BSc IN CYBERSECURITY: COMPREHENSIVE CURRICULUM—FOUR-YEAR PROGRAMME (DRAFT)
Table of Contents
1. Background and Justification: Addressing Sierra Leone's Cybersecurity Skills Gap
As Sierra Leone accelerates its journey towards a robust digital economy, the nation confronts a parallel rise in sophisticated cyber threats that endanger its governmental, economic, and social infrastructures. The "Assessment of Cybersecurity Skills & Workforce Readiness in Sierra Leone" report, prepared in collaboration with the World Bank, paints a clear picture: a significant and urgent skills gap exists, characterized by a shortage of qualified professionals, underdeveloped educational pathways, and a low level of cybersecurity awareness across all sectors. The report highlights that while the government has shown commitment through its National Cybersecurity Strategy 2021-2025, the country's capacity to defend its digital assets remains in a nascent stage, heavily reliant on international expertise to fill critical roles.
Key findings from the assessment that directly inform the design of this curriculum include:
Workforce and Skills Shortages
The report identifies a "severe shortage of qualified cybersecurity professionals," with organizations across public and private sectors struggling to fill key roles. This has led to a high dependency on international hires and significant operational risks.
Educational and Training Gaps
Cybersecurity education is described as "underdeveloped," with limited integration into academic curricula at all levels. The report notes a lack of specific cybersecurity modules, courses, or degrees, resulting in a workforce ill-prepared for modern threats.
Low Cybersecurity Awareness
A low level of cybersecurity awareness across sectors contributes to the nation's vulnerability. This underscores the need for education that extends beyond technical training to include policy, governance, and public awareness principles.
In direct response to this national imperative, the Bachelor of Science (BSc) in Cybersecurity is meticulously designed to cultivate the next generation of cyber defenders. This program is not merely an academic exercise; it is a strategic intervention aimed at building sovereign capability and resilience. It offers a unique and comprehensive curriculum that blends deep technical proficiency with practical, hands-on application and a strategic understanding of governance and policy. By aligning with globally recognized frameworks such as the NICE Workforce Framework for Cybersecurity and the ACM Cybersecurity Curricula (CSEC2017) guidelines, the program ensures graduates are equipped with skills that are both internationally relevant and precisely tailored to the specific threat landscape and workforce needs of Sierra Leone's public and private sectors.
Figure 1: Perceived Threat Vectors in Sierra Leone. Data sourced from the "Assessment of Cybersecurity Skills & Workforce Readiness in Sierra Leone". This chart illustrates the pressing need for a skilled workforce capable of addressing a diverse range of threats, with malware and insider threats being the most significant.
2. Program Aim, Mission, and Vision
Program Aim
The primary aim of the BSc in Cybersecurity program is to produce a new generation of highly skilled, ethically grounded, and industry-ready cybersecurity professionals. The program is designed to directly address the critical skills gap identified in Sierra Leone's national cybersecurity assessments by providing a comprehensive education that integrates deep technical knowledge with practical, hands-on experience and a strong understanding of policy, governance, and legal frameworks.
Mission Statement
Our mission is to build Sierra Leone's sovereign cybersecurity capability by delivering a world-class, interdisciplinary education that empowers students to protect the nation's digital infrastructure, defend against emerging cyber threats, and contribute to a secure and resilient digital economy. We are committed to fostering a culture of innovation, ethical responsibility, and continuous learning to meet the evolving demands of the global cybersecurity landscape.
Vision Statement
Our vision is to establish the University of Sierra Leone as a center of excellence for cybersecurity education in West Africa, producing graduates who are not only technical experts but also strategic leaders capable of shaping national and regional cybersecurity policy. We envision a future where Sierra Leone is a hub of cybersecurity talent, driving innovation, and contributing to a safer and more secure digital world for all.
Guiding Principles
The program is guided by the following core principles:
Practical Application
Emphasize hands-on, experiential learning through labs, simulations, and real-world projects to ensure graduates are job-ready.
Industry Alignment
Continuously align the curriculum with industry standards, best practices, and globally recognized certifications to enhance employability.
Ethical Foundation
Instill a strong sense of professional ethics and social responsibility in all aspects of cybersecurity.
