CyberSecurity Education

The networking option focuses on operating systems, networking, local area networks, and security principles. The cyber security emphasis also includes an understanding of wireless, biometrics, and remote access technologies along with forensic investigation methods. Students are prepared to pass industry certification exams. A background check is required for cyber security majors. Program requires admission to Rose State College and an interview with a Networking Cyber/Security faculty member. Paid internships are available.

“Cyber security” prevents hackers, spies, thieves or other unauthorized users from breaking into computer systems and networks. Rose State College is the *only* two-year program in the country where you can gain all six levels of federal cyber security certification. You can find a high-tech, well-paying job within two years or even go on to advanced degrees with greater rewards. Enroll in Rose State College’s Cyber Security program and join the ranks of cyber-warriors in the FBI, CIA, the Pentagon or private business.

This program gives you a well rounded approach to the business world with a concentration in programming languages. Oracle, C++, Java, HTML, Visual Basic and .Net are the languages you have to select from. Other classes include Microcomputer Hardware and Operating Systems, Micro Applications, Systems Analysis and Design, and Computer Information Systems Management.

This 18 hour certificate program is available to undergraduates and non-traditional students. The core of the program includes CIT 2563 (Computer Security),  CIT 2513 (Secure Electronic Commerce), CIT 2403 Advanced Networking Concepts, CIT 2543 (Information Security Assurance).

Beyond the core, students take two  Information Assurance (IA) electives. Students participating in the program must register as such for each Systems course to receive specialized INFOSEC training/assignments in these courses. (An option for working non-traditional students is to demonstrate proficiency in systems areas by passing comprehensive examinations in those areas.)

4011 Certificate Curriculum:

CIT 2563 Computer Security 3 hours CIT 2513 Secure Electronic Commerce 3 hours CIT 2403 Advanced Networking Concepts 3 hours CIT 2543 Information Security Assurance 3 hours Information Assurance Elective 1 (not listed above) 3 hours Information Assurance Elective 2 (not listed above)

The 4012 certificate program, aimed at Senior System Managers (SSMs), extends the 4011 certificate with an additional course, CIT 2523 (Enterprise Security Management). This course provides the additional body of knowledge required by SSMs to accredit, extend and operate enterprise information systems in a secure mode.

4012 Certificate Curriculum

CIT 2563 Computer Security 3 hours
CIT 2513 Secure Electronic Commerce 3 hours
CIT 2523 Enterprise Security Management 3 hours
CIT 2403 Advanced Networking Concepts 3 hours
CIT 2543 Information Security Assurance 3 hours
Information Assurance Elective 1 (not listed above) 3 hours
Information Assurance Elective 2 (not listed above) 3 hours
Total: 21 hours

The 4013 certificate program, aimed at System Administrators (SAs), extends the 4011 program with an additional course, CIT 2573 (Secure System Administration and Certification). This course provides the additional body of knowledge required to accredit, extend and operate as administrators of information systems in a secure mode.

4013 Certificate Curriculum

CIT 2563 Computer Security 3 hours
CIT 2513 Secure Electronic Commerce 3 hours
CIT 2573 Secure System Administration and Certification 3 hours
CIT 2643 Wireless Networking 3 hours
CIT 2323 Network Security 3 hours
Network Systems Course (not listed above) 3 hours
Information Assurance Elective 1 (not listed above) 3 hours
Information Assurance Elective 2 (not listed above) 3 hours
Total : 24 hours

The 4014 certificate program, aimed at certifying Information Systems Security Officers, extends the 4011 program with an additional course, CIT 2523 (Enterprise Security Management). This course provides the additional body of knowledge required to accredit, extend and operate enterprise information systems in a secure mode. Moreover, proficiency in operating systems, databases and networks must be demonstrated.

