Cybersecurity Engineering

MODULE

ECTS CREDITS

CONTENTS

1. Common Core Knowledge Module

18

This module includes the subjects common to all the degrees that can be taken at the URJC.

2. Branch basics module

42

Here the basic training subjects for the degrees of the Engineering branch are grouped, in which this degree is framed.

3. Mandatory knowledge module

144

This module includes the subjects that make up the main body of the degree.

4. Optional knowledge module

0

Here are subjects that complement the student's training, allowing him to achieve a certain degree of specialization in the chosen subjects.

5. External internship module

15

The student will carry out internships in companies or institutions in which they will develop activities that will complement their training.

6. Academic credit recognition module

6

This module is passed through the participation of the student in sports university activities, student representation, solidarity and cooperation.

7. Final Degree Project Module

15

As the last subject, the student will carry out a Final Degree Project in which they will put into practice the skills acquired throughout the degree.

RAW MATERIAL

ECTS CREDITS (MANDATORY / OPTIONAL)

1.1. Humanities and cybersecurity

6 / 0

1.2. Basic Legal Principles: Professional Ethics and Equality

6 / 0

1.3. Language

6 / 0

2.1. Company

6 / 0

2.2. Physics

6 / 0

2.3. Math

18 / 0

2.4 Computing

6 / 0

2.5. Statistics

6 / 0

3.1. Technological foundations of cybersecurity

33 / 0

3.2. Information and communications security

36 / 0

3.3. Development and Secure Software

24 / 0

3.4. Cyber ​​attacks and countermeasures

30 / 0

3.5. Security Audit and Governance

21 / 0

Custom code

Description

CG1.

Ability to solve problems with initiative, good decision-making, autonomy and creativity.

CG2.

Ability to know how to communicate and transmit, both orally and in writing, knowledge, skills and abilities.

CG3.

Ability to conceive, draft, organize, plan, develop and sign documents that aim to define, plan, specify, summarize projects and plans in the field of cybersecurity.

CG4.

Ability to direct and lead the activities that are the object of projects in the field of information technology and cybersecurity, understanding the quality criteria that govern said research and professional activities.

CG5.

Knowledge of basic subjects and technologies, which enable them to learn and develop new methods and technologies, as well as those that give them great versatility to adapt to new situations.

CG6.

Ability to know, understand and apply the legislation and code of ethics necessary for professional work in the cybersecurity sector.

CG7.

Ability to evaluate and ensure the confidentiality, integrity and availability of technological assets.

CG8.

Ability to define, evaluate and select countermeasures for the protection of technological assets, understanding the peculiarities of the different contexts in which they must be deployed.

CG9.

Knowledge and application of basic elements of economics and human resource management, project organization and planning, as well as legislation, regulation and standardization in the cybersecurity sector.

CG10.

Ability to work in multidisciplinary groups in the field of cybersecurity, being able to communicate, direct and understand the needs of other team members with different profiles.

CG11.

Knowledge to carry out measurements, calculations, appraisals, appraisals, expert reports, studies, reports, task planning and other similar work.

CG12.

Ability to analyze and assess the social and environmental impact of technical solutions, understanding the ethical and professional responsibility of activity in the field of cybersecurity.

CG13.

Ability to conceive, develop, implement and maintain computer systems, services and applications using engineering methods as an instrument for quality assurance.

CG14.

Knowledge and understanding of an area of ​​study that builds on the foundation of general secondary education and is usually found at a level that, while supported by advanced textbooks, also includes some aspects involving knowledge from the forefront of their field of study.

CG15.

Ability to apply knowledge to their work or vocation in a professional manner. Ability to develop and defend arguments and solve problems within their area of ​​study.

CG16.

Ability to gather and interpret relevant data (normally within their area of ​​study) to make judgments that include a reflection on relevant issues of a social, scientific or ethical nature.

CG17.

Ability to transmit information, ideas, problems and solutions to both specialized and non-specialized audiences.

CG18.

Ability to apply the acquired learning skills necessary to undertake further studies with a high degree of autonomy.

Custom code

Description

CE1.

Understand the basic concepts of linear algebra, differential and integral calculus, statistical methods and numerical methods that allow solving mathematical problems that may arise in the field of cybersecurity.

CE2.

Know the fundamentals of discrete mathematics, logic, algorithms and computational complexity and know how to apply them in solving engineering problems.

