Note: Some courses may have Prerequisites. Not all courses are offered every semester and new courses may be added at any time; check the appropriate program/departmental website for the latest offerings.
This course introduces students to the interdisciplinary field of cybersecurity by discussing the evolution of information security into cybersecurity, cybersecurity theory, and the relationship of cybersecurity to nations, businesses, society, and people. Students will be exposed to multiple cybersecurity technologies, processes, and procedures, learn how to analyze the threats, vulnerabilities and risks present in these environments, and develop appropriate strategies to mitigate potential cybersecurity problems. Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.
This course addresses some of the unique and emerging policy, doctrine, strategy, and operational requirements of conducting cyber warfare at the nation-state level. It provides students with a unified battlespace perspective and enhances their ability to manage and develop operational systems and concepts in a manner that results in the integrated, controlled, and effective use of cyber assets in warfare. Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.
This course focuses on four general areas of cyber capabilities and trends in the global community: the theory and practice of cybersecurity and cyberwar; cyber capabilities of nation-states as well as non-state actors; trends in cyber-related strategies and policies; and cyber-related challenges facing the U.S. government. The course concludes with a national cybersecurity policy exercise that helps demonstrate the challenges and complexities of the dynamic and global cybersecurity environment. Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.
Students will be exposed to the national and international policy and legal considerations related to cybersecurity and cyberspace such as privacy, intellectual property, cybercrime, homeland security (i.e., critical infrastructure protection) and cyberwarfare, and the organizations involved in the formulation of such laws and policies. Broader technology issues also are discussed to demonstrate the interdisciplinary influences and concerns that must be addressed in developing or implementing effective national cybersecurity laws and policies. Prerequisite: Enrollment in the CYBR program or in at least the second semester of graduate study. Other students may be admitted with instructor permission.
This is the capstone experience for graduate students in the M.P.S. Cybersecurity program. Normally taken in the final semester before graduation, the Cybersecurity Project provides an opportunity for students to carry out an individual piece of research (or project activity) on a specified topic in the cybersecurity or cyber operations domain. Their work should make an original contribution to the body of knowledge in the area of study or otherwise demonstrate the student’s comprehensive knowledge of cybersecurity or cyber operations. Prerequisite: Enrollment in CYBR MPS program and completion of at least CYBR 620, CYBR 623, CYBR 650.
This course takes an operational approach to implementing and managing effective cybersecurity in highly networked enterprises. Topics include an evaluation of government and commercial security management models; security program development; risk assessment and mitigation; threat/vulnerability analysis and risk remediation; cybersecurity operations; incident handling; business continuity planning and disaster recovery; security policy formulation and implementation; large-scale cybersecurity program coordination; management controls related to cybersecurity programs; information-sharing; and privacy, legal, compliance, and ethical issues. Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Other students may be admitted with instructor permission.
This course focuses the student n a broad range of topics relative risk-based planning for enterprise cybersecurity. The intent is focusing on creating risk assessment and modeling approaches to solve cybersecurity issues so that organizations can build security framework and sustain a healthy security posture. This course analyzes external and internal security threats, failed systems development and system processes and explores their respective risk mitigation solutions through policies, best practices, operational procedures, and government regulations. Risk frameworks covered include NIST SP 800-12, SP 800-37, SP 800-39, and CERT/CC risk analysis guidelines.
Courses on specialized or emerging cybersecurity topics offered on a timely or as-needed basis ranging from network security and reverse engineering to secure software development and other specialized items. Prerequisite: Completion of CYBR 620 and in at least the second semester of graduate study. Course-specific prerequisites may be required by the instructor. Other students may be admitted with instructor permission.
This course provides an overview of network communications terms, concepts, architectures, protocols, and technologies. Upon completion of the course, students will be able construct, and assess the completeness of, architectures for simple LAN and WAN communications networks. Topics include wire/fiber and wireless WANs and LANs, the OSI and TCP/IP models, propagation media, analog and digital data and signals, error detection, error correction, data link layer protocols, multiple access techniques, medium access control, circuit and packet switching, X.25, TCP/IP, ATM, Ethernet, switches, routers, routing techniques, congestion control, queuing theory, quality of service (QoS) metrics, network architectures, and network security.
Note: Computer Science (CMSC) courses may a) have pre-requisite requirements, b) meet twice weekly, or c) meet during the day. Consult the registration system for course meeting times and/or the instructor to discuss your suitability for these courses.
CMSC 644: Information Assurance
Selected recent research topics in information assurance, such as social engineering, buffer overflow, malicious code, spyware, denial of service, information warfare, computer forensics, recovery and response, enterprise security, clandestine channels and emissions security, security analysis, security models and formal techniques, best practices and national policy for information assurance. This course will minimize discussion of intrusion detection, firewalls, operating systems security and mathematical cryptology, which are emphasized in other CMSC security courses. Prerequisite: CMSC 421, CMSC 441 and CMSC 481 or consent of instructor
CMSC 652: Cryptography and Data Security
Conventional and public-key cryptography. Selected cryptosystems, including DES and RSA. Digital signatures, pseudo-random number generation, cryptographic protocols and cryptanalytic techniques. Applications of cryptography to e-commerce. Prerequisites: CMSC 441 and MATH 221 or consent of instructor.
