Untitled

APPLY NOW

Web Schedules

Fall 2025
Spring 2026
Summer 2026

One Credit Courses

Fall 2025
Spring 2026
Summer 2026

No Cost Textbook/Resources Courses

Fall 2025
Spring 2026
Summer 2026

Low Cost Textbook/Resources Courses

Fall 2025
Spring 2026
Summer 2026

Course Planning by Program

2025-26

Essential Objectives

Course Syllabus


Revision Date: 12-Feb-26
 

Spring 2026 | CIS-2255-VO01 - Principles and Management of Cybersecurity


Online Class

Online courses take place 100% online via Canvas, without required in-person or Zoom meetings.

Location: Online
Credits: 3 (45 hours)
Day/Times: Meets online
Semester Dates: 01-27-2026 to 05-11-2026
Last day to add this section: 02-05-2026
Last day to drop without a grade: 02-08-2026 - Refund Policy
Last day to withdraw (W grade): 03-29-2026 - Refund Policy
This course has started, please contact the offering academic center about registration

Faculty

Tyler Whitney
View Faculty Credentials
View Faculty Statement
Hiring Coordinator for this course: Deb Grant

Browse the Canvas Site for this class.

    Note
  1. Many degree programs have specific general education recommendations. In order to avoid taking unnecessary classes, please consult with additional resources like your program evaluation, your academic program catalog year page, and your academic advisor.
  2. Courses may only be used to meet one General Education Requirement.

Course Description

Students explore the broad range of concepts, governance, and policy involved in protecting information assets within computer systems and networks. This foundational course covers concepts found in the CompTIA Security+ certification including law, ethics, cryptography, and the fundamentals of system and network security. Students develop strategies for identifying and remediating organizational vulnerabilities and risk assessment based on the CIA Triangle security model (confidentiality, integrity, and availability).


Essential Objectives

1. Define issues critical to information security and risk management in a professional environment.
2. Describe the need for contingency planning and discuss scenarios.
3. Analyze information security policy in a business setting.
4. Demonstrate security policy models.
5. Define and discuss security management practices.
6. Identify control classification categories established and maintained by NIST (National Institute for Standards and Technologies) and the ISO (International Organization for Standardization).
7. Evaluate protection mechanisms and formulate cost basis analysis for implementation.
8. Create a SETA plan (security, education, training, and awareness) for an organization or business.


Required Technology

More information on general computer and internet recommendations is available on the CCV computer recommendations Support page.

Please see CCV's Digital Equity Statement (pg. 45) to learn more about CCV's commitment to supporting all students access the technology they need to successfully finish their courses.


Required Textbooks and Resources


*** This is a no cost textbook or resource class. ***

This course only uses free Open Educational Resources (OER) and/or library materials. Browse the Canvas Site for this class.


Artificial Intelligence(AI) Policy Statement

CCV recognizes that artificial intelligence (AI) and generative AI tools are widely available and becoming embedded in many online writing and creative applications.

Integrated: This course's generative AI policy acknowledges the use of AI is an essential skill in today's world. By using genAI for specific purposes, students become equipped with relevant skills and tools necessary to thrive in a technology-driven society. Emphasizing the mastery of generative AI should empower you to harness its potential, enhancing your problem-solving abilities and preparing you for future challenges and opportunities. Be aware, however, that any time generative AI is used at any point in the assignment without attribution it may be considered a violation of CCV's Academic Integrity Policy.

Artificial intelligence (AI) tools are allowed in this course as learning aids, similar to tutoring, documentation, or office hours. You may use AI to help search for sources, explore unfamiliar topics, clarify concepts, debug code you wrote, or improve the clarity and mechanics of your own writing. Used this way, AI can support your learning without replacing it.

However, AI may not be used to do the core thinking for you. You may not submit AI-generated answers, essays, code, or solutions as your own, nor use AI to complete assignments in place of your own reasoning. If the AI is doing the thinking for you, that use is not permitted. When AI contributes meaningfully to your work, you are expected to disclose that use. When in doubt about whether a particular use is appropriate, ask before submitting.

Some assignments in this course may explicitly prohibit, limit, or require the use of AI tools. Always follow the instructions provided for each assignment, even when they differ from the general course policy. When AI tools are used in a way that meaningfully supports your work, you must acknowledge that use. Disclosure is not a penalty. It is part of academic honesty and professional practice.

Appropriate examples of AI use:

  • Using AI to suggest search terms or help locate scholarly sources
  • Asking AI to check your work or explain a concept after attempting the problem yourself
  • Debugging or reviewing code that you wrote
  • Checking grammar or improving clarity of your own writing

Inappropriate examples of AI use:

  • Submitting AI-generated essays, discussion posts, or lab answers
  • Using AI to solve problems or design solutions without understanding them
  • Paraphrasing AI output and presenting it as your own work
  • Relying on AI-generated code or explanations you cannot explain

Example AI disclosure and ctiation:

AI tools used: Google Gemeni
Purpose: Helped identify sources and clarify concepts related to cloud scalability.

