Detailed Study Plan

Year 1 - Semester 1

Course Code Course Title CRD Prerequisite

ITCY601 Network Security 3 ------

IT603 Research Methodology and Professional Issues 3 ------

ITCY603 Cyber Security Management 3 ------

Year 1 - Semester 2

Course Code Course Title CRD Prerequisite

ITCY611
Information Systems Audit and Governance 3 ------

ITCY612
s Architecture and Design 3 ------

ITCY613 Cryptography and Data Security 3 ------

Year 2 - Semester 3

Course Code Course Title CRD Prerequisite

ITCY621
Cyber Forensics and Penetration Testing 3 ------

ITCYxxx
Elective 1 3 ------

ITCYxxx Elective 2 3 ------

Year 2 - Semester 4

Course Code Course Title CRD Prerequisite

ITCY695
MSc Thesis 6 ------
Major Elective Courses

Course Code Course Title CRD Prerequisite

IT628 IT Project management

3 ------
ITCY635 Secure Cloud Computing ------
3
ITCY637 Virtual Private Networks ------
3
ITCY640 Threats, Exploits and Countermeasures ------
3
ITCY645 Cyber-security Ethics ------
3
ITCY650 Security Aspects of Internet of Things ------
3
ITCY680 Selected Topics in Cyber-Security ------
3

Course Description

Course Code: ITCY601 Course Title: Network Security

This course focuses on the fundamentals of network security. Topics include Introduction (threats; protection;
problems ;information classification & access control plan). Communication Security (DES; IDEA; AES). Essentials of
Public-key cryptography (RSA; Diffie-Hallman; DSS). Hashing algorithms & message Digest (MD-x; SHA-I).
Authentication. Confidentiality. key management. System security (OS security; program security). Authentication
(Kerberos; X.509). E-mail security (PGP). Web security (SSL; SET). VPN (IPSec; SSH). Secure system architectures
(firewalls; configuration vulnerabilities; intrusion detection, honeynets).

Course Code: ITCY603 Course Title: Cyber Security Management

This course will provide students with solid understanding of the ideologies that frame and define cybersecurity. The
learners will gain insight on the importance of cybersecurity in all functional levels of modern enterprises and the
integral role of cybersecurity professionals. The various course assessments will ensure that learners acquire sufficient
managerial competence and technical awareness of current and future cybersecurity aspects. Emphasis is given on
cybersecurity standards and practices, threats and vulnerabilities assessment, privacy within legal and ethical
frameworks, development of security policies and controls, incident response and disaster recovery methodologies,
risk management and business continuity, intrusion detection and prevention systems, and other emerging
cybersecurity technologies.

Course Code: ITCY611 Course Title: Information Systems Audit and Governance
This course provides students with skills to ensure that the necessary structures, process and controls are in place to
achieve the objectives of the organization. This course also covers the challenges and issues in the management and
control of Information Systems. This course will focus on the following areas: Managing and monitoring of Enterprise
Information Systems to achieve and support organizational objectives; audit planning and performance management;
evaluating internal control systems; evaluating controls and practices for acquisition, development and
implementation of information systems; conducting post-implementation reviews of systems, auditing of information
security to protect and control information systems.
Course Code: ITCY612 Course Title: Cyber Security Architecture and Design
Explore the building blocks needed to implement a life-cycle security system. Instruction focuses on how to analyze
internal applications, computing platforms/network infrastructure, and corporate objectives with an eye toward
designing flexible security architecture that is best suited for the enterprise including how to define security
architecture and what security architecture describes. Case studies are used to illustrate key security architecture
concepts and methods. The latest challenges and the new default expectations of enterprise security will be explained.
Explain what the new default expectations are of the systems.

Course Code: ITCY613 Course Title: Cryptography and Data Security

This course introduces the student to encryption techniques and their applications in cyber-security. Topics include:
Historical perspective of cryptography including classical encryption techniques, cryptanalysis, and steganography.
Symmetric key encryption methods including DES, Blowfish, and other ciphers. Public-key encryption methods
including the RSA method. Hash functions and authentication protocols. Use of cryptography in authentication,
verification, and access-control. Data security techniques. Threats to data and system integrity, including malware,
cybercrime, physical security, etc. Countermeasures for security threats and a term project to apply these concepts.

Course Code: IT603 Course Title: Research Methodology and Professional Issues
The course provides in-depth understanding of research methodology and professional issues. Topics include research
methodology, research types, scientific publishing, professional societies in the discipline and their role, legal IT issues
and IT regulations, code of ethics and plagiarism, writing scientific proposal, writing research papers, writing thesis
and presenting a project/paper to audience. Students will conduct research and report their research findings in a
research paper.

