Information Assurance

This course offered a comprehensive introduction to cybersecurity, covering core principles, security models, and implementation across Unix/Windows systems, networks, web, databases, and mobile. Emphasis was on layered strategies—prevention, detection, and tolerance—from both attacker and defender perspectives. A weekly homework series required researching and reporting on newly disclosed vulnerabilities, significantly improving awareness of current threats and trends. Lectures, a project, presentations, and an exam built practical decision‑making skills.

university

University of Maryland • graduate course

focus areas

defense in depth risk management GRC incident response OS hardening threat modeling

🔑 core principles & coverage

security models & fundamentals: CIA triad, least privilege, separation of duties, trust boundaries.
platform coverage: Unix/Windows hardening, network security, web app controls, database and mobile safeguards.
defense layers: prevention, detection, and tolerance/response across people, process, and technology.
attacker vs defender mindset: adversary tactics vs. control selection and compensating controls.

🗞️ weekly vulnerability research

tracked recently disclosed CVEs and exploits; summarized impact and exposure.
mapped findings to affected tech stacks and recommended mitigations/patch paths.
improved threat awareness and rapid triage/report writing skills.

High-level security architecture showing layered defenses and governance — Layered Security Architecture

🧩 project: budget‑constrained enterprise security architecture

Simulated a mid‑sized enterprise with minimal security. Assessed gaps and designed a comprehensive architecture under strict budget constraints, justifying each control by risk reduction, cost efficiency, and measurable posture improvement.

Scope of work

initial assessment: asset inventory, threat modeling, and gap analysis (endpoint protection, access controls, IR readiness).
solution implementation:
- IPS/IDS: monitored and blocked suspicious network activity.
- EDR: real‑time endpoint monitoring, threat hunting, and forensics.
- DLP: prevented sensitive data exfiltration across endpoints and channels.
- SOAR: automated alert handling and streamlined incident workflows.
- IAM: enforced least privilege and strong authentication.
- OS hardening: firewall baselines, service reduction, timely patching for Linux/Windows servers.
compliance & governance: aligned policies and controls to ISO 27001 and NIST guidance with auditability.

📊 results & evaluation

demonstrated budget efficiency by mapping tool effectiveness to investment.
65% reduction in risk exposure (based on CVSS scoring of known threats).
improved incident response time via SOAR playbooks and defined runbooks.

tools & frameworks

controls & platforms: EDR, IPS/IDS, DLP, SOAR, IAM, host firewalls
governance: ISO 27001, NIST (CSF/800‑53), risk matrices & maturity models
process: asset inventory, threat modeling, patch & vuln management, IR runbooks

outcomes

Developed practical skills to assess risk, prioritize controls, and justify spend; improved capability to design measurable, standards‑aligned security architectures and communicate results to both technical and executive stakeholders.

references & practice

Back to Education