Cybersecurity (Advanced Cybersecurity Operations)

Course Description

CET2890C — Cybersecurity (Advanced Cybersecurity Operations) is a 3-credit, lab-integrated course in the Computer Engineering Technology taxonomy (Engineering Technologies). This course provides a comprehensive analysis of a wide breadth of network security technologies that can be deployed to harden a network infrastructure against various attacks. Topics span the full security lifecycle: threat identification, defense architecture, access control, cryptography, incident response, and compliance. The course includes hands-on laboratory activities using industry-standard tools and virtual environments. This course meets the CNSS 4011 training standard recognized by the National Security Agency (NSA) and the Committee on National Security Systems, and aligns with the NIST/NICE Cybersecurity Workforce Framework.

Learning Outcomes

Required Outcomes — common across Florida college offerings of this course:

• Demonstrate an understanding of cybersecurity concepts, terminology, origins, current trends, and legal and ethical implications.
• Explain the OSI and TCP/IP models and describe the services and protocols operating at each layer as they relate to network security.
• Identify, classify, and analyze common cybersecurity threats, vulnerabilities, and attack mechanisms targeting networks and systems.
• Apply techniques to design and implement network security defenses, including firewalls, intrusion detection/prevention systems (IDS/IPS), and access control mechanisms.
• Configure and harden operating systems (Windows and Linux) and network devices against known vulnerabilities.
• Demonstrate proficiency with cryptographic systems and key management principles used to secure data in transit and at rest.
• Describe and apply risk identification, risk management, and security policy development processes.
• Perform basic incident detection, response, and recovery procedures following industry best practices.
• Demonstrate understanding of legal, ethical, and compliance requirements governing cybersecurity practice, including relevant federal standards and Florida statutes.

Optional Outcomes — covered at the discretion of the institution or instructor:

• Apply penetration testing concepts and basic ethical hacking methodologies to evaluate system security posture.
• Demonstrate an understanding of virtualization technology and cloud security considerations.
• Perform basic digital forensics analysis, including evidence collection and chain-of-custody procedures.
• Analyze and apply identity and access management (IAM) frameworks including authentication protocols and multi-factor authentication.
• Identify security challenges posed by emerging technologies, including IoT, mobile devices, and cloud-native architectures.
• Describe the roles and responsibilities within a Security Operations Center (SOC) and the NICE Cybersecurity Workforce Framework work roles.

Major Topics

Required Topics — consistently covered across Florida college offerings:

• Cybersecurity Foundations: History, culture, terminology, national frameworks (NIST, NICE, CNSS 4011), and legal/ethical landscape including Florida cybersecurity statutes.
• Networking Fundamentals for Security: OSI and TCP/IP models; protocols at each layer (DNS, HTTP/S, SMTP, TCP, UDP, IP, ARP); LAN/WAN topologies; packet analysis.
• Threats, Vulnerabilities, and Attack Methods: Malware types, phishing/social engineering, denial-of-service, man-in-the-middle, SQL injection, buffer overflow, and advanced persistent threats (APTs).
• Network Defense and Security Architecture: Firewalls (stateful, NGFW), IDS/IPS, DMZ design, VPNs, network segmentation, and perimeter defense strategies.
• Cryptography and PKI: Symmetric and asymmetric encryption, hashing algorithms, digital signatures, certificate authorities, TLS/SSL, and key management.
• Access Control and Identity Management: Authentication models (DAC, MAC, RBAC), password policies, multi-factor authentication, directory services (LDAP/Active Directory).
• System and Device Hardening: Secure configuration of Windows and Linux servers, routers, switches, and endpoints; patch management; least-privilege principles.
• Risk Management and Security Policy: Risk identification and assessment, security auditing, business continuity planning, and development of information security policies.
• Incident Response and Recovery: Incident response lifecycle, detection and containment, eradication, recovery, and post-incident analysis; regulatory reporting obligations.
• Legal, Ethical, and Compliance Frameworks: Computer Fraud and Abuse Act (CFAA), HIPAA, FERPA, PCI-DSS, Florida Information Protection Act, and professional ethics.

