Cybersecurity Fundamentals for Practitioners and Managers
Start here to learn the concepts, tools and terminology of the field
- Self-paced, flexible online course — September 18–November 3, 2023
- Live-online sessions with instructors (Monday & Wednesday, 7-8 p.m. Eastern)
- No prior cybersecurity experience required
- Program led by real-world industry experts and cybersecurity practitioners
- Potential financial options available — Elevate Delaware funding | Scholarships and discounts including military, UD student/alum, 2 or more (group) and others.
- LEARN MORE — view info session presentation
Cybersecurity is an essential topic for many businesses, schools, banks, and other organizations. As our lives evolve online, it is critical to prioritize securing our online identities and assets. Additionally, with online business transactions becoming a standard, every employee must understand how to keep information and their networks safe.
Designed to give participants a general awareness of cybersecurity and to familiarize them with basic tools and terminology, this course covers fundamentals of cybersecurity and acts as a starting point into a cybersecurity career. The goal is to provide participants with the foundational skills and vocabulary enabling pursuit of further training or certification, preparing for a future transition into a cybersecurity operations or administrator role.
No prior cybersecurity experience is required.
PARTICIPANTS WILL LEARN:
- Cybersecurity terms, definitions
- Networking fundamentals
- Attacks, vulnerabilities, threats
- Security assessments, mitigation and penetration testing
- Cybersecurity framework
- Risk assessments
WHO SHOULD PARTICIPATE?
Anyone interested in a career change who possesses an interest in technology and security
Module 1: Fundamental Concepts
Duration: 1 week
Learning objective: Identify cybersecurity fundamental concepts and explain their roles in the discipline.
- What is cybersecurity?
- CIA triad: confidentiality, integrity, availability
- Authorization, authentication, accounting (log)
- Security and usability
- Risk management
Module 2: Networking
Duration: 1 week
Learning objective: Describe how devices communicate with one another across the internet and explain the steps that occur in that process from when a user enters a web address into an address bar until the content is delivered to the user’s device:
- IP addresses
- Router / switches
- OSI model
Module 3: Attacks, Vulnerabilities, Threats
Duration: 2 weeks
Learning objective: Compare, contrast and differentiate between the most common weaknesses and vulnerabilities, cyber attack methodologies, and types of threat actors.
- Weakness and vulnerability databases
- National Vulnerability Database
- Exploit Database
- Attack methodology frameworks and databases, cyber kill chain
- MITRE ATT&CK Matrix
- Threat actors
- “Script kiddies”
- Organized crime
- Advanced persistent threat groups (APT)
- Insider threats
- Security threats
- Social engineering
- Malware (examples, definitions, pictures)
- Unauthorized access
- System failure
Module 4: Security Assessments, Mitigation and Penetration Testing
Duration: 2 weeks
Learning objective: Illustrate how the different approaches to cyber risk mitigation work to protect organizations and individuals..
- Security assessments
- Penetration testing
- Policy vs. procedures
- Controls: procedural and technical
- Attack vectors
- Threat intelligence
- Threat hunting
Module 5: Cybersecurity Framework
Duration: 1 week
Learning objective: Discuss the NIST Cybersecurity Framework and how it can lower the risk of a threat if an organization correctly implements the procedures.
- NIST Cybersecurity Framework
Casey Rock is a computer scientist in the defense industry and a recent graduate of the University of Delaware. Rock holds a B.S. in computer science with a concentration in cybersecurity. While studying at UD, Rock worked for Booz Allen Hamilton as a computer scientist supporting the Department of Defense for two years. During his time at Booz Allen, Rock developed knowledge graphs for cyber vulnerabilities and implemented computer architectures for cloud resources.
During his 4 years at UD, Rock created a personal cyber simulation network that allows hackers and defenders a safe place to test their skills. This technology was used to teach the University of Delaware’s Secure Software class. Also, Rock worked on UD’s Red Team, where he provided security audits to small businesses.
Dylan Martin is a software engineer in the government. Martin graduated from the University of Delaware with a computer engineering degree and minors in computer science and cybersecurity. In his career, Martin leads software development groups to create cutting-edge technologies. As these technologies grow in popularity, Martin must develop security strategies to allow the programs to run successfully at scale. These skills allow Martin to focus on secure software at the beginning of the development phase.
At UD, Martin led the UD penetration testing and offensive cyber VIP team. He also worked for two years at the Department of Defense, creating new standard data models that enhance the power of cybersecurity data collection.
Reynolds is a computer engineer in the defense industry. His research interests are varied and include cortical based machine intelligence, ontology and cybersecurity. Reynolds has a passion for computer science, engineering and cybersecurity education and the transformative effect that it can have on a person’s life trajectory.
Reynolds holds undergraduate degrees in computer engineering, computer science and history as well as an M.S. in cybersecurity. Prior to entering the defense industry, while still an undergraduate, Reynolds led UD’s Hacking Club, helped develop a student-run penetration testing team and was a senior member of the Blue Hens cybersecurity Capture the Flag team which was ranked in the top 1.4% worldwide at the time.