Overview - 2019/2020
This three-year Advanced Diploma in Cyber Security will provide students with the foundational information security (InfoSec) skills and knowledge necessary to be successful in the IT security industry.
Foundational topics will include information security, ethics, network management/analysis, programming and scripting, operating systems, and database management. Building on those foundational topics, the curriculum will also develop students' skills in the areas of risk analysis, cryptography, vulnerability testing, access control implementation, and security audit performance. Graduates of this program will be able to proactively implement sound security practices to mitigate security risks and respond quickly to security breaches and issues that may have occurred.
Through hands-on laboratory activities, case study analyses, and research projects, students will enhance their information security understanding and develop their interpersonal, communication, organizational, and problem-solving skills. This program will also include three co-operative education work placements to further enhance all of those skills.
This program will be delivered face-to-face (web-facilitated).
Admission Requirements - 2019/2020
OSSD with courses from the College (C), University (U),
University/College (M), or Open (O) stream WITH:
- Any Grade 12 English (C) or (U)
- Any Grade 11 or Grade 12 Mathematics* (C), (U), or (M)
Academic and Career Entrance Certificate (ACE)
Ontario High School Equivalency Certificate (GED) AND:
- Any Grade 11 or Grade 12 Mathematics* (C), (U), or (M)
Mature Applicant with standing in the required courses stated above
- *Applicants who lack the required Mathematics may still gain eligibility for admission by completing appropriate prior upgrading.
English Language Requirements
Applicants whose first language is not English will be required to demonstrate proficiency in English by one of the following methods:
- A Grade 12 College Stream or University Stream English credit from an Ontario Secondary School, or equivalent, depending on the program's Admission Requirements
- Test of English as a Foreign Language (TOEFL) test with a minimum score of 550 for the paper-based test (PBT), or 79 for the Internet-based test (iBT), with test results within the last two years
- International English Language Testing System (IELTS) Academic test with an overall score of 6.0 with no score less than 5.5 in any of the four bands, with test results within the last two years. SDS Program Requirements.
- Canadian Academic English Language (CAEL) test with an overall score of 60 with no score less than 50 in any of the four bands, with test results within the last two years
- Pearson Test of English Academic (PTE) with a minimum score of 53, with test results within the last two years
- A Cambridge English Test (FCE/CAE/CPE) with an overall score on the Cambridge English Scale of 169 with no language skill less than 162, with test results within the last two years
- An English Language Evaluation (ELE) at Fanshawe College with a minimum score of 70% in all sections of the test, with test results within the last two years
- Fanshawe College ESL4/GAP5 students: Minimum grade of 80% in ESL4/GAP5 Level 8, 75% in ESL4/GAP5 Level 9, or 70% in ESL4/GAP5 Level 10
Recommended Academic Preparation• Grade 12 Business and Technological Communication (O)
• Grade 11 and Grade 12 Computer Engineering Technology (M)
• Grade 11 Introduction to Computer Science (U)
• Grade 12 Computer Science (U)
• Grade 11 Information and Communication Technology: The Digital Environment (O)
• Grade 12 Information and Communication Technology: Multimedia Solutions (C)
• Academic and Career Entrance Certificate (ACE): Business or Technical Mathematics course and Computer Skills course
Applicant Selection CriteriaWhere the number of eligible applicants exceeds the available spaces in the program, the Applicant Selection Criteria will be:
- Preference for Permanent Residents of Ontario
- Receipt of Application by February 1st (After this date, Fanshawe College will consider applicants on a first-come, first-served basis until the program is full)
- Achievement in the Admission Requirements
Credits Operating Syst Fundamentals for SecurityINFO-1218 3 This course will introduce the student to the fundamentals common to operating systems. The system architecture of privilege ring levels to provide security protection of kernel level programs from user level operations will be discussed. How the OS handles hardware and software resources including program execution, interrupts and memory management for standard input and standard output operation will be examined. The basic implementation of both Windows and Linux operating systems will be presented with hands on activities. Networking Fundamentals for SecurityINFO-1220 5 This course provide students with a comprehensive overview of the concepts to build the foundations to implement secure practices on networks. The OSI and TCP/IP network communication models will be examined for network communication with special emphasis on Layers 2, 3 and 4. Students will examine the operation of networking devices and networking protocols and discuss the security issues of those protocols. Programming Fundamentals for SecurityINFO-1221 5 This course introduces the fundamental principles of procedural programming using the programming language C, with an emphasis on problem solving strategies. The course will introduce a variety of programming concepts and best practices for designing, implementing and deploying secure programs. Topics covered will include the following: an introduction to programming languages and the compiling process, data types and expressions, control flow, memory structure and management and the use of memory buffers, complex data types including arrays and structures, the use of pointers, writing and testing of functions, input and output streams, and the use of pre-processor directives. Database Fundamentals for SecurityINFO-1222 3 This course introduces the student to the concept of relational databases. Using MySQL, emphasis will be placed on designing a database, while considering normalization. Students will learn how to maintain a database using basic SQL syntax, creating advanced queries and stored procedures. Steps will be introduced to secure a database. EthicsPHIL-1019 3 This course provides an overview of the nature of ethics by examining a wide range of issues that arise in the realm of cyber technology as well as other, broader social and ethical concerns that confront society today. Students will study traditional ethical theories, examine the foundations of a moral system, and learn how to formulate sound arguments in order to effectively debate moral issues. The course will also explore the nature of our moral obligations as members of our communities and profession. Cyber SecuritySRTY-1021 3 Cyber security is the protection of IT systems from damage or threats as well as disruption and misdirection of services. This course will provide students with an understanding of the main concepts and principles of cybersecurity including CIA (confidentiality, integrity and availability). Students will explore the common vulnerabilities in computer and network systems and understand current defenses. The methodology hackers use to exploit these systems will also be examined.
