• Overview - 2019/2020

    This three-year Advanced Diploma in Cyber Security will provide students with the foundational information security (InfoSec) skills and knowledge necessary to be successful in the IT security industry.

    Foundational topics will include information security, ethics, network management/analysis, programming and scripting, operating systems, and database management. Building on those foundational topics, the curriculum will also develop students' skills in the areas of risk analysis, cryptography, vulnerability testing, access control implementation, and security audit performance. Graduates of this program will be able to proactively implement sound security practices to mitigate security risks and respond quickly to security breaches and issues that may have occurred.

    Through hands-on laboratory activities, case study analyses, and research projects, students will enhance their information security understanding and develop their interpersonal, communication, organizational, and problem-solving skills. This program will also include three co-operative education work placements to further enhance all of those skills.

    This program will be delivered face-to-face (web-facilitated).

    Cyber Security program photos

    Program coordinator:

    Karen MacIntyre

  • Admission Requirements - 2019/2020

    OSSD with courses from the College (C), University (U),
    University/College (M), or Open (O) stream WITH:
    -  Any Grade 12 English (C) or (U)
    -  Any Grade 11 or Grade 12 Mathematics* (C), (U), or (M)
    OR
    Academic and Career Entrance Certificate (ACE)
    OR
    Ontario High School Equivalency Certificate (GED) AND:
    -  Any Grade 11 or Grade 12 Mathematics* (C), (U), or (M)
    OR
    Mature Applicant with standing in the required courses stated above

    Note:

    • *Applicants who lack the required Mathematics may still gain eligibility for admission by completing appropriate prior upgrading.

    English Language Requirements

    Applicants whose first language is not English will be required to demonstrate proficiency in English by one of the following methods:

    • A Grade 12 College Stream or University Stream English credit from an Ontario Secondary School, or equivalent, depending on the program's Admission Requirements
    • Test of English as a Foreign Language (TOEFL) test with a minimum score of 550 for the paper-based test (PBT), or 79 for the Internet-based test (iBT), with test results within the last two years
    • International English Language Testing System (IELTS) Academic test with an overall score of 6.0 with no score less than 5.5 in any of the four bands, with test results within the last two years. SDS Program Requirements. 
    • Canadian Academic English Language (CAEL) test with an overall score of 60 with no score less than 50 in any of the four bands, with test results within the last two years
    • Pearson Test of English Academic (PTE) with a minimum score of 53, with test results within the last two years
    • A Cambridge English Test (FCE/CAE/CPE) with an overall score on the Cambridge English Scale of 169 with no language skill less than 162, with test results within the last two years
    • An English Language Evaluation (ELE) at Fanshawe College with a minimum score of 70% in all sections of the test, with test results within the last two years
    • Fanshawe College ESL4/GAP5 students: Minimum grade of 80% in ESL4/GAP5 Level 8, 75% in ESL4/GAP5 Level 9, or 70% in ESL4/GAP5 Level 10

    Recommended Academic Preparation

    • Grade 12 Business and Technological Communication (O)
    • Grade 11 and Grade 12 Computer Engineering Technology (M)
    • Grade 11 Introduction to Computer Science (U)
    • Grade 12 Computer Science (U)
    • Grade 11 Information and Communication Technology: The Digital Environment (O)
    • Grade 12 Information and Communication Technology: Multimedia Solutions (C)
    • Academic and Career Entrance Certificate (ACE): Business or Technical Mathematics course and Computer Skills course

    Applicant Selection Criteria

    Where the number of eligible applicants exceeds the available spaces in the program, the Applicant Selection Criteria will be:
    1. Preference for Permanent Residents of Ontario
    2. Receipt of Application by February 1st (After this date, Fanshawe College will consider applicants on a first-come, first-served basis until the program is full)
    3. Achievement in the Admission Requirements
  • Courses

    Cyber Security-2019/2020

    Level 1Credits
    Take all of the following Mandatory Courses:

