Computing Security Bachelor of science degree

de869fff-81e4-4ced-b945-da5537da8b93 | 90563

Overview

Preserve information assets, identify computer security vulnerabilities, and understand the forensics needed to prove an attack occurred, from identifying its origin and assessing the extent of the damage to designing strategies that ensure data recovery.


The computing security degree at RIT is a cybersecurity degree that provides students with a solid foundation in programming and mathematics and an extensive selection of advanced topics from the areas of the network and system security, digital forensics and malware, software security, data security, and privacy, to cyber analytics and intelligence.

The scope of computer systems and networks and the span of these systems increases in organizations every day. At the same time, industry and society's dependence on these technologies is growing dramatically, as is the creation of malicious software that attacks computing systems and networks. Therefore, computing security has become a major concern for organizations large and small to ensure their business success and continuity. The result is an increased and urgent demand for security professionals and technologies that can secure and protect from relentless attack digital assets of an organization as well as the hardware and software infrastructures that house the information.

The BS degree in computing security produces professionals who understand people and processes that impact information security. In addition to possessing state-of-the-art knowledge in protecting digital assets of large or small organizations, graduates will be able to proactively identify security vulnerabilities in software, hardware, and infrastructure, and provide and implement actionable solutions that are satisfactory to the organization. Graduates will also be able to collect digital forensic evidence to reveal network and data breach incidents, attribute the attackers or origin, assess the extent of the damage or loss of information, and design strategies that ensure data are protected from future attacks.

The BS in computing security provides students with a solid foundation in computer science and mathematics during the first two years of the program. Starting the third year, students can select an in-depth study in various aspects of computing security including network and system security, malware and digital forensics, software security, and security evaluations and management.

Plan of study

Students complete core courses, advanced courses, and cooperative education. Core courses include a programming sequence, an ethics course, a computer networking and system administration sequence, and foundation courses in computer and network security. Advanced courses allow students to design the focus of their information security course work.

Cooperative education

Cooperative education is a required component of the major. Co-op is full-time, paid, professional experience that enables students to work in a variety of organizations – from small- or medium-sized businesses to large international companies or law enforcement organizations – that require computer systems or computer networks. These may be security-centric businesses (law enforcement agencies, security auditors) to users of information technology (manufacturing companies, school districts, health care). Co-op provides real-world experience and a competitive edge when applying for jobs after graduation.

To help facilitate finding a co-op position the Co-op and Career Services Office at RIT maintains job listings from companies that are looking for co-op students to work for them. Students may find co-op employment anywhere in the US or Internationally. To be eligible for co-op, students must have completed their freshman and sophomore year course requirements and must have completed the CSEC 99 Co-op Seminar. Transfer students usually must complete one year of academic work at RIT before becoming eligible to go out on co-op, however, exceptions will be considered on a case by case basis.
Typically, the first co-op occurs during the summer following the second year. The second co-op is designed to be taken during the summer after your third year but can be taken during an academic semester. Co-op allows a student to gain work experience, apply concepts taught in class, and bring lessons learned from the workplace back into the classroom thereby enriching their educational experience. Students must complete the co-op requirement prior to completing their course work. To enroll in CSEC 499 Undergraduate Capstone, both co-ops must be completed.

Advanced electives

Students complete six advanced security elective courses. These elective expand their knowledge in one of several disciplines of security, including network and systems security, digital forensics and malware, security software, and security management.

Students can create customized clusters for their special interests provided compositions of clusters are vetted by their academic advisor and the Undergraduate Program Director. Courses in a customized cluster should be on the list of approved advanced elective courses of Computing Security. To be counted as a cluster course, a GCCIS course not on the list of advanced elective courses of Computing Security needs to be approved by the Undergraduate Program Director on a case by case basis, or simply such a course can be counted as a free elective for students.

Industries


  • Internet and Software

  • Computer Networking

  • Government (Local, State, Federal)

  • Defense

Typical Job Titles

Computer Security Analyst Cyber Security Engineer
Information Security Analyst Junior Security Engineer
Malware Analyst Network Engineer
Security Analyst Site Reliability Engineer
Systems Engineer

