|Assigned Course Preparation Hours:||117|
The Cyber Security Technician program provides students with core competencies in: physical asset protection, local host protection, local area network security, network boundary protection, enterprise network security, industrial control system network security, medical and IoT network security and penetration testing. This program is part of the Information Technology pathway, which prepares students for a variety of entry level positions in the IT industry.
- Students prepare for entry-level positions in the IT/cyber security industry by acquiring relevant knowledge and skills. Possible employers may include manufacturers, contractors, hospitals, and other Maine businesses. Positions may include network technician, cyber security technician, or penetration tester.
- Students focus on the following certification objectives:
- Students gain a thorough grounding in the fundamentals of cyber security tools and techniques, ethical hacking standards, and proper security practices and procedures in the workplace.
Methods of Instruction
This program is a blend of instructor-led lecture and hands-on labs.
Refer to the Student Catalog and Handbook for the full list of policies.
Note that all courses include a pre-quiz, lectures, hands-on lab activities, and exams. See the Course Labs section below for lab descriptions.
Infrastructure Security (SIT-12, 50 hours)
This course introduces the concepts and techniques associated with physical infrastructure security devices, systems and techniques used to combat theft, prevent physical damage, maintain system integrity and services, and limit unauthorized disclosure of information.
The course begins with common Access Control systems for protecting physical infrastructure assets. This section contains information about different types of physical barriers and their associated monitoring and control systems. The Authentication Systems section that follows is a logical extension of the physical access control materials. Devices and systems covered in this portion are used for controlling access and denial of access to key physical assets.
Students will examine the components and operation of a typical physical security monitoring and notification system. In this section, security controllers, sensors, and enunciators are covered along with logical implementation strategies. Information contained in this section includes: surveillance cameras, video recorders, modulators and switchers.
The course progresses to Environmental Security Activities and covers techniques to guard information after data, a security system, or device reaches the end of its usable life cycle.
Local Host Security (SIT-13, 80 hours)
This course primarily deals with personal computers and focuses on security efforts at the local computer level. The course begins with physically securing personal computing devices. Information covered here includes biometric authentication devices such as finger print scanners, smart cards and RFID cards. The course then moves on to physical port access risks and solutions. Options for accessing the PC covered here include the USB ports and removable media systems.
In addition, the course covers logical (software-based) authentication methods for access control at the user’s level. Topics covered include passwords and computer locking features. Also included are local software-based firewalls and Internet Browser Security options. The course concludes with a detailed discussion dealing with malicious software protection options, such as antivirus and antispyware programs.
Local Network Security (SIT-14, 100 hours)
This course provides an introduction to networking and networking security information specific to different network environments – Enterprise/Business networks, Industrial/Utility networks and Medical networks.
This course also examines typical network topologies (connection schemes). It then moves on to discuss standard network connectivity devices. This is followed by an in depth study of the OSI model that describes the different layers that all modern networks are designed on. It also provides information about network control strategies. These include networking protocols (rules) such as TCP/IP and IP addressing schemes. It concludes with a discussion covering the Ethernet standard.
The course moves into logical access control for network environments. Topics covered here include user and group access controls instituted through the server’s network operating system. Next the course covers network authentication options. These include wireless network security considerations. The course concludes with coverage of securing network backup media.
Cyber Security (SIT-15, 50 hours)
This course builds on the information from the Local Network Security course and deals with security issues posed by Wide Area Networks (WANs) such as the Internet. The course focuses on protection of the organization from external threats. The key elements cover authentication protocols, data cryptography, and data encryption techniques. The course continues with coverage of Virtual Private Networks (VPNs) and firewalls.
The course then covers System Auditing and Event Logging as tools used to detect attempted or potential manipulation of the system or its data. Finally the course addresses intrusion techniques along with different types of Intrusion Detection Systems (IDS). Topics discussed here include host-based IDS, network-based IDS and penetration techniques.
Enterprise Network Security (SIT-16, 50 hours)
In this course, the focus of the material aligns with Information Technology and network types typically found in domain-based enterprise/business environments. The initial section of this course covers traditional business network configuration and variations, including intranets and extranets. It also covers common protective network structures including security zones, tunnels, DMZs and honey pots.
The next portion of the course turns to software security considerations, including software design, database security, and application security. The course then moves into one of the most expansive areas of business networking – virtualization. Virtualization is the process of using remote computer and networking capacity by making it appear to be local. Because virtualization is often a service provided by a third party, operations conducted in their shared cloud environments are only as secure as the safeguards in their systems.
This is followed by a major section of course concerning risk and risk mitigation in the data world. The material covered in this section includes determining process risks, setting and implementing corporate security policies, and concludes with business contingency and disaster recovery planning.
The course concludes with Enterprise Network Security with an introduction to computer forensic analysis. Topics covered include: forensically sound methods used to recover and investigate digital evidence.
