Skip to main content

CSS 490: Cyber Security Capstone

Course Description

This course serves as a comprehensive assessment of knowledge and skills in information systems and cybersecurity. Activities include research into selected security problems and planning, designing and implementing security solutions for a user organization.

Prerequisites

  • ENG 101: English Composition 1
  • ENG 102: English Composition 2
  • ITE 145: Fundamentals of Information Systems Security

Student Learning Outcomes (SLOs)

Students who successfully complete this course will be able to:

  1. Identify the objectives and detailed requirements of an Information Technology (IT) security services RFP.
  2. Explain the procedures of a vendor bidder's conference.
  3. Plan and perform a security compliance gap analysis.
  4. Assess the effectiveness of existing security controls.
  5. Conduct an enterprise-wide security assessment.
  6. Prepare a qualitative risk and security assessment report.
  7. Develop a plan to mitigate risks identified during the risk and security assessment.
  8. Identify Business Impact Analysis (BIA), Business Continuity Plan (BCP), and Disaster Recovery Plan (DRP) requirements that meet client's needs.
  9. Design a layered security solution to protect IT assets.
  10. Present a formal RFP response.

General Education Outcomes (GEOs)

Please check the applicable GEOs for this course, if any, by outcomes at GEO Category Search, or by subject area at GEO Discipline Search.

Course Activities and Grading

Assignments

Weight

Discussions - Technical Assessments (Weeks 1-7)

5%

Project: Executive Summary

10%

Project: Problem Statement

10%

Project: Research

10%

Project: Data Analysis

10%

Project: Solution Design

10%

Project: Evaluation Design

10%

Project: Documentation

5%

Project: Teamwork

5%

Project: Presentation

5%

Final Exams (Weeks 3-7)

20%

Total

100%

Required Textbooks

  • There are no required textbooks, however, students may find it helpful to refer to materials from previous courses.

Course Schedule

Week

SLOs

Readings and Exercises

Assignments

1

1

Topic: Release of an RFP for Security Assessment Services

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 1 Assignments
    • Assignment 1: Review of Firm’s Qualifications (Research)
    • Assignment 2: Phased Project Approach and High-Level Project Plan Outline (Evaluation Design)
    • Assignment 3: RFP Clarification Qualification Questions (Data Analysis)
  • Submit Week 1 Project
    • Project Part 1: RFP Response Report, an Introduction (Presentation)

2

2,3

Topics: RFP Bidder’s Conference and Security Policy Framework Gap Analysis

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 2 Assignments
    • Assignment 1: Review of Requirements and Clarification Questions (Research)
    • Assignment 2: Project Plan Modifications Based on Qualifications Answered (Evaluation Design)
    • Assignment 3: High-level Description of Current Client's Need (Problem Statement)
    • Assignment 4: RFP Technical Requirements and Differences from Existing Controls (Data Analysis)
    • Assignment 5: IT Security Compliance and Governance Gap Analysis Plan Outline (Evaluation Design)
    • Assignment 6: Benefits of Your Recommendations (Solution Design)

3

4,5

Topics: Security Controls for Privacy Data and Conducting a Security Assessment

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 3 Assignments
    • Assignment 1: Data Privacy Legal Requirements as per RFP's Compliance Requirements (Data Analysis)
    • Assignment 2: Compliance Project Plan Definition (Evaluation Design)
    • Assignment 3: Data Privacy Security Gap Mitigations Actions as per RFP's Compliance Requirements (Solution Design)
    • Assignment 4: Security Project Plan Definition (Data Analysis)
    • Assignment 5: Procedure to Conduct a Security Assessment and Risk Identification (Solution Design)
  • Complete Comprehensive Final Exam: Block 1

4

6,7

Topics: Developing the Security Assessment Report and Mitigating Identified Risks and Security Concerns

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 4 Assignments
    • Assignment 1: Risk Assessment Project Plan Definition (Data Analysis)
    • Assignment 2: Data Security Mitigation Actions Based on Qualitative Risk Assessment (Solution Design)
    • Comprehensive Final Exam: Block 2
    • Assignment 3: Risk Prioritization and Mitigation Project Plan Definition (Data Analysis)
    • Assignment 4: Risk Mitigation Actions Based on Qualitative Risk Assessment's Risk Prioritization (Solution Design)
  • Complete Comprehensive Final Exam: Block 2

5

8

Topics: Identifying BCP, BIA, and DRP Requirements

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 5 Assignments
    • Assignment 1: BCP Outline and Table of Contents as per BIA (Evaluation Design)
    • Assignment 2: DRP Outline, Table of Contents, and Estimation of BIA Performance (Evaluation Design)
  • Complete Comprehensive Final Exam: Block 3

6

9

Topic: Layered Security Solutions

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Review the Lecture material
  • Participate in the Discussions (Technical Assessment)
  • Submit Week 6 Assignments
    • Assignment 1: Phased Project Approach and High-level Project Plan Including Prioritized Security Controls (Solution Design)
    • Assignment 2: Layered Security Solution Response Report (Solution Design)
    • Assignment 3: Layered Security Solution Executive Summary (Executive Summary)
  • Complete Comprehensive Final Exam: Block 4

7

1-9

Topics: Final Exam and Technical Assessment

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Participate in the Discussions (Technical Assessment)
  • Complete Comprehensive Final Exam: Block 5

8

10

Topics: Formal Vendor Presentations and Reports of Proposed Solutions

  • Readings:
    • Review the Government RFP for Information Security Assessment Services
  • Submit Week 8 Projects
    • Project Part 2: RFP Vendor Response, Team Presentations (Presentation)
    • Project Part 2: RFP Response Report, Team Delivery (Documentation)
    • Project Part 2: RFP Teamwork Evaluation (Teamwork)
  • Complete the Course Evaluation

COSC Accessibility Statement

Charter Oak State College encourages students with disabilities, including non-visible disabilities such as chronic diseases, learning disabilities, head injury, attention deficit/hyperactive disorder, or psychiatric disabilities, to discuss appropriate accommodations with the Office of Accessibility Services at OAS@charteroak.edu.

COSC Policies, Course Policies, Academic Support Services and Resources

Students are responsible for knowing all Charter Oak State College (COSC) institutional policies, course-specific policies, procedures, and available academic support services and resources. Please see COSC Policies for COSC institutional policies, and see also specific policies related to this course. See COSC Resources for information regarding available academic support services and resources.