Latest News

Curriculum

Computing security, BS degree, typical course sequence

Course Sem. Cr. Hrs.
First Year
CSEC-101
Fundamentals of Computing Security
An introduction to the fundamental issues, concepts and tools common to all areas of computing security. Topics include identifying attackers and their motivations. Essential techniques will be introduced covering the areas of anti-virus, monitoring, virtual machines, account control, and access rights management. Various security models will be investigated. Concept areas such as confidentiality, integrity, availability and privacy will be studied.
3
CSCI-141
Computer Science I
This course serves as an introduction to computational thinking using a problem-centered approach. Specific topics covered include: expression of algorithms in pseudo code and a programming language; functional and imperative programming techniques; control structures; problem solving using recursion; basic searching and sorting; elementary data structures such as lists, trees, and graphs; and correctness, testing and debugging. Assignments (both in class and for homework) requiring a pseudo code solution and an implementation are an integral part of the course. An end-of-term project is also required.
4
CSCI-142
Computer Science II
This course delves further into problem solving by continuing the discussion of data structure use and design, but now from an object-oriented perspective. Key topics include more information on tree and graph structures, nested data structures, objects, classes, inheritance, interfaces, object-oriented collection class libraries for abstract data types (e.g. stacks, queues, maps, and trees), and static vs. dynamic data types. Concepts of object-oriented design are a large part of the course. Software qualities related to object orientation, namely cohesion, minimal coupling, modifiability, and extensibility, are all introduced in this course, as well as a few elementary object-oriented design patterns. Input and output streams, graphical user interfaces, and exception handling are covered. Students will also be introduced to a modern integrated software development environment (IDE). Programming projects will be required.
4
MATH-181
Project-based Calculus I
This is the first in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers functions, limits, continuity, the derivative, rules of differentiation, applications of the derivative, Riemann sums, definite integrals, and indefinite integrals.
4
MATH-182
Project-based Calculus II
This is the second in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers techniques of integration including integration by parts, partial fractions, improper integrals, applications of integration, representing functions by infinite series, convergence and divergence of series, parametric curves, and polar coordinates.
4
MATH-190
Discrete Mathematics for Computing
This course introduces students to ideas and techniques from discrete mathematics that are widely used in Computer Science. Students will learn about the fundamentals of propositional and predicate calculus, set theory, relations, recursive structures and counting. This course will help increase students’ mathematical sophistication and their ability to handle abstract problems.
3
NSSA-241
Introduction to Routing and Switching
This course provides an introduction to wired network infrastructures, topologies, technologies, and the protocols required for effective end-to-end communication. Basic security concepts for TCP/IP based technologies are introduced. Networking layers 1, 2, and 3 are examined in-depth using the International Standards Organization’s Open Systems Interconnection and TCP/IP models as reference. Course topics focus on the TCP/IP protocol suite, the Ethernet LAN protocol, switching technology, and routed and routing protocols common in TCP/IP networks. The lab assignments mirror the lecture content , providing an experiential learning component for each topic covered.
3
ACSC-010
Year One
The Year One class serves as an interdisciplinary catalyst for first-year students to access campus resources, services and opportunities that promote self-knowledge, personal success, leadership development, social responsibility and life academic skills awareness and application. Year One is also designed to challenge and encourage first-year students to get to know one another, build relationships and help them become an integral part of the campus community.
0
 
LAS Perspective 1 (ethical)
3
 
LAS Perspective 2 (artistic)
3
 
First Year Writing
3
 
Wellness Education*
0
Second Year
CSEC-201
Programming for Information Security
This course builds upon basic programming skills to give students the programming knowledge necessary to study computing security. Students will be introduced to network programming, memory management, and operating system calls along with associated security concepts. Specific focus will placed on understanding the compilation process and on the relation between high-level programming concepts and low-level programming concepts, culminating in identifying and exploiting memory corruption vulnerabilities.
3
CSEC-202
Reverse Engineering Fundamentals
This course will teach students the core concepts needed to analyze unknown source code. Students will study a variety of low-level programming languages and how high-level programming language structures relate to low-level programming languages. Students will learn study tools and techniques used for both static and dynamic analysis of unknown binaries, providing the foundation for further study in malware analysis.
3
MATH-251
Probability and Statistics I
This course introduces sample spaces and events, axioms of probability, counting techniques, conditional probability and independence, distributions of discrete and continuous random variables, joint distributions (discrete and continuous), the central limit theorem, descriptive statistics, interval estimation, and applications of probability and statistics to real-world problems. A statistical package such as Minitab or R is used for data analysis and statistical applications.
3
NSSA-221
System Administration
This course is designed to give students an understanding of the role of the system administrator in large organizations. This will be accomplished through a discussion of many of the tasks and tools of system administration. Students will participate in both a lecture section and a separate lab section. The technologies discussed in this class include: operating systems, system security, and service deployment strategies.
3
Choose one of the following:
3
  MATH-241
   Linear Algebra
This course is an introduction to the basic concepts of linear algebra, and techniques of matrix manipulation. Topics include linear transformations, Gaussian elimination, matrix arithmetic, determinants, vector spaces, linear independence, basis, null space, row space, and column space of a matrix, eigenvalues, eigenvectors, change of basis, similarity and diagonalization. Various applications are studied throughout the course.
 
  MATH-252
   Probability and Statistics II
This course covers basic statistical concepts, sampling theory, hypothesis testing, confidence intervals, point estimation, and simple linear regression. The statistical software package MINITAB will be used for data analysis and statistical applications.
 
