Program Objectives

Developed from a learning model based on Bloom’s Taxonomy of Thinking, the information security bachelor’s degree educational objectives identify what students should learn, understand, and be able to do as a result of their studies at ECCU.

The university’s cybersecurity programs are established with a mix of both business management and applied technology practical studies. This is based on the industry’s need to have a balance of applied skills and disciplines in both technical domains of study and practical business knowledge in the workplace. The purely technical theory or heavily managerial focus of some programs does not produce as well rounded a cybersecurity expert as is generally desired by industry.

The program objectives are:

• Application of technical strategies, tools, and techniques to secure data and information for a customer or client.
• Adherence to a high standard of ethical behavior.
• Use of research in both established venues and innovative applications to expand the body of knowledge in information assurance.
• Application of principles of critical thinking to creatively and systematically solve the problems and meet the challenges of the ever-changing environments of cybersecurity.
• Mastery of the skills necessary to move into leadership roles in companies, agencies, divisions, or departments.

Course Delivery

ECCU’s bachelor’s degree in cybersecurity coursework is delivered 100% online and asynchronously, providing the flexibility of time management whereby students can attend to coursework at any time of day, on any day of the week (24×7). There is a structure to the week and term whereby attendance and submissions must meet predefined deadlines each week, and weekly attendance and participation are mandatory.

ECCU’s curriculum is built using the online pedagogy that best meets the requirements of infusing practice into the theoretical components of the courses ensuring that students graduate being industry-ready. Synchronous scheduled class times are not utilized in the online environment of ECCU as our student composition is global with students from all around the world. However, the courses are built wholesomely to include discussion threads, quizzes, assignments, pre-recorded videos by our faculty, labs, assessments and many times guest speakers are invited to support the learning of our students through the sharing of real-life experiences to allow our students to better prepare for the real world.

The cybersecurity bachelor’s degree utilizes traditional university terms (semesters of 12 weeks) and is structured accordingly. The course delivery sits in a flexible middle ground between the structure of set class times and attendance and the open-ended system of self-paced independent study courses.

Each course under this online cybersecurity bachelor’s degree is instructor-led by credentialed professors with industry experience with a maximum enrollment of 30 students. Guided discussion, interaction/engagement, assistance/support, and grading/feedback will be done with your professor weekly as the course proceeds.

Courses typically consist of a mixture of weekly threaded discussions, reading materials, iLabs (ECCU’s online virtual platform to practice), presentation support (PowerPoint and/or video), quizzes/exams, and/or research projects/papers.

Apply for A Scholarship

Education is a major foundation of a person’s professional and personal growth. At EC-Council University, we not only recognize and help many Bachelor of Science in Cyber Security students gain access to a scholarship but also have many scholarship opportunities for them.

Scholarship Opportunities

Course Description

CIS 300 Fundamentals of Information Systems Security

Fundamentals of Information Systems Security provides a comprehensive overview of the essential concepts readers must know as they pursue careers in information systems security. It opens with a discussion of the new risks, threats, and vulnerabilities associated with the transformation to a digital world, including a look at how business, government, and individuals operate today. Part Two is adapted from the official (ISC)2 SSCP Certified Body of Knowledge and presents a high-level overview of each of the seven domains within the System Security Certified Practitioner certification. The text closes with a resource for readers who desire additional material on cybersecurity standards, education, professional certifications, and compliance laws.

Course Learning Outcomes:

• Focuses on new risks, threats, and vulnerabilities associated with the transformation to a digital world.
• New sections on cloud computing, risk analysis, IP mobility, OMNIBus, and Agile Software Development.
• Includes changes in laws, security certificates, standards, amendments, and the proposed Federal Information Security Amendments Act of 2013 Act.
• Provides new and updated data, statistics, tables, and cases.
• Presents a high-level overview of each of the seven domains within the (ISC)2 System Security Certification Practitioner certification.

CIS 301 Legal Issues in Cybersecurity

Legal Issues in Cybersecurity addresses the area where law and cybersecurity concerns intersect. Information systems security and legal compliance are now required to protect critical governmental and corporate infrastructure, intellectual property created by individuals and organizations alike, and information that individuals believe should be protected from unreasonable intrusion. Organizations must build numerous cybersecurity and privacy responses into their daily operations to protect the business itself, fully meet legal requirements, and meet the expectations of employees and customers.

Course Learning Outcomes:

• Includes discussions of amendments in several relevant federal and state laws and regulations since 2011.
• Reviews relevant court decisions that have come to light since the publication of the first edition.
• Includes numerous cybersecurity data breaches highlighting new vulnerabilities.

