Toolkit
Subjects of study
During my academic odyssey, spanning both community college and university, I have passionately engaged with a diverse array of courses. It is imperative to underscore the unwavering dedication I have channeled towards attaining the wealth of knowledge I now hold. By acknowledging the profound investment I've made in my education, I not only nurture a profound sense of self-validation but also illuminate the immense importance I attribute to the journey of learning.
College studies
At Chaffey Community College the focus of my studies are primarily based on Information Systems and Technology with an emphasis in cybersecurity.
Principles and applications of computers, including their role in business and society. Designed to provide computer competency for both Computer Information Systems majors and non-majors. Fundamentals of information systems, database management systems, networking, e-commerce, ethics and security, computer systems hardware and software components.
Introduction to the principles of computer programming. Topics include the program development life cycle, control structures, syntax and object-oriented programming development. A popular object-oriented programming language will be used.
Introduction to the terminology, application, and use of the graphical operating system. Topics include installation and setup, file management, security, networking, Internet access and communication, hardware and software maintenance, administrative tools, and others.
This course introduces the architecture, structure, functions, components, and models of the Internet and other computer networks. The principles and structure of IP (Internet Protocol) addressing and the fundamentals of Ethernet concepts, media, and operations are introduced to provide a foundation for further study of computer networks. It uses the OSI (Open Systems Interconnection) and TCP (Transmission Control Protocol) layered models to examine the nature and roles of protocols and services at the application, network, data link, and physical layers.
Introduces the discipline of computer science using a high level language, utilizing programming and practical hands-on problem solving. Topics include: hardware, software, computer architecture, memory and registers, input-output data operations, storage, information control, problem solving, and Object Oriented Programming. First course in a sequence of courses that is compliant with the standards of the Association for Computing Machinery (ACM).
In-depth study of Microsoft network server software and the administration of a network. Topics include: installation and configuration, active directory, file system management, and security.
Using lecture and hands-on labs, this course introduces students to the various cloud models and technologies used in public, private and hybrid clouds. Topics include cloud deployment methods, service models, cloud infrastructure, and key considerations in migrating to cloud computing. Amazon AWS will be the focus for the public cloud model as AWS has revolutionized IT infrastructure and students will be able to spin up actual AWS resources. For the private cloud and hybrid cloud portions of the course, students will setup hardware, networking, hypervisors and virtual machines. This course will cover various cloud technologies and essential domains including compute, storage, networking, security, applications, databases, Infrastructure as a Service, Platform as a Service, and Software as a Service.
An introduction to the fundamental principles and topics of Information Technology Security and Risk Management at the organizational level. It addresses hardware, software, processes, communications, applications, and policies and procedures with respect to organizational Cybersecurity and Risk Management.
This course introduces the network security specialist to the various methodologies for attacking a network. Students will be introduced to the concepts, principles, and techniques, supplemented by hands-on exercises, for attacking and disabling a network within the context of properly securing a network. The course will emphasize network attack methodologies with the emphasis on student use of network attack techniques and tools and appropriate defenses and countermeasures.
Fundamental legal principles pertaining to business transactions. Introduction to the legal process and dispute resolution. Coverage of federal and state court systems. Comprehensive study of contracts under the common law and the Uniform Commercial Code. Other topics include sources of law, business ethics, constitutional law, tort law, agency, business organizations, and criminal law as applied to business.
The use of probability techniques, hypothesis testing, and predictive techniques to facilitate decision-making. Introduction to descriptive and inferential statistics. Topics include: frequency distribution, measures of variation and central tendency, discrete and continuous random variables and probability distributions, sampling distributions, interval estimations of population parameters, hypothesis testing, analysis of variance, chi square and t-test analysis, and linear regression and correlation. Application of technology for statistical analysis including the interpretation of the relevance of statistical findings. Applications using data from various disciplines such as: business, physical sciences, social sciences, psychology, life science, health science, and education. A specific statistical graphing & computing utility is required. See instructor before acquiring. May be offered as an Honors course.