4014 Certificate Curriculum

CIT 2563 Computer Security 3 hours
CIT 2513 Secure Electronic Commerce 3 hours
CIT 2523 Enterprise Security Management 3 hours
CIT 2583 Operating Systems 3 hours
CIT 2183 Advanced Databases 3 hours
Network Systems Course (not listed above) 3 hours
Information Assurance Elective 1 (not listed above) 3 hours
Information Assurance Elective 2 (not listed above) 3 hours
Total: 24 hours

The 4015 certificate program, aimed at certifying systems certifiers, extends the 4011 program with additional courses, CIT 2523 (Enterprise Security Management) and CIT 2573 (Secure System Administration and Certification). This course provides the additional body of knowledge required to accredit, extend and operate as systems certifiers in a secure mode. Moreover, proficiency in operating systems, databases and networks must be demonstrated.

4015 Certificate Curriculum

CIT 2563 Computer Security 3 hours
CIT 2513 Secure Electronic Commerce 3 hours
CIT 2523 Enterprise Security Management 3 hours
CIT 2573 Secure System Administration and Certification 3 hours
CIT 2583 Operating Systems 3 hours
CIT 2183 Advanced Databases 3 hours
Network Systems Course (not listed above) 3 hours
Information Assurance Elective 1 (not listed above) 3 hours
Information Assurance Elective 2 (not listed above) 3 hours
Total: 27 hours

The 4016 certificate program, aimed at training individuals performing risk analyst function for national security systems and unclassified systems. This standard presents an in-depth analysis of the range of skills required for persons performing RA function.

4016 Certificate Curriculum

CIT 2563 Computer Security 3 hours
CIT 2513 Secure Electronic Commerce 3 hours
CIT 2523 Enterprise Security Management 3 hours
CIT 2573 Secure System Administration and Certification 3 hours
CIT 2603 Security Auditing and Penetration Testing 3 hours
CIT 2583 Operating Systems 3 hours
CIT 2323 Network Security 3 hours
Network Systems Course (not listed above) 3 hours
Information Assurance Elective 1 (not listed above) 3 hours
Total: 27 hours

The following four-year institutions have a transfer agreement with Rose State College:

1. Agreement with Oklahoma State University Information Technology - Degree in Information Assurance and Forensics (PDF)
2. Agreement with South Western Oklahoma State University - Degree in Computer Science or Information Systems (PDF)

In addition to the acceptance of Associate in Science and Associate in Arts transfer degree programs, Rose State College has entered into specific articulation agreements for specific programs such as Cyber Security, Applied Technology, Technical Supervision and Management, and others.  Four-year institutions with which Rose State College holds articulation agreements include the College of Liberal Studies at the University of Oklahoma the University of Central Oklahoma, East Central University, Northeastern Oklahoma State University, and others.  Evidence of the articulation agreements at this web site.

The state of Oklahoma offers concurrent enrollment to high school students who meet the required academic criteria.  Rose State College participates in this initiative with Mid-Del Public Schools and various smaller school systems within its service area.  The Prospective Student Services Office, the College student recruiting oversees these outreach efforts as well as the gap funding initiative, “Ticket to Rose” that became available to students in 2009.  In addition, specific articulation agreements, Cooperative Alliances, which pertain to the Cyber Security Program have been negotiated which allow for articulation between the technology center of the Mid-Del Public School System, and other area technology centers in the College’s service area.  Students who are in the related programs may earn college credit while still attending the career technology center.  These Cooperative Alliances are available at the following website.  A specific “Technology Center Catalog” is printed annually and made available on the College website. This catalog specifies the admission and enrollment requirements and the course equivalencies between the College coursework and the technology center program coursework. 

Evidence of the Cooperative Alliance Agreements can be seen in excerpts from the “Technology Center Catalog” designating the course equivalencies: Career Tech Catalog (PDF).