Interdisciplinary Approach
Integrate technical, legal, policy, and management perspectives to produce well-rounded professionals capable of addressing complex challenges.
Local Context, Global Outlook
Tailor content to address Sierra Leone's specific cybersecurity needs while maintaining a global perspective to ensure graduates are competitive in the international job market.
3. Program Structure and Philosophy
Educational Philosophy
The educational philosophy of this program is rooted in the belief that effective cybersecurity professionals are built, not just taught. We blend rigorous academic theory with intensive, practical application. Our approach moves beyond traditional lecture-based instruction to create an immersive learning environment where students actively engage with real-world problems. We believe that a deep understanding of cybersecurity comes from not only knowing the "what" and "why" but also mastering the "how."
Pedagogical Approach
Our teaching methodology is centered on active, student-led learning. Key pedagogical approaches include:
Project-Based Learning (PBL)
Students work on long-term projects that require them to solve complex, real-world problems, integrating knowledge from multiple courses.
Hands-on Labs and Simulations
Every technical course is supported by extensive lab work in a secure, virtualized environment, allowing students to practice skills safely and effectively.
Case Study Analysis
We use real-world case studies, including those from Sierra Leone and the broader African context, to analyze attack vectors, incident responses, and policy implications.
Flipped Classroom Model
For certain topics, students will engage with theoretical content before class, reserving in-class time for interactive problem-solving, discussions, and collaborative work.
Progressive Competency Building
The curriculum is intentionally sequenced to build competencies progressively over four years:
Year 1: Foundation
Establishes a strong foundation in core computing, networking, programming, and mathematics, alongside an introduction to cybersecurity principles and ethics.
Year 2: Core Technical Competencies
Focuses on core technical competencies, including operating systems security, defensive programming, network security, and digital forensics fundamentals.
Year 3: Advanced Specialization
Delves into advanced specializations such as penetration testing, malware analysis, cryptography, and incident response, preparing students for specialized technical roles.
Year 4: Strategic Leadership
Culminates in strategic and leadership-focused courses, a comprehensive capstone project, and a mandatory industry internship, ensuring graduates are prepared for professional practice.
4. Degree Requirements and Course Map
Graduation Requirements
To be awarded the BSc in Cybersecurity, a student must successfully complete a minimum of 120 credit hours, distributed across foundational, core, specialized, and professional courses.
In addition to coursework, graduation is contingent upon:
  • Successful completion of the two-semester "Capstone Project (CAP 401 & CAP 402)".
  • Successful completion of the mandatory, full-time "Industry Internship (INTERN 401)" in the final semester.
  • Maintaining a minimum cumulative grade point average (CGPA) as stipulated by the university's academic regulations.
The curriculum is designed with a balanced approach, ensuring students develop a holistic skill set. The credit hour distribution emphasizes a strong practical component:
40%
Theoretical Knowledge
Lectures
45%
Practical Application
Labs & Projects
15%
Professional Skills
Communication, Ethics, Management
Curriculum Map
The following table provides a visual map of the curriculum, illustrating the progression of courses and their relationships across the four-year program
Admission Requirements
Admission into the BSc in Cybersecurity program at the University of Sierra Leone is competitive and designed to identify candidates with the aptitude and dedication to succeed in this demanding field. The following criteria apply to all prospective students.
General Entry Requirements
The standard academic requirements for admission are as follows:
Applicants must possess a minimum of five (5) credits in the West African Senior School Certificate Examination (WASSCE) or the General Certificate of Education (GCE) 'O' Level.
These five credits must be obtained in no more than two sittings.
Compulsory subjects within these credits must include Mathematics and English Language, each with a grade of C6 or better.
Information and Communications Technology (ICT) is strongly recommended and is considered a relevant subject that strengthens an application. Other relevant subjects include Physics, Chemistry, and Further Mathematics.
Mature Learner / Adult Entry Pathway
The University recognizes that valuable learning and expertise can be gained outside of traditional academic pathways. Therefore, a special entry route is available for mature applicants who may not meet the standard academic requirements but can demonstrate significant professional experience.
