Cybersecurity: Principles and Practice

This course provides a comprehensive foundation in modern cybersecurity principles, technologies, and practices. Designed for students from technical and non-technical backgrounds, it covers core concepts such as confidentiality, integrity, availability, risk, threat modeling, and adversarial thinking. The course explores key domains including networks, operating systems, cryptography, identity and access management, security operations, governance, and emerging technologies. Through lectures, discussions, exercises, and case studies, students learn to analyze cybersecurity holistically. A final project applies these skills to assess a real-world system, organization, or incident.

Student Learning Outcomes

1. Explain and apply core cybersecurity principles, including confidentiality, integrity, availability, least privilege, and defense in depth, to real-world systems and scenarios.
2. Differentiate and analyze common types of cyber threats, adversaries, vulnerabilities, and attack vectors, and explain the stages of a typical cyberattack lifecycle.
3. Analyze fundamental concepts of computer networking, operating systems, and cloud computing at a conceptual level as they relate to cybersecurity risks and defensive strategies.
4. Evaluate common security controls and technologies including firewalls, intrusion detection systems, cryptographic mechanisms, and identity and access management and assess their appropriate use in different contexts.
5. Assess cybersecurity risks using a structured approach that incorporates technical, human, and organizational factors.
6. Discuss and contextualize the role of governance, risk management, compliance, and security operations in maintaining and improving organizational security posture.
7. Evaluate emerging cybersecurity challenges associated with technologies such as cloud platforms, artificial intelligence, machine learning, and connected devices.
8. Communicate cybersecurity findings and recommendations clearly and effectively through written and oral presentations tailored to both technical and non-technical audiences.