Course Summary
Credit Type:
ACE Course Number:
Organization Course Number:
CYB 301
1 week (33 hours)
Dates Offered:
Credit Recommendation & Competencies
Level Credits (SH) Subject
Lower-Division Baccalaureate 3 Introduction to Computer Security, Business, or Public Management
Students must complete TEEX-0284, TEEX-0285, and TEEX-0286 to receive credit for this course.


The course objective is to provide requisite background theory and recommended best practices needed by business managers to keep their offices running during cyber incidents of different types.

Learning Outcomes:

  • Know reactive cyber incident management activities
  • Identify protecting and restoring systems that have been compromised by cyber security incidents including incident containment, identification, eradication, and recovery
  • Summarize the practice of business information continuity
  • Summarize risk management, the application of risk management practices to information systems, and how information systems risk management relates to business information continuity
  • Explain information technology components found in most organizations and an evaluation of their relative importance
  • Summarize risk identification and common hazards
  • Discuss risk control which involves risk detection, risk limitation, risk recovery, and risk plan monitoring
  • Discuss organizational security policies, how to apply them to an organization's practices, and how to successfully comply with industry standards such as COBIT, FISMA, PCI, and others
  • Summarize concepts for cyber incident management, as well as an overview of the cyber incident management process
  • Describe preparation phase of cyber security incident management
  • Specify cyber incident proactive and post services, legal issues, and human resource issues
  • Describes continuity plans
  • Review training that should be given to employees, and teaches how to derive maximum productivity from current and new staff
  • Describe the technical side of business information continuity
  • Recognize threats to business information continuity
  • Review inventory, personnel, and the previous continuity plan
  • Apply risk and hazard frameworks to common cyber threats
  • Define risk quantification, including quantitative and qualitative methods

General Course Topics:

  • Types of cyber incidents, common forms of malware and attacks, an outline of the cyber incident management process, and common standards for cyber incident management
  • Cyber incident management policies, services and procedures
  • Incident monitoring, log management, detection, cyber incident triage, event scope and characteristics, incident investigation, impact and escalation, and cyber incident management software and services
  • Mitigation of specific common types of cyber incidents
  • Cyber attack categories, outcome discussions, vulnerability analysis, evidence and digital forensics, and chain of custody
  • Impact analysis
  • Incident response teams, recovery plans and the procedures to use when changing and updating the business information continuity plan
  • Outsourcing
  • Software patching, methods to minimize human error, and hardware failures
  • Access control and the verification and validation procedures
  • Federal information security laws and repercussions from noncompliance
  • HIPAA, Sarbanes-Oxley, and other notable federal laws
  • Procedures for enumerating threats and testing plans
  • Information systems risk management programs
  • Valuation of critical assets
  • Risk and hazard frameworks to common cyber threats
  • Risk prioritization, tolerance, and response
  • Cyber security control practices
  • Basic concepts of business continuity planning
Instruction & Assessment

Instructional Strategies:

  • Audio Visual Materials
  • Computer Based Training
  • Practical Exercises

Methods of Assessment:

  • Examinations
  • Quizzes

Minimum Passing Score:

Supplemental Materials