Industrial Cyber Security Systems (SIT-17, 50 hours)
This course focuses on computing and intelligent control systems associated with automated processes. It also provides robust coverage of utility operations and organization. It also covers typical Industrial Control Systems (ICS) devices used in industrial and utility control networks. These devices bring a totally different element to the network for people who are more aware of techniques, systems and devices found in IT networks.
This course moves on to utility-related smart grid systems. This includes Wide Area and Home Area (WAN and HAN) networking systems, smart meters and HAN devices. It also introduces Supervisory Control and Data Acquisition (SCADA) systems to the network. In addition, the course brings cloud computing and the Internet of Things concept to the industrial networking environment. The course concludes with discussions covering the major security issues and solutions associated with these elements of the network.
Healthcare IT Security (SIT-18, 50 hours)
In this course, students engage a different data networking environment – the medical field. While containing many of the attributes of a business network environment, there are some specific requirements associated with creating, storing and transferring medical records that are significantly different than what you would find in a typical business network. The course begins by covering how medical records are generated and handled between different levels of care givers in the medical system – doctors, emergency medical facilities and workers, pharmacies, and hospitals.
The course moves on to address terminology and communication standards that are specific to the medical industry. The student must have a command of these elements to function efficiently in the Medical IT environment. The next section of the course examines steps that are being implemented throughout the medical industry to make patient data compatible and transferrable from one health care provider to another. It also covers regulations governing the storage, transmission and release of medical information. The course then moves on to deal with medical data communications and includes discussions of different communications channels commonly used in the industry. The course concludes with discussions concerning different medical security techniques and methods used to secure patient data; basic concepts and security concerns relating to three relatively new and growing areas of healthcare IT – portable medical devices, wearable devices, wireless sensor networks and remote wireless instrumentation; the challenges relating to the Internet of Things (IoT) and the growing field of networkable devices; and how cloud computing is changing medical security and the trend toward outsourcing of medical data management and storage.
Introduction to Ethical Hacking (SIT-19, 50 hours)
This course starts with a very important discussion about security concepts. The topics covered here include exclusion and inclusion, ethics and ethos, politics and policies, commercial and industrial espionage and cyber warfare-nation state aggression.
The course moves on to cover the different definitions of hacker and the roles that hackers play. Also covered are the roles of black hat, white hat and grey hat hackers, which are described and defined.
Finally, the course turns to various types of penetration testing tools and methods used to exploit network and computer vulnerabilities.
|Course #||Course Name||Lab||Lab Name & Description|
|SIT-012||Infrastructure Security||1||Infrastructure Security and Surveillance Systems: These hands on procedures are based on a two part lab station that contains a security system trainer and an integrated multi-camera surveillance system.|
|SIT-013||Local Host Security||2||Local Computer Security Options: The procedures in this lab deal with security tools located on the local computer.|
|SIT-014||Local Network Security||3||Network Security Essentials: This lab group deals with basic networking, router configuration and wireless network setup activities. These activities include configuring local routers for communications between the different client computers in the classroom. This lab advances a level by bringing servers and server security tools into the environment. These labs will require a single server (although multiple servers can be used). Students will also establish and configure User and Group rights and permissions to control access to servers and key network connectivity devices.|
|SIT-015||Cyber Security||4||Implementing Cyber Security: During these lab procedures, students will experiment with different authentication protocols, disk, data-in-motion encryption schemes and VPN configurations. They will also perform advanced router configurations for network level security functions. In particular they will configure firewall routers to meet specific corporate goals. They will also examine the different Network Services available, system auditing tools and event logging tools.|
|SIT-016||Enterprise Network Security||5||Enterprise Network Security: In this lab students will create and configure different enterprise networking security structures. The procedures involve deploying enterprise switches, routers, firewalls and servers.|
|SIT-017||Industrial Cyber Security Systems||6||Industrial and Utility Network Security: For this set of lab procedures the students will turn their attention and activities to a network arrangement that is attached to the Industrial Process panel. They will examine the level of knowledge required to exploit the vulnerabilities of this type of configuration.|
|SIT-018||Healthcare IT Security||7||Medical Network Security: In these lab procedures the students will create and transport patient records while observing legal requirements for handling medical records. Students will use appropriate tools and techniques to intercept and analyze moving data packets using Bluetooth, WiFi and Ethernet media. They will also examine secure and non-secure database programs that prevent/allow SQL Injections activities.|
|SIT-019||Introduction to Ethical Hacking||8||Introduction to Hacking Tools: In this lab, students are introduced to a number of different tools commonly used by hackers to attack and defend IT and ICS systems. Tools the students will be introduced to through these procedures include – Port Scanners, Packet Sniffers, Packet Construction tools, Network Analyzers, Penetration Testers, and Network Traffic Probes.|