| Dates | Topic & Assignments Due | Readings |
|---|---|---|
| Tuesday, 1/11/2022 |
Introduction to the Course |
|
| Thursday, 1/13/2022 |
Threat modeling |
Anderson, Ch. 1 Read the beginning of each chapter, skim the rest of the chapter: “Threat Modeling,” by Adam Shostack, Introduction, Chapter 1, Chapter 4 Optional: Schneier, Chapter 21 |
| Tuesday, 1/18/2022 |
Risk Assessment |
|
| Thursday, 1/20/2022 |
Start Milestone 1: Risk Assessment Report Draft Information Privacy |
Tim Cook, “‘Technology can harm, can help” |
| Tuesday, 1/25/2022 | Introduction to Linux | Google Cloud Platform (GCP) | |
| Thursday, 1/27/2022 |
Lab 2: Web Privacy and Anonymity Lab due Introduction to Cryptography |
Anderson, Chapter 5 |
| Saturday, 1/29/2022 |
Milestone 1: Risk Assessment Report Draft due |
|
| Tuesday, 2/1/2022 |
Introduction to Cryptography continued… |
Anderson, Chapter 5 |
| Thursday, 2/3/2022 |
In-class Lab and Milestone 2 Team Work |
|
| Saturday, 2/5/2022 |
Lab 3: Introduction to Google Cloud Platform and Linux Tutorial due Milestone 2: Risk Assessment Final Report due |
|
| Tuesday, 2/8/2022 |
Symmetric Cryptography |
Anderson, Chapter 5 |
| Thursday, 2/10/2022 |
Lab 4: Symmetric Encryption & Hashing due Asymmetric Cryptography |
Anderson Chapter 5 |
| Tuesday, 2/15/2022 |
Digital Certificates and Public Key Infrastructure |
|
| Thursday, 2/17/2022 |
Lab 5: Asymmetric Cryptography due Authentication and Passwords |
Gosney, “How LinkedIn’s password sloppiness hurts us all“ Goodin, “Why passwords have never been weaker“ |
| Tuesday, 2/22/2022 |
Midterm Exam opens Password Cracking |
|
| Thursday, 2/24/2022 |
Introduction to Networking |
|
| Sunday, 2/26/2022 |
Deadline for Mid-term Exam |
|
| Tuesday 3/1/2022 |
SPRING BREAK – No Class |
|
| Thursday, 3/3/2022 |
SPRING BREAK – No Class |
|
| Tuesday, 3/8/2022 |
Introduction to Networking, continued.. Vulnerability Scanning. |
|
| Thursday, 3/10/2022 |
Lab 8: Vulnerability Discovery due Vulnerability Exploitation |
|
| Tuesday, 3/15/2022 |
Start Milestone 3: Penetration Test Vulnerability Exploitation continued… |
|
| Thursday, 3/17/2022 | Human Element – Information Security in Organizations |
|
| Tuesday, 3/22/2022 |
Lab 9: Vulnerability Exploitation due Physical Security |
Online video: Bruce Schneier, The Security Mirage “Cosmo, the Hacker ‘God’ Who Fell to Earth,” by Mat Honan. |
|
Thursday, 3/24/2022 |
Team/Group workday on Milestone 3 (no class meeting) |
|
| Saturday, 3/26/2022 |
Deadline for Lab Assignments 1-9 |
|
| Tuesday, 3/29/2022 |
Network Security Monitoring |
“Network Security Monitoring,” by Richard Bejtlich, Chapter 1 |
| Thursday, 3/31/2022 |
Milestone 3 Questions and Answers |
|
| Saturday, 4/2/2022 |
Milestone 3: Penetration Test Report due |
|
| Tuesday 4/5/2022 |
Incident Response – Equifax Case Study Incident Recovery – Maersk Case Study |
HBP Case Study: “Data Breach at Equifax,” Srinivasan et al. HBR Case Study: “CYBERATTACK:”The Maersk Global Supply-Chain Meltdown,” Wesley et al. |
| Thursday, 4/7/2022 |
Lab 10: Equifax & Maersk Case Studies Incident Recovery continued |
The Untold Story of NotPetya,” by Andy Greenberg |
| Tuesday, 4/12/2022 |
Lab 11: Social Engineering due Feedback & review of Milestone 3 Reports with teams |
Introduction and Chapter 0 of Practical Malware Analysis by Sikorski and Honig. |
| Thursday, 4/14/2022 |
Start Milestone 4: Final Penetration Test Report with Mitigations No class meeting Milestone 4 work (Group Work-Day for teams) |
|
| Tuesday, 4/19/2022 |
Malware Analysis Lab 12: Network Security Monitoring due
|
|
| Thursday, 4/21/2022 |
Course Wrap-up |
|
|
Saturday, 4/23/2022 |
Milestone 4: Final Penetration Test Report with Mitigations due |
|
|
Sunday, 4/23/2022 |
Final Exam opens
|
|
| Sunday, 5/1/2022 | Deadline for Lab Assignments 10-13 |
|
| Tuesday, 5/3/2022 |
Final Exam closes |
|