Credits Reason & Writing 1 for ITWRIT-1043 3 This course will introduce information technology students to essential principles of reading, writing, and reasoning at the postsecondary level. Students will identify, summarize, analyze, and evaluate multiple short readings and write persuasive response essays to develop their vocabulary, comprehension, grammar, and critical thinking. Reason & Writing 1-EAPWRIT-1034 4 This course will introduce students whose first language is not English to essential principles of reading, writing, and reasoning at the postsecondary level. Students will identify, summarize, analyze, and evaluate multiple short readings and write persuasive response essays to develop their vocabulary, comprehension, grammar, and critical thinking. Special attention will also be paid to developing academic vocabulary, correcting common ESL errors, enhancing academic listening and note-taking skills, and improving oral fluency and confidence. Level 2 Credits CybercrimeCRIM-1036 3 This course introduces students to the legal and social issues related to cybercrime. Students will explore the origins of cybercrime, the evolution of threats, and the motivations and methods involved in cybercrime. Students will develop an understanding of the digital environment, hacker subculture, cyber stalking, and data theft. Network ComponentsINFO-1207 4 A comprehensive overview of the concepts and operation of networking equipment in enterprise networks. Concentrating on the principles of switching and routing and the protocols involved. Topics will include Ethernet, STP, VLANs, 802.1q, IP protocol, and routing protocols. Switch and router security measures are employed throughout the course. PHP FundamentalsINFO-1208 3 Overview of the PHP language, main concepts, methodologies and best practices of coding professionally. Students will gain an understanding of essential elements of HTTP such as cookies and sessions, syntax, structural elements of PHP and accomplish tasks using array functions and interact with a database using PHP's MySQL functions. Cryptography & Authentication SystemsINFO-1209 3 Introduction to modern cryptography with an emphasis on public key encryption, digital signatures, certificate and key management and basic protocols. Students will explore methods of protecting data by looking at how cryptography has evolved over the centuries to the complex methods of today. Securing LinuxINFO-1210 4 This course builds on the basics of the Unix operating system. Students will learn the core utilities to work productively in a Linux environment and develop command line skills. Topics will include shell scripts, managing permissions, process management and network applications & services with an emphasis on the system-related security issues. Securing Windows SystemsINFO-1212 3 Windows is still the most widely used operating system in business today, and, consequently, it is a major target to security attacks. Students will be able to recognize and understand the common vulnerabilities of Windows systems through the use of various tools and techniques to decrease and control these threats. The course also introduces defense strategies and techniques through a better understanding of system file permissions, group policies, Windows registry, PowerShell, active directory and malware prevention. Level 3 Credits Communications for ITCOMM-3077 3 This course, designed for students who plan to work in the field of information technology, focuses on professional written communication skills. Students learn to prepare a variety of work-related documents. In addition, students learn about research methods and documentation formats. The principles of effective writing organization, grammar, style, clarity and tone are reinforced throughout the course. The goal of the course is to prepare students for the communication tasks and considerations they will encounter in the workplace. Co-operative Education Employment PrepCOOP-1020 1 This workshop will provide an overview of the Co-operative Education consultants and students' roles and responsibilities as well as the Co-operative Education Policy. It will provide students with employment preparatory skills specifically related to co-operative education work assignments and will prepare students for their work term. Network ProtocolsINFO-3127 3 Protocols are the backbone of networking and are formal sets of rules that dictate the ways in which computers communicate with one another over a network medium. This course will provide students with a detailed understanding of the protocols used in network communication. Students will explore the service definitions and analyze the protocols at each of the layers of the OSI and TCP/IP models. The implications of adding security mechanisms to high-level network protocols operating in an open-system environment are analyzed. Scripting for SecurityINFO-3128 3 In this course students will use a variety of tools and frameworks to write scripts that would handle common and repetitive tasks and system administration tasks such as managing files, services or security controls. Students will also write scripts for test automation and batch processes. Web Security 1SRTY-3004 3 Students will learn about the security threats, software vulnerabilities, and hacker attacks that are commonly implemented against commercial applications, including SQL injection, Cross-Site Scripting, and session hijacking. Students will also learn how to design and administer web services and applications using collaborative web tools and