Courses may include
These are some of the courses offered in this program. It is not a complete list and courses are subject to change in advance of the academic year.
COMM 1700 - Professional Practices for IT I
This course exposes learners to tools and process that support professional continuous improvement. Focused on communication, collaboration and career development, you will begin to develop the 21st century skills essential for success in the information technology industries. This course will build the foundations for professional habits and methodologies that help graduates remain current and relevant in an ever evolving profession.
COMM 2700 - Professional Practices for IT II
This course develops tools and process that support professional continuous improvement. Focused on communication, collaboration and career development, you will begin to develop the 21st century skills essential for success in the information technology industries. This course will establish professional habits, methodologies and strategies to help graduates remain current and relevant in an ever evolving profession. Learners will also begin to cultivate critical thinking skills and apply processes that support and validate professional decision making.
COMM 3700 - Professional Practices for IT III
This course develops the skills, attitudes, processes and habits required to successfully prepare for a variety of interview scenarios and the associated presentation techniques. Emphasis is on the development of a professional portfolio and the part that personal marketing plays in gaining successful, relevant employment. The course will also continue to build professional habits, methodologies and strategies to help graduates remain current and relevant in an ever evolving profession.
COMM 4700 - Professional Practices for IT IV
This course is the final in a suite of four, and as such provides learners with the skills and knowledge to curate a personal, professional portfolio in readiness for employment in the IT industry. Learners will also regularly practice and prepare for numerous interview situations and scenarios by honing the skills and techniques previously acquired. New, essential competencies are introduced focused on diversity and inclusiveness in the workplace and the challenges surrounding ethical decision making processes.
DBAS 1020 - Data Security
This course introduces the learner to the concept of databases. Emphasis will be placed on designing a database from requirements to logical design (i.e. ERD’s) and initial table (or equivalent) construction. Learners will learn how to build, modify and maintain a database using basic SQL syntax. Security topics discussed will include an introduction to data vulnerabilities and mitigation strategies such as SQL injection, input validation, creating data security through the proper definition of user privileges, roles and responsibilities as well as physical security issues in a data centre environment.
INFT 3000 - Capstone
Learners acquire hands-on experience on a group project applying much of the material learned throughout their program. Throughout this course, learners will apply their skills to prepare and deliver technical documentation and presentations using various media platforms.
INFT 4100 - Work Experience
This course is the second of the campus-based applied learning experiences for Systems Management Concentration learners which may consist of an industry work experience alone or a combination of work experience and directed studies, industry projects or applied research. It takes place in the final five weeks of the second academic year. Available options may vary from campus to campus. At least five weeks of this course must consist of an industry work experience. This is a summative experience in the context of a real-world organization.
ISEC 1005 - Cyber Crime Survey
This course introduces learners to issues related to the current state of cybercrime. Learners will explore the origins of cybercrime and its role in cyber terrorism, cyber warfare, hacktivism and traditional criminal activities. The course will describe the evolution of threats, and the motivations, methods and resources of the various threat actors. The overall objective will be to give the learners an overview of the current threat landscape created by these threat actors as well as an understanding of the effectiveness and evolution of defensive strategies.
ISEC 2022 - Firewalls, VPN’s, IPS, Endpoints
This course will investigate key concepts in the analysis of network traffic through deep packet inspection. Traditional perimeter defence systems such as firewalls, VPN's and Intrusion Prevention systems will be examined as well as the implementation of endpoint security systems.
ISEC 2025 - Vulnerabilities and Exploits
Cyber security is the protection of IT systems from damage or threats as well as disruption and misdirection of services. This course will provide learners with an understanding of the main concepts and principles of cybersecurity including ATV (assets, threats and vulnerabilities) and CIA (confidentiality, integrity and availability). Learners will explore the common vulnerabilities in computer and network systems and understand current defences. The methodology hackers use to exploit these systems will also be examined.
ISEC 2076 - Security Mechanisms
The course will examine security authentication methods and how they are used to help secure environments. Subjects to be reviewed include physical security, access methods such as biometric and smart card technologies, two factor authentication and identity and access management.
ISEC 2077 - Security Auditing and Control Systems
This course will concentrate on components of a log collection system as well as log file management and optimization of the log review process through the correlation of events and real time alerts. Students will explore how to introduce and manage change in a controlled and coordinated manner.
ISEC 2078 - Wireless and Mobile Device Security
This course will examine the risks and vulnerabilities in the use of wireless and mobile networks. Students will implement and actively manage the security configuration of wireless and mobile devices in order to prevent attackers from exploiting vulnerable services and settings.