 
LAS Perspective 5 (natural science inquiry)†
4
 
LAS Perspective 6 (scientific principles)‡
4
NSSA-245
Network Services
This course will investigate the protocols used to support network based services and the tasks involved in configuring and administering those services in virtualized Linux and Windows internet working environments. Topics include an overview of the TCP/IP protocol suite, in-depth discussions of the transport layer protocols, TCP and UDP, administration of network based services including the Dynamic Host Configuration Protocol (DHCP), Domain Name Service (DNS), Secure Shell (SSH), and Voice Over IP (VoIP). Students completing this course will have thorough theoretical knowledge of the Internet Protocol (IP), the Transport Control Protocol (TCP), and the User Datagram Protocol (UDP), as well as experience in administering, monitoring, securing and troubleshooting an internet work of computer systems running these protocols and services.
3
CSEC-099
Cooperative Education Seminar
This course helps students prepare for co-operative education employment (“co-op”) by developing job search strategies and material. Students will explore current and emerging aspects of the Computing Security field with employers, alumni and current students who have already been on co-op. Students are introduced to RIT’s Office of Career Services and Cooperative Education and learn about professional and ethical responsibilities for their co-op and subsequent professional experiences. Students will work collaboratively to build résumés and to prepare for interviews.
0
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
 
LAS Perspective 3 (global)
3
 
LAS Perspective 4 (social)
3
Third Year
CSCI-462
Introduction to Cryptography
This course provides an introduction to cryptography, its mathematical foundations, and its relation to security. It covers classical cryptosystems, private-key cryptosystems (including DES and AES), hashing and public-key cryptosystems (including RSA). The course also provides an introduction to data integrity and authentication.
3
PUBL-363
Cyber Security Policy and Law
Why are we still so bad at protecting computer systems? Is it because we don’t have good enough technology? Or because we lack sufficient economic incentives to implement that technology? Or because we implement technologies but then fail to use them correctly? Or because the laws governing computer security are so outdated? Or because our legal frameworks are ill-equipped to deal with an international threat landscape? All these reasons—and others— have been offered to explain why we seem to see more and more large-scale cybersecurity incidents and show no signs of getting better at preventing them. This course will examine the non-technical dimensions of this problem—the laws and other policy measures that govern computer security threats and incidents. We will focus primarily on U.S. policy but will also discuss relevant policies in the E.U. and China, as well as international tensions and norms. The central themes of the course will be the ways in which technical challenges in security can be influenced by the social, political, economic, and legal landscapes, and what it means to protect against cybersecurity threats not just by writing better code but also by writing better policies and laws.
3
ISTE-230
Introduction to Database and Data Modeling
A presentation of the fundamental concepts and theories used in organizing and structuring data. Coverage includes the data modeling process, basic relational model, normalization theory, relational algebra, and mapping a data model into a database schema. Structured Query Language is used to illustrate the translation of a data model to physical data organization. Modeling and programming assignments will be required. Note: students should have one course in object-oriented programming.
3
CSEC-472
Authentication and Security Models
As more users access remote systems, the job of identifying and authenticating those users at distance becomes increasingly difficult. The growing impact of attackers on identification and authentication systems puts additional strain on our ability to ensure that only authorized users obtain access to controlled or critical resources. This course reviews basic cryptology techniques and introduces their application to contemporary authentication methods.
3
CSEC-380
Principles of Web Application Security
This course is designed to give students a foundation in the theories and practice relating to web application security. The course will introduce students to the concepts associated with deploying and securing a typical HTTP environment as well as defensive techniques they may employ.
3
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
 
LAS Immersion 1 (WI)
3
 
Program Electives
6
 
Free Electives
6
Fourth Year
CSEC-490
Capstone in Computing Security
This is a capstone course for students in the information security and forensics program. Students will apply knowledge and skills learned and work on real world projects in various areas of computing security. Projects may require performing security analysis of systems, networks, and software, etc., devising and implementing security solutions in real world applications.
3
 
LAS Elective§
3
 
Program Electives
12
 
LAS Immersion 2, 3
6
 
Free Electives
6
Total Semester Credit Hours
126

Please see General Education Curriculum–Liberal Arts and Sciences (LAS) for more information.

(WI) Refers to a writing intensive course within the major.

* Please see Wellness Education Requirement for more information. Students completing bachelor's degrees are required to complete two different Wellness courses.

† Students may choose one of the following course sequences: General Biology I (BIOL-101) and General Biology I Lab (BIOL-103); General and Analytical Chemistry I (CHMG-141) and General and Analytical Chemistry I Lab (CHMG-145); or University Physics I (PHYS-211).

‡ Students may choose one of the following course sequences: General Biology II (BIOL-102) and General Biology II Lab (BIOL-104); General and Analytical Chemistry II (CHMG-142) and General and Analytical Chemistry II Lab (CHMG-146); or University Physics II(PHYS-212).

