Use of the Internet, web technologies, and mobile devices, along with wireless/cellular connectivity, provides easy access to online information and resources. The openness and anonymity of the Internet and its underlying technologies are increasingly being abused by hackers and criminals for fraud, identity theft, and other criminal enterprises. With the ubiquity of online commerce and data transfer and storage, hackers are launching sophisticated attacks to exploit systems. The Diploma in Cybersecurity addresses both principles and practices of Internet and network security, providing hands-on experience in security-related tools and technologies for a better understanding of these threats and vulnerabilities, as well as the various security countermeasures.
With employment of information security analysts projected to grow by 18 percent from 2014 to 2024, which is much faster than the average for all occupations, demand for information security analysts is expected to be very high, as they will be needed to create innovative solutions that prevent hackers from stealing critical information and causing problems for computer networks.
Taught by experienced security professionals with extensive field knowledge, the courses in this program combine lectures and hands-on labs. As a participant in this diploma, you will gain an understanding of attackers’ motivations and methodologies, in addition to competency with many of the tools that hackers used to exploit vulnerabilities and compromise systems. You will learn how to prepare for, detect, and defend critical infrastructure and data from these attacks using a variety of approaches and technical solutions.
As a student in this program, you will be required to create a portfolio of assignments that showcase your understanding of, and ability to apply, cybersecurity concepts. The portfolio will consist of resources that demonstrate your ability to:
- Successfully attack a vulnerable system using customized hacking tools
- Properly investigate a cybersecurity incident to include live analysis of malware and a forensics review using end point and network-based evidence
- Organize their findings and present them to both technical and nontechnical audiences
You also will need to complete both a pen tester project and a forensics project. Instructors and other industry experts who are active in the field will prepare both hacker and forensics exercises and pose them as challenges. These will simulate real-world scenarios in which corporate customers engage a pen tester to hack into their network, or a forensics examiner to review a compromised system within their environment.
For the pen tester project, you will need to produce an appropriate industry-quality report to describe your assessment of the vulnerabilities of the target. This report will describe all phases of the project and provide detailed recommendations to assist the customer in remediation efforts. Vulnerabilities should be described using a variety of criteria, including level of severity, ease of exploit, and business impact if exploited. The pen tester report will contain the following sections:
- Executive Summary of the Project
- Project Scope and Approach
- Systems and Network Services Discovered
- Verified High-Risk Vulnerabilities
- Verified Medium-Risk Vulnerabilities
- Verified Low-Risk Vulnerabilities
- Results and Conclusions
For the forensics project, you will need to produce an appropriate industry-quality report to describe your review of the compromised system. This report will describe all phases of the investigation and will comply with industry standards for forensic soundness. The forensics report will contain the following sections:
- Executive Summary of the Investigation
- Digital Forensic Investigation Objectives
- Investigation Scope
- Evidence Reviewed
- Digital Forensic Investigation Methodology
- Detailed Investigation Findings
- Digital Forensic Investigation Conclusions
- An understanding of common vulnerabilities in operating systems, architecture, and applications, and knowledge of how to use the latest tools and techniques to exploit those vulnerabilities
- The proper way to perform forensic acquisition of compromised systems
- The ability to perform live, static, and dynamic analysis of malware
- Knowledge of how to prevent common Internet attacks
- The skills to design and build trusted systems
Schedule and Format
- Four noncredit courses
- On average, students take one course per semester, fall/spring/summer
- Cybersecurity: Essentials/DIPL1-CE3220 is the prerequisite for all the other diploma courses and must be completed before taking the other courses
- Cybersecurity: Hacking Understood/DIPL1-CE3221 and Cybersecurity: Defending Technology Assets/DIPL1-CE3222 may be taken in any order
- Cybersecurity: Advanced Topics/DIPL1-CE3223 is the the final course in the Diploma, and all the other courses must be completed before taking this course
- The Diploma must be completed within two years
Applicants are required to be computer savvy and to have basic knowledge of Internet technology, including TCP/IP architecture and basic TCP/IP utilities such as Ping and Traceroute. Students should feel comfortable at the command line in both Windows and Linux environments. Some rudimentary programming experience in a scripting language such as Perl, Python, or Ruby also is helpful. For students who do not posses these requisite skills, it is recommended to pursue noncredit courses in the necessary areas prior to submitting an application to the diploma program. Relevant courses can be found in the online catalog of offerings.
The Diploma is awarded to students who successfully complete the four required courses within two years.
For additional information, or if you have any questions, please contact the Division of Programs in Business at email@example.com.
Must be completed within
You'll Walk Away With
- The ability to perform network and application hacking to detect and exploit vulnerable systems
- Mastery of the TCP/IP packet, including the ability to craft rogue packets
- The competencies to detect malicious code and network activity
- The skills to properly conduct an investigation into a cybersecurity breach
- A comprehensive understanding of cybersecurity best practices and risk mitigation approaches