Course Syllabus

Cyber 342W - Cyber Incident Handling and Response

Please note that the specifics of this Course Syllabus are subject to change. Instructors will notify students of any changes and students will be responsible for abiding by them. Even if you print this syllabus, please check the online version often.

Instructor and Assistant(s)

  • Instructor:

All course-related e-mail, including messages to your instructor(s) and fellow students should be sent within Canvas, using the Inbox. Every attempt will be made for the instructor (or an assistant) to respond to e-mailed questions during regular business hours within 24 hours.

Additional instructor information can be found by selecting People and then the Teacher name.

Description

CYBER 342W: Cyber Incident Handling and Response (3 credits) - This course provides an introduction to the tasks and procedures commonly used by organizations to identify, respond to, manage and remediate a cyber security incident. This is a key course in the College of IST’s Cybersecurity curriculum and is an anchor of the risk management perspective of the major. It brings together the foundations of mathematics, software development and cybersecurity fundamentals to address cyber incidents following best practices in the industry. Topics will include preparedness, incident response, disaster planning, business continuity planning, incident mitigation and recovery. As a writing-intensive course, it will introduce students to the writing requirements and standards of the cybersecurity industry, from individual incident reports to comprehensive incident management and disaster recovery planning documents. By the end of the course, the students will have written and revised their own incident management plans, a computer security incident response team (CSIRT) plan, business continuity plans and post-incident recovery plans.

As a writing-intensive course, students will be assessed primarily on their writing and improvement in their writing. Two types of writing assignments are in this course.

  • Individual assignments afford students the chance to write in the types and formats appropriate for the cybersecurity work domain. These include individual writing, peer review and instructor feedback on the student’s writing for cybersecurity, disaster recovery and business continuity activities, focusing on cyber incident response documentation. Some of the parts of these assignments are ungraded, especially in draft and peer review, following the write-to-learn model.
  • Team assignments where students will work together in small teams, and document a cyber incident response plan for an organization. This type of writing is in the traditional writing activity model. While students are expected to draft, revise and review, these assignments will be graded individually and as a group.

Prerequisites

  • CYBER 262
  • SRA 221
  • SRA 231

Objectives

This is the intensive writing course for the Cybersecurity Major. During this course, students will learn about handling cybersecurity incidents on behalf of organizations. Upon completion of this course, students will be able to:

  1. Understand organizational requirements for documentation of cyber incident response and recovery.
  2. Document a cyber security incident, response to the incident and remediation efforts.
  3. Work with a team to prepare one of several cybersecurity incident, disaster recovery or business continuity planning documents.
  4. Utilize strategies for improving their own writing and the writing of others to conform an organization’s documentation of cybersecurity incident planning, response and remediation.

Materials

  • Whitman, M. E., Mattord, H. J., and Green, A. (2014). Principles of Incident Response and Disaster Recovery (2nd ed.) Cengage Learning. ISBN 9781111138059
  • Additional material will be posted on Canvas

Assignments & Grading

Item Quantity Points each Total

Chapter Quizzes (final grade based on best 11 quiz scores)

12 total / 11 graded 30 330
Individual Writing Assignments 5 60 300
Team Discussions 5 24 120
Group project 6 deliverables variable 250
1000

* A portion of this grade will be allocated to team member reviews of individual student performance.

Course Grading Scale

The following are minimum cutoffs for each grade:

  • 93.00% = A
  • 90.00% = A-
  • 87.00% = B+
  • 83.00% = B
  • 80.00% = B-
  • 77.00% = C+
  • 70.00% = C
  • 60.00% = D
  • less than 60.00% = F

Course Policies and Expectations

  • Logging into Canvas - Students are expected to login regularly to check for course updates, announcements, e-mails, discussions, etc.
  • E-mailing through Canvas - Students are expected to use Canvas for all course e-mail communication.
  • Attending virtual meetings - Students are expected to use specified virtual meeting tool(s) for collaboration, meetings, presentations, etc., as needed.
  • Late assignments:
    • There is a 10%-per-calendar-day late penalty for all assignments, up to five days; no late assignments will be accepted after the five-day-late mark.  (In other words, you can turn in a late assignment up to 5 days past the due date, but there will be a 50% penalty - 10% for each day late - deducted from the total possible score; no assignments will be accepted for credit after 5 days late.)  
    • All assignments, including late assignments, must be turned in by the last day of class (as published in the official University academic calendar) in order to be considered for grading.
    • If you have a problem meeting a deadline due to an extenuating circumstance, please contact your instructor to discuss your situation.
  • Group assignments and participation:
    • Part of this course will include group work. You are expected to collaborate and communicate with your group members in a professional manner. Group grades will only be given to participating group members. When providing feedback to a classmate, you are expected to offer constructive criticism. 
    • All students assigned to a group are expected to fully participate in group assignments. 
    • Groups are asked to communicate to the instructor any issues with a non-participating team member as early as possible.  The instructor will attempt to help mediate the situation.  However:
      • Teams are given the option of "firing" a non-participating member if/when that individual does not pull their weight and attempts to improve the situation have failed.  If that happens, the fired individual will be expected to complete the assignment on their own (if there are multiple firings, the instructor may choose to group the fired individuals together), and will be held to the same deadlines as the rest of the class.

