UMUC: Cyber Security Technology vs Information Assurance

TheCudder

Which seems like the better fit for me? Basically I'm looking to move from IT Support into a techical security role dealing with HBSS and intrusion detection/monitoring within the DoD (contractor or civilian). Both programs are graduate certificates. I'm leaning towards Cyber Security, but I just want to make sure that's the better option of the two.

Certificate in Information Assurance

• UCSP 615 Orientation to Graduate Studies at UMUC (0) (Must complete within first 6 credits of study.)
• INFA 610 Foundations of Information Security and Assurance (3)
• INFA 620 Network and Internet Security (3)
• INFA 630 Intrusion Detection and Intrusion Protection (3)
• INFA 640 Cryptology and Data Protection (3)
• INFA 650 Computer Forensics (3)

or

Cybersecurity Technology

• UCSP 615 Orientation to Graduate Studies at UMUC (0) (Must complete within first 6 credits of study.)
• CSEC 610 Cyberspace and Cybersecurity (6)
• CSEC 630 Prevention and Protection Strategies in Cybersecurity (6)
• CSEC 640 Monitoring, Auditing, Intrusion Detection, Intrusion Prevention, and Penetration Testing (6)

CyberfiSecurity

If you are steering for the Federal Government, then stick with Information Assurance. The term Assurance was adopted by the Government, while private sectors still want to stick with "Information Security or Cyber Security." Some people use interchangeable, but there are big differences. Assurance cover more than security. Assurance job is ensure the information and data are guarantee protection; while Security provides less protection in term of context. Most of the program that register with NSA CNSS prefer to go with Information Assurance. (Source: I learned this from my Ph.D in Information Assurance program). But ultimately, you should get your CISSP instead spending too much more in the School program. Let put this way, I have two Master degrees, but not comparable to my CISSP.

SephStorm

TheCudder wrote: »

Which seems like the better fit for me? Basically I'm looking to move from IT Support into a techical security role dealing with HBSS and intrusion detection/monitoring within the DoD (contractor or civilian).

Forget the degrees, go get your CEH and a GIAC cert. If you have IT experience you can get hired doing HBSS support or IDS monitoring in DoD. Source: Me and my team, few of us have degrees, all have certs and experience. DoD Contractors doing the above.

TheCudder

SephStorm wrote: »

Forget the degrees, go get your CEH and a GIAC cert. If you have IT experience you can get hired doing HBSS support or IDS monitoring in DoD. Source: Me and my team, few of us have degrees, all have certs and experience. DoD Contractors doing the above.

If I'm not mistaking, both CEH and CISSP require a specific amount on experience prior to sitting for the exam.I have no prior experience in the field, which is why I figured a graduate certificate program (or a full masters) would be the best option to get into a Jr. Analyst position.

colemic

EC-Council will be happy to waive the experience requirement if you pay to attend one of their training courses. While the CISSP does have an experience requirement, you are not prohibited from taking the test, and if you pass, you are considered an Associate of ISC(2), which for 8570 purposes is the same thing as having the full certification.

AverageJoe

I've had a lot of experience in DoD and I've been both a hiring authority and part of groups that review candidates and provide hiring recommendations, and from that perspective, both graduate certificates would be equal in my eyes. If all other factors were equal, both would likely have a slight edge over a graduate cert in IT or CompSci or other IS related grad certs if competing for an IA/cybersecurity position, but only a slight edge (and other factors like experience could easily tip that balance).

In DoD, cybersecurity and IA are basically synonyms, and as DoD directives are updated the term IA is being replaced by the word cybersecurity. In fact, DoDI 8500 says: "Adopts the term “cybersecurity” as it is defined in National Security Presidential Directive-54/Homeland Security Presidential Directive-23 (Reference (m)) to be used throughout DoD instead of the term “information assurance (IA).”"

With that in mind, I'd focus on the classes you think you'd enjoy more, but I'd also keep in mind which professional certs you think you'll want in the future and try to find overlap. It's always good to be able to kill several birds with one stone. Just at a quick glance, it seems like the IA grad certificate might have more overlap with the CISSP domains, so if you think you'll want to become a CISSP then that might be a consideration.