Optional Topics — covered at the discretion of the institution or instructor:

• Introduction to Penetration Testing: Reconnaissance, scanning, exploitation basics, and reporting; ethical hacking methodology and legal boundaries.
• Virtualization and Cloud Security: Hypervisor security, virtual machine hardening, cloud service models (IaaS, PaaS, SaaS), and shared-responsibility model.
• Physical Security: Physical access controls, environmental controls, surveillance systems, and their integration with logical security.
• Digital Forensics Fundamentals: Forensically sound data collection, chain of custody, live acquisition, and use of open-source forensic tools.
• Emerging Technology Security: IoT device security, mobile device management (MDM), wireless security (WPA3), and security implications of AI-driven systems.
• Security Operations Center (SOC) Concepts: SIEM tools (e.g., Splunk), log analysis, threat intelligence, and SOC tier roles and workflows.

Resources & Tools

Courses in this area commonly utilize the following resources and technologies:

• Virtual Lab Environments: Florida Cyber Range, institutional cyber ranges, or locally hosted virtual machines (VMware, VirtualBox) running Windows Server and Linux distributions.
• Network Analysis Tools: Wireshark (packet capture and analysis), Nmap (network scanning), Netcat.
• Security Platforms: Splunk (log management/SIEM), Palo Alto Networks firewall simulation, Snort/Suricata (IDS/IPS).
• Operating Systems: Kali Linux (security testing), Ubuntu/CentOS (server hardening), Windows Server (Active Directory, Group Policy).
• Cryptography Tools: OpenSSL, GPG, and certificate management utilities.
• Textbook/Curriculum: CompTIA Security+ study materials; NIST Special Publications (SP 800-series); Cisco Networking Academy content.
• Standards References: CNSS 4011, NIST Cybersecurity Framework (CSF), NICE Cybersecurity Workforce Framework (NCWF).

Career Pathways

Completion of CET2890C supports entry-level and advancing roles in information security. Florida consistently reports thousands of cybersecurity job postings annually across sectors including financial services, defense contracting, aerospace, healthcare, and government.

• Information Security Analyst — median annual salary of approximately $124,910 nationally; projected job growth of ~29% from 2024–2034 (U.S. BLS).
• Network Security Technician / Administrator
• SOC Analyst (Tier 1/Tier 2)
• Systems Administrator (Security Focus)
• Cybersecurity Operations Specialist
• IT Auditor / Compliance Analyst

This course articulates into the A.S. in Cybersecurity / Network Systems Technology and supports transfer pathways toward B.A.S. / B.S. programs in Computer Information Systems Technology, Cybersecurity, or Computer Engineering Technology at Florida state colleges and universities.

Special Information

CNSS 4011 Recognition: This course has been recognized by the National Security Agency (NSA) and the Committee on National Security Systems (CNSS) for meeting the CNSS 4011 Information Systems Security Professionals training standard, a nationally recognized benchmark for cybersecurity education.

Certification Preparation: Content in this course directly supports preparation for the following industry certifications:

• CompTIA Security+ — the primary entry-level cybersecurity certification most requested by Florida employers.
• CompTIA CySA+ (Cybersecurity Analyst) — intermediate-level, for students continuing in security operations.
• CompTIA Network+ — foundational networking credential aligned to course networking content.
• Cisco CCNA Security — for students pursuing network-focused security roles.
• Systems Security Certified Practitioner (SSCP) — (ISC)² entry-level security credential.

CAE-CD Alignment: Many Florida institutions offering this course hold National Center of Academic Excellence in Cyber Defense (CAE-CD) designation from the NSA and Department of Homeland Security, ensuring rigorous curriculum standards and community engagement in cybersecurity education.