1. PDF of the Mid-Del Technology Center agreement (page 10)
   Actual Articulation Agreement
2. Eastern Oklahoma County Technology Center (page 10)
   Actual Articulation Agreement
3. Metro Technology Center (page 10)
   Actual Articulation Agreement
4. Moore Norman Technology Center (page 10)
   Actual Articulation Agreement
5. Gordon Cooper Technology Center (page 10)
   Actual Articulation Agreement

Rose State College also hosts workshops on “Identity Theft,” “Risk Management,” and “Access Data Certified Examiner Training,” the Forensic Toolkit training, to local schools and other two-year institutions during in-service training. Schools that have participated in these training activities include:

1. Rose State College participating in the DC3 challenge 2009-2010
2. Rose State Cyber Security / Information Assurance competition 2007
   1st Place Chad Johnson - Free Cruise
   2nd Place Grant Katus - Free Cruise
3. Rose State Cyber Security / Information Assurance competition 2008
   1st Place Jimmy Scruggs - Free Cruise
   2nd Place Amber May - Free Cruise
4. Rose State Cyber Security / Information Assurance competition 2009
   (IA competition canceled in 2009 due to scheduling conflict)
5. Rose State Cyber Security sponsored the Biggest Loser 2008-2009 Competition
   2008-2009 Flyer (PDF)
   1st Place - Kimberly Mayhall - $500
   2nd Place - Ken Dewey - $350
   3rd Place - Landry Nagle - $150
6. Rose State Cyber Security / Information Assurance competition 2010
   Spring 2010 Flyer (PDF)
   1st Place - Brandon Hale - $100 Best Buy Gift Card
   2nd Place - Laura Lewis - $50 Best Buy Gift Card
   3rd Place - Shawn Blood - Rose State Cyber Security Polo Shirt
   All participants will receive a 16GB USB Flash Drive

Current competitions hosted by or assisted by the Rose State IA Program:

1. Cyber Security Invitational Competition – hosted by OSU-IT, Rose State Cyber Security students served as mentors to the career technology students entered in the competition
2. Skills USA – Rose State Cyber Security students mentored students in the area of Micro Hardware and Operating Systems and also in the area of Networking

Course Length: This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours. Projects assigned during the course will require an estimated 2 times the amount of contact hours for an additional 80 hours bringing the estimated total class hours to 120.

Course Description: The student will learn the fundamentals of network security. Students will study security design and development.

Course Learning Objectives: The student will learn the fundamentals of network security. Students will study security design and development. The proper use of access control lists, firewalls, VPNs, and Intrusion Detection Systems.

Major Topics: Upon completion of Network Security, the student will be able to:

1. Demonstrate a basic knowledge of Network Security.
2. Demonstrate the ability to design and implement a secure network.
3. Demonstrate the ability to analysis and assess security breeches.
4. Configure access control lists
5. Verify audit log overflow policy
6. Secure audit trails from unauthorized alteration and/or deletion
7. Discuss requirements reporting alternative means to satisfy audit collections
8. Verify criteria for generating alerts provided by audit tools
9. Demonstrate proper host hardening techniques
10. Discuss documenting results of any change in security processing mode
11. Configure security policies
12. Configure and evaluate Virtual Private Networks
13. Configure and evaluate Firewalls
14. Understand dialup, dedicated connections, public vs. private networks and the different security issues associated with each
15. Segment and configure networks to include DMZs
16. Configure and evaluate various Intrusion Detection Systems
17. Different Encryption methods - pros and cons
18. Demonstrate a basic knowledge of asynchronous vs. synchronous
19. Analyze network traffic
20. Identify and fingerprint various different network protocols
21. Method of Instruction: Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects.

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material.

Grades for the course will be based on the following:

Two Examinations 45%
Homework 20%
Individual Projects 20%    
Analyzing network traffic    
Fingerprinting - Identifying network protocols
Attendance / Participation 15%

These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.

Course Length: This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours. Projects assigned during the course will require an estimated 1.5 times the amount of contact hours for an additional 60 hours bringing the estimated total class hours to 100.

