Education

Virginia Tech

May 2024

B.S. in Business Information Technology

Concentration: Cybersecurity Management and Analytics

Verify

Program Overview

The Cybersecurity Management and Analytics program at Virginia Tech is part of the Business Information Technology (BIT) department within the Pamplin College of Business. This program emphasizes the application of business analytics and cybersecurity management strategies to protect business systems and data. Students develop expertise in areas such as cyber risk management, data privacy, and policy compliance. The program provides practical experience in addressing real-world cybersecurity challenges. Graduates of this program are prepared to secure IT systems and use data-driven methods to safeguard business assets and customer information.

Key Areas of Focus:

  • Cybersecurity risk assessment and mitigation
  • Business data analytics for cyber defense
  • Incident response and cyber policy compliance

Favorite Courses

Penetration Testing/Ethical Hacking

Dr. Anthony Vance

Course Description

This class focused on building competence in penetration testing for business. This course taught principles of ethical hacking, such as system reconnaissance, enumeration, vulnerability scanning, and exploitation. I learned how to find and exploit vulnerabilities in web applications, operating systems, wireless networks, as well as perform social engineering and physical security assessments. I also learned to write reports for managerial audiences.

Skills and Techniques Learned

Threat Modeling

Risk assessments

Passive and Active Reconnaissance

Exploitation and Post-Exploitation

Password Cracking

Social Engineering

SQL Injection

Cross-Site Scripting

Wireless Security

Technical Report Writing

Labs and In-class Activities

Lab: Password Cracking
hydra, hashcat, rockyou, hashcat rules, cewl wordlists
Security-Assignments.com

Tools: THC Hydra and Hashcat

Lab: Vulnerability Scanning
exploration via nmap and nessus
Security-Assignments.com

Tools: NMAP and Nessus

Lab: Social Engineering
Only amateurs attack machines; professionals target people.
Security-Assignments.com

Tools: MSFVenom and SET (Social Engineering Toolkit)

Activity: Amass passive reconnaissance activity
A hands-on activity exploring passive domain reconnaissance with Amass
Security-Assignments.com

Tools: Amass

Activity: Google Hacking
A hands-on activity exploring Google hacking
Security-Assignments.com

Tools: Google

Activity: SQL Injection
A hands-on activity exploring SQLi with DVWA
Security-Assignments.com

SQLMap

Why I liked this course

Dr. Anthony Vance did a great job at providing hands-on learning in an environment that promoted curiosity and pushing limits. Myself and the other students were given the opportunity to watch live pentesting techniques and then immediately apply that knowledge in interactive lab settings. We covered everything from initial reconnaissance, to exploitation, to writing a technical report tailored for readability to non-technical audiences. In addition to the invaluable education, Dr. Vance fostered a classroom which made a fun subject actually fun to learn about every day.