Eligibility
Applicants must be at least 25 years of age and provide evidence of at least four (4) years of continuous and verifiable work experience in the Information and Communications Technology (ICT) sector.
Assessment Process
Candidates applying through this pathway will be subject to a rigorous assessment process, which may include:
  • Portfolio Review: Submission of a portfolio detailing work experience, projects undertaken, and any informal training or certifications.
  • Entrance Examination: A specialized examination designed to assess foundational knowledge in ICT, logic, and problem-solving.
  • Interview: A formal interview with the admissions panel to discuss the applicant's experience, motivation, and suitability for the program.
Credit Exemption and Transfer
Applicants with prior tertiary-level qualifications may be eligible for exemptions from certain courses, allowing for advanced standing in the program.
Eligibility
Applicants holding a valid Ordinary National Diploma (OND), Higher National Diploma (HND) plus certification pathways, or equivalent of only professional certifications in relevant fields (e.g., Computer Science, Information Technology, Network Engineering) from a recognized international institution.
5. Diploma & Certifications Path
Diploma Pathways
  • Ordinary National Diploma (OND) & CompTIA IFT+ & CompTIA A+
  • Higher National Diploma (HND) & CompTIA IFT+
Certifications Only Path
  • CompTIA IFT+ & CompTIA A+ & CompTIA Network+
  • CompTIA A+ & CompTIA Security+
  • CompTIA A+ & Cisco CCNA
Evaluation
All requests for credit exemption will be evaluated on a case-by-case basis by the University Admissions Committee in consultation with the Department of Cybersecurity. A thorough mapping of the applicant's prior coursework against the BSc curriculum will be conducted.
Limitation
A maximum of 30% of the total program credits may be waived through this mechanism.
Diploma Holders
The program explicitly welcomes applications from individuals who have completed relevant diploma programs.
Eligibility
Students who have successfully completed a Diploma in ICT, Computer Science, or a closely related field from a university or other accredited tertiary institution are eligible to apply.
Requirement
Applicants must have obtained a minimum cumulative grade point average (CGPA) as specified by the University's transfer policy.
Admission Level
Successful applicants may be admitted directly into the second year (Year 2) of the program, subject to the evaluation of their diploma curriculum.
6. Detailed Course Descriptions
The following section provides a detailed breakdown of each course within the BSc in Cybersecurity program. Each description includes the course's objectives, a weekly topic outline, examples of practical exercises, key technologies used, and alignment with professional certifications to ensure a curriculum that is both academically rigorous and intensely practical.
Year 1: Foundational Skills
Semester Focus: The first year is dedicated to building a strong and broad foundation. Semester 1 focuses on introducing students to the core concepts of cybersecurity, networking, and programming, alongside essential professional communication and mathematical skills. Semester 2 deepens this foundation by introducing digital forensics, hands-on networking labs, and more advanced data structures, ensuring students are well-prepared for the technical rigors of Year 2. This year is aligned with foundational certifications like CompTIA ITF+ and A+.
Cybersecurity Foundations
Introduction to core security concepts, ethics, and the threat landscape
Networking Fundamentals
Understanding network protocols, architectures, and basic configurations
Programming Basics
Learning Python fundamentals for security automation and scripting
Mathematical Foundations
Discrete mathematics with applications to cryptography and security
CYB 101: Cybersecurity Foundations & Ethics
Course Description: This course serves as the gateway to the cybersecurity field, introducing students to its core principles, concepts, and terminology. It covers the fundamental pillars of information security (Confidentiality, Integrity, Availability), explores the threat landscape, and examines the critical role of ethics and professional conduct. Special consideration is given to personal security best practices and the societal impact of cyber activities, providing a moral compass for future professionals.
Learning Objectives:
  • Define cybersecurity and its importance in modern society, business, and government.
  • Explain the CIA triad and other core security principles.
  • Identify major categories of cyber threats, vulnerabilities, and threat actors.
  • Analyze ethical dilemmas in cybersecurity, such as privacy vs. security, and apply ethical decision-making frameworks.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Analyzing real-world data breach case studies (e.g., Equifax, Target) from an ethical and procedural standpoint.
  • Debating ethical scenarios in a group setting (e.g., "Is it ethical to hack back?").
