Information Security Certificate

Fundamentals of Information Security

This course provides an historical context for the study of data and Internet security and the evolution of security in the age of the Internet. Introductory lab sessions will occur at various times during this section.  Participants examine different systems vulnerabilities and threats and are introduced to basic data security strategies and practices including administrative, cryptographic and authentication-based techniques.

Course Objectives

At the end of this course, students will be able to:

• Identify and classify security threats and vulnerabilities facing an organization
• Evaluate the potential of security products to meet identified threats
• Prepare security policies and procedures
• Identify the elements needed to create a disaster recovery plan
• Provide input into security decisions facing an organization
• Recommend changes to an organization to increase security awareness and effectiveness
• Identify resources which can be used to further your knowledge on specific security issues as needed
• Effectively use command line networking tools to enhance security processes.

Information Security: Network Defense, Incident Response & Introduction to Malware Analysis

This is a very technical and fast-paced defensive security class. Primary focus of course work centers on hardening network systems, use of network security tools for defensive purposes, Incident Response and Malware Analysis. System hardening concepts will be examined including regulatory requirements including PCI-DSS, HIPAA, and SOX. Incident response will address planning, immediate actions, recovery and lesson’s learned. Students will explore signs of compromise and analysis. Network forensics will include malware delivery, attacker identification, compromise tracking and identification. This course will work with active malware samples including an introduction to malware reverse engineering and use of debuggers in malware analysis.

This course is very hands-on and will have extended exercises after most classes. Students will be expected to have command-line experience and understand intermediate networking technologies. This course takes a scenario-based approach to network investigations and analysis. Most scenarios will included techniques for mitigation of compromises.

NOTE: This course will work with active computer viruses.

Course Objectives

At the end of this course, students will be able to:

• Identify common and unique signs of compromise.
• Recognize available resources for analyzing a network or system compromise.
• Understand the role of system hardening in network defense,
• Understand the role and impact of regulatory compliance in network security.
• Conduct basic incident response for network and system level compromises.
• Develop an effective incident response plan.
• Perform intrusion investigations.
• Conduct traffic analysis using various methods.
• Proper handling of active computer viruses.
• Perform static malware analysis.
• Evaluate malware using a debugger.
• Conduct malware forensic analysis.

Information Security: Ethical Hacking, Defense and Emerging Security Issues

This is a highly technical and fast-paced offensive security class. This course examines emerging challenges for IT security management and assessment of network security posture from an offensive perspective. Students will be exposed and conduct computer assessments using ethical hacking and penetration techniques. As application architectures become more widely distributed and as network perimeters become more extended through mobile wireless access, security managers must identify new approaches to assure confidentiality, integrity and availability. A cross-cutting theme is the need to embed security considerations deeply within the textures of software development, system deployment, business process architectures.

Note: This course will conduct computer hacking and exploit development exercises in a controlled environment. Students will be responsible for proper use and control of specialized computer attack tools and exploit code.

Course Objectives

At the end of this course, students will be able to:

• Understand and evaluate emerging security threats
• Identify current system exploits and methods of compromise.
• Understand the ethical hacking methodology.
• Conduct ethical attacks on network computer systems.
• Understand the role of threat modeling within a secure systems development life cycle.
• Perform wireless assessments
• Understand and conduct social engineering exercises
• Formulate strategies for enhancing information security through improved business processes, policies, procedures, training, and management.

Admission requirements

Two years of college and two years of experience in the information technology field. Individuals with less than two years of experience may be accepted if they have completed relevant education or training programs. 

Required textbooks

CISSP Guide to Security Essentials
Authors: Peter Gregory
Publisher: Course Technology, ISBN 1-4354-2819-6

Network Forensics: Tracking hackers through cyberspace
Authors:  Sherri Davidoff and Jonathan Ham
Publisher:  Prentice Hall,  ISBN: 978-0-13-256471-7

Hacking Exposed 7: Network Security Secrets & Solutions (7^th Ed.)
Authors:  McClure, Scambray, & Kurtz
Publiisher: McGraw-Hill Osborne Media,  ISBN: 978-0-596-00963-2

Required Equipment

You are required to have a laptop computer with high-speed Internet access to bring to each class.

Recommended textbooks

Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
Author: Michael Ligh,  Steven Adair, Blake Hartstein, Matthew Richard
Publisher: Wiley, ISBN: 978-0470613030

Security Power Tools
Author:  Burns et al
Publisher:  O’Reilly, ISBN 978-0-596-00963-2

Fees and tuition

Tuition is payable on a term-by-term basis. Tuition for the entire program is $2679 excluding application and registration fees and textbooks. There is a $50 non-refundable application fee to apply to this program and a $10 non-refundable registration fee for each term. First-term tuition and $10 registration fee are due three business days before class begins.

The university’s tuition exemption policy does not apply to this program. Fees and tuition are subject to change.

Registration

Payment Policy: Tuition for classes and $10 registration fee are due by 5 p.m. three days before each term begins. Accepted students who do not pay by the due date will be assessed a $50 late fee.

Refund Policy: Students must make a request to withdraw in writing. Written requests can be sent to keypdc@uw.edu or mailed to the address below. Students withdrawing by 5 p.m. 24 hours BEFORE the program begins, are eligible for a full refund of all tuition except the $50 application fee and $10 processing fee. There is no refund for withdrawals after the first day of class.

Withdrawal Policy: If you are not planning to continue in the certificate program or course, please send a written request to withdraw to keypdc@uw.edu or to:

University of Washington Tacoma
KeyBank Professional Development Center
1900 Commerce St.
Tacoma, WA 98402-3100

Cancellations and Changes: UW Tacoma reserves the right to cancel programs or classes with low enrollment. Please note: Course, application, and registration fees are subject to change.

By clicking "Register now" below you acknowledge that you have read and understood all of these terms and conditions and wish to continue to register for classes. If you have any questions or concerns before registering contact us at 253-692-4618 or keypdc@uw.edu.