Course Description: Students will be introduced to security problems in computer, basic encryption and decryption techniques. Secure encryption systems and cryptographic protocols and practices will also be presented.

Course Prerequisites: CIT 1613

Course Learning Objective:  An understanding of basic concepts of computer security. Emphasis on encryption and decryption, and cryptographic protocols and practices.

Major Topics Covered: Upon completion of Computer Security the student will be able to:

1. define security
2. communication security
3. modes of operation
4. discuss compartmented and partitioned security aspects
5. identify threats, vulnerabilities, risks and the major categories and impact of threats
6. describe aspects of countermeasures
7. describe methods of defense 
8. examine encryption and decryption
9. examine cryptography techniques and concepts
10. discuss the crypto elements of interruption, interception, modification and fabrication
11. discuss key management as it pertains to crypto systems
12. electronic key management system (EKMS) policy and procedure
13. evaluate secure programs
14. verify contents of user registries and access control tables
15. examine different transmission techniques and security
16. identify protection in Operating Systems
17. evaluate database security
18. data protection via passwords, physical, encryption and biometrics
19. intrusion methods and countermeasures
20. identify risk analysis
21. appraise identification and authentication mechanisms
22. policy management and risk management
23. DITSCAP and certification/accreditation
24. life cycles, trusts, modes, and NSTISS
25. personnel roles and responsibilities
26. implement RSA 
27. discuss TEMPEST
28. evaluate emanation security
29. access controls  
30. Mandatory Access control lists
31. Discretionary Access control lists
32. Vulnerability analysis

Method of Instruction: Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material. 

Grades for the course will be based on the following:

Two Examinations 45%
Homework 20%
Individual Projects 10%
Group Projects 10%
Attendance / Participation 15%

These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.

Course Length: This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours.

Course Description: An introductory course which covers the fundamental hardware and software concepts involved in a basic network.  The standard open systems interconnect model, popular LAN topologies and network administration will be discussed.

Major Topics: Upon completion of Introduction to Networks the student will be introduced to:

1. Networking standards
2. OSI model
3. Network protocols
4. Transmission basics and media
5. Physical and logical topologies
6. Networking hardware
7. WANs and remote connectivity
8.  Network OS
9.  Netware
10.  Networking with UNIX
11. TCP/IP and the Internet
12. Troubleshooting
13. Maintaining and upgrading a network
14. Integrity and availability
15.  Network security

Method of Instruction: Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects.

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material. These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.

Course Length:  This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours.

Course Description:  An introductory course which covers the fundamental hardware and software concepts involved in a basic network.  The standard open systems interconnect model, popular LAN topologies and network administration will be discussed.

Major Topics:  Upon completion of Introduction to Networks the student will be introduced to:

1. Introducing Hardware
2. How Hardware and Software Work Together
3. Understanding the Boot Process and Command Line
4. Electricity and Power Supplies
5. The Motherboard
6. Managing Memory
7. Floppy Drives
8. Understanding and Installing Hard Drives
9. Optimizing and Protection Hard Drives
10. Supporting I/O Devices
11. Multimedia Devices and Mass Storage
12. Supporting Windows 9x
13. Windows 2000 and Windows NT
14. Managing and Troubleshooting Windows 2000
15. Installing and Using Windows XP Professional
16. Managing and Supporting Windows XP Professional
17. Supporting Modems
18. PCs on a Network
19. PCs on the Internet
20.  Notebooks, Tablet PCs, and PDAs
21. Supporting Printers

Method of Instruction:  Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects.

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material. These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.

Course Length: This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours. Projects assigned during the course will require an estimated 1.5 times the amount of contact hours for an additional 60 hours bringing the estimated total class hours to 100.

Course Description: This course is an in depth study of secure electronic commerce, cryptography, passwords, certification authorities, public key infrastructure, biometrics, digital signatures and PKI. Legal and national policy secure electronic commerce issues will be discussed.