Managing Risk in Information Systems provides a comprehensive overview of the SSCP® Risk, Response, and Recovery Domain in addition to providing a thorough overview of risk management and its implications on IT infrastructures and compliance. Written by industry experts, and using a wealth of examples and exercises, this book incorporates hands-on activities to walk the reader through the fundamentals of risk management, strategies and approaches for mitigating risk, and the anatomy of how to create a plan that reduces risk.

Course Learning Outcomes:

• Provides a modern and comprehensive view of information security policies and frameworks.
• Examines the technical knowledge and software skills required for policy implementation.
• Explores the creation of an effective IT security policy framework.
• Discusses the latest governance, regulatory mandates, business drives, and legal considerations.

CIS 303- Security Policies and Implementation +

This course provides an overview of security administration and fundamentals of designing security architectures. Topics include networking technologies, TCP/IP concepts, protocols, network traffic analysis, monitoring, and security best practices. Upon completion, students should be able to identify normal network traffic using network analysis tools and design basic security defenses. The course is designed to help prepare for the TestOut Security Pro certification exam.

Course Learning Outcomes:

• Demonstrate methods for keeping networks and their computers secure. Show an
• understanding of the facilities for securing networks, including protection against viruses, worms, malware, and OS and application exploits.
• Implement secure access through authentication and encryption.
• Implement security policies.
• Provide common application security, DNS, SMTP, HTTP, Instant Messaging, and other user and system accessible protocols with their implementation or protocol design weaknesses.
• Ensure continuing security. Detect active attacks through network traffic analysis, system and application log monitoring, and auditing. Track the warning signs of a problem or attack.
• Ensure continuity. Discuss disaster planning and recovery issues such as redundancy, fault tolerance, power and environmental conditioning, backups, recovery strategies, and clustering.
• Troubleshoot security vulnerabilities. Demonstrate skills in penetration testing, by looking for and identifying weaknesses in configurations for operating systems, applications, firewalls, network devices, policies, and procedures in a given environment

CIS 304 Auditing IT Infrastructures for Compliance +

Auditing IT Infrastructures for Compliance provides a unique, in-depth look at recent U.S.-based Information systems and IT infrastructure compliance laws in both the public and private sectors. Written by industry experts, this book provides a comprehensive explanation of how to audit IT infrastructures for compliance based on the most recent laws and the need to protect and secure business and consumer privacy data. Using examples and exercises, this Second Edition incorporates numerous hands-on activities to prepare readers to complete IT compliance auditing skillfully.

Course Learning Outcomes:

• Includes updates on new pertinent laws and regulations, including FISMA and DoD.
• References all-new standards such as COBIT, SANS, ISACA, ISO/IEC 27001, and CRMA.
• New sections added on the Children’s Online Privacy Protection Act (COPPA).
• Service Organization Control (SOC) Reports.
• The NIST Cybersecurity Framework.
• Certification in Risk Assessment (CRMA).

CIS 308 Access Control, Authentication, and Public Key Infrastructure

Access control protects resources against unauthorized viewing, tampering, or destruction. They serve as a primary means of ensuring privacy, confidentiality, and prevention of unauthorized disclosure. Revised and updated with the latest data from this fast-paced field, Access Control, Authentication, and Public Key Infrastructure defines the components of access control, provides a business framework for implementation, and discusses legal requirements that impact access control programs. It looks at the risks, threats, and vulnerabilities prevalent in information systems and IT infrastructures and how to handle them. It provides a student and professional resource that details how to put access control systems to work, as well as testing and managing them.

Course Learning Outcomes:

• Updated references to Windows 8 and Outlook 2011.
• A new discussion of recent Chinese hacking incidents.
• Examples depicting the risks associated with a missing unencrypted laptop containing private data.
• New sections on the Communications Assistance for Law Enforcement Act (CALEA) and granting Windows folder permissions are added.
• New information on the Identity Theft Enforcement and Restitution Act and the Digital Millennium Copyright Act (DMCA).

CIS 401 Security Strategies in Windows Platforms and Applications

Security Strategies in Windows Platforms and Applications focuses on new risks, threats, and vulnerabilities associated with the Microsoft Windows operating system. Most individuals, students, educators, businesses, organizations, and governments use Microsoft Windows, which has experienced frequent attacks against its well-publicized vulnerabilities. Emphasis is placed on Windows XP, Vista, and 7 on the desktop, and Windows Server 2003 and 2008 versions. It highlights how to use tools and techniques to decrease risks arising from vulnerabilities in Microsoft Windows operating systems and applications. The book also includes a resource for readers desiring more information on Microsoft Windows OS hardening, application security, and incident management. With its accessible writing style and step-by-step examples, this must-have resource will ensure readers are educated on the latest Windows security.