Google. (2025). Gemini (large language model) [Artificial intelligence software]. https://gemini.google.com



Methods

  • online forum discussions
  • interactive labs
  • multimedia presentations and resources
  • readings, writing, and inquiry-based research

Evaluation Criteria

Discussions: 20%
Assignments: Student Research & Chapter Exercises: 30%
Quizzes: 20%
Exams: 30%


Grading Criteria

CCV Letter Grades as outlined in the Evaluation System Policy are assigned according to the following chart:

 HighLow
A+10098
A Less than 9893
A-Less than 9390
B+Less than 9088
B Less than 8883
B-Less than 8380
C+Less than 8078
C Less than 7873
C-Less than 7370
D+Less than 7068
D Less than 6863
D-Less than 6360
FLess than 60 
P10060
NPLess than 600


Weekly Schedule


Week/ModuleTopic  Readings  Assignments
 

1

Week 1: Introduction to Cybersecurity & the CIA Triad

Topics

  • Overview of cybersecurity

  • Confidentiality, Integrity, and Availability (CIA)

  • Security as an organizational responsibility

Activities

  • Review course overview and expectations

  • Read introductory materials on cybersecurity fundamentals

  • Explore real-world examples of security failures

Assessments

  • Discussion: Why Cybersecurity Matters to Organizations

  • Assignment: Applying the CIA Triad to a Real-World Scenario

  • Quiz: Cybersecurity Foundations

    
 

2

Week 2: Threats, Vulnerabilities, and Risk

Topics

  • Threat actors and motivations

  • Vulnerabilities vs. exploits

  • Risk concepts and impact analysis

Activities

  • Review threat and risk concepts

  • Analyze organizational security risks

  • Apply risk terminology to case examples

Assessments

  • Discussion: Identifying Threats and Risks

  • Assignment: Basic Risk Identification Exercise

  • Quiz: Threats and Risk Concepts

    
 

3

Week 3: Laws, Regulations, and Ethics in Cybersecurity

Topics

  • Legal responsibilities and compliance

  • Ethics in cybersecurity practice

  • Privacy and data protection

Activities

  • Review readings on cybersecurity law and ethics

  • Examine ethical dilemmas in security

  • Reflect on professional responsibilities

Assessments

  • Discussion: Ethics vs. Compliance in Cybersecurity

  • Assignment: Legal and Ethical Scenario Analysis

  • Quiz: Cybersecurity Law and Ethics

    
 

4

Week 4: Security Governance and Policy

Topics

  • Security governance concepts

  • Types of security policies

  • Policy development and enforcement

Activities

  • Review security policy structures

  • Analyze policy effectiveness

  • Examine governance models

Assessments

  • Discussion: The Role of Security Policy in Organizations

  • Assignment: Security Policy Review

  • Quiz: Governance and Policy Fundamentals

  • Lab 1: Security Policy Analysis Lab

    
 

5

Week 5: Security Models and Frameworks

Topics

  • Security models and abstractions

  • Defense-in-depth

  • Zero Trust (conceptual overview)

Activities

  • Review security models

  • Compare framework approaches

  • Apply models to example organizations

Assessments

  • Discussion: Choosing the Right Security Model

  • Assignment: Security Model Application Exercise

  • Quiz: Security Models and Frameworks

    
 

6

Week 6: Security Control Types and Classifications

Topics

  • Administrative, technical, and physical controls

  • Preventive, detective, and corrective controls

  • Control effectiveness

Activities

  • Review control classification examples

  • Map controls to organizational needs

  • Analyze layered security strategies

Assessments

  • Discussion: Evaluating Security Controls

  • Assignment: Control Classification Exercise

  • Quiz: Security Controls

    
 

7

Week 7: NIST, ISO, and Industry Standards

Topics

  • NIST Cybersecurity Framework

  • ISO/IEC 27001 overview

  • Importance of standards

Activities

  • Review standards documentation

  • Compare NIST and ISO approaches

  • Apply standards to real scenarios

Assessments

  • Discussion: Why Security Standards Matter

  • Assignment: Standards Comparison Activity

  • Quiz: NIST and ISO Frameworks

  • Lab 2: Security Control Mapping Lab

    
 

8

Week 8: Network and System Security Fundamentals

Topics

  • Network security concepts

  • System hardening (conceptual)

  • Cloud security basics

Activities

  • Review system and network protection concepts

  • Analyze common attack surfaces

  • Explore shared responsibility models

Assessments

  • Discussion: Protecting Systems and Networks

  • Assignment: Network and System Security Scenario

  • Quiz: Network and System Security

    
 

9

Week 9: Cryptography and Data Protection

Topics

  • Encryption fundamentals

  • Hashing and digital signatures

  • Protecting data at rest and in transit

Activities

  • Review cryptographic concepts

  • Examine real-world encryption use cases

  • Analyze data protection strategies

Assessments

  • Discussion: The Role of Cryptography in Security

  • Assignment: Data Protection Strategy Exercise

  • Quiz: Cryptography Fundamentals

    
 

