Dec 26, 2024  
2024-2025 College Catalog 
    
Catalog Navigation
  Catalog Home
  Message from the Chancellor
  Mission and Vision
  Divisions and Departments
  Degree & Certificate Programs
  IBEST Programs
  Workforce Response Programs
  Course Descriptions
  General Education Courses
  Admissions, Registration and Records
  Earning a Degree or Certificate
  Faculty
  Historical Catalogs
HELP
2024-2025 College Catalog

CIS 245 - Cyber Defense

3 Credits, 4 Contact Hours
2 lecture periods 2 lab periods
Knowledge and skills required to configure and use threat detection and monitoring tools, data analysis, vulnerability identification, and threats identification.

Prerequisite(s): CIS 225  and CIS 228  
Information: This course may help in the preparation for the Comp TIA CySA+ certification and examination.
Gen-Ed: Meets AGEC Options requirement; Meets CTE - Options requirement

Button linking to AZ Transfer course equivalency guide    button image Prior Learning and link to PLA webpage

Course Learning Outcomes
  1. Implement a vulnerability management process and incorporate analysis of the results of the scan.
  2. Explain the circumstances under which a vulnerability must be disclosed.
  3. Develop a response plan based on evaluation of incident impact.
  4. Prepare a toolkit with appropriate forensics tools and communication plan.
  5.  Recommend remediation of security issues related to identity and access management.
  6. Configure threat-detection tools.
  7. Apply environmental reconnaissance techniques using appropriate tools.
Outline:
  1. Threat Management
    1. Practices used to secure a corporate environment
      1. Penetration testing
      2. Reverse engineering
      3. Training and exercises
      4. Risk evaluation
    2. Network threats
      1. Network segmentation
      2. Endpoint security
      3. System hardening
      4. Network access control
    3. Network reconnaissance
      1. Real-time data analysis
      2. Data correlation
      3. Logging
    4. Systems reconnaissance
      1. Service discovery
      2. Social engineering
      3. Topology discovery
  2. Vulnerability Management
    1. Vulnerability management process
      1. Asset discovery and inventory
      2. Scanning and reporting
      3. Remediation
    2. Common vulnerabilities
      1. Virtual infrastructure
      2. Servers
      3. Endpoints
      4. Mobile devices
      5. SCADA and ICS
  3. Cyber Incident Response
    1. Impact of incident
      1. Threat classification
      2. Data classification
      3. Severity and prioritization
    2. Forensic evaluation
      1. Physical forensics kits
      2. Investigation software
    3. Identifying an incident
      1. Network symptoms
      2. Host symptoms
      3. Application symptoms
    4. Post incident recovery
  4. Security Architecture and Tool Sets
    1. Common policies, controls, and procedures
      1. Regulatory frameworks
      2. Review of sample policy, controls, and procedures
      3. Verification and auditing
    2. Identity and access management
      1. Context-based authentication
      2. Endpoint repositories
      3. Federation and single sign-on

Effective Term:
Fall 2023