    Group 1
    INFO-1218Operating Syst Fundamentals for Security3
    This course will introduce the student to the fundamentals common to operating systems. The system architecture of privilege ring levels to provide security protection of kernel level programs from user level operations will be discussed. How the OS handles hardware and software resources including program execution, interrupts and memory management for standard input and standard output operation will be examined. The basic implementation of both Windows and Linux operating systems will be presented with hands on activities.
    INFO-1220Networking Fundamentals for Security5
    This course provide students with a comprehensive overview of the concepts to build the foundations to implement secure practices on networks. The OSI and TCP/IP network communication models will be examined for network communication with special emphasis on Layers 2, 3 and 4. Students will examine the operation of networking devices and networking protocols and discuss the security issues of those protocols.
    INFO-1221Programming Fundamentals for Security5
    This course introduces the fundamental principles of procedural programming using the programming language C, with an emphasis on problem solving strategies. The course will introduce a variety of programming concepts and best practices for designing, implementing and deploying secure programs. Topics covered will include the following: an introduction to programming languages and the compiling process, data types and expressions, control flow, memory structure and management and the use of memory buffers, complex data types including arrays and structures, the use of pointers, writing and testing of functions, input and output streams, and the use of pre-processor directives.
    INFO-1222Database Fundamentals for Security3
    This course introduces the student to the concept of relational databases. Using MySQL, emphasis will be placed on designing a database, while considering normalization. Students will learn how to maintain a database using basic SQL syntax, creating advanced queries and stored procedures. Steps will be introduced to secure a database.
    PHIL-1019Ethics3
    This course provides an overview of the nature of ethics by examining a wide range of issues that arise in the realm of cyber technology as well as other, broader social and ethical concerns that confront society today. Students will study traditional ethical theories, examine the foundations of a moral system, and learn how to formulate sound arguments in order to effectively debate moral issues. The course will also explore the nature of our moral obligations as members of our communities and profession.
    SRTY-1021Cyber Security3
    Cyber security is the protection of IT systems from damage or threats as well as disruption and misdirection of services. This course will provide students with an understanding of the main concepts and principles of cybersecurity including CIA (confidentiality, integrity and availability). Students will explore the common vulnerabilities in computer and network systems and understand current defenses. The methodology hackers use to exploit these systems will also be examined.


    Group 2
    TAKE WRIT-1043 OR WRIT-1034
    WRIT-1043Reason & Writing 1 for IT3
    This course will introduce information technology students to essential principles of reading, writing, and reasoning at the postsecondary level. Students will identify, summarize, analyze, and evaluate multiple short readings and write persuasive response essays to develop their vocabulary, comprehension, grammar, and critical thinking.
    WRIT-1034Reason & Writing 1-EAP4
    This course will introduce students whose first language is not English to essential principles of reading, writing, and reasoning at the postsecondary level. Students will identify, summarize, analyze, and evaluate multiple short readings and write persuasive response essays to develop their vocabulary, comprehension, grammar, and critical thinking. Special attention will also be paid to developing academic vocabulary, correcting common ESL errors, enhancing academic listening and note-taking skills, and improving oral fluency and confidence.