content management software. Security MechanismsSRTY-3005 3 This course will investigate key concepts in the analysis of network traffic through deep packet inspection. Traditional perimeter defense systems such as firewalls, VPN's and Intrusion Prevention systems will be examined as well as the implementation of endpoint security systems. Auditing & Security ControlsSRTY-3007 3 A primary security focus is the safeguards implemented to protect businesses and their assets, but it is imperative to determine if those protective measures are actually working. This course will concentrate on the concepts of auditing, controls and security in an IT environment. Security ManagementSRTY-3008 3 The objective of Security Management is to ensure the confidentiality, integrity and availability of an organization's information, data and IT services. This course will concentrate on developing and implementing IT security strategies and methods. The necessary skills to identify and evaluate security management systems will also be provided. Students will prepare and determine how risk can be measured and managed. Level 4 Credits Technical Writing & PresentationCOMM-1127 3 Students will be expected to apply academic conventions and proper citation in the writing and presentation of appropriate documentation. Effective team building and communication in a culturally diverse and international environment will also be explored. CriminologyCRIM-3001 3 This course introduces students to the study of crime and delinquency within a Canadian context. Topics included for study are: the making of laws, the elements of crime, crime statistics, correlates and theories of crime, specific forms of crime and strategies for crime control. Wireless & MobileINFO-3126 3 This course will examine the risks and vulnerabilities in the use of wireless and mobile networks. Students will implement and actively manage the security configuration of wireless and mobile devices in order to prevent attackers from exploiting vulnerable services and settings. Network Security MonitoringINFO-3129 4 This course will explore the components of a log collection system as well as log file management and optimization of the log review process through the correlation of events and real time alerts. Students will explore how to introduce and manage change in a controlled and coordinated manner. Evolving Technologies & ThreatsINFO-3131 3 This course will provide an understanding of the developing changes to technology and threats that impact modern networks. Students will examine the evolution of these technologies and study how these advancements may alter the security and the potential impact to the integrity and availability of the data of an organization. Computational Intelligence for SecuritySRTY-3009 3 Security intelligence is the real-time collection and analysis of data, generated by users and applications used to learn and understand about constantly evolving security threat. This course will introduce the student to cognitive systems that interpret data, add to their base of knowledge, and help you take action based on consideration of relevant variables. Web Security 2SRTY-5008 4 Students will build on concepts and techniques introduced in the Web Security course in order to enhance security on servers that handle email and web applications. Socket programming and browser exploitation methods will also be explored. Level 5 Credits Digital & Network ForensicsINFO-5117 3 Digital forensics is the investigation, analysis and interpretation of digital data resulting from a network attack. Steps are taken to reconstruct past events to determine what data was compromised and the method used to access the data. The evidence gathered could be used in a court of law but also used to change company security practices to prevent future attacks. Perimeter Defence & DesignINFO-5118 4 This course will further examine the principle of perimeter security as introduced in the Security Mechanisms course. Hands on implementation of security appliance products will provide an in depth examination of perimeter security solutions. Attack Vectors & AnalysisINFO-5119 3 Students will analyze and investigate the various techniques hackers use to gain access to corporate data and bypass security measures. This course will examine a variety of real-life case studies that include study attack data and analysis of threats. Incidence Handling & ResponseSRTY-3012 3 In this course, students will learn to design and manage key business information security functions including incident response, disaster recovery, and business continuity plans. Planning, reporting and budgeting are all addressed. Students will use business case studies to analyze and develop effective plans and solutions for various business scenarios. Penetration TestingSRTY-5007 4 This course examines the legal issues involving ethical hacking to test corporate defense systems. The critical phases of an attack - scanning, enumeration, foot- printing, and social engineering - will be explored. Students will also be introduced to the latest ethical hacking tools and techniques to test corporate security systems. Network SecurityINFO-5127 3 This course will concentrate on managing network users and clients with active directory services and end point security solutions. Level 6 Credits Research Project & EntrepreneurshipINFO-5116 5 Students will synthesize the theoretical and practical skills gained throughout the program in a research project that addresses a specific cyber security issue. Case studies