§ Choose one of the following philosophy courses: Introduction to Moral Issues (PHIL-102), Foundations of Moral Philosophy (PHIL-202), or Professional Ethics (PHIL-306).

Accelerated dual degree options

Accelerated dual degree options are for undergraduate students with outstanding academic records. Upon acceptance, well-qualified undergraduate students can begin graduate study before completing their BS degree, shortening the time it takes to earn both degrees. Students should consult an academic adviser for more information.

Computing security, BS/MS degree, typical course sequence

Course Sem. Cr. Hrs.
First Year
CSEC-101
Fundamentals of Computing Security
An introduction to the fundamental issues, concepts and tools common to all areas of computing security. Topics include identifying attackers and their motivations. Essential techniques will be introduced covering the areas of anti-virus, monitoring, virtual machines, account control, and access rights management. Various security models will be investigated. Concept areas such as confidentiality, integrity, availability and privacy will be studied.
3
CSCI-141
Computer Science I
This course serves as an introduction to computational thinking using a problem-centered approach. Specific topics covered include: expression of algorithms in pseudo code and a programming language; functional and imperative programming techniques; control structures; problem solving using recursion; basic searching and sorting; elementary data structures such as lists, trees, and graphs; and correctness, testing and debugging. Assignments (both in class and for homework) requiring a pseudo code solution and an implementation are an integral part of the course. An end-of-term project is also required.
4
CSCI-142
Computer Science II
This course delves further into problem solving by continuing the discussion of data structure use and design, but now from an object-oriented perspective. Key topics include more information on tree and graph structures, nested data structures, objects, classes, inheritance, interfaces, object-oriented collection class libraries for abstract data types (e.g. stacks, queues, maps, and trees), and static vs. dynamic data types. Concepts of object-oriented design are a large part of the course. Software qualities related to object orientation, namely cohesion, minimal coupling, modifiability, and extensibility, are all introduced in this course, as well as a few elementary object-oriented design patterns. Input and output streams, graphical user interfaces, and exception handling are covered. Students will also be introduced to a modern integrated software development environment (IDE). Programming projects will be required.
4
MATH-181
Project-based Calculus I
This is the first in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers functions, limits, continuity, the derivative, rules of differentiation, applications of the derivative, Riemann sums, definite integrals, and indefinite integrals.
4
MATH-182
Project-based Calculus II
This is the second in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers techniques of integration including integration by parts, partial fractions, improper integrals, applications of integration, representing functions by infinite series, convergence and divergence of series, parametric curves, and polar coordinates.
4
MATH-190
Discrete Mathematics for Computing
This course introduces students to ideas and techniques from discrete mathematics that are widely used in Computer Science. Students will learn about the fundamentals of propositional and predicate calculus, set theory, relations, recursive structures and counting. This course will help increase students’ mathematical sophistication and their ability to handle abstract problems.
3
NSSA-241
Introduction to Routing and Switching
This course provides an introduction to wired network infrastructures, topologies, technologies, and the protocols required for effective end-to-end communication. Basic security concepts for TCP/IP based technologies are introduced. Networking layers 1, 2, and 3 are examined in-depth using the International Standards Organization’s Open Systems Interconnection and TCP/IP models as reference. Course topics focus on the TCP/IP protocol suite, the Ethernet LAN protocol, switching technology, and routed and routing protocols common in TCP/IP networks. The lab assignments mirror the lecture content , providing an experiential learning component for each topic covered.
3
ACSC-010
Year One
The Year One class serves as an interdisciplinary catalyst for first-year students to access campus resources, services and opportunities that promote self-knowledge, personal success, leadership development, social responsibility and life academic skills awareness and application. Year One is also designed to challenge and encourage first-year students to get to know one another, build relationships and help them become an integral part of the campus community.
0
 
LAS Perspective 1 (ethical)
3
 
LAS Perspective 2 (artistic)
3
 
First Year Writing
3
 
Wellness Education*
0
Second Year
CSEC-201
Programming for Information Security
This course builds upon basic programming skills to give students the programming knowledge necessary to study computing security. Students will be introduced to network programming, memory management, and operating system calls along with associated security concepts. Specific focus will placed on understanding the compilation process and on the relation between high-level programming concepts and low-level programming concepts, culminating in identifying and exploiting memory corruption vulnerabilities.
3
MATH-251
Probability and Statistics I
This course introduces sample spaces and events, axioms of probability, counting techniques, conditional probability and independence, distributions of discrete and continuous random variables, joint distributions (discrete and continuous), the central limit theorem, descriptive statistics, interval estimation, and applications of probability and statistics to real-world problems. A statistical package such as Minitab or R is used for data analysis and statistical applications.
3
CSEC-202
Reverse Engineering Fundamentals
This course will teach students the core concepts needed to analyze unknown source code. Students will study a variety of low-level programming languages and how high-level programming language structures relate to low-level programming languages. Students will learn study tools and techniques used for both static and dynamic analysis of unknown binaries, providing the foundation for further study in malware analysis.
3
Choose one of the following:
3
  MATH-241
   Linear Algebra
This course is an introduction to the basic concepts of linear algebra, and techniques of matrix manipulation. Topics include linear transformations, Gaussian elimination, matrix arithmetic, determinants, vector spaces, linear independence, basis, null space, row space, and column space of a matrix, eigenvalues, eigenvectors, change of basis, similarity and diagonalization. Various applications are studied throughout the course.
 
