SCIA 120 Presentations¶
Magazine-style, tech-dark HTML presentations generated from the SCIA 120 reading materials. Each weekly presentation has 30 slides, card-based key points, topic-related cybersecurity backgrounds, and slide-specific SVG line-art concept visuals.
Author shown on each cover page: Dr. Zhijiang Chen (Frostburg State University).
Weekly Presentation Index¶
Week 01: Introduction to Information Security and Information Assurance
Gamma-inspired Week 1 deck: concise module structure, clear definitions, actionable controls, practical scenarios, and visual metaphors for CIA, DAD, risk, controls, and evidence.
Week 02: Physical Security
The principle is straightforward: physical access to a system is, for most practical purposes, equivalent to total control over that system. An attacker with physical access to a running computer can extract data from memory, bypass operating system access controls with a bootable USB drive, install hardware keyloggers, or simply steal the device. Dataβ¦
Week 03: Social Engineering
Social engineering in a security context refers to any technique that uses psychological manipulation β rather than technical exploitation β to gain unauthorized access to systems, data, or physical spaces. The social engineer's targets are people, not machines. Their tools are trust, deception, urgency, and authority. Social engineer Kevin Mitnick, one ofβ¦
Week 04: Operating System Security Fundamentals
An operating system is not a monolithic block of code. Modern OS design separates the software into distinct layers with carefully defined trust boundaries.
Week 05: Malware β Types, Analysis, and Defense
Malware (a portmanteau of malicious software ) refers to any software intentionally designed to cause harm to a computer system, network, or user. This broad definition encompasses an enormous variety of programs with different mechanisms, objectives, and behaviors. What unites them is intent: malware is designed by adversaries to do something the system'sβ¦
Week 06: Cryptography Fundamentals
Cryptography is among the oldest disciplines in the long history of human secrecy and communication. At its core, cryptography is the science and art of transforming information into an unintelligible form so that only authorized parties can read it. The word itself comes from the Greek kryptos (hidden) and graphia (writing). What began as simple letterβ¦
Week 07: Network Security Fundamentals
Networks are the arteries of modern computing: nearly every piece of software of consequence communicates over a network, and nearly every organization's most sensitive data flows across one. The internet, as the world's largest and most open network, is simultaneously its most powerful communications medium and its largest attack surface. Understanding howβ¦
Week 08: Internet Security
The internet was not designed with security in mind. Its foundational protocols β TCP/IP, HTTP, DNS, SMTP β were developed in an era when the network's user base was small, relatively trusted, and primarily academic. The explosive growth of the internet into a global infrastructure carrying financial transactions, medical records, political communications,β¦
Week 09: Secure Programming
Software is the attack surface. Every application that runs on a network, every operating system, every firmware image represents a body of code that was written by human beings who made decisions under the pressures of deadlines, incomplete requirements, and imperfect understanding. Those decisions β some deliberate, many inadvertent β producedβ¦
Week 10: Security Models and Security Policies
Building a secure system requires more than technical controls β it requires a coherent theoretical foundation that defines what security means for a given system, who is allowed to do what to which resources, and how organizational commitments to security are expressed and enforced. This is the domain of security models and security policies. Securityβ¦
Week 11: Authentication and Access Control
Every secure computing system ultimately depends on one foundational question: who are you, and what are you allowed to do? Authentication and access control are the mechanisms that answer these questions, forming the first line of defense against unauthorized use of systems, data, and resources. In this chapter, we examine the principles, technologies, andβ¦
Week 12: Distributed Applications Security
Modern software rarely runs on a single machine. Today's applications are sprawling ecosystems: dozens or hundreds of cooperating services hosted across multiple data centers and cloud regions, communicating over networks, serving millions of concurrent users, and integrating with third-party APIs. This distributed architecture enables scalability,β¦
Week 13: Cloud Computing Security
Cloud computing has fundamentally transformed how organizations build, deploy, and manage information systems. What once required months of procurement, physical hardware installation, and data center operations now takes minutes β and can be provisioned, scaled, or decommissioned through an API call or a web console. Amazon Web Services (AWS), Microsoftβ¦
Week 14: Security Practices, Risk Management, and Compliance
Security technology alone cannot protect an organization. Firewalls can be misconfigured. Antivirus can miss novel malware. Encryption protects data at rest but not the application that decrypts it. The gap between having security tools and actually being secure is bridged by security practices β the organizational processes, methodologies, governanceβ¦
Week 15: Emerging Threats and the Future of Cybersecurity
In the preceding fourteen chapters, we have built a comprehensive foundation: from the principles of confidentiality, integrity, and availability, through cryptography, networking, operating system security, application vulnerabilities, identity management, cloud security, and risk management. This final chapter looks forward β examining how the threatβ¦