    Level 2Credits
    Take all of the following Mandatory Courses:
    CRIM-1036Cybercrime3
    This course introduces students to the legal and social issues related to cybercrime. Students will explore the origins of cybercrime, the evolution of threats, and the motivations and methods involved in cybercrime. Students will develop an understanding of the digital environment, hacker subculture, cyber stalking, and data theft.
    INFO-1207Network Components4
    A comprehensive overview of the concepts and operation of networking equipment in enterprise networks. Concentrating on the principles of switching and routing and the protocols involved. Topics will include Ethernet, STP, VLANs, 802.1q, IP protocol, and routing protocols. Switch and router security measures are employed throughout the course.
    INFO-1208PHP Fundamentals3
    Overview of the PHP language, main concepts, methodologies and best practices of coding professionally. Students will gain an understanding of essential elements of HTTP such as cookies and sessions, syntax, structural elements of PHP and accomplish tasks using array functions and interact with a database using PHP's MySQL functions.
    INFO-1209Cryptography & Authentication Systems3
    Introduction to modern cryptography with an emphasis on public key encryption, digital signatures, certificate and key management and basic protocols. Students will explore methods of protecting data by looking at how cryptography has evolved over the centuries to the complex methods of today.
    INFO-1210Securing Linux4
    This course builds on the basics of the Unix operating system. Students will learn the core utilities to work productively in a Linux environment and develop command line skills. Topics will include shell scripts, managing permissions, process management and network applications & services with an emphasis on the system-related security issues.
    INFO-1212Securing Windows Systems3
    Windows is still the most widely used operating system in business today, and, consequently, it is a major target to security attacks. Students will be able to recognize and understand the common vulnerabilities of Windows systems through the use of various tools and techniques to decrease and control these threats. The course also introduces defense strategies and techniques through a better understanding of system file permissions, group policies, Windows registry, PowerShell, active directory and malware prevention.

    Level 3Credits
    Take all of the following Mandatory Courses:
    COMM-3077Communications for IT3
    This course, designed for students who plan to work in the field of information technology, focuses on professional written communication skills. Students learn to prepare a variety of work-related documents. In addition, students learn about research methods and documentation formats. The principles of effective writing organization, grammar, style, clarity and tone are reinforced throughout the course. The goal of the course is to prepare students for the communication tasks and considerations they will encounter in the workplace.
    COOP-1020Co-operative Education Employment Prep1
    This workshop will provide an overview of the Co-operative Education consultants and students' roles and responsibilities as well as the Co-operative Education Policy. It will provide students with employment preparatory skills specifically related to co-operative education work assignments and will prepare students for their work term.
    INFO-3127Network Protocols3
    Protocols are the backbone of networking and are formal sets of rules that dictate the ways in which computers communicate with one another over a network medium. This course will provide students with a detailed understanding of the protocols used in network communication. Students will explore the service definitions and analyze the protocols at each of the layers of the OSI and TCP/IP models. The implications of adding security mechanisms to high-level network protocols operating in an open-system environment are analyzed.
    INFO-3128Scripting for Security3
    In this course students will use a variety of tools and frameworks to write scripts that would handle common and repetitive tasks and system administration tasks such as managing files, services or security controls. Students will also write scripts for test automation and batch processes.
    SRTY-3004Web Security 13
    Students will learn about the security threats, software vulnerabilities, and hacker attacks that are commonly implemented against commercial applications, including SQL injection, Cross-Site Scripting, and session hijacking. Students will also learn how to design and administer web services and applications using collaborative web tools and content management software.
    SRTY-3005Security Mechanisms3
    This course will investigate key concepts in the analysis of network traffic through deep packet inspection. Traditional perimeter defense systems such as firewalls, VPN's and Intrusion Prevention systems will be examined as well as the implementation of endpoint security systems.
    SRTY-3007Auditing & Security Controls3
    A primary security focus is the safeguards implemented to protect businesses and their assets, but it is imperative to determine if those protective measures are actually working. This course will concentrate on the concepts of auditing, controls and security in an IT environment.
    SRTY-3008Security Management3
    The objective of Security Management is to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. This course will concentrate on developing and implementing IT security strategies and methods. The necessary skills to identify and evaluate security management systems will also be provided. Students will prepare and determine how risk can be measured and managed.

