JCU Logo
JOHN CABOT UNIVERSITY

COURSE CODE: "CS/MGT 337"
COURSE NAME: "Cybersecurity and Data Privacy Management"
SEMESTER & YEAR: Spring 2024
SYLLABUS

INSTRUCTOR: Stefano Gazziano
EMAIL: [email protected]
 HOURS: MW 4:30 PM 5:45 PM
TOTAL NO. OF CONTACT HOURS: 45
CREDITS: 3
PREREQUISITES: Prerequisites: CS 101 or permission of the instructor
OFFICE HOURS:
COURSE DESCRIPTION:
This course will introduce students to the key issues in Cybersecurity Management and Privacy and contribute to raising their awareness of related concerns. It will also cover the basics of Information Security, Business Continuity, and Risk Management. Students will be provided with fundamental knowledge of personal data protection, as well as confidentiality, integrity and availability of individuals’ and companies’ sensitive information and valuable assets. Classes will involve a mixture of lectures, seminar discussions, and in-class activities and labs. Each practical class will culminate in an assessed exercise.
SUMMARY OF COURSE CONTENT:

CS/MGT-337 is an introductory course that provides a comprehensive overview of the principles, practices, and technologies in the field of cybersecurity. The course explores the principles, practices, and strategies for protecting digital assets, managing cybersecurity risks, and ensuring compliance with data privacy regulations.  Students will gain knowledge of cybersecurity actors, motivations, risks, data security perspectives, Internet and insider threats, frameworks, incident response planning, privacy laws, and industry best practices.  Through case studies and hands-on exercises, students will develop the skills necessary to understand the risks, the actors, and the technologies and regulatory framework commonly used to analyze, implement, and manage effective cybersecurity and data privacy programs.

After an agreement with Fortinet, a leading cybersecurity company, this course will loosely follow Fortinet Training Academy training certification courses, levels 1,2,3. JCU Students willing to be certified may personally access for free and directly the Fortinet Training center using their JCU userid and password, selecting the “PUBLIC” option .

 
LEARNING OUTCOMES:
By the end of the course, students will be able to:
- Comprehend the fundamental concepts and principles of cybersecurity.
- Analyze and assess various cybersecurity threats and vulnerabilities.
- Apply security measures and controls to protect systems and networks.
- Understand the ethical and legal issues associated with cybersecurity.
- Demonstrate knowledge of secure coding practices and common attack techniques.
- Evaluate and recommend appropriate cybersecurity solutions.
 
TEXTBOOK:
NONE
REQUIRED RESERVED READING:
NONE

RECOMMENDED RESERVED READING:
NONE
GRADING POLICY
-ASSESSMENT METHODS:
AssignmentGuidelinesWeight
tba• Assignments: 30% • Examinations: 30% • Case Studies: 15% • Projects: 20% • Class Participation: 5% 30% average of tests

-ASSESSMENT CRITERIA:
AWork of this quality directly addresses the question or problem raised and provides a coherent argument displaying an extensive knowledge of relevant information or content. This type of work demonstrates the ability to critically evaluate concepts and theory and has an element of novelty and originality. There is clear evidence of a significant amount of reading beyond that required for the course.
BThis is highly competent level of performance and directly addresses the question or problem raised.There is a demonstration of some ability to critically evaluatetheory and concepts and relate them to practice. Discussions reflect the student’s own arguments and are not simply a repetition of standard lecture andreference material. The work does not suffer from any major errors or omissions and provides evidence of reading beyond the required assignments.
CThis is an acceptable level of performance and provides answers that are clear but limited, reflecting the information offered in the lectures and reference readings.
DThis level of performances demonstrates that the student lacks a coherent grasp of the material.Important information is omitted and irrelevant points included.In effect, the student has barely done enough to persuade the instructor that s/he should not fail.
FThis work fails to show any knowledge or understanding of the issues raised in the question. Most of the material in the answer is irrelevant.
-ATTENDANCE REQUIREMENTS:
Attendance is mandatory.  Classes will involve a mixture of lectures, seminar discussions, and in-class activities and labs.
ACADEMIC HONESTY
As stated in the university catalog, any student who commits an act of academic dishonesty will receive a failing grade on the work in which the dishonesty occurred. In addition, acts of academic dishonesty, irrespective of the weight of the assignment, may result in the student receiving a failing grade in the course. Instances of academic dishonesty will be reported to the Dean of Academic Affairs. A student who is reported twice for academic dishonesty is subject to summary dismissal from the University. In such a case, the Academic Council will then make a recommendation to the President, who will make the final decision.
STUDENTS WITH LEARNING OR OTHER DISABILITIES
John Cabot University does not discriminate on the basis of disability or handicap. Students with approved accommodations must inform their professors at the beginning of the term. Please see the website for the complete policy.
SCHEDULE

Week 1

Basic concepts

 

IT architecture,

Operating systems and platforms,

TCP/IP and other network protocols - TEST

 

Week 2

Cybercrime

 

History, current dimensions and growth trend, costs to businesses and impact to society.