  MATH-252
   Probability and Statistics II
This course covers basic statistical concepts, sampling theory, hypothesis testing, confidence intervals, point estimation, and simple linear regression. The statistical software package MINITAB will be used for data analysis and statistical applications.
 
NSSA-221
System Administration I
This course is designed to give students an understanding of the role of the system administrator in large organizations. This will be accomplished through a discussion of many of the tasks and tools of system administration. Students will participate in both a lecture section and a separate lab section. The technologies discussed in this class include: operating systems, system security, and service deployment strategies.
3
NSSA-245
Network Services
This course will investigate the protocols used to support network based services and the tasks involved in configuring and administering those services in virtualized Linux and Windows internet working environments. Topics include an overview of the TCP/IP protocol suite, in-depth discussions of the transport layer protocols, TCP and UDP, administration of network based services including the Dynamic Host Configuration Protocol (DHCP), Domain Name Service (DNS), Secure Shell (SSH), and Voice Over IP (VoIP). Students completing this course will have thorough theoretical knowledge of the Internet Protocol (IP), the Transport Control Protocol (TCP), and the User Datagram Protocol (UDP), as well as experience in administering, monitoring, securing and troubleshooting an internet work of computer systems running these protocols and services.
3
CSEC-099
Cooperative Education Seminar
This course helps students prepare for co-operative education employment (“co-op”) by developing job search strategies and material. Students will explore current and emerging aspects of the Computing Security field with employers, alumni and current students who have already been on co-op. Students are introduced to RIT’s Office of Career Services and Cooperative Education and learn about professional and ethical responsibilities for their co-op and subsequent professional experiences. Students will work collaboratively to build résumés and to prepare for interviews.
0
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
 
LAS Perspective 3 (global)
3
 
LAS Perspective 4 (social)
3
 
LAS Perspective 5 (natural science inquiry)
4
 
LAS Perspective 6 (scientific principles)
4
Third Year
 
CSEC Graduate Elective
3
CSCI-462
Introduction to Cryptography
This course provides an introduction to cryptography, its mathematical foundations, and its relation to security. It covers classical cryptosystems, private-key cryptosystems (including DES and AES), hashing and public-key cryptosystems (including RSA). The course also provides an introduction to data integrity and authentication.
3
PUBL-363
Cyber Security Policy and Law
Why are we still so bad at protecting computer systems? Is it because we don’t have good enough technology? Or because we lack sufficient economic incentives to implement that technology? Or because we implement technologies but then fail to use them correctly? Or because the laws governing computer security are so outdated? Or because our legal frameworks are ill-equipped to deal with an international threat landscape? All these reasons—and others— have been offered to explain why we seem to see more and more large-scale cybersecurity incidents and show no signs of getting better at preventing them. This course will examine the non-technical dimensions of this problem—the laws and other policy measures that govern computer security threats and incidents. We will focus primarily on U.S. policy but will also discuss relevant policies in the E.U. and China, as well as international tensions and norms. The central themes of the course will be the ways in which technical challenges in security can be influenced by the social, political, economic, and legal landscapes, and what it means to protect against cybersecurity threats not just by writing better code but also by writing better policies and laws.
3
CSEC-472
Authentication and Security Models
As more users access remote systems, the job of identifying and authenticating those users at distance becomes increasingly difficult. The growing impact of attackers on identification and authentication systems puts additional strain on our ability to ensure that only authorized users obtain access to controlled or critical resources. This course reviews basic cryptology techniques and introduces their application to contemporary authentication methods.
3
ISTE-230
Introduction to Database and Data Modeling
A presentation of the fundamental concepts and theories used in organizing and structuring data. Coverage includes the data modeling process, basic relational model, normalization theory, relational algebra, and mapping a data model into a database schema. Structured Query Language is used to illustrate the translation of a data model to physical data organization. Modeling and programming assignments will be required. Note: students should have one course in object-oriented programming.
3
CSEC-380
Principles of Web Application Security
This course is designed to give students a foundation in the theories and practice relating to web application security. The course will introduce students to the concepts associated with deploying and securing a typical HTTP environment as well as defensive techniques they may employ.
3
 
