Members of the University of Minnesota’s MSSE Class of 2017: the cybersecurity course (titled “Data and Network Security” or something like that) is one of your options for next spring. After talking with students in the class right now, I’m posting more information about the class.
We had a great time this year. It was a small class. We sat around a single table, talked over the reading topics, and worked on various lab activities. The “labs” solved simple problems using various scanning, data collection, and security technologies.
We cover cybersecurity by starting at the simplest level: a single disconnected device. We work up from there, introducing process and file protection, file systems, simple forensics, and cryptography. At each point we look at the underlying technology that enables both our vulnerabilities and our security measures. Next we look at networking with a focus on Internet technology.
The textbook covers classical cybersecurity topics. Our class time consists of talking over the concepts in the reading and relating them to the latest technologies we use at work on at home. Every class has at least one lab activity in which we try out software or simulate some technology. For example, we examine public-key technology by working with Pretty Good Privacy as implemented using the open-source GPG package.
Readings and Quizzes
There are Moodle on-line quizzes every week based on reading from the textbook: Elementary Information Security. The reading sets the foundation for what we do in class.
The quizzes are intended to help motivate the reading. Each quiz allows three attempts. The quizzes are built individually from a pool of questions. While you will see many of the same questions in a retest, you will probably see ones not on the previous quiz.
I’m told that some students start the quiz, read over the questions, do the reading, and then work on the questions.
Aside from quizzes, I might assign 1 or 2 other short research tasks. There is no project at the end.
The material we cover complies with the National Security Agency’s ancient and venerable training standard, NSTISSI 4011. (Note the irony in the statement: the standard is older than most college freshmen). So, you can put that on your resumé after finishing the course.
Here is the 2016 syllabus. In fact, we didn’t do a debate at the end, we did more reading and labs instead.