Information Security Graduate Certificate

CNSS - Logo

Developing a strong information security program in today’s world is crucial and challenging for most organizations. In general, information security means protecting information from unauthorized access, disclosure, or destruction. Information security is essential because most organizations, including government agencies, hospitals, insurance companies, and private businesses, store various kinds of information about their employees and customers. If any business-related information is confidential, the security of that data becomes crucial. For example, if critical business data (e.g., credit card numbers or design documents) is leaked to competitors or hackers, it could lead to loss of business, lawsuits, and even bankruptcy. Organizations also need to be able to comply by standards and laws—such as HIPPA, PCI and GLBA—which help protect confidential and privacy of customer data.

The Information Security certificate program will touch upon various aspects of information security, including IT security policies and system security. Students may also learn about digital forensics to help in investigating a security breach, or obtain a good understanding of how information is stored in a database and what services are available to protect it. On completing the graduate certificate, the students will have sufficient skills in developing and implementing IT security in their organizations.

Students who complete the Graduate Certificate in Information Security will be able to demonstrate:

  • Advanced knowledge of information security concepts, governance, biometric systems, and database systems security, as well as network security and cryptography.
  • Proficiency in risk management, such as asset assessments, architectural solutions, modeling, and design.
  • Competence in security policies, processes, technology, and operations.

Program Options

Available on campus and in the following formats:

  • Online
  • Blended: By combining the convenience of online study and the dynamic of face-to-face learning, the blended format provides added flexibility and new avenues of opportunity for those with demanding schedules. Each course for the Graduate Certificate in IT Project Management  combines online study with four on-campus Saturday meetings per semester.

Prerequisite courses or evidence of proficiency in these areas must accompany the application to the program. If college-level credit courses are not in evidence, the department will determine what prerequisite courses must be completed in addition to the graduate certificate requirements. Students claiming equivalent proficiency in prerequisite courses from non-academic sources must take an examination to demonstrate such proficiency.

Official transcripts of previous academic work, two letters of recommendation, personal statement, and résumé are required as part of the application.

A maximum of two graduate-level courses (8 credits) taken at Metropolitan College prior to acceptance into the program may be applied toward the certificate.

Minimum passing grade for a course in the graduate certificate program is C (2.0), but an average grade of B (3.0) must be maintained to be in good academic standing and satisfy the certificate requirements.

Apply Online

Academic credits earned toward the Graduate Certificate in Information Security may be transferred to a Master of Science degree in Computer ScienceComputer Information Systems, or Telecommunication.

Prerequisites

Bachelor’s degree from a regionally accredited institution. Some courses may have additional prerequisites.

Courses

(Four courses/16 credits)

Choose any four of the following:

In this course we will study the fundamental and design applications of various biometric systems based on fingerprints, voice, face, hand geometry, palm print, iris, retina, and other modalities. Multimodal biometric systems that use two or more of the above characteristics will be discussed. Biometric system performance and issues related to the security and privacy aspects of these systems will also be addressed.   [ 4 cr. ]

Section Type Instructor Location Days Times
A1 IND Djordjevic M 6:00 pm – 8:45 pm

The course provides a strong foundation in database security and auditing. This course utilizes Oracle scenarios and step-by-step examples. The following topics are covered: security, profiles, password policies, privileges and roles, Virtual Private Databases, and auditing. The course also covers advanced topics such as SQL injection, database management security issues such as securing the DBMS, enforcing access controls, and related issues. Prereq: MET CS 579 or MET CS 669; or instructor's consent.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
A1 IND Wolfe CGS 527 M 6:00 pm – 9:00 pm
E1 IND Wolfe CGS 527 M 6:00 pm – 9:00 pm
O1 IND Carroll ARR
Spring 2017
Section Type Instructor Location Days Times
C1 IND Wolfe W 6:00 pm – 8:45 pm
E1 IND Wolfe W 6:00 pm – 8:45 pm
O1 IND Carroll ARR