  • Conducting a personal digital footprint audit and developing a personal security plan.
  • Drafting a simple Acceptable Use Policy for a fictional organization.
Key Tools & Technologies: Not tool-heavy; focus is on conceptual frameworks and case study analysis.
Certification Alignment: Provides foundational knowledge for CompTIA IT Fundamentals+ (ITF+)
NET 101: Introduction to Networking
Course Description: This course provides a comprehensive introduction to the fundamental concepts of computer networking. Students will explore the OSI and TCP/IP models, network topologies, hardware components (routers, switches, hubs), and common protocols that govern data communication. The course lays the essential groundwork for understanding network security in subsequent courses.
Learning Objectives:
  • Explain the function of each layer of the OSI and TCP/IP models.
  • Differentiate between various network topologies (e.g., star, mesh, bus).
  • Identify and describe the roles of common networking devices.
  • Understand IP addressing, subnetting, and the role of DHCP and DNS.
  • Describe the differences between wired (Ethernet) and wireless (Wi-Fi) networking standards.
Weekly Outline
Hands-on Labs & Practical Exercises:
  • Building a simple network in a simulator like Cisco Packet Tracer.
  • Using command-line tools (ipconfig, ping, tracert) to diagnose connectivity issues.
  • Calculating subnet masks for given network requirements.
  • Examining packet headers in a Wireshark capture to identify protocols and ports.
Key Tools & Technologies: Cisco Packet Tracer, Wireshark (for observation), Command Line Tools.
Certification Alignment: Foundational knowledge for CompTIA Network+ and CompTIA A+.
CS 101: Programming Fundamentals (Python)
Course Description: This course introduces the fundamental principles of programming using the Python language, chosen for its readability and extensive use in the cybersecurity domain for scripting and automation. Students will learn core programming concepts such as variables, data types, control structures, functions, and basic object-oriented principles, all within the context of solving security-related problems.
Learning Objectives:
  • Write, test, and debug simple Python scripts.
  • Apply fundamental programming constructs like variables, loops, and conditional statements.
  • Organize code into reusable functions and modules.
  • Manipulate basic data structures such as lists, dictionaries, and strings.
  • Understand how to read from and write to files to process data.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Writing a script to validate password complexity rules.
  • Developing a simple port scanner using the `socket` library.
  • Creating a program to parse log files and identify specific events.
  • Building a Caesar cipher encryption/decryption tool.
Key Tools & Technologies: Python 3, VS Code (or other IDE), Git/GitHub for version control.
Certification Alignment: Provides scripting skills beneficial for all cybersecurity certifications, particularly those with performance-based questions. Aligns with concepts in Python for Cybersecurity Specializations.
MATH 125: Discrete Mathematics with Cybersecurity Applications
Course Description: This course covers the foundational topics of discrete mathematics that are essential for computer science and cybersecurity. It explores logic, set theory, functions, relations, graph theory, and number theory, with a consistent focus on their direct application to cybersecurity concepts such as cryptography, network analysis, and access control models.
Learning Objectives:
  • Apply principles of propositional and predicate logic to formalize security policies.
  • Use set theory and relations to model access control structures.
  • Understand the number theory concepts (e.g., modular arithmetic, prime numbers) that underpin modern cryptography.
  • Utilize graph theory to model and analyze network topologies and attack paths.
  • Apply combinatorial principles to analyze password space and brute-force attack complexity.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Writing logical expressions for firewall rules.
  • Manually performing RSA encryption/decryption with small prime numbers.
  • Drawing graph models of network diagrams to find single points of failure.
  • Calculating the time required to brute-force different types of password policies.
Key Tools & Technologies: Primarily conceptual, with potential use of mathematical software for visualization.
Certification Alignment: Provides the mathematical foundation required for advanced topics in CISSP (Cryptography domain) and other high-level certifications.
COM 101: Professional and Communication Skills for Technologists
Course Description: This course addresses a critical soft skill gap by equipping future cybersecurity professionals with the essential communication and professional skills needed to succeed. Topics include technical writing, oral presentations, teamwork and collaboration, stakeholder engagement, and translating complex technical concepts for non-technical audiences. The course emphasizes practical application through role-playing, report writing, and presentations.