Course Learning Outcomes:

• New information on Windows 2012 and its four different editions.
• New information on malware, ransomware, and spyware.
• The latest on Agile Software Development, including its history, purpose, and definition.
• Discussion of hacktivists and examples of some of their recent attacks.
• New information on Windows 2012 and DAC, Managed Service Accounts, and Expression-based Security Audit Policy.
• Discusses new BitLocker features.

CIS 402 Security Strategy in Linux Platform and Applications +

Linux addresses the fundamentals of the Linux operating system. This course include system architecture and history, system installation and configuration, the command line interface and shell commands, basic system administration, system updates, file systems, access controls, network services configuration, printer configuration, system services, security models, and scripting. The course is designed to help prepare for the TestOut Linux Pro certification exam.

Major Instructional Areas:

• Linux operating system architecture, use cases, and general background
• Linux system installation and configuration
• The command line interface and shell commands
• Basic system administration and system updates
• Network services and printer configuration
• Linux system services and security
• Editing files and scripting
• User accounts, user groups, user ownerships, and user permissions (access controls)
• Linux cloud and virtualization

Course Learning Outcomes:

• Use simple Linux commands to create directories, files, and to get help.
• Execute functions and tasks with commands and scripts.
• Examine the Linux operating system architecture and its differences among other operating systems like Windows and Unix.
• Establish and maintain security controls for users, tools, applications, and file system permissions on the Linux operating system.
• Install, configure, and maintain a Linux operating system on a desktop or server.

CIS 403 Network Security, Firewalls, and VPNs +

Network Security, Firewalls, and VPNs provide a unique, in-depth look at the major business challenges and threats that are introduced when an organization’s network is connected to the public Internet. Written by an industry expert, this book provides a comprehensive explanation of network security basics, including how hackers access online networks and the use of Firewalls and VPNs to provide security countermeasures. Using examples and exercises from the field, this book incorporates hands-on activities to prepare the reader to disarm threats and prepare for emerging technologies and future attacks.

Course Learning Outcomes:

• New information on Internet Protocol Version 4 (IPv4) with clarification on the difference between IPv6 and IPv4.
• Discussion of DNS faults.
• New information on “Mobile IP” and “Bring Your Own Device.”
• Discussion of the use of a sniffer tool or Wireshark.
• Uncovers VPN implementation via a cloud application.
• Updated statistical information and industry data.

CIS 404 Hacker Techniques, Tools, and Incident Handling +

Hacker Techniques, Tools, and Incident Handling begins with an examination of the landscape, key terms, and concepts that a security professional needs to know about hackers and computer criminals who break into networks, steal information, and corrupt data. It goes on to review the technical overview of hacking: how attacks target networks and the methodology they follow. The final section studies the most-effective methods when dealing with hacking attacks, especially in an age of increased reliance on the Web. Written by a subject matter expert with numerous real-world examples, the Second Edition provides readers with a clear, comprehensive introduction to the many threats in our Internet environment and security, and what can be done to combat them.

Course Learning Outcomes:

• Includes a completely new Chapter 13 on social engineering and what it means in the context of cybersecurity, including a typical attack, identity theft, and best security practices.
• Provides new information on cryptography and encryption in network protocols.
• Updated references to Windows 8, Server 2008, and Server 2012.
• Added information on Active Directory and Symantec Security Suite 10.
• Includes new material on using social networks, Wardriving and Warflying, detecting rogue access points, and Wi-Fi Pineapple.
• New section material on cloud computing and cloud security issues.

CIS 405 Internet Security: How to Defend Against Online Attackers

Internet Security: How to Defend Against Online Attackers provides an in-depth look at how to secure mobile users as customer-facing information migrates from mainframe computers and application servers to Web-enabled applications. Written by an industry expert, the book explores the evolutionary changes that have occurred in data processing and computing, personal and business communications, and social interactions and networking on the Internet. It goes on to review all the risks, threats, and vulnerabilities associated with Web-enabled applications accessible via the Internet. Using examples and exercises, the Second Edition incorporates hands-on activities to prepare readers to secure Web-enabled applications successfully.