    Level 4Credits
    Take all of the following Mandatory Courses:
    COMM-1127Technical Writing & Presentation3
    Students will be expected to apply academic conventions and proper citation in the writing and presentation of appropriate documentation. Effective team building and communication in a culturally diverse and international environment will also be explored.
    CRIM-3001Criminology3
    This course introduces students to the study of crime and delinquency within a Canadian context. Topics included for study are: the making of laws, the elements of crime, crime statistics, correlates and theories of crime, specific forms of crime and strategies for crime control.
    INFO-3126Wireless & Mobile3
    This course will examine the risks and vulnerabilities in the use of wireless and mobile networks. Students will implement and actively manage the security configuration of wireless and mobile devices in order to prevent attackers from exploiting vulnerable services and settings.
    INFO-3129Network Monitoring4
    This course will explore the components of a log collection system as well as log file management and optimization of the log review process through the correlation of events and real time alerts. Students will explore how to introduce and manage change in a controlled and coordinated manner.
    INFO-3131Evolving Technologies & Threats3
    Traditional networks and how they are used is changing with the introduction of virtualization, Cloud computing, the Internet of Things, and SDN. This course will study how these technologies impact the security and integrity of data and also examine systems that are increasingly at risk, e.g. mission critical systems (SCADA).
    SRTY-3009Computational Intelligence for Security3
    Security intelligence is the real-time collection and analysis of data, generated by users and applications used to learn and understand about constantly evolving security threat. This course will introduce the student to cognitive systems that interpret data, add to their base of knowledge, and help you take action based on consideration of relevant variables.
    SRTY-5008Web Security 24
    Students will build on concepts and techniques introduced in the Web Security course in order to enhance security on servers that handle email and web applications. Socket programming and browser exploitation methods will also be explored.

    Level 5Credits
    Gen Ed - Take a 3 credit General Education elective course
    Take all of the following Mandatory Courses:
    INFO-5117Digital & Network Forensics3
    Digital forensics is the investigation, analysis and interpretation of digital data resulting from a network attack. Steps are taken to reconstruct past events to determine what data was compromised and the method used to access the data. The evidence gathered could be used in a court of law but also used to change company security practices to prevent future attacks.
    INFO-5118Perimeter Defence & Design4
    This course will further examine the principle of perimeter security as introduced in the Security Mechanisms course. Hands on implementation of security appliance products will provide an in depth examination of perimeter security solutions.
    INFO-5119Attack Vectors & Analysis3
    Students will analyze and investigate the various techniques hackers use to gain access to corporate data and bypass security measures. This course will examine a variety of real-life case studies that include study attack data and analysis of threats.
    SRTY-3012Incidence Handling & Response3
    In this course, students will learn to design and manage key business information security functions including incident response, disaster recovery, and business continuity plans. Planning, reporting and budgeting are all addressed. Students will use business case studies to analyze and develop effective plans and solutions for various business scenarios.
    SRTY-5007Penetration Testing4
    This course examines the legal issues involving ethical hacking to test corporate defense systems. The critical phases of an attack - scanning, enumeration, foot- printing, and social engineering - will be explored. Students will also be introduced to the latest ethical hacking tools and techniques to test corporate security systems.
    INFO-5127Network Security3
    This course will concentrate on managing network users and clients with active directory services and end point security solutions.

    Level 6Credits
    Gen Ed - Take a 3 credit General Education elective course
    Take all of the following Mandatory Courses:
    INFO-5116Research Project & Entrepreneurship5
    Students will synthesize the theoretical and practical skills gained throughout the program in a research project that addresses a specific cyber security issue. Case studies and/or live client scenarios will be presented, and students will have the opportunity to explore or develop security solutions to meet a company/organization's needs.
    INFO-5120Secure Network Architecture5
    Students will incorporate all of the security solutions they have learned over the course of the program to develop and deploy security architecture components that allow for scalable and secure IT infrastructures. This course will combine planning policies with offensive and defensive techniques to defend a network from all threats.
    SRTY-5004Hacking Techniques & Exploits4
    Students will examine the tools and techniques used to exploit vulnerabilities, methods of attack, and defense mechanisms. Studying systems attack scenarios will help students to identify means to better defend systems. The phases of ethical hacking, gaining access, maintaining access and covering one's tracks will be highlighted.
    SRTY-5005Penetration Testing-Adv4
    Student will acquire in-depth knowledge of attack vectors. Using an environment in which to perform these attacks as part of numerous hands-on scenarios. The methodology of a given attack is discussed to find significant flaws in a target environment and demonstrate the business risk associated with these flaws.
    SRTY-5006Malware Analysis & Response4
    This course will examine the behaviour of a program to provide deeper insight into attacker tools and tactics and key characteristics of malware present on compromised systems. Concepts of reverse engineering and behavioural and code analysis will be used to analyze the malware attack lifecycle from the initial exploit.

