CS 1310: Cybersecurity for Beginners

CS 1310: Cybersecurity for Beginners

Semester Hours:   3.0
Contact Hours:    3
Coordinator:   Ruinian Li
Text:   Readings provided by instructor
Author(s):   VARIED
Year:   Varied

SPECIFIC COURSE INFORMATION

Catalog Description

Introduction of the digital threat landscape; pillars of information security; ethics and economics of cybersecurity; introduction to cryptography, authentication, network/web/mobile security, cloud/IoT security, cyber-attack techniques, and cyber-management; security and privacy issues; introduction to digital forensics; cybersecurity concepts for business continuity.

Course type: ELECTIVE

SPECIFIC COURSE GOALS

  • I can explain the key pillars of information security.
  • I can illustrate several cryptography schemes.
  • I can explain how cybersecurity authentication works.
  • I can identify common privacy and security issues in our IT (e.g., smart phone, email, IoT devices) usages.
  • I can explain the basics of digital forensics.
  • I can discuss how cybersecurity plays a role in business continuity.
  • I can discuss the security and privacy issues in modern technologies.

LIST OF TOPICS COVERED

  • Nuts-and-Bolts of cyber-security (~7%)
    • A big picture of the problem: computers, smartphones, the Internet, and threats
    • Key components (hardware and software) of a computer, and how they work together
      • 5 component frameworks (hardware, software, data, procedures, people)
    • Representing and storing information in digital form
      • E.g., how a computer processes and stores an English word, etc.
    • Pillars of information security: confidentiality, integrity, and availability
      • Confidentiality concerns – eavesdropping, wiretapping, etc.
      • Integrity concerns – MITM, Replay Attack, Impersonation
      • Availability concerns – DOS, Power outage, hardware failure, destruction (not everything comes from the outside).
      • Authentication, Authorization, Accountability, and Non-Repudiation.
      • Privacy concerns when using devices and networks.
      • Defense in Depth (NIST standard – Identify, Protect, Detect, Respond, Recover)
      • Principle of least privilege (pairs well with Confidentiality of CIA) – elaborate on least privilege on devices, networks, and systems.
  • Ethics and Economics of cybersecurity (~3.5%)
    • Tension between cost and security
    • Tradeoff between usability and security
    • Individual privacy vs. law enforcement
    • Ethical hacking
      • Black hat hacking – nation state threats
  • Fun with encryption/decryption schemes (~14%)
    • Plaintext vs Ciphertext
    • Overview of encryption/decryption algorithms
    • Symmetric key system vs. public/private key system
    • Data at rest vs data in transit
  • On Password-based authentication (~7%)
    • Strength of a password
    • Hash functions
    • How attackers crack passwords
    • How to defend against password cracking
  • Authentication and Access control (~14%)
    • Authentication schemes
      • Single-Sign-On (e.g. accessing Canvas via my.bgsu.edu)
      • Multi-factor authentication (e.g. DUO code to login to my.bgsu.edu)
        • Secret questions, biometrics, etc.
    • Access control (i.e., read, write, execute permission) of a file in a computer
    • Introduction to the concept of Zero Trust
  • Security issues in computer networks and web browsing (~14%)
    • Basic structure/architecture of the Internet
      • LAN, subnet, IP address.
    • Security issues of home/public Wi-Fi; attacks on a web session
      • Man-in-the-middle attack
      • Sniffing
      • Stealing Cookie
    • Countermeasures
      • Public key infrastructure (PKI), Virtual Private Network (VPN)
      • Wi-Fi encryption protocols
  • Software vulnerability/maliciousness. (~3.5%)
    • Security issue/hole in software
    • Intentional maliciousness vs. unintentional vulnerability.
    • Software testing in software life cycle from users’ perspective
  • Common schemes of cyber-attacks and countermeasures: (~3.5%)
    • Social Engineering, phishing, drive-by-download, clicking email-attachment
    • Spyware, adware, ransomware
    • Countermeasure – end user education
  • Security and privacy issues of smartphones (~3.5%)
    • Basic design of an Android/iPhone app
    • Common threats and Countermeasures
  • Intrusion detection and firewalls (~3.5%)
    • Intro to intrusion detections and various types of firewalls
  • Protecting a personal computer (~3.5%)
    • Why to run only updated software on a computer
    • How to safely install software only from a trusted party
    • Running an antimalware (and firewall) to protect a computer
    • Re-iterate principle of least privilege, e.g. remove admin rights from your main account
  • Security and privacy issues of online social networks (~3.5%)
    • Privacy issues in sharing information publicly
    • Common threats and Countermeasures
  • Cloud computing and IoT Security (~7%)
    • Privacy issues in outsourcing
    • Security and privacy issues in IoT devices, e.g. smart homes, wearable devices
  • Email Security (~7%)
    • Email encryption protocols
    • How to send secure emails, e.g. using PGP to send emails
  • Introduction to digital forensics (~3.5%)
    • Introduction to the field of digital forensics, e.g. disk recovery, find network intruders
  • Business continuity concepts (~3.5%)
    • Importance of written policies and procedures especially in the handling of confidential information
    • Fault tolerance – replication, redundancy, backup considerations, contingency plans
    • Disaster recovery - restoration of data, restoration of access

Updated: 12/02/2025 03:39PM