Course Learning Outcomes:

• Securing Mobile Communications.
• Addresses the latest Web security issues and solutions from the administrator, developer, and user perspectives.
• Examines mobile device and connectivity security.

CIS 406 System Forensics, Investigation, and Response +

System Forensics, Investigation, and Response begins by examining the fundamentals of system forensics, such as what forensics is, the role of computer forensics specialists, computer forensic evidence, and the application of forensic analysis skills. Computer crimes call for forensics specialists, people who know how to find and follow the evidence. It also provides an overview of computer crimes, forensic methods, and laboratories. It then addresses the tools, techniques, and methods used to perform computer forensics and investigation. Finally, it explores emerging technologies as well as future directions of this interesting and cutting-edge field.

Course Learning Outcomes:

• The Second Edition includes all-new content. A complete rewrite of the first edition.
• The latest data and statistics on computer forensics.
• Special coverage on:

• • Email Forensics
  • Windows Forensics
  • Mac Forensics
  • Linux Forensics
  • Mobile Forensics

CIS 407 Cyberwarfare

Cyberwarfare puts students on the real-world battlefield of cyberspace! Students will learn the history of cyberwarfare, techniques used in both offensive and defensive information warfare, and how cyberwarfare is shaping military doctrine. Written by subject matter experts, this book combines accessible explanations with realistic experiences and case studies that make cyberwar evident and understandable.

Course Learning Outcomes:

• Incorporates hands-on activities, relevant examples, and realistic exercises to prepare readers for their future careers.
• Includes detailed case studies drawn from actual cyberwarfare operations and tactics.
• Provides fresh capabilities information drawn from the Snowden NSA leaks.

CIS 408 Wireless and Mobile Device Security

Wireless and Mobile Device Security explores the evolution of wired networks to wireless networking and its impact on the corporate world. The world of wireless and mobile devices is constantly evolving, with many individuals relying solely on their wireless devices in the workplace and at home. The growing use of mobile devices demands that organizations become more educated in securing this growing technology and determining how to best protect their assets. Using case studies and real-world events, it goes on to discuss risk assessments, threats, and vulnerabilities of wireless networks, as well as the security measures that should be put in place to mitigate breaches. The text closes with a look at the policies and procedures in place and a glimpse ahead at the future of wireless and mobile device security.

Course Learning Outcomes:

• Incorporates hands-on activities, relevant examples, and realistic exercises to prepare readers for their future careers.
• Includes detailed case studies drawn from real-world events.
• Discusses the history and evolution of wireless networks.
• Explores the impact of wireless on the corporate world.

CIS 409 Fundamentals of Python

This course is an introduction to object-oriented design and data structures using the popular Python programming language. The level of instruction assumes at least one term/semester of programming in an object-oriented language such as Java, C++, or Python. Through the step-by-step instruction and exercises in this book, you’ll cover such topics as the design of collection classes with polymorphism and inheritance, multiple implementations of collection interfaces, and the analysis of space/time tradeoffs of different collection implementations (specifically array-based implementations and link-based implementations). Collections covered include sets, lists, stacks, queues, trees, dictionaries, and graphs.

Course Learning Outcomes:

• Searching, Sorting, and Complexity Analysis
• Arrays and Linked Structures
• Interfaces, Implementations, and Polymorphism
• Inheritance and Abstract Classes
• Stacks, Queues, Lists, Trees, Graphs, Sets and Dictionaries

CIS 410 Capstone Course

This course serves as a comprehensive assessment of knowledge and skills in information systems and cybersecurity. Activities include research into selected security problems and planning, designing, and implementing security solutions for a user organization.

Course Learning Outcomes:

• Prepare a Request for Proposals (RFP) content and purpose.
• Present a survey of existing security controls.
• Analyze current security gaps and present a formal report.
• Create a design of approaches to address security gaps.
• Communicating proposed solutions through a RFP response.

COM 340 Communication and Technical Writing

This course is designed to prepare you in the basics of research and writing. You will begin with learning the fundamentals of writing: how to tell if a website is credible/trustworthy, tips and strategies, critiquing, preparing for a research paper, designing an outline, developing a thesis statement, writing a conclusion, and referencing your work. What you learn in this course will help you succeed in courses following this, including your final capstone project.

Course Learning Outcomes:

• Acquire appropriate communication skills.
• Learn to navigate and use available resources.
• Determine when a website is credible for use in research and writing.
• Learn how to overcome obstacles when writing.
• Demonstrate considerate critiquing.
• Develop an ability to review and write a comprehensive paper with a reference page.
• Engage in group discussions (collaboration) and activities to develop critical perspectives, as well as a clear sense of audience, in an effective manner.
• Develop accurate and concise writing skills.
• Demonstrate the use of correct citation standards.

