CIS 5010 Introduction to Information Systems

Credit Hours: 3

This course provides fundamental professional skills for students who have no background in IT. The students will be able to specify, design, code and test software programs. Other topics include the norms and common practices of the profession as well as methodologies for design and coding of a typical business application.

CIS 5050 Project Management

Credit Hours: 3

Project management methods, models, software tools and standards for planning, scheduling, costing and control of software and information systems related projects, teambuilding and organizational issues. Course is based on the PMBOK and fulfills all of the PMI educational requirements.

CIS 5075 Enterprise Architecture

Credit Hours: 3

Information systems planning, strategy and policy are necessary for an organization to deploy, manage and control its information resources. This graduate level course takes the view of the Chief Information Officer integrating information systems with the business strategy and information needs of the organization through the process of information systems strategic planning and policy development. Information and security architecture theory, tools, assessments, methodologies and practice are applied.

Prerequisites:

• CIS 5010 (Minimum Grade of C, May not be taken concurrently)

CIS 5100 Object Orientation Software Development

Credit Hours: 3

Focuses on abstraction and object based modeling. Students will develop and design programs using the UDL and an object based programming language. The student of this course will have the ability to conceptualize and clearly communicate concrete models of abstract structures.

CIS 5200 Specification

Credit Hours: 3

This course concentrates on the BOK necessary to do effective requirements specification and development of a Software Requirements Specification (SRS). Emphasis is on formal specification approaches, methods and standards.

CIS 5250 Secure Software Construction

Credit Hours: 3

This course presents the fundamental methodologies employed in software engineering construction including all of the underlying elements of secure programming. In addition it integrates that perspective into practical approaches to producing secure code.

Prerequisites:

• CIS 5200 (Minimum Grade of C, May not be taken concurrently)

CIS 5300 Software Assurance

Credit Hours: 3

This course presents the principles and methods necessary to assure software. It covers all aspects of the assurance life cycle as embodied in the current set of proven best practices for acquiring, developing, and sustaining secure code.

CIS 5350 Metrics and Models for Software Management

Credit Hours: 3

The fundamentals and applications of metrics and models for security and quality management, security and quality metrics and improvement programs and other quantitative methods.

Prerequisites:

• CIS 5300 (Minimum Grade of C, May not be taken concurrently)

CIS 5351 Enterprise Architecture

Credit Hours: 3

Enterprise architecture is an important enabler for strategic change. As organizations seek to become more agile and responsive, adopting a solid architectural approach is key. Taking advantage of new technologies and cleaning up legacy systems requires more than simply implementing a framework. It's about connecting corporate strategy to each individual project for which new knowledge and skills are needed. This course provides the student an opportunity to learn from experts with real-world experience to design capabilities that support and sustain the organizational transformation efforts.

CIS 5400 Software Management

Credit Hours: 3

This course presents the principles and practices of IT lifecycle process management. It includes software lifecycle and process engineering, change management, standards, metrics and models, software maturity/capability and assessment. Tools for managing integrated software environments. The student will be able to organize, plan and lead software process improvement and IT strategic alignment projects. Student will have a complete understanding of the IEEE 12207, CMM, CMMI, ISO 15504 (SPICE) and the CBK models.

CIS 5530 UX/UI Design

Credit Hours: 3

The techniques for development of optimum processes and applications, with emphasis on human factors. Topics include best practices for design and implementation of interfaces for applications and managing an integrated development environment. The role of conceptual models and ergonomic factors, the importance of human factors for consistent GUIs for human computer interaction, usability testing and integration of components are investigated.

CIS 5540 Enterprise Configuration Management

Credit Hours: 3

This course examines an integrated set of activities embodied in the primary process of post release software management, including preparation of maintenance plans, software understanding and description and secure software sustainment. The ISO/IEC 12207 maintenance process and the Secure Software CBK will provide the framework for planning and managing the work involved in performing software sustainment.

CIS 5550 Database Design

Credit Hours: 3

Qualifies for CNSS Certification. A detailed examination of the database design process and technology like: data modeling, logical and physical design, data administration, enterprise modeling, data warehouses, Standard Query Language (SQL), and database design tools.

CIS 5560 Secured Database Programming with Java

Credit Hours: 3

This course examines contemporary issues in databases focused but not limited to: data warehouses, data marts, data mining, database programming, temporal/distributed/heterogeneous databases, application planning and system integration.