World and national mail institutions and organizations for cybersecurity. (guest lecture)

Actors and motivations

Impact on society – (case study ransomware)

 

Week 3

Introduction to the Threat Landscape 2.0 (part of the FCF Cybersecurity certification track)

Module 1: Introduction to Cybersecurity

01: Introduction to Cybersecurity Overview Duration: 2 minutes

02: What is Cybersecurity? Duration: 10 minutes

03: Principles of Information Security Duration: 8 minutes

Quiz: Introduction to Cybersecurity - This quiz has 8 questions and you need to score 80% or higher to pass.

Module 2: The Threat Landscape

01: The Threat Landscape Overview Duration: 3 minutes

02: Threat Actors Duration: 15 minutes

03: Cybersecurity Threats Duration: 15 minutes

Threat Intelligence Duration: 15 minutes

05: Attack Frameworks Duration: 10 minutes

Quiz - The Threat Landscape

 

Week 4

Privacy technologies

 

Introduction to the Threat Landscape 2.0 (part of the FCF Cybersecurity certification track)

Encryption history and modern standards

Digital signature

 

Module 3: Social Engineering

1. Social Engineering OverviewDuration: 3 minutes

2. Social Engineering Techniques, Part A Duration: 13 minutes

3. Social Engineering Techniques, Part B Duration: 15 minutes

4. Insider Threat Duration: 18 minutes

5. Fraud, Scams, and Influence Campaigns Duration: 8 minutes

Quiz - Social Engineering

Week 5

Privacy: Regulatory Framework

 

Privacy technologies : Anonymization.

 

Personal data protection laws in USA, EU.

 

 

TOR network – issues and applications – Technologies – Dangers

 

Week 6

Recap

 

Midterm

FCF - INTRODUCTION TO THE THREAT LANDSCAPE 2.0 - COMPLETED

Week 6

 

Privacy Technologies

 

Cybersec exercises

 

Virtual Machines – installation il Lab

 

 

Week 7

Getting Started In Cybersecurity 2.0 (part of the FCF Cybersecurity certification track)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cybersec exercises

 

1. Firewalls Duration: 8 minutes + Quiz

Firewall technology and how it has evolved alongside the ever-changing threat landscape to protect networks from cyberthreat

2. Network Access Control – Duration 8 minutes + Quiz

NAC technology and how it not only identifies who and what types of devices are on the network, but also controls who and what has access

3. Sandbox – Duration 6 minutes + Quiz

Sandboxing and how this secure testing methodology provides a greater level of network protection against malware and other cyberthreats and helps IT security professionals prepare for future threats

4. Web-Application Firewalls (WAF) -Duration 6 minutes +Quiz

WAF specifically designed to protect websites and web-based applications

 

Kali Linux - Penetration tests examples

Week 8

 

Getting Started In Cybersecurity 2.0 (part of the FCF Cybersecurity certification track)

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Cybersec practice

 

 

5. Secure Email Gateway – Duration 5 minutes + Quiz

Secure email gateway (SEG) technology and how it scans and protects email traffic for potential spam, phishing attacks, malware, and other malicious activity.

6. Content Filters - Duration 5 minutes + Quiz

the process of scanning and restricting access to suspicious or harmful content from emails, webpages, and other items, and why it is an important security measure.

7. Wi-Fi – Duration 5 minutes + Quiz

Wireless networking protocols and technology that allow computers and other devices to connect to the network and to each other, and the security considerations required to protect those connections

8. Endpoint Hardening Techniques - Duration 13 minutes + Quiz

How the increase of personal computers, bring-your-own-devices (BYOD), and the Internet of Things (IoT) led to an explosion of malware attacks and how you can use endpoint hardening techniques to secure those device.

9. Endpoint Monitoring + Quiz

cybersecurity tools and services that are available to monitor and secure different types of endpoints, such as laptops, cell phones, and Internet of Things (IoT) devices

Week 9

Getting Started In Cybersecurity 2.0 (part of the FCF Cybersecurity certification track)

 

 

 

 

 

 

 

 

 

 

 

 

 

Cybersec case study

 

10. Security orchestration automation and response (SOAR) technology – 6 min + Quiz

Timely response to cyberattacks and breaches helps keep the network secure.

11. Security information and event management (SIEM) – Duration 6 min + Quiz

monitors, collects, and analyzes security events on the network with the intent to speed up threat detection and response times.

12. SD-WAN – duration 7 minutes + Quiz

software-defined wide area network (SD-WAN) technology and how it centralizes, secures, protects, and optimizes network operations.

13. Zero Trust Network Access (ZTNA) – duration 8 minutes + Quiz

provides consistent, reliable, and secure remote access to a network.

 

Week 10

 

14. Cloud Service Models - duration 7 minutes + Quiz

security issues that are relevant to computer virtualization and cloud service.

15. Secure access service edge (SASE) architecture – duration 7 min + Quiz

combines network and security-as-a-service functions together to solve network security challenge

 

Week 11

Privacy technologies:

 

Quantum Cryptography

Week 12

RECAP

Slack week

Week 13

 

RECAP

FINAL TEST REHEARSAL

 

Week 14

FINAL TEST