Course Code: ITCY621 Course Title: Cyber Forensics and Penetration Testing
The course explores the tools and skills necessary for digital forensics and penetration testing of online systems and
services. The purposes of the course are twofold: to learn how to draw conclusions from the available data, and to
test for any possible risks within the network. It will introduce practical examples of penetration testing of various
systems as well as data collection regarding possible vulnerabilities. Students will then use statistical, automated, and
data mining tools to identify vulnerabilities. Topics include: investigate digital artifacts, preserving, analyzing and
interpreting the evidence. Reporting digital forensic findings to a non-specialist audience. Critically evaluate digital
forensic tools and techniques. Critically analyze the complexities of jurisdiction in the cyber domain. Apply scientific
techniques and use scientific terminology appropriately in the context of digital forensic analysis.

Course Code: IT628 Course Title: IT Project management

The course provides students with essential knowledge and skills of good project management and project
management software. Topics include: identifying project stakeholders and defining roles and responsibilities of the
team, defining scope, devising risks and quality plans, mapping-out a schedule, determining a budget and defining a
communication strategy, initiating, planning, controlling, executing, monitoring and closing projects, human resource
management, evaluating project in post implementation reviews.

Course Code: ITCY635 Course Title: Secure Cloud Computing

This course introduces cloud service models including Infrastructure as a Service (IaaS), Platform as a Service (PaaS),
Software as a Service (SaaS), and Business Process as a Service (BPaaS). Cloud security models and associated
challenges and delves into the implementation and support of High Performance Computing and Big Data support
capabilities on the Cloud. Topics include: cloud security threats and threat categorization methodology, identification
and treatment of common threats, cloud network security patterns and supporting mechanisms, securing network
connections and cloud authentication gateways, collaborative monitoring and logging, independent cloud auditing,
cloud identity and access management patterns and supporting mechanisms, federating and enabling secure
interoperability among cloud consumers, trust assurance patterns and supporting mechanisms, trust attestation and
establishing trustworthiness, implement various "Security as a Service" (SaaS) methodologies, implement risk
management strategies including data backup and disaster recovery.
Course Code: ITCY637 Course Title: Virtual Private Networks
This course presents the theoretical concepts, applications, and research issues of virtual private networks. The course
also discusses the importance of network security, enabling technologies and devices required to enforce the security
of computer networks. The implementation and utilisation of virtual private networks within various network and
business topologies are discussed. The specific topics covered in this course includes the following: introductory
lectures in networking, foundation on network security, virtual private network protocols, principles and
implementations of various virtual private network protocols such as IPSec, and techniques to enforce and manage
network security.

Course Code: ITCY640 Course Title: Threats, Exploits and Countermeasures

The course focuses on the following topics: Attacks and defense basics, secure coding techniques, format abuses, race
conditions, Vulnerability discovery. Fuzzing techniques for finding security flaws in protocols and program input,
Penetration testing. Limits of network discovery, Writing exploits and shellcodes, Encapsulating the payloads,
Countermeasures. Reversing exploits and protectors/packers. Rootkits for OS and execution environments,
Countering the infrastructure threat, Ethical hacking, Cryptographic attacks on hosts and infrastructure.

Course Code: ITCY645 Course Title: Cyber-Security Ethics

Study of ethical considerations for computer professionals and users. Topics include issues of privacy, intellectual
property rights, and Introduce students to cyber ethics: concepts, perspectives and methodological frameworks,
present ethical concepts and ethical theories, introduce the students to professional ethics, codes of conduct, and
moral responsibility. National, regional, and international laws governing cyber-security and cyber-crime will be
discussed. Other regulations and the impact of cyber-security on social and societal issues, security cases, and cyber-
crime incidents will be covered within the course.

Course Code: ITCY650 Course Title: Security Aspects of Internet of Things

The Internet of Things (IoT) is rapidly growing and evolving arena, as new IoT systems are introduced and developed
in different industries and different applications, new cyber attacks are also introduced. With the number of devices
connected to IoT grows exponentially, the number of cyber criminals are also increased exponentially in online
crime. This course focuses on the security and ethical issues for IoT devices and systems. Topics covered the
reliability and security techniques for IoT systems, IoT attacks including attacks against networked devices, security
and privacy in device to device communications, device authentication, Cyber-Security threats affecting IoT devices,
encryption and decryption techniques for device to device communications.

Course Code: ITCY680 Course Title: Selected Topics in Cyber-Security

This course will introduce the student to cutting edge and specialized topics within the field of cyber-security.