CSEC Undergraduate Elective
3
 
Free Electives
6
 
LAS Immersion 1 (WI)
3
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
Fourth Year
CSEC-490
Capstone in Computing Security (WI)
This is a capstone course for students in the information security and forensics program. Students will apply knowledge and skills learned and work on real world projects in various areas of computing security. Projects may require performing security analysis of systems, networks, and software, etc., devising and implementing security solutions in real world applications.
3
 
CSEC Undergraduate Electives
6
 
CSEC Graduate Electives
6
 
LAS Immersion 2, 3
6
 
Free Electives
6
 
LAS Elective‡
3
Fifth Year
CSEC-742
Computer System Security
The importance of effective security policies and procedures coupled with experience and practice is emphasized and reinforced through research and practical assignments. Organization and management of security discipline and response to threats is studied. Case studies of effective and failed security planning and implementation will be examined and analyzed. The issues influencing proper and appropriate planning for security and response to attacks will be studied. To be successful in this course students should be knowledgeable in networking, systems, and security technologies.
3
CSEC-604
Cryptography and Authentication
In this course, students will learn in depth knowledge of cryptography and authentication. Students will explore various cryptography algorithms, authentication protocols, and their design and implementation. Students will work on a project to implement a cryptographic algorithm and/or an authentication protocol. The applications of cryptography and authentications in the areas of computer networks and systems and information assurance will also be investigated.
3
 
Computing Security Research Electives
6
 
Computing Security Graduate Elective
3
 
CSEC Thesis
6
Total Semester Credit Hours
156§

Please see General Education Curriculum–Liberal Arts and Sciences (LAS) for more information.

(WI) Refers to a writing intensive course within the major.

* Please see Wellness Education Requirement for more information. Students completing bachelor's degrees are required to complete two different Wellness courses.

‡ Choose one of the following philosophy courses: Introduction to Moral Issues (PHIL-102), Foundations of Moral Philosophy (PHIL-202), or Professional Ethics (PHIL-306).

§ The BS degree requires 126 semester hours. The MS degree requires 30 semester hours. Students use 9 semester hours of computing security graduate electives toward both degrees.

Computing security, BS degree/Science, technology and public policy, MS degree, typical course sequence

Course Sem. Cr. Hrs.
First Year
CSEC-101
Fundamentals of Computing Security
An introduction to the fundamental issues, concepts and tools common to all areas of computing security. Topics include identifying attackers and their motivations. Essential techniques will be introduced covering the areas of anti-virus, monitoring, virtual machines, account control, and access rights management. Various security models will be investigated. Concept areas such as confidentiality, integrity, availability and privacy will be studied.
3
CSCI-141
Computer Science I
This course serves as an introduction to computational thinking using a problem-centered approach. Specific topics covered include: expression of algorithms in pseudo code and a programming language; functional and imperative programming techniques; control structures; problem solving using recursion; basic searching and sorting; elementary data structures such as lists, trees, and graphs; and correctness, testing and debugging. Assignments (both in class and for homework) requiring a pseudo code solution and an implementation are an integral part of the course. An end-of-term project is also required.
4
CSCI-142
Computer Science II
This course delves further into problem solving by continuing the discussion of data structure use and design, but now from an object-oriented perspective. Key topics include more information on tree and graph structures, nested data structures, objects, classes, inheritance, interfaces, object-oriented collection class libraries for abstract data types (e.g. stacks, queues, maps, and trees), and static vs. dynamic data types. Concepts of object-oriented design are a large part of the course. Software qualities related to object orientation, namely cohesion, minimal coupling, modifiability, and extensibility, are all introduced in this course, as well as a few elementary object-oriented design patterns. Input and output streams, graphical user interfaces, and exception handling are covered. Students will also be introduced to a modern integrated software development environment (IDE). Programming projects will be required.
4
MATH-181
Project-based Calculus I
This is the first in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers functions, limits, continuity, the derivative, rules of differentiation, applications of the derivative, Riemann sums, definite integrals, and indefinite integrals.
4
MATH-182
Project-based Calculus II
This is the second in a two-course sequence intended for students majoring in mathematics, science, or engineering. It emphasizes the understanding of concepts, and using them to solve physical problems. The course covers techniques of integration including integration by parts, partial fractions, improper integrals, applications of integration, representing functions by infinite series, convergence and divergence of series, parametric curves, and polar coordinates.
4
MATH-190
Discrete Mathematics for Computing
This course introduces students to ideas and techniques from discrete mathematics that are widely used in Computer Science. Students will learn about the fundamentals of propositional and predicate calculus, set theory, relations, recursive structures and counting. This course will help increase students’ mathematical sophistication and their ability to handle abstract problems.
3
NSSA-241
Introduction to Routing and Switching
This course provides an introduction to wired network infrastructures, topologies, technologies, and the protocols required for effective end-to-end communication. Basic security concepts for TCP/IP based technologies are introduced. Networking layers 1, 2, and 3 are examined in-depth using the International Standards Organization’s Open Systems Interconnection and TCP/IP models as reference. Course topics focus on the TCP/IP protocol suite, the Ethernet LAN protocol, switching technology, and routed and routing protocols common in TCP/IP networks. The lab assignments mirror the lecture content , providing an experiential learning component for each topic covered.
3
ACSC-010
Year One
The Year One class serves as an interdisciplinary catalyst for first-year students to access campus resources, services and opportunities that promote self-knowledge, personal success, leadership development, social responsibility and life academic skills awareness and application. Year One is also designed to challenge and encourage first-year students to get to know one another, build relationships and help them become an integral part of the campus community.
0
 