Prerequisites:

• CIS 5550 (Minimum Grade of C, May not be taken concurrently)

CIS 5570 Networks

Credit Hours: 3

An examination of standardization and design issues for the security of the communication infrastructure. Topics include communication hardware and software, standards and protocols, and network protection utilities. Special emphasis will be placed on recent advances in network administration and ensuring security of networks and transmitted data.

CIS 5580 System Forensics

Credit Hours: 3

This course presents the legal concerns, investigation techniques and incident response tactics of forensic investigation and forensic auditing. It centers around the basic operating system concepts that underlie this area. Students will learn evidence gathering and presentation techniques based around the Windows Incident Response Collection Report (IRCR). They will also learn how to employ IDS and CERT for effective incident response. Students will study the real-world investigation issues and concepts developed through the Honeynet Project.

CIS 5590 Advanced Network Security

Credit Hours: 3

This course presents a direct and hands-on view of the knowledge required to ensure robust and secure networks. That includes all relevant NETSEC concepts as well as the operation of all typical network management and security tools such as policy managers, sniffers and IDS. At the end of the course the student will be able to create and sustain a practical defense-in-depth solution to all network security challenges.

Prerequisites:

• CIS 5570 (Minimum Grade of C, May not be taken concurrently)

CIS 5600 Homeland Security Studies

Credit Hours: 3

This course integrates the cultural, geographic and linguistic content of classic intelligence work with the scientific and technology content of information assurance. It provides a comprehensive overview of the elements of the BOK that are required to assure the critical elements of the national infrastructure. At the end of this course the student will have the knowledge and cultural know-how necessary to work effectively in national security settings such as DHS, the intelligence community, or the NSA.

CIS 5650 Information and Society

Credit Hours: 3

Qualifies for CNSS Certification. Explores the role of the information professional in today's society. Topics include roles, values and norms, information use, information protection and security, and legal and ethical concerns such as rights of privacy and access.

CIS 5660 Access Technologies

Credit Hours: 3

Contemporary issues in system access and access control focused but not limited to: access authentication technologies, intrusion detection and penetration testing and non-repudiation services.

CIS 5700 Principles of Cybersecurity

Credit Hours: 3

This course presents an overview of the multidisciplinary process of information assurance. It is rooted in the information assurance lifecycle. The student will learn about the issues involved in creating a systematic information assurance control structure, how to establish systematic operational security procedures and how to build systematic information assurance capability into day-to-day information assurance work.

CIS 5710 Ethical Hacking

Credit Hours: 3

This course covers particular genres of cyber attack tools and techniques, examining the most widely used and most damaging tools from each category. Ways to design and implement the most effective defenses to ensure the confidentiality, availability, and integrity of software systems and data will be explored both in lecture and in laboratory exercises with state of the art equipment. Emphasis will be placed on ethical and professional conduct. Exploration of the role of industry, government, and academia in cyber security will be facilitated through guest lectures. Students will conduct a semester project to demonstrate mastery of the ethical hacking process. Literature Reviews will be conducted on contemporary breaches.

Prerequisites:

• CIS 5010 (Minimum Grade of B, May not be taken concurrently)

CIS 5720 Incident Response

Credit Hours: 3

This course will present the process, tools, and methodologies used when responding in real-time to computer security incidents. It will present an overview of pre-incident preparation, initial response procedures, and the formulation of responses. Special attention will be paid to identifying and assessing risk in the appropriate context as well as escalation and notification procedures. Students will produce and present a semester project to demonstrate mastery of processes, tools, and methodologies. Literature reviews will be conducted on legal and regulatory issues related to incident response.

CIS 5730 Cyberlaw

Credit Hours: 3

The purpose of this course is to educate students in the criminal and civil processes that underwrite legal and regulatory compliance in cyberspace. It will present and evaluate a range of legal concepts and models for that purpose; including all of the elements necessary to ensure the contractual compliance with information security.

CIS 5740 Secure Acquisition

Credit Hours: 3

Secure acquisition is a management/technical discipline that ensures the integrity of purchased systems and networks. Secure acquisition ensures that all purchasing risks and single points of failure are identified and mitigated to a sufficient level of satisfaction for all of the stakeholders up and down the supply chain. Secure acquisition is built around a strategic, enterprise level planning and control process. Secure acquisition is widely thought to be a function of generic risk management and technical assurance. However, because of the multifaceted environment it operates in, secure acquisition involves a much more comprehensive set of basic activities than simple software assurance. Mitigation development and deployment of a secure acquisition process involves a range of academic disciplines from governance, to specification and analysis, legal and regulatory compliance to knowledge management and testing.

