May 11, 2025  
2022-2023 College Catalog 
    
Catalog Navigation
  Catalog Home
  Message from the Chancellor
  Course Descriptions
  General Education Courses
  All Programs
  Admissions, Registration and Records
  Earning a Degree or Certificate
  Faculty
  Compliance Documents
HELP
2022-2023 College Catalog [ARCHIVED CATALOG]

CIS 245 - Cyber Analytics, Detection, and Response

3 Credits, 4 Contact Hours
2 lecture periods 2 lab periods

Knowledge and skills required to configure and use threat detection and monitoring tools, data analysis, vulnerability identification, and threats identification.

Prerequisite(s): CIS 225  
Information: This course may help in the preparation for the Comp TIA CySA+ certification and examination.
Gen-Ed: Meets AGEC-S Options requirement


  button image Prior Learning and link to PLA webpage

Course Learning Outcomes
1.        Implement a vulnerability management process and incorporate analysis of the results of the scan.

2.        Develop a response plan based on evaluation of incident impact.

3.        Prepare a toolkit with appropriate forensics tools and communication plan.

4.        Recommend remediation of security issues related to identity and access management.

5.        Configure threat-detection tools.

6.        Apply environmental reconnaissance techniques using appropriate tools.

Outline:
  1. Threat Management
    1. Practices used to secure a corporate environment
      1. Penetration testing
      2. Reverse engineering
      3. Training and exercises
      4. Risk evaluation
    2. Network threats
      1. Network segmentation
      2. Endpoint security
      3. System hardening
      4. Network access control
    3. Network reconnaissance
      1. Real-time data analysis
      2. Data correlation
      3. Logging
    4. Systems reconnaissance
      1. Service discovery
      2. Social engineering
      3. Topology discovery
  2. Vulnerability Management
    1. Vulnerability management process
      1. Asset discovery and inventory
      2. Scanning and reporting
      3. Remediation
    2. Common vulnerabilities
      1. Virtual infrastructure
      2. Servers
      3. Endpoints
      4. Mobile devices
      5. SCADA and ICS
  3. Cyber Incident Response
    1. Impact of incident
      1. Threat classification
      2. Data classification
      3. Severity and prioritization
    2. Forensic evaluation
      1. Physical forensics kits
      2. Investigation software
    3. Identifying an incident
      1. Network symptoms
      2. Host symptoms
      3. Application symptoms
    4. Post incident recovery
  4. Security Architecture and Tool Sets
    1. Common policies, controls, and procedures
      1. Regulatory frameworks
      2. Review of sample policy, controls, and procedures
      3. Verification and auditing
    2. Identity and access management
      1. Context-based authentication
      2. Endpoint repositories
      3. Federation and single sign-on