This course enables IT professional leaders to identify emerging security risks and implement highly secure networks to support organizational goals. Discussion of methodologies for identifying, quantifying, mitigating and controlling risks. Students implement a comprehensive IT risk management plans (RMP) that identify alternate sites for processing mission-critical applications, and techniques to recover infrastructure, systems, networks, data and user access. The course also discusses related topics such as: disaster recovery, handling information security; protection of property, personnel and facilities; protection of sensitive and classified information, privacy issues, and criminal terrorist and hostile activities.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
D1 IND Wolfe FLR 265 R 6:00 pm – 9:00 pm
E1 IND Wolfe FLR 265 R 6:00 pm – 9:00 pm
O1 IND Pak ARR
Spring 2017
Section Type Instructor Location Days Times
D1 IND Burgoyne R 6:00 pm – 8:45 pm
E1 IND Burgoyne R 6:00 pm – 8:45 pm
BCL IND Rachamadugu S 8:30 am – 4:00 pm

This course will cover advanced network security issues and solutions. The main focus on the first part of the course will be on Security basics, i.e. security services, access controls, vulnerabilities, threats and risk, network architectures and attacks. In the second part of the course, particular focus and emphasis will be given to network security capabilities and mechanisms (Access Control on wire-line and wireless networks), IPsec, Firewalls, Deep Packet Inspection and Transport security. The final portion of the course will address Network Application security (Email, Ad-hoc, XML/SAML and Services Oriented Architecture security. As part of our course review we will explore a number of Network Use Cases. Prereq: MET CS 535 or MET CS 625; Familiarity with OSI and TCP/IP protocol stack; Background-familiarity with binary numbers, prime numbers, binary- hexadecimal-decimal conversions, etc; Familiarity with computer programming concepts; or instructor's consent.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
C1 IND Zhang HAR 210 W 6:00 pm – 9:00 pm
E1 IND Zhang HAR 210 W 6:00 pm – 9:00 pm
Spring 2017
Section Type Instructor Location Days Times
B1 IND Staff T 6:00 pm – 8:45 pm
O1 IND Tis ARR

Provides a comprehensive understanding of digital forensics and investigation tools and techniques. Learn what computer forensics and investigation is as a profession and gain an understanding of the overall investigative process. Operating system architectures and disk structures are discussed. Studies how to set up an investigator's office and laboratory, as well as what computer forensic hardware and software tools are available. Other topics covered include importance of digital evidence controls and how to process crime and incident scenes, details of data acquisition, computer forensic analysis, e-mail investigations, image file recovery, investigative report writing, and expert witness requirements. Provides a range of laboratory and hands-on assignments either in solo or in teams. With rapid growth of computer systems and digital data this area has grown in importance.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
E1 IND Sheehan FLR 109 S 9:00 am – 12:00 pm
O1 IND Navarro ARR
Spring 2017
Section Type Instructor Location Days Times
O1 IND Navarro ARR

Overview of mobile forensics investigation techniques and tools. Topics include mobile forensics procedures and principles, related legal issues, mobile platform internals, bypassing passcode, rooting or jailbreaking process, logical and physical acquisition, data recovery and analysis, and reporting. Provides in-depth coverage of both iOS and Android platforms. Laboratory and hands-on exercises using current tools are provided and required.  [ 4 cr. ]

Section Type Instructor Location Days Times
D1 IND Zhang R 6:00 pm – 8:45 pm
E1 IND Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm

The course provides an in-depth presentation of security issues in computer systems, networks, and applications. Formal security models are presented and illustrated on operating system security aspects, more specifically memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application- level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients. Prereq: MET CS 625; or instructor's consent.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
A1 IND Jacobs FLR 267 M 6:00 pm – 9:00 pm
E1 IND Jacobs FLR 267 M 6:00 pm – 9:00 pm
BHA IND Dyer T 6:00 pm – 9:00 pm
Spring 2017
Section Type Instructor Location Days Times
A1 IND Jacobs FLR M 6:00 pm – 8:45 pm
E1 IND Jacobs FLR M 6:00 pm – 8:45 pm
O1 IND Pak ARR
BCL IND Rachamadugu U 8:00 am – 3:30 pm

This course provides a comprehensive understanding of network forensic analysis principles. Within the context of forensics security, network infrastructures, topologies, and protocols are introduced. Students understand the relationship between network forensic analysis and network security technologies. Students will learn to identify network security incidents and potential sources of digital evidence and demonstrate the ability to perform basic network data acquisition and analysis using computer based applications and utilities. Students will also identify potential applications for the integration of network forensic technologies and demonstrate the ability to accurately document network forensic processes and analysis. Prereq: MET CS 625 and MET CS 695; or instructor's consent.  [ 4 cr. ]

