Cybersecurity for MSSE 2022

I am offering an online cybersecurity elective to MSSE second-year students for 2022: SENG 5271. It uses my Cybersecurity in the Cloud specialization offered on Coursera, plus readings and labs from my textbook Elementary Information Security. The course and textbook focus on how technical measures relate to more abstract business and safety goals. We cover a lot about authentication, cryptography, and access controls. You may want to watch examples of the course videos posted online at Vimeo to see what I mean.

We focus on the practical engineering aspects, not the math. The math occasionally rears its ugly head, but it’s limited to grade school algebra and set theory, salted with simple concepts from probability.

I generally avoid doing lectures during class time, putting lectures online instead. Class time is spent in lab sessions: they last 60-90 minutes and are graded. This year they were graded pass-fail, though I can’t guarantee doing that with a larger class. If the class is too large for one lab session, I’ll split the class into two groups and spend half of the class time with each group. I enjoy hands-on (though remote) work with the individual students.

The online Coursera specialization consists of 16 modules divided into 4 courses. For the semester we complete 1 to 2 modules per week, usually only one. A typical module contains an hour of video lecture and demonstration, and one to three hours of assessments: quizzes and peer-reviewed research assignments. I encourage students to pick different topics for the peer-reviewed assignments to reduce the potential boredom of reviewing each other’s work. And, if you think it’s boring to read about cyberattacks, why would you take a cybersecurity course?

Saturday111Attack Surface, Svc OutlineGoogle drive access ctl
Friday212Net Security Architecturecrypto basics, nmap
Saturday313Net Crypto, CVSSPublic-key encryption
Friday414Cloud Arch, VirtualizationServer Certificates
Saturday521Databases, StatesSOC 2-3, Breach Research
Friday622SQL, Data BreachesData Breach Review
Saturday723Vendor Data ServicesServices Review
Friday824Data PrivacyDNS research
Saturday931,2App Arch & AuthenticationHash cracking, entropy
Friday1033SessionsEmail tracing
Saturday11Spring BreakNO CLASS
Friday1234ScriptsScript based attacks
Saturday1341Top Ten, Risk #1Injection Demos
Friday1442Risks #2, 3, 4Vulnerability scanning
Saturday15GraduationNO CLASS
Saturday1643, 4Risks #5, 6, 7, 8, 9, 10Discussion

Depending on pandemic restrictions and class interest, we might substitute one or more in-person labs at the University for those listed above.

Here are links to the four Coursera courses in the specialization:

  1. Cloud Security Basics
  2. Cloud Data Security
  3. Cloud Application Security
  4. Cloud Top Ten Risks

I also posted draft videos from the first course on Vimeo, if you want to view examples of online course videos.

During SENG 5271, students participate in a “private session” of each Coursera course. If you want to see all of the course materials, you need to register for the course. Use any “try for free” feature Coursera provides, or a membership if you have one. If you register in a public Coursera session and complete graded assessments, however, grades might not carry over to your SENG 5271 grade. Quiz grades might carry over, but the peer reviewed assignment grades will not.