Cyber Security Home

Greetings, Cyber Security interested student's and parent's. This site is dedicated to all of the students who come to the Cyber Security class every day at Warren Tech (WT) to learn detailed technical information regarding the art and craft of Network Security. 

In the Cyber Security course, students learn diverse topics such as:


    In Cyber Security we face the challenges of protecting infrastructures from internal and external threats in the midst of keeping up with the ever-changing industry of technology. We seek to prevent crime and improve justice. In Cyber Security there are many different areas you could choose from.

  Forensics

    Computer Forensics is the analysis of information contained within and created with computer systems and computing devices, typically in the interest of figuring out what happened, when it happened, how it happened, and who was involved.

    This can be for the purpose of performing a root cause analysis of a computer system that had failed or is not operating properly, or to find out who is responsible for misuse of computer systems, or perhaps who committed a crime using a computer system or against a computer system. This being said, computer forensic techniques and methodologies are commonly used for conducting computing investigations - again, in the interest of figuring out what happened, when it happened, how it happened, and who was involved.

    In many cases, information is gathered during a computer forensics investigation that is not typically available or viewable by the average computer user, such as deleted files and fragments of data that can be found in the space allocated for existing files - known by computer forensic practitioners as slack space. Special skills and tools are needed to obtain this type of information or evidence. Think of a case where the specific firearm that fired a bullet needs to be identified. This information could not be readily ascertained by just any member of law enforcement, so ballistics professional with special skills and tools is needed.


  Software Assurance

    The first area of Cyber Security we will be going over is Software Assurance. Software Assurance begins with code quality and evidence of that quality. You can assume a software defect found during the development of a product may require $1 to remedy. If the defect escapes the development phase and enters the independent testing phase the cost will be approximately $100 to remedy. If the defect escapes the independent testing phase and makes it into production the cost will be approximately $1,000 to remedy. If sensitive data is lost or attackers make the software do things they are not supposed to do, through exploitation of a known software weakness, the costs of this defect may exceed many thousands of dollars to repair — if repair is even possible — and the impact could go well beyond anything that money can represent.

    Software Assurance is the level of confidence that software is free from vulnerabilities.

    The first step in gaining software assurance is to improve the various aspects of quality of the applications/software you directly control and have evidence to support your confidence in the quality of that software.


  Vulnerability Management

    The basic process for addressing unexpected security-relevant weaknesses in any self-developed, commercial or open source software used in any organization starts with the discovery of a security-relevant weakness in that software that leaves the software vulnerable. The discoverer could be the software creator, an outside researcher, or a software user. For commercial and open source software the next step is usually for the software creator to be informed of the potential vulnerability by the discoverer to confirm it is an actual vulnerability, start evaluating it, and then look for potential resolutions.


  Application Security

    If you believe that your software should do what it is supposed to do and nothing more in spite of the efforts of attackers, haphazard user input, or accidents, then application security is probably something you will be interested in. Gaining assurance that the software products you acquire or develop are free of known types of security weaknesses can leverage public knowledge, such as the Common Weakness Enumeration (CWE) and Common Attack Pattern Enumeration and Classification (CAPEC) collections. By leveraging these collections, along with high-quality tools and services for finding the security weaknesses in code and testing software with misuse and abuse test cases, you can systematically organize and document the assurance activities as you conducted them.


  Penetration Testing

    If you believe that your software should do what it is supposed to do and nothing more in spite of the efforts of attackers, haphazard user input, or accidents, then application security is probably something you will be interested in. Gaining assurance that the software products you acquire or develop are free of known types of security weaknesses can leverage public knowledge, such as the Common Weakness Enumeration (CWE) and Common Attack Pattern Enumeration and Classification (CAPEC) collections. By leveraging these collections, along with high-quality tools and services for finding the security weaknesses in code and testing software with misuse and abuse test cases, you can systematically organize and document the assurance activities as you conducted them.

You'll be using the following texts in this class:


    Class Times:

    Morning Session: 7:30 - 10:30 a.m. (Monday - Friday)
    Afternoon Session: 11:45 - 3:35 p.m. (Monday - Thursday)


This page was created by the Warren Tech Cyber Security student's.

Bill Heldman, Instructor
303-982-8534