Coordinate geometry and graphing techniques; conic sections; solutions to higher degree polynomial equations; functions; polynomial, rational, inverse, exponential and logarithmic functions; systems of nonlinear equations and inequalities; matrices and determinants; sequences and series; binomial expansion; mathematical induction; introduction to mathematical proof.
In-depth exploration of the variables of interpersonal communication processes as they occur in day-to- day, face-to-face human interaction. Oral assignments are required.
Careful study and practice of expository and argumentative writing techniques and the frequent writing of compositions with the ultimate goal of a research project. A minimum of 5,000 written words is expected over the course of the term.
Undergrad studies
At California State University of San Bernardino the focus of my studies are primarily based on Information Systems and Technology with an emphasis in cybersecurity.
This course covers the fundamental concepts and technologies of database systems for business applications. Students will learn database concepts and skills including: data modeling (ER and relational model), normalization, Structured Query Language (SQL), transaction management, data base system administration issues, security, and implementation techniques using a popular database management systems software package.
This course focuses on how best practice organizations use information technology to gain competitive advantage and accomplish mission. The course exposes students to numerous examples of IT applications in finance, accounting, marketing, public administration, human resource, entrepreneurship, and supply chain operations. Topics include: enterprise information systems; ethics of IT use; cybersecurity, IT laws and risk management, cloud computing, data warehousing and business intelligence, social media, customer/supplier relationship management systems, IT project management, and impact of contemporary IT technologies such as AI and blockchain technologies.
This course is designed to give students exposure to and experience with several modern web development principles and technologies used on the Internet today. Topics include XML, web protocols, client-side & server-side technologies, back-end data management, and web service. If time permits, topics in semantic web may be included.
This course introduces students to the principles and methods of systems analysis and design. Topics include: systems development life cycle, prototyping, planning and managing projects, systems evaluation, interface design with controls, and object-oriented design concepts and tools. The course exposes students to UML (Unified Modeling Language) and other graphical modeling tools to model information systems based on user requirements and specification.
Advanced computer networks and their application in organizations. Students are introduced to the technology of routed and switched networks, wireless networks and network security. Through hands-on experience and using popular packet analyzer tools and simulators, students learn how to design, configure, administer, secure and debug heterogeneous IP networks. Topics include: routing protocols, configuring routers and switches, VLANs, network management techniques, routing IP traffic, wireless networks, network security, access control list.
Advanced study of information systems planning and policy formation for top management. Covers strategic use of information technology in organizations; the theory, methods and practices of enterprise systems planning; and design and implementation of information systems policy. Policy issues surrounding project management, information classification, IT audit, and legal issues related to privacy and security will also be covered.
This course is a capstone course that will integrate the various topics as it relates to the administration of an information system. This course may include but is not limited to: installing, managing and maintaining network based operating systems, installing and configuring network services, user and group account management, automating network tasks with scripts, managing a database, modifying a system for improved performance and security, and securing the system in preparation for a penetration test. Because of the dynamic nature of information systems and the rapid development that takes place continually, this course will cover topics that are timely as determined by current conditions and future trends.
A systematic inspection of systems for evidence of a crime and use in civil litigation. Identify sources of digital evidence, preserve and analyze digital evidence, present findings (deposition of legal evidence in a court of law), and learn tools forensics experts use. The topics may include terrorism, identify theft, fraud, hacking, societal issues and embezzlement. Students will learn best practices with hands-on experience in identifying and preserving digital evidence.
This course covers the technical and managerial knowledge required to effectively design, engineer, and manage the overall security posture of an organization. Topics include: Security and risk management, asset security, communication and network security, identity and access management, security assessment and testing, security operations, software development security.
An overview of the wide area of business analytics, including the extensive use of data, methods, and fact-based management to support and improve decision making. Students are introduced to the most important methods used to manipulate, store, clean, visualize, and analyze big data. Topics include: The analytics life cycle, basic tools for statistical analysis, programming, machine learning algorithms and report generation for technical and non-technical audiences.
An intensive study of some aspect of information systems and technology to be proposed by the instructor. May be repeated for credit as topics change.