MTH 350 Introduction to Statistics

Introductory Statistics will familiarize students with a broad base of concepts in probability and statistical methods. Students will learn how to collect, analyze, and interpret numerical data and descriptive statistics, create basic probability models, and use statistical inference. This course stresses a wide variety of relevant applications, and students will understand how to interpret and critically analyze research data and apply statistical reasoning and interpretation.

Course Learning Outcomes:

• Explain the general concepts of statistics.
• Present and describe graphical data.
• Analyze data using regression and correlation.
• Interpret probability distributions for random variables.
• Compute and interpret point and interval estimates.
• Perform hypothesis tests.
• Think critically about information consumed in daily life and use an understanding of statistics to make good decisions based on that information (statistical literacy).

PSY 360 Social Psychology

Why do individuals behave in a certain manner? How do relationships, people, and society influence such behaviors? The purpose of this course is to introduce you to the field of social psychology, but more specifically, understand how others influence our behaviors. This course will provide a general overview of human behavior in a social matrix. The course will explore topics and concepts such as social psychology research, the self, prejudice and discrimination, attraction, relationships, aggression, socialization, and conformity.

Course Learning Outcomes:

• Apply proper research techniques to produce comprehensive writings by utilizing course texts, readings, discussions, and presentations.
• Discuss and critique topics in weekly group collaboration and activities to develop diverse and critical perspectives.
• Identify and describe the terminology relevant to social psychology.
• Recognize social behavior concepts, along with their motivation and influences.
• Apply these concepts to real-life phenomena.
• Examine the methodology used by social psychologists.
• Analyze and interpret statistical data presented in social psychology research.

BIS 430 Ethics for the Business Professional

What is the right thing to do? What is the ETHICAL thing to do? This course will introduce the principles of ethics (moral philosophy) through a variety of topics and dilemmas. We will examine the ideas of goodness, badness, wrongness, and rightness. We will learn about the ethical theories of philosophers and apply the knowledge to current events to better understand morality, obligation, human rights, and human nature.

Course Learning Outcomes:

• Apply proper research techniques to produce comprehensive writings by utilizing course texts, readings, discussions, and presentations.
• Discuss and critique topics in weekly group collaboration and activities to develop diverse and critical perspectives.
• Identify and describe the terminology relevant to ethics, human nature, and morality.
• Recognize ethical and moral behavior and its motivation.
• Examine ethical theories and methodologies used to determine goodness and rightness.
• Analyze and interpret statistical data and the review of the literature.

ECN 440 Principles of Microeconomics

Economics is the study of how a society manages its resources. In most societies, resources are allocated through the combined choices of their members. Economists study how people make the decisions, how they work, what they buy, how much they save, and how they invest those savings. Economists also study how people interact with one another. Finally, economists analyze forces and trends that affect the economy, including the growth of income, the fraction of the population who cannot work, and the rate at which prices are rising or falling. This course covers these concepts and more.

Course Learning Outcomes:

• Concepts in trade.
• Marketing forces of supply and demand.
• Government policies and their effect.
• Taxation
• Competitive markets and monopolies.
• Cost of Production.
• Earnings, poverty, and discrimination.
• Theory of consumer choice.

MGT 450 Introduction to Project Management

Gain a strong understanding of IT project management as you learn to apply today’s most-effective project management tools and techniques. The course emphasizes the latest developments and skills to help you prepare for the Project Management Professional (PMP) or Certified Associate in Project Management (CAPM) exams. While the PMBOK® Guide discusses, the course goes well beyond the Guide to provide a meaningful context for project management.

Course Learning Outcomes:

• Illustrate the factors that influence the success of the project, as well as define and explain how to create an IT security project plan.
• Identify the requirements of the IT infrastructure and compare and contrast the role of the IT security project team and incident response team.
• Examine various project parameters and processes and recommend how to integrate them into the IT security project.
• Explain the general IT security project plan and assess the risk factors associated with it.
• Evaluate the WBS, explain risk management, summarize the incident response and disaster recovery processes, and formulate risk mitigation strategies.
• Design an IT security project plan, organize the processes, predict risks, and illustrate the role of change management.
• Examine how auditing and documentation processes help in managing the IT security project.
• Test the quality of the project, evaluate the factors involved in closing the project, and demonstrate how legal standards affect the security strategy.