Secure acquisition processes are typically industry specific in their particulars. Because of that focus of this course, which is cyber defense, the end-product will be a process engineering plan for a model case (provided) that will incorporate the lifecycle process recommendations of the ISO 12207-2008 Standard. These recommendations will be integrated into a single coherent system for the assurance of secure purchased hardware and software products and services. Acquisition assurance is typically established at three levels in the organization, strategic process, project infrastructure and measures for individual product assurance. We are going to examine all three of these from a top down perspective. We will move from the model that defines and relates all of these processes, through the specific itemization of the activities and tasks embodied within this model, down to specific practices used to identify, validate, and resolve supply chain issues.

CIS 5750 Cybersecurity Technologies

Credit Hours: 3

This course presents the fundamental concepts that underlie the deployment of a fully functional electronic countermeasure response. As such, it concentrates on those areas that ensure electronic security. These include network assurance, cryptology, and operating system and application assurance. At the end of this course the student will be able to create and maintain a defense-in-depth solution that will meet the protection needs as well as the resource realities of any organization.

CIS 5770 Cyber Defense Operations

Credit Hours: 3

This course presents the fundamental concepts and KSAs that underlie the deployment of a fully functional cyber defense response. As such, it concentrates on those areas that ensure security of organizational operations. These include software, systems and network assurance, cryptology and operating system and application assurance, as well as more general areas of operation such as data bases, and legal and ethical compliance. All of this is dictated in the detailed knowledge, skill and ability (KSA) requirements of the National Security Agency's cyber defense criteria.

In addition to the detailed content in each of these areas, this course will explore several adjunct bodies of knowledge that are necessary to ensure a secure operation, such as policy, procedure and planning. The purpose of each of these contextual areas is to establish the exact status of and assure some aspect of a fully functioning cyber defense system. Students learn what each of these are and how they inter-relate in the applied universe. They will also learn how to work in a team to tailor out as well as deploy a complete and systematic array of cyber defense countermeasures for each relevant area.

The aim of this course is to produce a student who is fully competent to secure the cyber defenses of an organization; including its systems, networks and software and the information that transitions those processed. In order to do this the student must master all aspects of the process of analyzing, designing, planning and implementing comprehensive defenses in depth for these elements.

That includes attack categorization, threat identification, risk mitigation decision-making, deployment, and assessment of the appropriate set of controls for the traditional areas of cyber operations security. The final product of this course will be able to maintain a competent secure space that meets both the protection needs as well as the resource realities of the organization.

CIS 5780 Risk Management Processes

Credit Hours: 3

This course presents the fundamental concepts of comprehensive lifecycle security risk management. The content is presented at a mastery level of understanding. It is rooted in several bodies of knowledge. The purpose of each of these is to establish the exact status of and ensure the containment and mitigation some aspect of organizational risk. You will learn what each of these are and how they relate.

CIS 5790 Cybersecurity Management Processes

Credit Hours: 3

This course presents the managerial countermeasure areas that are part of the information assurance lifecycle. These areas encompass every relevant topic in legal and regulatory compliance, physical and personnel security, business continuity and disaster recovery and secure development. The student will learn the details of each of these areas as well as how they interrelate. Students will also learn how to tailor a governance infrastructure as well as deploy appropriately tailored countermeasures to ensure organizational security.

CIS 5800 Advanced Topics in Information Systems

Credit Hours: 3

CNSS certification. Discussion of current leading-edge issues.

CIS 5910 Information Audit

Credit Hours: 3

This course presents the fundamental concepts of the IT audit and control process. The purpose is to establish the exact status of an IT operation. Students will create an audit based control structure, establish systematic accounting and control procedures and build complete and coherent information assurance capability into the IT function. This will revolve around defining a control framework, the attendant control objectives and the reporting system for an organization. Guidance for carrying this out will be provided in the form of expert models; however, the primary example that will be employed is ISACA's COBIT open standard. The end product of this course should be fully capable of structuring and performing Sarbanes-Oxley, HIPAA and Basel 2 audit programs.

CIS 5950 Directed Research

Credit Hours: 3

This is an intensive study of some special problem taken under the direction of a supervising faculty member.

CIS 5990 Master's Thesis in Software Management

Credit Hours: 6

Student should consult the prospective advisor for substantive requirements and the Graduate Business Programs Office for formal requirements.