10

Week 10: Identity, Authentication, and Access Control

Topics

  • Authentication vs. authorization

  • Least privilege

  • Identity and access management (IAM)

Activities

  • Review access control concepts

  • Analyze identity management challenges

  • Apply access control models

Assessments

  • Discussion: Managing Access Securely

  • Assignment: Access Control Design Exercise

  • Quiz: Authentication and Access Control

  • Lab 3: Access Control Scenario Lab

    
 

11

Week 11: Incident Response and Contingency Planning

Topics

  • Incident response lifecycle

  • Disaster recovery and business continuity

  • Incident response planning

Activities

  • Review incident response frameworks

  • Analyze response scenarios

  • Evaluate contingency planning strategies

Assessments

  • Discussion: Preparing for Security Incidents

  • Assignment: Incident Response Planning Exercise

  • Quiz: Incident Response and Contingency Planning

    
 

12

Week 12: Risk Assessment and Cost–Benefit Analysis

Topics

  • Qualitative vs. quantitative risk assessment

  • Risk mitigation strategies

  • Cost–benefit analysis

Activities

  • Review risk assessment methodologies

  • Analyze security investment decisions

  • Apply risk evaluation techniques

Assessments

  • Discussion: Balancing Risk and Cost

  • Assignment: Risk Assessment Report

  • Quiz: Risk Management Concepts

  • Lab 4: Organizational Risk Assessment Lab

    
 

13

Week 13: Human Factors and Security Awareness

Topics

  • Social engineering

  • Insider threats

  • Security culture

Activities

  • Review human-centered security risks

  • Analyze awareness failures

  • Explore mitigation strategies

Assessments

  • Discussion: People as a Security Risk and Asset

  • Assignment: Security Awareness Analysis

  • Quiz: Human Factors in Security

    
 

14

Week 14: SETA Programs and Security Management

Topics

  • Security Education, Training, and Awareness (SETA)

  • Measuring effectiveness

  • Managing security programs

Activities

  • Review SETA program components

  • Analyze training effectiveness

  • Design awareness strategies

Assessments

  • Discussion: Building a Security-Aware Organization

  • Assignment: SETA Program Design

  • Quiz: Security Management and SETA

  • Lab 5: SETA Plan Development Lab

    
 

15

Week 15: Integrating Cybersecurity into Organizational Strategy

Topics

  • Security as enterprise risk management

  • Strategic security planning

  • Emerging cybersecurity trends

Activities

  • Review course concepts holistically

  • Reflect on security strategy

  • Examine future challenges

Assessments

  • Discussion: Cybersecurity as a Strategic Function

  • Assignment: Cybersecurity Strategy Reflection

  • Quiz: Course Synthesis and Review

    
 

Attendance Policy

Regular attendance and participation in classes are essential for success in and are completion requirements for courses at CCV. A student's failure to meet attendance requirements as specified in course descriptions will normally result in a non-satisfactory grade.

  • In general, missing more than 20% of a course due to absences, lateness or early departures may jeopardize a student's ability to earn a satisfactory final grade.
  • Attending an on-ground or synchronous course means a student appeared in the live classroom for at least a meaningful portion of a given class meeting. Attending an online course means a student posted a discussion forum response, completed a quiz or attempted some other academically required activity. Simply viewing a course item or module does not count as attendance.
  • Meeting the minimum attendance requirement for a course does not mean a student has satisfied the academic requirements for participation, which require students to go above and beyond simply attending a portion of the class. Faculty members will individually determine what constitutes participation in each course they teach and explain in their course descriptions how participation factors into a student's final grade.


Participation Expectations

Students are expected to complete the assignments each week. Posts in the discussion forums should be created mid week to give a chance for fellow students to respond. At least one response to a fellow student is expected for full discussion credit.



Missing & Late Work Policy

Late assignments are permitted with a 10% per day late penalty, unless otherwise coordinated with the instructor.


Accessibility Services for Students with Disabilities:


CCV strives to mitigate barriers to course access for students with documented disabilities. To request accommodations, please
  1. Provide disability documentation to the Accessibility Coordinator at your academic center. https://ccv.edu/discover-resources/students-with-disabilities/
  2. Request an appointment to meet with accessibility coordinator to discuss your request and create an accommodation plan.
  3. Once created, students will share the accommodation plan with faculty. Please note, faculty cannot make disability accommodations outside of this process.


Academic Integrity


CCV has a commitment to honesty and excellence in academic work and expects the same from all students. Academic dishonesty, or cheating, can occur whenever you present -as your own work- something that you did not do. You can also be guilty of cheating if you help someone else cheat. Being unaware of what constitutes academic dishonesty (such as knowing what plagiarism is) does not absolve a student of the responsibility to be honest in his/her academic work. Academic dishonesty is taken very seriously and may lead to dismissal from the College.

Apply Now for this semester.

Register for this semester: November 3, 2025 - January 16, 2026