Section Type Instructor Location Days Times
E1 IND Jacobs FLR 264 S 1:00 pm – 4:00 pm

This course provides an introduction to the advanced digital forensic topic relating to malicious software (malware), which represents an increasing information security threat to computer systems and networks. Students will review software engineering design fundamentals and reverse engineering techniques utilized to conduct static and dynamic forensic analysis on computer systems and networks. Students will learn about the importance of forensic principles, legal considerations, digital evidence controls, and documentation of forensic procedures. This course will incorporate demonstrations and laboratory exercises to reinforce practical applications of course instruction and will require an independent research paper related to the course topic. Prereq: MET CS 693 and MET CS 703; or instructor's consent.  [ 4 cr. ]

The course covers the main concepts and principles of cryptography with the main emphasis put on public key cryptography. It begins with the review of integers and a thorough coverage of the fundamentals of finite group theory followed by the RSA and ElGamal ciphers. Primitive roots in cyclic groups and the discrete log problem are discussed. Baby-step Giant-step and the Index Calculus probabilistic algorithms to compute discrete logs in cyclic groups are presented. Naor -- Reingold and Blum -- Blum -- Shub Random Number Generators as well as Fermat, Euler and Miller-Rabin primality tests are thoroughly covered. Pollard's Rho, Pollard's and Quadratic Sieve factorization algorithms are presented. The course ends with the coverage of some oblivious transfer protocols and zero-knowledge proofs. There are numerous programming assignments in the course. Prereq: MET CS 248 and MET CS 566; or instructor's consent.  [ 4 cr. ]

Section Type Instructor Location Days Times
B1 IND Temkin CGS 515 T 6:00 pm – 9:00 pm

This course builds on the material covered in CS 789 Cryptography. It begins with the coverage of commutative rings, finite fields, rings of polynomials, and finding of the greatest common divisor in the ring of polynomials. Irreducible polynomials are discussed. Field extensions and fields Fᴩ [x]/P are thoroughly covered. The main emphasis is put on elliptic curves over Fᴩ and F₂ and the ElGamal cipher on elliptic curves is presented. Block ciphers DES and double and triple DES are introduced. AES and WHIRLPOOL block ciphers and modes of operation are covered. The course continues with the introduction of message integrity and message authentication. In the last part of the course cryptographic hash functions SHA-512 and WHIRLPOOL as well as various digital signatures are introduced. Finally, entity authentication and key management issues are discussed. Prereq: MET CS 789; or instructor's consent.  [ 4 cr. ]

Prerequisites

Bachelor’s degree from a regionally accredited institution. Some courses may have additional prerequisites.

Courses

(Four courses/16 credits)

Choose any four of the following:

The course provides a strong foundation in database security and auditing. This course utilizes Oracle scenarios and step-by-step examples. The following topics are covered: security, profiles, password policies, privileges and roles, Virtual Private Databases, and auditing. The course also covers advanced topics such as SQL injection, database management security issues such as securing the DBMS, enforcing access controls, and related issues. Prereq: MET CS 579 or MET CS 669; or instructor's consent.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
A1 IND Wolfe CGS 527 M 6:00 pm – 9:00 pm
E1 IND Wolfe CGS 527 M 6:00 pm – 9:00 pm
O1 IND Carroll ARR
Spring 2017
Section Type Instructor Location Days Times
C1 IND Wolfe W 6:00 pm – 8:45 pm
E1 IND Wolfe W 6:00 pm – 8:45 pm
O1 IND Carroll ARR

This course enables IT professional leaders to identify emerging security risks and implement highly secure networks to support organizational goals. Discussion of methodologies for identifying, quantifying, mitigating and controlling risks. Students implement a comprehensive IT risk management plans (RMP) that identify alternate sites for processing mission-critical applications, and techniques to recover infrastructure, systems, networks, data and user access. The course also discusses related topics such as: disaster recovery, handling information security; protection of property, personnel and facilities; protection of sensitive and classified information, privacy issues, and criminal terrorist and hostile activities.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
D1 IND Wolfe FLR 265 R 6:00 pm – 9:00 pm
E1 IND Wolfe FLR 265 R 6:00 pm – 9:00 pm
O1 IND Pak ARR
Spring 2017
Section Type Instructor Location Days Times
D1 IND Burgoyne R 6:00 pm – 8:45 pm
E1 IND Burgoyne R 6:00 pm – 8:45 pm
BCL IND Rachamadugu S 8:30 am – 4:00 pm