and/or live client scenarios will be presented, and students will have the opportunity to explore or develop security solutions to meet a company/organization's needs. Secure Network ArchitectureINFO-5120 5 Students will incorporate all of the security solutions they have learned over the course of the program to develop and deploy security architecture components that allow for scalable and secure IT infrastructures. This course will combine planning policies with offensive and defensive techniques to defend a network from all threats. Hacking Techniques & ExploitsSRTY-5004 4 Students will examine the tools and techniques used to exploit vulnerabilities, methods of attack, and defense mechanisms. Studying systems attack scenarios will help students to identify means to better defend systems. The phases of ethical hacking, gaining access, maintaining access and covering one's tracks will be highlighted. Penetration Testing-AdvSRTY-5005 4 Student will acquire in-depth knowledge of attack vectors. Using an environment in which to perform these attacks as part of numerous hands-on scenarios. The methodology of a given attack is discussed to find significant flaws in a target environment and demonstrate the business risk associated with these flaws. Malware Analysis & ResponseSRTY-5006 4 This course will examine the behaviour of a program to provide deeper insight into attacker tools and tactics and key characteristics of malware present on compromised systems. Concepts of reverse engineering and behavioural and code analysis will be used to analyze the malware attack lifecycle from the initial exploit.
Careers - 2019/2020
Career OpportunitiesInformation Security Analyst, Network Operations Centre Analyst, Business Continuity Manager, Ecommerce Manager, Information Security Manager, Network Penetration Specialist, InfoSec Consultant
More Information - 2019/2020A Mandatory Mobile Computing (Laptop) Program
A Co-operative Education Program
A Three-Year Ontario College Advanced Diploma ProgramProgram Code: CYB1
Campus Code: LC (LC - London)
15 week terms
Academic Calendars available at www.fanshawec.ca/academicdates
ContactSchool of Information Technology: 519-452-4291
This three-year Advanced Diploma in Cyber Security will provide students with the foundational Information Security (InfoSec) skills and knowledge necessary to be successful in the IT Security industry. Foundational topics will include information security, ethics, network management/analysis, programming and scripting, operating systems, and database management. Building on those foundational topics, the curriculum will also develop students’ skills in the areas of risk analysis, cryptography, vulnerability testing, access control implementation, and security audit performance. Graduates of this program will be able to proactively implement sound security practices to mitigate security risks and respond quickly to security breaches and issues that may have occurred.
Through hands-on laboratory activities, case study analyses, and research projects, students will enhance their Information Security understanding and develop their interpersonal, communication, organizational, and problem-solving skills. This program will also include three co-operative education work placements to further enhance all of those skills.
This program will be delivered face-to-face (web-facilitated).
- A laptop computer is to be purchased by the student approximately $1600.00. The cost of the laptop is included in the General Expenses stated in the Fee Schedule.
- A CONNECT lab fee of $50.00 per academic term is included in the Additional Program Fees stated in the Fee Schedule. This fee helps cover costs associated with the delivery of the CONNECT mobile computing program.
- Students should not purchase a laptop computer or software until the College publishes the recommended configuration, models, software titles and versions for that academic year.
Co-operative EducationThis three-year program has three co-op work terms. Students who fulfill both the academic and co-op requirements of the program will be eligible to graduate with a Co-op Endorsed Diploma. More information about Co-operative Education can be found at www.fanshawec.ca/co-op.Learning Outcomes
- Configure, implement, and manage security devices and equipment considering the unique features of the computer operating systems, networks, applications and software.
- Implement and evaluate security solutions for business processes, applications and communications to protect business resources and respond to the needs of all the internal stakeholders.
- Use project management principles to implement security strategies and processes that address the organization's information security requirements.
- Develop, implement and evaluate organizational security policies, standards and regulations to promote internal security.
- Perform vulnerability assessments and penetration testing for infrastructures, web and applications, using both manual and automated techniques.
- Evaluate and apply tools and techniques to formulate countermeasures to secure information systems against security threats.
- Perform security audits and forensic analysis to evaluate the effectiveness of a security system, and identify and correct security vulnerabilities.
- Monitor and analyze logs and alerts from security devices to determine the extent of a security breach and what data has been compromised.
- Identify, collect and log relevant data as evidence for a sample case within a business or in the Canadian Justice System.