Information Technology: Cybersecurity

CampusStart DateTuition/Fees
Saint JohnSeptember 2019 Cost Estimate

Program Overview

Security violations, data breaches, and privacy failures are an ever-growing threat to businesses and individuals. Through classroom theory and hands-on projects in our advanced diploma program, you'll learn how to identify, analyze, and mitigate threats to internal IT systems and/or networks. You'll explore the systems, tools, and concepts used to minimize the risk to an organization's cyberspace, and the standards and procedures to protect the confidentiality, integrity, and availability of information and information systems. As one of the world's fastest growing technology fields, the demand for cyber security professionals has never been greater.

 


Duration

This program can be completed within one academic year.


Admission Requirements

    Profile F

  • Post-secondary diploma in Information Technology, Network Administration or Programming; or
    University degree in computer science or Information Systems; or
    Equivalent work experience in computer network administration and applications.


    Career Possibilities

    You will be well prepared for positions in which you will identify and document requirements, assess physical and technical security risks to data, software and hardware, and help develop policies, procedures and contingency plans to minimize the impacts of security breaches. Cybersecurity and information security is an area with a shortage of skilled applicants, and industry demand is expected to continue to grow as cyber threats become more sophisticated.

    In 2016, there were 331,535 vacancies across Canada (3,737 in New Brunswick) for positions that required cybersecurity knowledge or training.  As a graduate of this program, you may find work in a range of positions such as cyber defence analyst, cyber defence infrastructure support, and vulnerability assessment and management consultant.  
     


    Specific Considerations

    This program is a Learning Integrated Virtually Everywhere (L.I.V.E) program that requires the use of a notebook computer as part of the learning experience. Your notebook computer should meet minimum technical specifications to ensure the software for your program operates effectively. Check specifications listed on the LIVE program computer specifications.

    Students may be required by host agencies or employers to provide a current criminal records check and/or a reliability or secret clearance from a service recognized by the host agency or employer before they may start their work placement.


    Program Courses

    This year's courses are still under development. Showing 2018's courses for reference.

    This course is designed to provide students with a fundamental understanding of security principles and practices as it relates to cybersecurity. Students explore historical events, their impact on the evolution of the profession and emerging trends. In addition, they examine human and technical vulnerabilities in order to employ mitigation strategies and security defence techniques.

    This course is designed to provide students with the knowledge and skills required to formally evaluate risk in an enterprise environment. Students learn about the risk concepts, Harmonized Threat and Risk Assessment (HTRA) framework, and Business Continuity Planning (BCP).

    Prerequisites:

    • SECS1015A

    This course is designed to provide students with the knowledge to interpret local, national, and international rules, regulations, standards, and laws for the purpose of security compliance. Students explore criminal behaviour and legal implications. In addition, students examine the characteristics and confines of professional ethics. Engaging in lectures and case studies, students’ investigate security policies, privacy legislation and evidence collection protocols. 

    This course is designed to provide students with the knowledge and skills to work with Security Information and Event Management (SIEM) products. Students learn SIEM basics and how to perform installation. In addition, students explore configuration procedures and tuning techniques.

    Prerequisites:

    • SECS1015A
    • SECS1019A

    This course is designed to provide students with a fundamental knowledge of application security practices. Students learn how to assess applications to ensure the development of good security practices. In addition, students provide recommendations to reduce risks and possible vulnerabilities through an examination of web applications and enterprise application architecture.

    Prerequisites:

    • SECS1015A

    This course is designed to provide students with the knowledge and skills to secure an enterprise network. Students explore architectural components and their role in mitigation, various protocols, hardening techniques, and patching.

    Prerequisites:

    • SECS1015A

    This course provides students with an in-depth knowledge of OS and NOS security. Students explore security management configurations, practices, and hardening techniques for Windows, Unix and Linux environments. In addition, students examine key security products and their impact on risk mitigation.

    Prerequisites:

    • SECS1015A

    This course is designed to provide students with a comprehensive knowledge of cloud computing. Students learn techniques to mitigate risks by exploring cloud based technology, services and models.

    Prerequisites:

    • SECS1015A
    • SECS1019A
    • SECS1037A
    • SECS1042A

    This course is designed to provide students with the knowledge of enterprise vulnerabilities for the purpose of security mitigation. Students explore assessment tools, techniques and processes. Engaging in lectures and labs, students’ perform evaluations and remediations. 

    Prerequisites:

    • SECS1015A
    • SECS1019A

    This course is designed to provide students with the skills required to deploy and manage security products. Students explore anti-malware, intrusion detection and prevention software. Also examined are Data Loss Prevention (DLP) principles and practices as a means to mitigate risk.

    Prerequisites:

    • SECS1042A

    This course provides students with the knowledge and skills required to perform penetration testing in an enterprise environment. Ethical Hacking explores white and black hat hacking practices as well as their ethical ramifications. Engaging in lectures and labs, students’ use common hacking tools to exploit vulnerabilities by planning and executing their own pen test.

    Prerequisites:

    • SECS1042A
    • SECS1037A
    • SECS1032A

    This course provides students with a basic understanding of incident response and forensics. It focuses on how to detect, classify, and handle security incidents. Also, students learn the proper techniques to prepare and deliver a crisis communication plan. Incident Response and Forensics explores forensic principles and processes, including evidence retrieval and preservation.

    Prerequisites:

    • SECS1042A
    • SECS1015A
    • SECS1019A

    This capstone provides students the opportunity to integrate the knowledge and skills they have acquired from their introductory cybersecurity courses into a simulated project. Given a scenario, the students work independently to analyze the NBCC student network using the Harmonized Threat and Risk Assessment (HTRA) framework.

    Instructors provide students with the following support documentation:

    • -threat profile
      -description of system architecture
      -description of administrative, technical and physical security controls
      -asset list and valuations

    •  
    Using this documentation, as well as conducting technical vulnerability assessments, students apply the HTRA framework to better understand the flow of information, expected outcomes, and benefits. 


    Prerequisites:
    • SECS1037A
    • SECS1050A

    Capstone 2 provides students with the opportunity to use a SIEM product in a simulated scenario. Students install and configure a SIEM, then add their sources. In order to simulate potential attacks, students also perform vulnerability scans on peer networks. Targeted students in this scenario use the traffic to identify, analyze, and document malicious activities.

    Prerequisites:

    • SECS1028A
    • SECS1019A
    • SECS1050A
    • SECS1037A
    • SECS1042A

    This capstone gives students the opportunity to perform both attack and defence tactics within a gamified scenario. This ‘capture the flag’ style activity provides students with real-world penetration testing experience, while also managing the protection of their network given budgetary constraints. The object of the game is for teams to have the most virtual money at the end of the five-week capstone. Money is awarded based on the student’s ability to defend their networks (crown jewel assets) and attack peer networks. Students must make hard choices to protect their networks.
     
    The focus areas of this capstone are:

    • - Risk management and reporting
      - Prioritization of security budget
      - Continuous monitoring and response against motivated attackers
      - Hardening of systems


    Prerequisites:
    • SECS1058A
    • SECS1063A


    NOC Codes

    2171 - Information systems analysts and consultants
    2281 - Computer network technicians


    Disclaimer: This web copy provides guidance to prospective students, applicants, current students, faculty and staff. Although advice is readily available on request, the responsibility for program selection ultimately rests with the student. Programs, admission requirements and other related information is subject to change.

    Questions?  Ask Us

     

    Career Coach