Course Prerequisites: CIT 1503

Course Learning Objectives: Upon completion of Secure E- Commerce the student will have an understanding of secure electronic commerce architectures and proficiency with related technologies. Students will gain an appreciation for legislative and regulatory issues of secure electronic commerce and the role of public policy in shaping a global digital economy. An introduction to security architectures for secure electronic commerce including digital signatures, certificates, and public key infrastructure (PKI) will be presented. Legal and national policy secure electronic commerce issues will be examined.

Major Topics: Upon completion of this course, students will have an understanding of the following topics:

1. Web technology
2. Privacy and security for users
3. Web server security
4. Security for content providers
system development and how the system is maintained
5. National COMSEC policy
6. Digital signatures
7. Public Key Infrastructure (PKI)
8. Electronic Key Management Systems (EKMS)
9. EKMS policy and procedures
10. EDI
11. Symmetric and asymmetric systems
12. Risk management and assessment
13. Roles and responsibilities of organizational personnel 
14. Cryptography
15. Utilize telnet and xml
16. Utilize Unix in an automated trading environment
17. RSA
18. SSL
19. Certificates
20. Credit Card Transactions
21. Basic Encryption
22. TEMPEST schemes and theory
23. Have an understanding of legal and national policies pertaining to ecommerce
24. Cyber Law and ethics
25. Uniform laws, UETA, UCITA, and ESIGN 
26. Digital and non-digital evidence 
27. Hardware, software, input, output and multi-user environments vulnerabilities are discussed
28. Concurrent access to storage devices
29. Utilizing multiple drives for redundancy purposes
30. Pros and cons of distributed and stand alone systems are discussed
31. Information warfare (INFOWAR)
32. Database applications as pertaining to distributed systems
33. Operations security and information security
34. Contingency planning and disaster recovery
35. Communications security
36. Classification and destruction of information is examined
37. Security clearances and managing of classified data is discussed
38. Threat identification, prioritization, vulnerabilities and countermeasures
39. Policy creation, enforcement and management
40. Discretionary, mandatory and non-discretionary access control methods
41. Role-based and task-based control methods
42. System life cycles, trusts and modes
43. AIS security, accountability and information protection
44. NSTISS planning and management
45. Coordinating policy for redeploying systems to the SA, SSM, CIO, DAA, CTO...
46. Method of Instruction: Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects. A digital economy simulation will be used to reinforce the understanding of EDI, RSA, and secure transactions.

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material.

Grades for the course will be based on the following:

2 Examinations 45%
Homework 20%
Individual Projects 10%
Group Projects 10%
Attendance / Participation 15%

These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.

Course Length: This 3 credit hour undergraduate course runs for 16 weeks with 2.5 contact hours per week totaling 40 contact hours.

Course Description: This class covers best computer-security practices and industry standards to deter attacks and better defend networks.

Major Topics: Upon completion of Network Troubleshooting and Performance the student will be introduced to:

1. Security Auditing Tools and Techniques
2. Penetration testing tools and techniques
3. HIPPA Security regulations
4. Detect and defend against virus outbreaks
5. Recognize Cyber Extortion
6. Network Architecture
7. Port Scanning
8. Incident Respond / Reconstruction
9. Network Discovery
10. Wireless network analysis
11. Existing Security measures
12. Assessment process
13. Perimeter Defense / IDSs

Method of Instruction: Lectures, class discussion, hands on projects for both individuals and groups, tests covering text and projects. Numerous lab exercises will be utilized to illustrate the topics above.

Course Assessment: The basic means of evaluation will be student scores on tests, lab assignments, projects and other assignments relating to the course material. These scores will be equated to a semester score between 0 and 100. The final grade will be based on the standard A-F scale. Borderline scores will be considered for equating the next higher grade by the instructor, based on attendance, participation, and demonstrated effort.