Just my 2 cents.

TheCudder

AverageJoe wrote: »

I've had a lot of experience in DoD and I've been both a hiring authority and part of groups that review candidates and provide hiring recommendations, and from that perspective, both graduate certificates would be equal in my eyes. If all other factors were equal, both would likely have a slight edge over a graduate cert in IT or CompSci or other IS related grad certs if competing for an IA/cybersecurity position, but only a slight edge (and other factors like experience could easily tip that balance).

In DoD, cybersecurity and IA are basically synonyms, and as DoD directives are updated the term IA is being replaced by the word cybersecurity. In fact, DoDI 8500 says: "Adopts the term “cybersecurity” as it is defined in National Security Presidential Directive-54/Homeland Security Presidential Directive-23 (Reference (m)) to be used throughout DoD instead of the term “information assurance (IA).”"

With that in mind, I'd focus on the classes you think you'd enjoy more, but I'd also keep in mind which professional certs you think you'll want in the future and try to find overlap. It's always good to be able to kill several birds with one stone. Just at a quick glance, it seems like the IA grad certificate might have more overlap with the CISSP domains, so if you think you'll want to become a CISSP then that might be a consideration.

Just my 2 cents.

Thanks for the great information AvgJoe. Short term, meaning after or during my graduate program, I plan to test for either CASP or SSCP. So CISSP isn't in the plans, at least not for the immediate future. While I'm more interested in the Cyber Security courses, UMUC considers it to be a specialty program, so I don't get the military discount rate of $458 per credit hour, instead each course is the standard $694 per credit hour (6 credit hrs per course). Which really isn't a big deal, I'd be able to use military tuition assistance ($4500 annual cap), Chapter 1607 G.I. bill and my civilian employer's tuition program ($5,000 annual cap) to cover all of the costs --- but I may have less to pocket for fees & books.

The IA program I like, but I just worry about having the term "Information Assurance" on my resume as its phased out & I'm not so thrilled about Computer Forensics & Cryptology. But of course, this program is really the concentration portion of the IT Masters, so its considered a standard program and I would receive the tuition rate of $458 per credit hour

Raisin

I'd consider taking the CISSP first, then you can use those classes for your continuing education requirements.

Malita215

wrote:

The IA program I like, but I just worry about having the term "Information Assurance" on my resume as its phased out & I'm not so thrilled about Computer Forensics & Cryptology. But of course, this program is really the concentration portion of the IT Masters, so its considered a standard program and I would receive the tuition rate of $458 per credit hour

I'm in the MSIA program at Capital College and Im enjoying every bit of it. You mentioned that you're not too thrilled about Computer Forensics and Cryptography but its actually fun (I'm taken both of those classes as we speak). For Cryptography, you get to learn all the different types (i.e, Caesar Brute Force, Monoalphabetic Lab-Frequency Analysis, GPG, Steganography) and its really cool and not boring. Especially for someone that had no prior experience. With my Computer Forensics class, we will be using "FTK Imager" and Encase labs (coming up). And at the end of the Computer Forensics class, we have the opportunity to take the AccessData exam for free.

If I were you, I wouldn't rule out the IA program.

TheCudder

Thanks for all of the help and answers guys, I tihnk I'm going to proceed with the Information Assurance graduate certificate and move into SSCP or CASP from there.

nmanning596

Good Evening,

Thank you for allowing me to post on this blog. I'm actually taking CSEC 610 at UMUC starting in February, and I have all of the textbooks, but the syllabus naturally won't be posted until early February. Has anyone taken this course, and if so is there a good starting point for me to get ahead in the readings. If anyone can help, please let me know.

Thank you,

Nick

Burnsie

Nick,

While the syllabus won't be available through LEO until you start the class, all syllabi are posted in the course catalog for the entire semester. You can find your class here:

Schedule of Classes

B