ISEC 2079 - Evolving Technologies and Threats
This course will study how newly emerging technologies such as virtualization, Cloud computing, the Internet of Things, and SDN technologies impact the security and integrity of data and also examine systems that are increasingly at risk, e.g. mission critical systems such as SCADA. Students will experiment with new technologies and threats and develop adaptive mitigation strategies and a structured approach to life-long learning and continuous professional development.
ISEC 3077 - Attack Vectors and Techniques
Students will investigate and analyze the various techniques hackers use to bypass security measures and gain access to corporate data. This course will examine a variety of real-life case studies that include study attack data and analysis of threats.
ISEC 3078 - Incidence Handling and Response
Students will learn to design and manage key business information security functions including incident response, disaster recovery, and business continuity plans. Planning, reporting and budgeting are all addressed. Students will use business case studies to analyze and develop effective plans and solutions for various business scenarios.
ISEC 3079 - Penetration Testing
This course will explore critical phases of an attack. Scanning, enumeration, foot- printing and social engineering will all be covered. Students will also be introduced to the latest ethical hacking tools and techniques to test corporate security systems and examine the legal issues involving ethical hacking to test corporate defence systems.
ISEC 3080 - Enterprise Security
Students will build on concepts and techniques introduced in the Web Security and Operating Systems courses in order to enhance security on servers that handle email and web applications.
NETW 1015 - Network Security
This course provides learners with a comprehensive overview of the concepts to build the foundations to implement secure practices on networks. The OSI and TCP/IP network communication models will be examined for network communication with special emphasis on Layers 2, 3 and 4. Learners will examine the operation of networking devices and networking protocols and discuss the security issues of those protocols such as port/protocol scanning, IP spoofing and vulnerability discovery.
OSYS 1020 - Operating Systems Security
This course covers the fundamentals common to operating systems. The system architecture of privilege ring levels to provide security protection of kernel level programs from user level operations will be discussed. How the OS handles hardware and software resources including program execution, interrupts and memory management for standard input and standard output operation will be examined. The basic implementation of both Windows and Linux operating systems will be presented with hands on activities.
OSYS 2020 - Windows Security
This course covers the understanding and implementation of security as it applies to the Microsoft Windows operating system. Through hands-on activities, students will be able to recognize and understand the common vulnerabilities of Windows systems using various tools and techniques to decrease and control these threats. The course also introduces defence strategies and techniques through a better understanding of system file permissions, group policies, Windows registry, PowerShell, active directory and malware prevention.
OSYS 2022 - Linux Scripting
This course builds on the basics of the Unix operating system. Learners will learn the core utilities to work productively in a Linux environment and develop command line skills. Topics will include shell scripts, managing permissions, process management and network applications & services with an emphasis on the system-related security issues.
PROG 1015 - Programming for Security
This course introduces the fundamental principles of programming and secure coding concepts. The course will introduce a variety of programming concepts and best practices for designing and implementing programs. Topics covered will include the following: an introduction to programming languages data types and expressions, control flow, memory structure and management and the use of, data types and structures. Application vulnerabilities and mitigation strategies such as buffer overflows and input validation will be discussed.
PROG 2022 - Server Exploits
This course is an overview of the main concepts, methodologies and best practices of coding professional client-server applications from the server perspective. Learners will gain an understanding of essential elements of client-side and server-side interaction with databases. Tools may include PHP, HTTP, and open source databases or equivalents.
SAFE 1000 - Introduction to WHMIS (Workplace Hazardous Materials Information Systems)
This course offers learners basic overview of WHMIS principles and establishes a solid foundation to support workplace-specific training on the safe storage and handling of controlled/hazardous products. Upon successful completion of the course, students receive basic WHMIS certification.
SAFE 1001 - Introduction to NS OH&S Act
This course offers students an introduction to the Occupational Health & Safety (OH&S) Act of Nova Scotia, which is required by any person employed in a Nova Scotia workplace. This is a generic, introductory course that provides basic knowledge of the Act for students and is considered to be the basis from which more specific training can be given.
WEBD 2075 - Web Security
Students will learn about the security threats, software vulnerabilities, and hacker attacks that are commonly implemented against commercial applications, including SQL injection, Cross-Site Scripting, and session hijacking.
Cyber Security Elective Course Requirement . Students must take two (2) units from a prescribed list of courses.