LAS Perspective 1 (ethical)
3
 
LAS Perspective 2 (artistic)
3
 
First Year Writing
3
 
Wellness Education*
0
Second Year
CSEC-201
Programming for Information Security
This course builds upon basic programming skills to give students the programming knowledge necessary to study computing security. Students will be introduced to network programming, memory management, and operating system calls along with associated security concepts. Specific focus will placed on understanding the compilation process and on the relation between high-level programming concepts and low-level programming concepts, culminating in identifying and exploiting memory corruption vulnerabilities.
3
MATH-251
Probability and Statistics I
This course introduces sample spaces and events, axioms of probability, counting techniques, conditional probability and independence, distributions of discrete and continuous random variables, joint distributions (discrete and continuous), the central limit theorem, descriptive statistics, interval estimation, and applications of probability and statistics to real-world problems. A statistical package such as Minitab or R is used for data analysis and statistical applications.
3
CSEC-202
Reverse Engineering Fundamentals
This course will teach students the core concepts needed to analyze unknown source code. Students will study a variety of low-level programming languages and how high-level programming language structures relate to low-level programming languages. Students will learn study tools and techniques used for both static and dynamic analysis of unknown binaries, providing the foundation for further study in malware analysis.
3
MATH-241
Linear Algebra
This course is an introduction to the basic concepts of linear algebra, and techniques of matrix manipulation. Topics include linear transformations, Gaussian elimination, matrix arithmetic, determinants, vector spaces, linear independence, basis, null space, row space, and column space of a matrix, eigenvalues, eigenvectors, change of basis, similarity and diagonalization. Various applications are studied throughout the course.
3
NSSA-221
System Administration I
This course is designed to give students an understanding of the role of the system administrator in large organizations. This will be accomplished through a discussion of many of the tasks and tools of system administration. Students will participate in both a lecture section and a separate lab section. The technologies discussed in this class include: operating systems, system security, and service deployment strategies.
3
NSSA-245
Network Services
This course will investigate the protocols used to support network based services and the tasks involved in configuring and administering those services in virtualized Linux and Windows internet working environments. Topics include an overview of the TCP/IP protocol suite, in-depth discussions of the transport layer protocols, TCP and UDP, administration of network based services including the Dynamic Host Configuration Protocol (DHCP), Domain Name Service (DNS), Secure Shell (SSH), and Voice Over IP (VoIP). Students completing this course will have thorough theoretical knowledge of the Internet Protocol (IP), the Transport Control Protocol (TCP), and the User Datagram Protocol (UDP), as well as experience in administering, monitoring, securing and troubleshooting an internet work of computer systems running these protocols and services.
3
CSEC-099
Cooperative Education Seminar
This course helps students prepare for co-operative education employment (“co-op”) by developing job search strategies and material. Students will explore current and emerging aspects of the Computing Security field with employers, alumni and current students who have already been on co-op. Students are introduced to RIT’s Office of Career Services and Cooperative Education and learn about professional and ethical responsibilities for their co-op and subsequent professional experiences. Students will work collaboratively to build résumés and to prepare for interviews.
0
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
 