This course introduces students to project management theory, terms and concepts. Students will learn about project management constraints and their impact on a project’s ability to meet business goals: time, cost, and performance. Students will learn techniques to manage people and how the workforce will impact, and be impacted by, the project management constraints. Topics include: project life cycle, how to build a successful project from pre-implementation to completion, sequencing and budgeting, project evaluation and control, project feasibility, risk analysis, resource allocation and project management tools.
This course covers the process and methods for assessing the security posture of information systems. It reviews in depth the phases of penetration testing to include but not limited to: planning, reconnaissance, scanning, exploiting, post-exploitation and reporting. Tools techniques and procedures for each of the phases will be discussed, demonstrated and used in lab exercises.
This course introduces students to concepts, principles and techniques related to data mining and the knowledge discovery process. Students will learn methods to manipulate and explore data through learning the basic ideas of clustering, regression and classification. The course will provide hands-on experience with a variety of different techniques and applications (e.g., intrusion detection, text mining, customer segmentation). Topics include: data processing, pattern discovery, logistic regression, classification methods, association analysis and cluster analysis.
Graduate studies
At California Polytechnic State University Pomona the focus of my studies is primarily on Information Security with an emphasis in IT Auditing.
Fundamentals of Information Technology (IT) auditing. Understanding IT audits, career path, and the qualifications needed to enter and become successful in this field. Includes understanding of IT audit tools and techniques, audit programs and frameworks for the governance and management of IT audits.
Introduction to the use of computers to support data communications. Information systems design issues related to hardware, software, media, networks and protocols.
Exploration of modern Operating Systems’ concepts that include installation, configuration, domain controllers, group policies, certificates, networking, remote access, and security. These concepts will be complemented with PowerShell programming in Windows Operating system and Shell programming in Linux Operating system.
The web platform has become a default gateway to present and exchange information. However, it faces risks from unauthorized access, modification, and destruction. Security professionals need to understand threats to website applications, know how to identify vulnerabilities, how attacks are performed, and how to defend web applications.
Introduction to managing a cloud-based infrastructure. Topics include virtualization, cloud service deployment models, cloud delivery models, security issues, managerial and governance issues in cloud environment.
Managing and conducting computer forensics examinations. Topics include: analysis of multiple volume forensics images, recovery of deleted and reformatted volumes, file management systems of multiple operating systems, steganography, and network forensics. May be taken up to three times for a total credit of 9 units.
Introduction to systems and processes used in the management of privacy and security in modern organizations. The topics are approached from a technology as well as business management perspective offering insight into organizational security and privacy needs, legal and regulatory constraints, as well as the tools, technologies and processes to meet the demands on individuals tasked with security and privacy management.
Concepts of information security. Understanding information protection, physical and logical security of information systems. Practical case-study approach to solving security problems peculiar to the commercial data systems environment.
Digital forensics methodology. Legal issues regarding evidence seizure, chain of custody, reporting, and court testimony. Technical issues in acquiring and analyzing evidence from digital devices. Contemporary file systems are examined. May be taken up to three times for a total credit of 9 units.
Hands on experience in applying IT Auditing Techniques and methods. Fundamentals of advanced concepts in IS Auditing. May be taken up to three times for a total credit of 9 units.
Network security in a business environment. Topics include defensive and offensive cybersecurity practices, incident response process, log analysis, and post penetration test analysis.
An examination on the subject areas of the candidate’s coursework listed on the degree program.
Software Used In Class
ERM SIEM Software
IT Audit Frameworks Used In Class
COBIT
ISACA
RMF
NIST
27001/27002
ISO/IEC
COSO
COSO
38508
ISO/IEC
FIPS 199
NIST
Cybersecurity Framework
NIST
SP-800-53
NIST
PCI DSS
Payment Card Industry Data Security Standard
Volunteer work at Cal Poly Pomona Cyber Security and Awareness Fair
Volunteered with the Chaffey Community College cybersecurity club to help at the cal poly fair. Not only that but we created a cyber range for real time pen-test presentation with Professor Nimri.
- Experience: Learned about the demand for information security
- Cooperation: Coordinated and deploy a cyber range in real time
- New Experience: I got to try my luck at lock-picking!