CE3.

Know the concept, institutional and legal framework, organization and management of the company, and especially those that operate in the cybersecurity sector.

CE4.

Know and understand the structure, organization, operation and interconnection of computer systems, the fundamentals of their programming and their application to solve cybersecurity problems.

CE5.

Design and implement applications and systems aimed at automatically extracting information and knowledge from large volumes of data with adequate levels of security.

CE6.

Know and apply the basic algorithmic procedures of computer technologies to design solutions to problems, analyzing the suitability and complexity of the proposed algorithms.

CE7.

Understand, design and efficiently use the most appropriate data types and structures to solve a problem.

CE8.

Analyze, design, develop, maintain and deploy applications safely and efficiently, choosing the most appropriate paradigm, methodology and programming languages ​​for each context.

CE9.

Know, understand and evaluate the structure and architecture of computers, as well as the basic components that make them up, being able to analyze their influence on the security of computer systems.

CE10.

Know, understand and evaluate the characteristics, functionalities and structure of operating systems, being able to analyze their influence on the security of computer systems.

CE11.

Design, develop and deploy applications considering the characteristics, functionalities and structure of the Internet and the risks that these pose for cybersecurity.

CE12.

Know and apply the characteristics, functionalities and structure of information systems (including databases and those based on web services), which allow an adequate design and use of applications based on them that are secure. 

CE13.

Understand and analyze the implications for security of developing, deploying and using applications and services based on network technologies, including: Internet, web, electronic commerce, multimedia, interactive services, social networks, mobile computing, Internet of things. 

CE14.

Understand and be able to put into practice the principles, methodologies and life cycles of software engineering, especially those models preferably used for the development of secure software.

CE15.

Analyze, design and build intelligent and autonomous systems for cybersecurity that perceive their environment and act rationally according to the assigned task.

CE16.

Know the concept of cybersecurity and its fundamental pillars and implications in a globalized, technological and connected context such as the current one.

CE17.

Know, understand and apply cybersecurity architectures and models.

CE18.

Being able to manage the human factor in cybersecurity by defining appropriate policies and procedures for each context.

CE19.

Understand the most important public key and private key cryptographic algorithms and know their applications in cybersecurity.

CE20.

Analyze the stages or steps that attackers follow to build their attacks so that the most serious and important attack patterns can be understood and carried out in offensive security environments.

CE21.

Analyze and quantify the risk of a certain asset, assess its vulnerabilities and identify the potential impacts of a cyber attack, calibrating its criticality.

CE22.

Know the national and international legislation that applies to cybersecurity and its professionals, as well as understand the concept of cybercrime, its business model and its implications.

CE23.

Design, deploy, configure and manage solutions that protect the perimeter of a network, segment it and prevent/detect intrusions in it.

CE24.

Design, deploy, configure and manage solutions that protect data at rest and in transit (communications).

CE25.

Design, deploy, configure and manage adequate mechanisms for the management of digital identities (identification, authentication, authorization and auditing or IAAA)

CE26.

Know the different types of malware based on their infection vector, propagation, replication and protection mechanisms, their objectives, etc.

CE27.

Analyze malware, draw conclusions about its operation and be able to design, deploy, configure and manage solutions that protect against this malware.

CE28.

Design, deploy, configure, and manage facility physical security solutions

CE29.

Design, deploy, evaluate and improve incident response and business continuity plans

CE30.

Guarantee availability, fault tolerance and/or resilience up to the appropriate levels for each context

CE31.

Collect and analyze digital evidence to draw post-incident conclusions and perform forensic analysis.

CE32.

Define and implement security master plans, being able to prioritize the initiatives and projects included in these plans.

CE33.

Establish security controls that guarantee the appropriate levels of maturity and security in each context.

CE34.

Choose the most appropriate type of audit for each context, be able to choose or develop the most appropriate tools to carry it out and analyze the results obtaining relevant conclusions.

CE35.

Understand the concept of critical infrastructure, analyze the specific risks they may suffer and be able to deploy the appropriate countermeasures to manage them properly and taking into account current legislation.

CE36

Understanding and command of the basic concepts of fields and waves and electromagnetism, electric circuit theory, electronic circuits, the physical principle of semiconductors and logic families, electronic and photonic devices, and their application to solve engineering problems.

CE37

Understand and analyze the challenges and repercussions that the different cyber threats represent for National Security