Educational Equity

Penn State takes great pride to foster a diverse and inclusive environment for students, faculty, and staff. Acts of intolerance, discrimination, or harassment due to age, ancestry, color, disability, gender, gender identity, national origin, race, religious belief, sexual orientation, or veteran status are not tolerated and can be reported through Educational Equity via the  Report Bias webpage  ( http://equity.psu.edu/reportbias/ ).

Accommodating Disabilities

In order to receive consideration for reasonable accommodations, you must contact the appropriate disability services office at the campus where you are officially enrolled, participate in an intake interview, and provide documentation:  See documentation guidelines  ( http://equity.psu.edu/sdr/guidelines ). If the documentation supports your request for reasonable accommodations, your campus disability services office will provide you with an accommodation letter. Please share this letter with your instructors and discuss the accommodations with them as early as possible. You must follow this process for every semester that you request accommodations.

Counseling and Psychological Services

Many students at Penn State face personal challenges or have psychological needs that may interfere with their academic progress, social development, or emotional wellbeing. The university offers a variety of confidential services to help you through difficult times, including individual and group counseling, crisis intervention, consultations, online chats, and mental health screenings. These services are provided by staff who welcome all students and embrace a philosophy respectful of clients’ cultural and religious backgrounds, and sensitive to differences in race, ability, gender identity and sexual orientation.

Emergency Notifications

PSUAlert  is available at  https://psualert.psu.edu  PSUAlert is Penn State’s emergency notification system for students, faculty and staff. The system will be used to alert members of Penn State’s campus communities of emergencies, campus closings and other urgent information. Using this portal, students, faculty and staff can choose to receive PSUAlert messages by text message, voice message and e‑mail. We recommend that students enroll in this system.

Copyright Notice

All course materials students receive or to which students have online access are protected by copyright laws. For courses in which they have previously been or are currently enrolled, students may use course materials and make copies for their own use as needed, but unauthorized distribution and/or uploading of materials without the instructor’s express permission is strictly prohibited. Policy AD 40 (Recording of Classroom Activities and Note Taking Services) addresses this issue. Students who engage in the unauthorized distribution of copyrighted materials may be held in violation of the University’s Code of Conduct, and/or liable under Federal and State laws.

Academic Integrity

Penn State and the College of Information Sciences and Technology are committed to maintaining Penn State's policy on Academic Integrity in this and all other courses. We take academic integrity matters seriously and expect you to become a partner to the University/College standards of academic excellence.

For more information, please review these policies and procedures:

While utilizing additional sources outside of this class is encouraged for gaining a better understanding of course concepts, seeking explicit answers for graded assignments from outside sources (e.g. Course Hero, Chegg, tutoring services like tutor.com, etc.) is considered CHEATING and will not be tolerated.  Sanctions range from failure of the assignment or course to dismissal from the University. Additionally, sharing course content without permission is a violation of copyright and may result in university sanctions and/or legal ramifications. Contact your instructor with questions related to this topic.  

University Policies

Review current information regarding various Penn State policies (such as copyright, counseling, psychological services, disability and military accommodations, discrimination, harassment, emergencies, trade names, etc.) on the University Policies page.

Penn State takes great pride to foster a diverse and inclusive environment for students, faculty, and staff. Acts of intolerance, discrimination, or harassment due to age, ancestry, color, disability, gender, gender identity, national origin, race, religious belief, sexual orientation, or veteran status are not tolerated and can be reported through Educational Equity via the Report Bias webpage (http://equity.psu.edu/reportbias/).

Resources

Find extensive information and links to many Penn State and IST resources (including the Penn State libraries, video conferencing tools, technology and software, writing and research help, and much more) on the Resources page.

Technical Requirements

Standard World Campus computer technical specifications are assumed for this course. Please test your computer for requirements. In addition, a webcam and a headset with a microphone are REQUIRED for the course. These may be used for virtual meetings, virtual office hours, interactions with classmates and your instructor, and group presentations - which are all conducted with virtual meeting tools. No special software is required.

Schedule

The following schedule outlines the topics covered in this course, along with the associated time frames, readings, activities, and assignments. All due dates reflect Eastern Time (ET). Specifying the time zone ensures that all students have the same deadlines, regardless of where they live.

Course Summary:

Date Details Due