LAS Perspective 3 (global)
3
 
LAS Perspective 4 (social)
3
 
LAS Perspective 5 (natural science inquiry)
4
 
LAS Perspective 6 (scientific principles)
4
Third Year
CSCI-462
Introduction to Cryptography
This course provides an introduction to cryptography, its mathematical foundations, and its relation to security. It covers classical cryptosystems, private-key cryptosystems (including DES and AES), hashing and public-key cryptosystems (including RSA). The course also provides an introduction to data integrity and authentication.
3
PUBL-363
Cyber Security Policy and Law
Why are we still so bad at protecting computer systems? Is it because we don’t have good enough technology? Or because we lack sufficient economic incentives to implement that technology? Or because we implement technologies but then fail to use them correctly? Or because the laws governing computer security are so outdated? Or because our legal frameworks are ill-equipped to deal with an international threat landscape? All these reasons—and others— have been offered to explain why we seem to see more and more large-scale cybersecurity incidents and show no signs of getting better at preventing them. This course will examine the non-technical dimensions of this problem—the laws and other policy measures that govern computer security threats and incidents. We will focus primarily on U.S. policy but will also discuss relevant policies in the E.U. and China, as well as international tensions and norms. The central themes of the course will be the ways in which technical challenges in security can be influenced by the social, political, economic, and legal landscapes, and what it means to protect against cybersecurity threats not just by writing better code but also by writing better policies and laws.
3
CSEC-472
Authentication and Security Models
As more users access remote systems, the job of identifying and authenticating those users at distance becomes increasingly difficult. The growing impact of attackers on identification and authentication systems puts additional strain on our ability to ensure that only authorized users obtain access to controlled or critical resources. This course reviews basic cryptology techniques and introduces their application to contemporary authentication methods.
3
ISTE-230
Introduction to Database and Data Modeling
A presentation of the fundamental concepts and theories used in organizing and structuring data. Coverage includes the data modeling process, basic relational model, normalization theory, relational algebra, and mapping a data model into a database schema. Structured Query Language is used to illustrate the translation of a data model to physical data organization. Modeling and programming assignments will be required. Note: students should have one course in object-oriented programming.
3
CSEC-380
Principles of Web Application Security
This course is designed to give students a foundation in the theories and practice relating to web application security. The course will introduce students to the concepts associated with deploying and securing a typical HTTP environment as well as defensive techniques they may employ.
3
CSEC-499
Cooperative Education (summer)
Students will gain experience and a better understanding of the application of technologies discussed in classes by working in the field of computing security. Students will be evaluated by their employer. If a transfer student, they must have completed one term in residence at RIT and be carrying a full academic load.
Co-op
 
CSEC Electives
6
 
Free Electives
6
 
LAS Immersion 1
3
Fourth Year
PUBL-701
Policy Analysis
This course provides graduate students with necessary tools to help them become effective policy analysts. The course places particular emphasis on understanding the policy process, the different approaches to policy analysis, and the application of quantitative and qualitative methods for evaluating public policies. Students will apply these tools to contemporary public policy decision making at the local, state, federal, and international levels.
3
PUBL-702
Graduate Decision Analysis
This course provides students with an introduction to decision science and analysis. The course focuses on several important tools for making good decisions, including decision trees, including forecasting, risk analysis, and multi-attribute decision making. Students will apply these tools to contemporary public policy decision making at the local, state, federal, and international levels.
3
CSEC-490
Capstone in Computing Security (WI)
This is a capstone course for students in the information security and forensics program. Students will apply knowledge and skills learned and work on real world projects in various areas of computing security. Projects may require performing security analysis of systems, networks, and software, etc., devising and implementing security solutions in real world applications.
3
 
CSEC Electives
12
 
LAS Elective†
3
 
LAS Immersion 2, 3
6
Fifth Year
PUBL-700
Readings in Public Policy
An in-depth inquiry into key contemporary public policy issues. Students will be exposed to a wide range of important public policy texts, and will learn how to write a literature review in a policy area of their choosing.
3
PUBL-703
Program Evaluation and Research Design
The focus of this course is on evaluation of program outcomes and research design. Students will explore the questions and methodologies associated with meeting programmatic outcomes, secondary or unanticipated effects, and an analysis of alternative means for achieving program outcomes. Critique of evaluation research methodologies will also be considered.
3
STSO-740
Graduate Science and Technology Policy
3
 
Public Policy Graduate Electives
6
 
Graduate Elective
3
 
Thesis
6
Total Semester Credit Hours
147

Please see General Education Curriculum–Liberal Arts and Sciences (LAS) for more information.

(WI) Refers to a writing intensive course within the major.

* Please see Wellness Education Requirement for more information. Students completing bachelor's degrees are required to complete two different Wellness courses.

† Choose one of the following philosophy courses: Introduction to Moral Issues (PHIL-102), Foundations of Moral Philosophy (PHIL-202), or Professional Ethics (PHIL-306).

Admission Requirements

Freshman Admission

For all bachelor’s degree programs, a strong performance in a college preparatory program is expected. Generally, this includes 4 years of English, 3-4 years of mathematics, 2-3 years of science, and 3 years of social studies and/or history.

Specific math and science requirements and other recommendations

  • 4 years of math including pre-calculus required
  • Requires chemistry or physics and strongly recommends both.
  • Computing electives are recommended

Transfer Admission

Transfer course recommendations without associate degree

Courses in computer science, calculus, liberal arts; calculus-based physics, chemistry, or biology

Appropriate associate degree programs for transfer

AS degree in computer science, engineering science, or liberal arts

Learn about admissions and financial aid