The ACES Minor features a 16 credit customizable curriculum including experiential learning. All ACES Minor students must complete a minimum of 16 credits to earn the ACES Minor.

Foundation Courses (1-5 credits)

Students must complete foundation courses before they are eligible to enroll in experiential learning courses.

Required if did not complete ACES LLP AND have not taken CMSC216

(Offered in Spring) This course introduces students to the technical foundations of cybersecurity through discussion, practice in statistics, and lessons in UNIX.

Prerequisite: HACS201 or CMSC216

(Offered in Fall) The group project in this course will combine technical, analytical, and communication skills, further engaging students in the practice of cybersecurity as they complete a team project designing, deploying, and collecting and analyzing data from a honeypot.

All ACES Minor students must take at least 1 credit of HACS 318

(Offered in Spring) This course includes opportunities to interact with industry leaders in the cybersecurity field through guest lectures, field trips, and special topic presentations. Topics include cybersecurity threats, entrepreneurship, and innovation in cybersecurity, and cybersecurity policy.

Electives (9-12 credits)

Choose at least three of the following 400-level courses:

HACS408 Advanced Seminar in Cybersecurity (3 credits)

The Advanced Seminars in Cybersecurity explore various topics within the cybersecurity field.

(Offered in Spring) This course is designed to prepare students to participate in culturally responsible and environmentally-appropriate communication in the work force. Students will explore the industry standards for writing technical reports, as well as the variances between persuasive, team, written, and oral communication styles. 

(Offered in Fall) This course will introduce students to the tools and techniques required to analyze the security properties of various systems. Topics covered will include assembly language, executable file formats, operating system intervals, and the static/dynamic analysis of compiled binaries. Students will apply these concepts to real-world scenarios like malware analysis and vulnerability analysis with interactive labs, at-home assignments, and a final project. 

(Offered in Fall) This advanced digital forensics course will aim to build an in-depth understanding of industry standard techniques to recover and analyze forensic data from multiple environments and devices to characterize and track malicious user activity. Topics include memory forensics, file system analysis, malware detection, timeline analysis, and detection and analysis of execution artifacts. These topics are presented in a lab-centric course using commercial forensics and open source tools.

(Offered in Fall) An exploration of cyber risk management and present-day cyber threats, their impacts, and their mitigations. Students will take a multi-disciplinary approach to understanding cyber threats and risks including the technical, policy, and social aspects. This course is guided by real-world case studies.

(Offered in Fall) This course for ACES Minor students is an introduction to the security implications of interrelated computing devices known as Internet of Things (IoT) and Cyber Physical Systems (CPS). Topics include but are not limited to, secure application development for IoT/CPS, IoT/CPS environment types, IoT/CPS threat categories, security services, distributed application architectures, activity privacy, and intrusion detection/prevention. Students will participate in a semester long group project involving significant research, design, and implementation. Students should have taken CMSC216 in order to be successful in this course.

(Offered in Spring) This course aims to build an in-depth understanding of project management methodologies for IT professionals. The course explores the applications of Project Management Institute (PMI) and industry standards for managing technical projects. Topics include an overview of PMI standards and project management, various roles in managing technical projects, work breakdown structures, security considerations, risk assessment, testing, and implementation. The students will have an opportunity to learn project management by applying these topics in a real world project scenario. 

(Offered in Spring) This course will be a rigorous hands-on, technically challenging experience to prepare students for real-world work in penetration testing and offensive security. Students will gain proficiency and become comfortable using the tools, techniques, and methodologies that represent the state of the art in penetration testing today. Students should be very comfortable on the command line, and a technical exposure to networking and proficiency in some scripting language (Bash, Ruby, Python) is expected.

(Offered in Spring) This course focuses on exploring and analyzing cybersecurity-related data. Data visualization is useful for quickly and easily viewing and identifying features of interest during data exploration, as well as highlighting key aspects when communicating results of data analysis. Understanding the context and interpretation of different sources and types of cybersecurity data commonly available is an important component to performing meaningful data analysis and can help guide the selection of analysis methods useful for extracting information from the data.

Students may also substitute two courses or up to 6 credits from the following 400-level courses: CCJS418B, CMSC412, CMSC414, CMSC417, CMSC/MATH456, CMSC498R, CMSC498Y, BUDT758D, ENEE447, ENEE457, ENEE459B, ENEE459E, ENME442, MLAW358E, INST464, and INST467.

Experiential Learning Requirements

Students will complete 3 credits of experiential learning from research. Please note that students must complete foundation courses before they are eligible to enroll in experiential learning courses.

Students are required to engage in research in order to gain greater insight into a specific area within cybersecurity, obtain an appreciation for the subtleties and difficulties associated with the production of knowledge and fundamental new applications, and to prepare for graduate school and/or the workforce.

(Offered in Spring) Cybersecurity experience is defined as an experiential learning activity either with a University of Maryland entity or with an external organization that will provide valuable, hands-on experience to supplement the knowledge learned in other ACES coursework. This course is intended to help you reflect on your cybersecurity experience and to learn from others’ cybersecurity experiences. It is also intended to help you gain professional skills that will aid you in your career. To be eligible to take HACS497 you need 135 completed hours of cybersecurity-related practical experience. You cannot take HACS497 if you've already taken HACS297 as a part of the ACES Living Learning Program. 

Students may receive HASC498 credit for participation on a team project offered by one of the ACES corporate partners. Each participant will work in a small group over the course of one semester working to complete mid-semester and final reports to be submitted for review by the ACES leadership team.