposal

In this course, doctoral students will develop the documentation for approval of their research topic and overall research plan, obtain approval from their advisor, and submit their dissertation proposal for approval by the Faculty Dissertation Committee. Students will evaluate which type of IRB submission is appropriate and prepare the material for its timely submission. The student will also be guided in a professional literature review on their chosen topic and develop a clear understanding of past work in their field. Prerequisite: IT820

IT 840 Applied Research: Dissertation Data Collection and Analysis

During this course the doctoral student will collect and analyze data to further the dissertation research developed in previous courses. The purpose of this course is to complete an original piece of applied research which will contribute to the development of the cybersecurity field. At the end of the course, the doctoral student must have completed the analysis phase of the dissertation and be ready to complete the writing process. Prerequisite: IT830 and candidacy.

IT 850 Applied Research: Dissertation and Oral Defense

This course is the culminating experience of the doctoral research experience. The purpose of the course is to successfully prepare the written dissertation based on previous original applied research and to present its oral defense. Prerequisites include IT840 and permission of the dissertation committee.