    Gen Ed - Electives
    Take 6 General Education credits -
    Normally taken in Levels 5 and 6

    Program Residency
    Students Must Complete a Minimum of 35 credits in this
    program at Fanshawe College to meet the Program Residency
    requirement and graduate from this program

  • Careers - 2019/2020

    Career Opportunities

    Information Security Analyst, Network Operations Centre Analyst, Business Continuity Manager, Ecommerce Manager, Information Security Manager, Network Penetration Specialist, InfoSec Consultant
  • More Information - 2019/2020

    A Mandatory Mobile Computing (Laptop) Program
    A Co-operative Education Program
    A Three-Year Ontario College Advanced Diploma Program
    Program Code: CYB1
    Campus Code: LC (LC - London)
    September/January Admission
    15 week terms
     
    Academic Calendars available at www.fanshawec.ca/academicdates

    Contact

    School of Information Technology: 519-452-4291

    Program Description

    This three-year Advanced Diploma in Cyber Security will provide students with the foundational Information Security (InfoSec) skills and knowledge necessary to be successful in the IT Security industry. Foundational topics will include information security, ethics, network management/analysis, programming and scripting, operating systems, and database management. Building on those foundational topics, the curriculum will also develop students’ skills in the areas of risk analysis, cryptography, vulnerability testing, access control implementation, and security audit performance. Graduates of this program will be able to proactively implement sound security practices to mitigate security risks and respond quickly to security breaches and issues that may have occurred.

    Through hands-on laboratory activities, case study analyses, and research projects, students will enhance their Information Security understanding and develop their interpersonal, communication, organizational, and problem-solving skills. This program will also include three co-operative education work placements to further enhance all of those skills.

    This program will be delivered face-to-face (web-facilitated).

    Other Information

    • A laptop computer is to be purchased by the student approximately $1600.00.  The cost of the laptop is included in the General Expenses stated in the Fee Schedule.
    • A CONNECT lab fee of $50.00 per academic term is included in the Additional Program Fees stated in the Fee Schedule. This fee helps cover costs associated with the delivery of the CONNECT mobile computing program.   
    • Students should not purchase a laptop computer or software until the College publishes the recommended configuration, models, software titles and versions for that academic year.

    Co-operative Education

    This three-year program has three co-op work terms.  Students who fulfill both the academic and co-op requirements of the program will be eligible to graduate with a Co-op Endorsed Diploma.  More information about Co-operative Education can be found at www.fanshawec.ca/co-op.
    Learning Outcomes 
    1. Configure, implement, and manage security devices and equipment considering the unique features of the computer operating systems, networks, applications and software.
    2. Implement and evaluate security solutions for business processes, applications and communications to protect business resources and respond to the needs of all the internal stakeholders.
    3. Use project management principles to implement security strategies and processes that address the organization's information security requirements.
    4. Develop, implement and evaluate organizational security policies, standards and regulations to promote internal security.
    5. Perform vulnerability assessments and penetration testing for infrastructures, web and applications, using both manual and automated techniques.
    6. Evaluate and apply tools and techniques to formulate countermeasures to secure information systems against security threats.
    7. Perform security audits and forensic analysis to evaluate the effectiveness of a security system, and identify and correct security vulnerabilities.
    8. Monitor and analyze logs and alerts from security devices to determine the extent of a security breach and what data has been compromised.
    9. Identify, collect and log relevant data as evidence for a sample case within a business or in the Canadian Justice System.

    Program Pathways

    For information about Program Pathways visit www.fanshawec.ca/programpathways.
Share this Program