Master’s Degree in Cybersecurity

This course includes a study of criminal law as it applies to infractions where digital goods or services are used as a means or an end. Students will learn to identify and report these types of infractions and follow the appropriate procedures. They will also explore legislation related to digital goods and services, focusing on key areas such as industrial and intellectual property, data protection, and market regulations.
The course provides an integrated perspective on the legal dimensions and institutional legal framework surrounding digital security. Students will learn to analyze and propose a variety of strategies in this context.

Students will study methodologies for the proactive management of occupational risks associated with the development, implementation, and launch of digital initiatives. There will be a special focus on the software industry, which is particularly relevant in this field. Students will learn how to identify problems related to IT security systems management, audit plan design, IT security implementation, the level of compliance with security rules, cloud security, and proactive security plan design.

This course encompasses information recovery, data acquisition, forensic analysis methodology, data investigation, process documentation, information recovery tools, response strategies, disaster protection, file system redundancy, and advanced archiving systems.
Students will gain technical and legal knowledge for the forensic analysis of ICT systems, including its practical applications in generating expert reports. They will also learn how to understand and organize their own information, and how to equip themselves with the tools needed for the different types of analysis they may come across. Students will also analyze incident responses, including the key elements in an efficient and effective response, as well as the roles, responsibilities, and steps for implementation.

This course focuses on server administration, including an advanced study of memory systems and their protection mechanisms, kernel space, process monitoring, intrusion detection for file systems, disk quotas, user monitoring, permission administration, operating system policies for organizations, disk administration, and denial-of-service attacks. It also familiarizes students with the actions they can take to protect both web applications as well as mobile apps for smartphones, tablets, and laptops.

This course covers advanced TCP/IP networking, network attacks, denial-of-service attacks, traffic monitoring, demilitarized zones, advanced firewall systems, virtual private networks, remote security systems, TLS/SSL, IPSec, intrusion detection systems, distributed attack detection, proactive protection measures, and network vulnerability analysis. Students will learn how to conduct intelligent threat analysis, from security event collection and information processing to mitigation and anticipation techniques.

This course explores memory systems, vulnerability types, application hardening, buffer overload prevention, chain attack prevention, race conditions, error generation, least-privilege policies, backdoors, rootkits, authentication, and access control.
Students will study the benefits of software security and its importance in overall system security. Key topics include properties of secure software, attacks that require responses, and secure software development methodologies. They will also analyze audit plans, technical and certification audits, audit classifications, information security audits, documentation, auditing tools and methodology, ISO 27000, and a comparative study of audits.

This course encompasses security flaws, memory management, memory protection mechanisms, user and system space, local and remote exploits, basic alterations, memory exploits, shellcodes, and privilege levels. It also covers integer, buffer, and heap overflows, code injection, and executable protection. Additionally, students will study key recommendations for software development and analytical techniques, along with malware redesign and how it can be applied to malware analysis to understand malicious code.

This course explores the fundamentals of mathematics and how they apply to cryptographic systems. This includes classical, password-based, and public-key cryptography, hybrid cryptographic systems, cryptographic hashing and HMAC summary functions, message authentication, digital signatures, secure cryptographic protocols, secure information transmission, cryptographic analysis, dictionary attacks, and brute-force attacks.
The course gives students a comprehensive understanding of the most advanced aspects of network security, covering key topics for effective network protection from an information security point of view. Students will also learn techniques for the different types of operating systems and the most secure modern cryptography systems, which underpin the security infrastructure for all critical internet systems.

This course covers the main methods of personal identification that exist today, starting with digital identification and smart cards. Later in the course, students will study biometric recognition, combining both concepts to emphasize how these types of identification technologies are used.
First, students will explore digital identification technologies, including smart cards, to build on what they learned in previous courses. The second topic will focus on biometric recognition, which is currently one of the main solutions for linking a person with their identity. Students will learn the main methods of biometric identification and their uses (historically and in the present day), paying special attention to those that are most prevalent worldwide.
This course also addresses the use of technology in SSI (self-sovereign identity).

Mobile and virtual network security fundamentals are of critical importance for modern IT departments, who are navigating a new paradigm of corporate security administration that goes beyond traditional server and desktop protection.
Since the arrival of BYOD (bring your own device), mobile networks have become more open and permeable than ever, forming a new ecosystem of devices connected to a corporate network. Meanwhile, virtualization complicates traditional policies by introducing a new layer of abstraction between hardware and software.
This course covers the essential tools and working principles for understanding and addressing these challenges. It also analyzes key technological considerations related to these new technologies and outlines the strategies needed to build a secure mobile and virtual environment.

This course encompasses the creation, design, and public defense of a theoretical or practical cybersecurity case. Students must demonstrate their knowledge and skills using one or more of the following methods:
Exhaustive analysis of complex information systems where security is critical for proper functioning.
Identification of possible threats, vulnerabilities, and unsecured elements, both internal and external.
It can be theoretical, administrative, legal, or any combination of these.
Detailed analysis of threats, vulnerabilities, and unsecured elements, used to generate a report with possible solutions and recommendations for improving the system from an IT perspective.
Presentation of an implementation plan for the previously defined solutions.