The objective of this course is to teach the fundamental concepts, architectures and protocols related to network security. Topics covered include: overview of network security; basics of cryptography; threat models; authentication and authorization mechanisms and standards; public key infrastructure; electronic mail security; network layer security; transport layer and web security; packet filtering, firewalls, intrusion detection, and virtual private networks; recent topics in network security. Prerequisites: CMSC 341 and CMSC 481 or consent of instructor.
CMSC 691: Special Topics in Computer Science: Malware Analysis
This course explores both static and dynamic malware analysis. Although malware takes many forms, this course focuses on executable binaries. It covers object file formats, and the use of tools such as debuggers, virtual machines, and disassemblers. Obfuscation and packing schemes will be discussed, along with various issues related to Windows internals. Students will acquire knowledge of relevant system internals, and experience in using various malware analysis tools. Students will also acquire insight into emerging tends in malware design, including efforts to deter analysis. This will be a "hands on" course, and students are strongly encouraged to bring their laptops to every class session. CMSC 313 or equivalent. You'll be expected to have a solid grasp of programming in assembler as well as a high-level language such as C. Knowledge of operating systems and networks will be useful but is not required.
Students learn effective management and communication skills through case study-analysis, reading, class discussion and role-playing. The course covers topics such as effective listening, setting expectations, delegation, coaching, performance, evaluations, conflict management, negotiation with senior management and managing with integrity.
Students analyze leadership case studies across a wide range of industries and environments to identify effective leadership principles that may be applied in their own organizations. Students learn how to influence people throughout their organization, lead effective teams, create an inclusive workplace, use the Six Sigma process, implement and manage change and develop a leadership style.
Prerequisite- ENMG 652: Management, Leadership and Communication
This course provides a comprehensive overview of important legal principles affecting engineers, engineering sciences and corporate management, with a focus on the intersection of these legal principles with business ethics. The student learns how to think through and process legal problems consistent with ethical norms, and how to analyze business risks in light of operative legal constructs, taking into consideration ethical issues, to arrive at a range of correct business decisions.
This course is focused on financial decision making and the common financial management practices of science-based organizations. The course covers the development and analysis of financial statements/reports in science-based businesses; project budgeting, profit planning, return on investment, risk and return, strategy and options. Students analyze case studies from biotechnology and other science-based industries.
This course is intended to integrate the learning from the previous management courses and to focus it on the perspective and problems of the Chief Executive Officer and other organizational strategic managers. The theme of the course is that any organization improves its chances of sustained success when its managers formulate an action-oriented strategic business plan based on the strategic management process. Case studies are included to illustrate the concepts and their applications.
Prerequisite: Minimum of three engineering management course.
ENMG 661: Leading Virtual/Global Teams
This completely online course is designed to help the student apply managerial concepts and skills to managing and leading virtual and/or global work teams .Geographically dispersed work teams have great challenges to overcome such as time zones, audio communications access, language and cultural differences. Students will learn to empower others, build credibility, communicate appropriately and adapt quickly across cultures and technologies.
This course provides an overview of decision and risk analysis techniques. It covers modeling uncertainty, the principles of rational decision-making, representing and solving decision problems using influence diagrams and decision trees, sensitivity analysis, Bayesian decision analysis, deductive and inductive reasoning, objective and subjective probabilities, probability distributions and regression analysis.
This lab-intensive class will immerse the students into an interactive environment where they will be shown how to scan, test, hack and secure their own systems to conduct security analysis. Students will begin by understanding how perimeter defenses work and then be lead into scanning and attacking their own networks, no real network is harmed. Students then learn how intruders escalate privileges and what steps can be taken to secure systems and networks against them. (This course prepares the student for the Certified Ethical Hacker exam, but the exam is not included in the course.)
Pre-Requisites: CYBR MPS Enrollment and completion of CYBR 620. Strong Microsoft Windows skills and a good understanding of computer networking are required; a working knowledge of Linux is strongly recommended; at least one year of practical industry experience in networking is strongly recommended.
Note: Course offered at UMBC Training Centers
This course provides students with insight on installation, configuration, operation, and securing medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN. Based around the Cisco Certified Network Associate (CCNA) body of knowledge, this course also covers basic mitigation of security threats and an introduction to wireless networking. Topics covered include TCP/IP fundamentals, network design, IP routing, Cisco IOS, VLANs, NAT, IPv6, and other related networking technologies. (This course prepares the student for the Cisco Certified Network Associate (CCNA) exam, but the exam is not included in the course.)
Pre-Requisites: CYBR MPS Enrollment and completion of CYBR 620. CompTIA Network+ or equivalent experience/knowledge is required. Students should have at least one year of work experience with computers, TCP/IP networks, and configuring/troubleshooting operating systems at the command line.
Note: Course offered at UMBC Training Centers
This course explores the use of a variety of analysis techniques use to understand the inner workings of a binary program or system of programs. This includes systems analysis, static code analysis, and dynamic code analysis. Students will gain hands-on experience using reverse engineering tools including system monitors, disassemblers, and debuggers, to perform important tasks such as evaluating program security, constructing interoperable software, and understanding the nature of malware. By the end of the course, you should be able to apply a variety of tools and techniques in order to answer questions about a program’s functionality without referring to its original source code.
Pre-Requisites: Completion of CYBR 620. Programming in at least one systems language (C/C++/Java) is required. Programming in at least one scripting language (Python/Perl/Ruby) is recommended. Operating System fundamentals is recommended. Assembly programming for at least one popular architecture (x86/x64/ARM) is preferred. Networking fundamentals is preferred.