Provides a comprehensive understanding of digital forensics and investigation tools and techniques. Learn what computer forensics and investigation is as a profession and gain an understanding of the overall investigative process. Operating system architectures and disk structures are discussed. Studies how to set up an investigator's office and laboratory, as well as what computer forensic hardware and software tools are available. Other topics covered include importance of digital evidence controls and how to process crime and incident scenes, details of data acquisition, computer forensic analysis, e-mail investigations, image file recovery, investigative report writing, and expert witness requirements. Provides a range of laboratory and hands-on assignments either in solo or in teams. With rapid growth of computer systems and digital data this area has grown in importance.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
E1 IND Sheehan FLR 109 S 9:00 am – 12:00 pm
O1 IND Navarro ARR
Spring 2017
Section Type Instructor Location Days Times
O1 IND Navarro ARR

Overview of mobile forensics investigation techniques and tools. Topics include mobile forensics procedures and principles, related legal issues, mobile platform internals, bypassing passcode, rooting or jailbreaking process, logical and physical acquisition, data recovery and analysis, and reporting. Provides in-depth coverage of both iOS and Android platforms. Laboratory and hands-on exercises using current tools are provided and required.  [ 4 cr. ]

Section Type Instructor Location Days Times
D1 IND Zhang R 6:00 pm – 8:45 pm
E1 IND Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm
E1 Staff T 6:00 pm – 8:45 pm

The course provides an in-depth presentation of security issues in computer systems, networks, and applications. Formal security models are presented and illustrated on operating system security aspects, more specifically memory protection, access control and authentication, file system security, backup and recovery management, intrusion and virus protection mechanisms. Application level security focuses on language level security and various security policies; conventional and public keys encryption, authentication, message digest and digital signatures. Internet and intranet topics include security in IP, routers, proxy servers, and firewalls, application- level gateways, Web servers, file and mail servers. Discussion of remote access issues, such as dial-up servers, modems, VPN gateways and clients. Prereq: MET CS 625; or instructor's consent.  [ 4 cr. ]

Fall 2016
Section Type Instructor Location Days Times
A1 IND Jacobs FLR 267 M 6:00 pm – 9:00 pm
E1 IND Jacobs FLR 267 M 6:00 pm – 9:00 pm
BHA IND Dyer T 6:00 pm – 9:00 pm
Spring 2017
Section Type Instructor Location Days Times
A1 IND Jacobs FLR M 6:00 pm – 8:45 pm
E1 IND Jacobs FLR M 6:00 pm – 8:45 pm
O1 IND Pak ARR
BCL IND Rachamadugu U 8:00 am – 3:30 pm

This course provides a comprehensive understanding of network forensic analysis principles. Within the context of forensics security, network infrastructures, topologies, and protocols are introduced. Students understand the relationship between network forensic analysis and network security technologies. Students will learn to identify network security incidents and potential sources of digital evidence and demonstrate the ability to perform basic network data acquisition and analysis using computer based applications and utilities. Students will also identify potential applications for the integration of network forensic technologies and demonstrate the ability to accurately document network forensic processes and analysis. Prereq: MET CS 625 and MET CS 695; or instructor's consent.  [ 4 cr. ]

Section Type Instructor Location Days Times
E1 IND Jacobs FLR 264 S 1:00 pm – 4:00 pm

This course provides an introduction to the advanced digital forensic topic relating to malicious software (malware), which represents an increasing information security threat to computer systems and networks. Students will review software engineering design fundamentals and reverse engineering techniques utilized to conduct static and dynamic forensic analysis on computer systems and networks. Students will learn about the importance of forensic principles, legal considerations, digital evidence controls, and documentation of forensic procedures. This course will incorporate demonstrations and laboratory exercises to reinforce practical applications of course instruction and will require an independent research paper related to the course topic. Prereq: MET CS 693 and MET CS 703; or instructor's consent.  [ 4 cr. ]

Program requirements for the online Information Security Graduate Certificate can be viewed here.

View all Computer Science & IT graduate courses.