Cybersecurity Courses

This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems.

Prospective students who have earned the CISSP designation within the past 5 years may, if admitted, substitute another course for CYBR 620 “Introduction to Cybersecurity” in their first semester of the CYBR MS program. Students should provide evidence of successful completion of the CISSP exam within that timeframe (such as a transcript or official documentation from the certifying authority) to UMBC as part of their application.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This is the capstone experience for graduate students in the MS Cybersecurity program. Normally taken in the final semester before graduation, the Cybersecurity Project provides an opportunity for students to carry out an individual piece of research (or project activity) on a specified topic in the cybersecurity or cyber operations domain. Their work should make an original contribution to the body of knowledge in the area of study or otherwise demonstrate the student’s comprehensive knowledge of cybersecurity or cyber operations.

Prerequisite: Enrollment in CYBR MS program and completion of at least CYBR 620, CYBR 650, CYBR 655.

This course takes an operational approach to implementing and managing effective cybersecurity in highly networked enterprises. Topics include an evaluation of government and commercial security management models; security program development; risk assessment and mitigation; threat/vulnerability analysis and risk remediation; cybersecurity operations; incident handling; business continuity planning and disaster recovery; security policy formulation and implementation; large-scale cybersecurity program coordination; management controls related to cybersecurity programs; information-sharing; and privacy, legal, compliance, and ethical issues.

Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This class will take a technical approach in protection of information assets and systems by integrating technical controls with policies, best practices, and guidelines of cybersecurity. Taking both a policy-based and technical approach, this course examines external and internal security threats in highly connected enterprises and risks to the core business relative to people, processes, data, facilities, and technologies. How to implement and manage effective the major technical components of security architectures (firewalls, virtual private networks, etc.) and selected methods of attacking enterprise architectures also will be addressed.

This course focuses the student on a broad range of topics relative to risk-based planning for enterprise cybersecurity. The intent is focusing on creating risk assessment and modeling approaches to solve cybersecurity issues so that organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Risk frameworks covered include NIST SP 800-12, SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.

This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems.

Prospective students who have earned the CISSP designation within the past 5 years may, if admitted, substitute another course for CYBR 620 “Introduction to Cybersecurity” in their first semester of the CYBR MS program. Students should provide evidence of successful completion of the CISSP exam within that timeframe (such as a transcript or official documentation from the certifying authority) to UMBC as part of their application.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This course addresses some of the unique and emerging policy, doctrine, strategy, and operational requirements of conducting cyber warfare at the nation-state level. It provides students with a unified battlespace perspective and enhances their ability to manage and develop operational systems and concepts in a manner that results in the integrated, controlled, and effective use of cyber assets in warfare.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This course focuses on four general areas of cyber capabilities and trends in the global community: the theory and practice of cybersecurity and cyberwar; cyber capabilities of nation-states as well as non-state actors; trends in cyber-related strategies and policies; and cyber-related challenges facing the U.S. government. The course concludes with a national cybersecurity policy exercise that helps demonstrate the challenges and complexities of the dynamic and global cybersecurity environment.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

Students will be exposed to the national and international policy and legal considerations related to cybersecurity and cyberspace such as privacy, intellectual property, cybercrime, homeland security (i.e., critical infrastructure protection) and cyberwarfare, and the organizations involved in the formulation of such laws and policies. Broader technology issues also are discussed to demonstrate the interdisciplinary influences and concerns that must be addressed in developing or implementing effective national cybersecurity laws and policies.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems.

Prospective students who have earned the CISSP designation within the past 5 years may, if admitted, substitute another course for CYBR 620 “Introduction to Cybersecurity” in their first semester of the CYBR MS program. Students should provide evidence of successful completion of the CISSP exam within that timeframe (such as a transcript or official documentation from the certifying authority) to UMBC as part of their application.

Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This course takes an operational approach to implementing and managing effective cybersecurity in highly networked enterprises. Topics include an evaluation of government and commercial security management models; security program development; risk assessment and mitigation; threat/vulnerability analysis and risk remediation; cybersecurity operations; incident handling; business continuity planning and disaster recovery; security policy formulation and implementation; large-scale cybersecurity program coordination; management controls related to cybersecurity programs; information-sharing; and privacy, legal, compliance, and ethical issues.

Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Other students may be admitted with instructor permission.

This course focuses the student on a broad range of topics relative to risk-based planning for enterprise cybersecurity. The intent is focusing on creating risk assessment and modeling approaches to solve cybersecurity issues so that organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Risk frameworks covered include NIST SP 800-12, SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.

Federal, state, local and private nonprofit disaster recovery methods and policies are the core of this course, with examples of international disaster recovery dynamics.

As the core of effective and efficient response, preparedness consists of a complication array of policies, methods and programs, each with its own political and economic context. This course addresses these issues within the context of the current fears of terrorism and potential mega-events. 

This interactive hands-on course will provide an introduction to computer and network technical incident handling and forensics activities. Topics include disk and file system imaging and forensics, packet capture and analysis, basic malware examination, log file analysis, analysis of volatile data (such as RAM), the incident handling process, and more.

Selected recent research topics in information assurance, such as social engineering, buffer overflow, malicious code, spyware, denial of service, information warfare, computer forensics, recovery and response, enterprise security, clandestine channels and emissions security, security analysis, security models and formal techniques, best practices and national policy for information assurance. This course will minimize discussion of intrusion detection, firewalls, operating systems security and mathematical cryptology, which are emphasized in other CMSC security courses.

Prerequisite: CMSC 421, CMSC 441 and CMSC 481 or consent of instructor.

Conventional and public-key cryptography. Selected cryptosystems, including DES and RSA. Digital signatures, pseudo-random number generation, cryptographic protocols and cryptanalytic techniques. Applications of cryptography to e-commerce.

Prerequisites: CMSC 441 and MATH 221 or consent of instructor.

The objective of this course is to teach the fundamental concepts, architectures and protocols related to network security. Topics covered include: overview of network security; basics of cryptography; threat models; authentication and authorization mechanisms and standards; public key infrastructure; electronic mail security; network layer security; transport layer and web security; packet filtering, firewalls, intrusion detection, and virtual private networks; recent topics in network security.

Prerequisites: CMSC 341 and CMSC 481 or consent of instructor.

Technical courses on specialized or emerging topics offered on a periodic or as-needed basis such as the semantic web, data privacy, forensics, or malware analysis. 

Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Depending on the course(s) offered, additional technical pre-requisites will be indicated. Contact instructor for pre-requisites and eligibility.