Learning Objectives:
  • Write clear, concise, and professional technical documents, including incident reports and policy recommendations.
  • Deliver effective oral presentations on technical topics to diverse audiences (e.g., technical teams, executive management).
  • Collaborate effectively in a team environment to solve problems and complete projects.
  • Translate complex cybersecurity jargon and concepts into understandable business language.
  • Practice active listening and constructive feedback techniques in professional interactions.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Writing a mock incident report based on a provided scenario.
  • Delivering a 5-minute presentation explaining a technical vulnerability (e.g., SQL Injection) to a non-technical audience.
  • Participating in a group project to develop a security awareness campaign proposal.
  • Conducting mock interviews with peers
Key Tools & Technologies: Presentation software (PowerPoint, Google Slides), collaborative document tools (Google Docs, Office 365).
Certification Alignment: While not technical, these skills are essential for career progression and are implicitly tested in management-level certifications like CISM and CISSP.
Year 2: Core Technical Competencies
Semester Focus: The second-year transitions students from foundational knowledge to core technical competencies. Semester 3 introduces key defensive disciplines, including cryptography, network security, and operating systems security. Semester 4 builds on this with an introduction to offensive security through ethical hacking, advanced network analysis, and the practical skills of system hardening and digital evidence handling. This year is heavily aligned with CompTIA Network+, Security+, and the Cisco CCNA certifications.
Cryptography
Understanding encryption algorithms, digital signatures, and secure key management
Network Security
Implementing firewalls, IDS/IPS, and secure network architectures
Operating Systems Security
Hardening Windows and Linux systems against common attacks
Database Security
Protecting data at rest and preventing SQL injection attacks
CYB 201: Cryptography
Course Description: This course provides a deep dive into the principles and practices of modern cryptography. It covers the theoretical foundations and practical applications of symmetric and asymmetric encryption, hash functions, message authentication codes (MACs), and digital signatures. Students will explore how these cryptographic primitives are combined to build secure protocols and systems.
Learning Objectives:
  • Differentiate between symmetric and asymmetric cryptography and identify appropriate use cases for each.
  • Explain the function of cryptographic hash functions and their role in ensuring data integrity.
  • Describe how digital signatures provide authentication, non-repudiation, and integrity.
  • Understand the components and function of a Public Key Infrastructure (PKI).
  • Analyze the security of simple cryptosystems and identify common implementation flaws.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Encrypting and decrypting files using OpenSSL command-line tools.
  • Generating a key pair, creating a Certificate Signing Request (CSR), and signing a certificate.
  • Using Python's cryptography libraries to implement a simple symmetric encryption scheme.
  • Analyzing a TLS handshake in Wireshark to identify cipher suites and certificates.
Key Tools & Technologies: OpenSSL, Wireshark, Python (cryptography libraries).
NET 201: Network Security Fundamentals
Course Description: Building on the foundations of NET 101, this course focuses on the principles and practices of securing computer networks. Students will learn about common network attacks and the technologies used to defend against them, including firewalls, VPNs, and intrusion detection/prevention systems. The course emphasizes a defense-in-depth approach to network architecture.
Learning Objectives:
  • Identify and describe common network-based attacks (e.g., DoS, DDoS, Man-in-the-Middle, Sniffing).
  • Explain the function and placement of firewalls, proxies, and VPNs in a network architecture.
  • Differentiate between signature-based and anomaly-based intrusion detection systems (IDS).
  • Implement basic secure network configurations on routers and switches.
  • Understand the principles of securing wireless networks (WPA2/WPA3).
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Configuring basic Access Control Lists (ACLs) on a simulated router.
  • Setting up a simple firewall using `iptables` on a Linux VM.
  • Using Wireshark to analyze a simulated Man-in-the-Middle attack.
  • Configuring a secure WPA3 wireless network in a lab environment.
  • Setting up and monitoring a basic IDS like Snort.
Key Tools & Technologies: Cisco Packet Tracer, Wireshark, Snort, iptables, OpenVPN, VirtualBox.
OS 201: Operating Systems Security
Course Description: This course provides an in-depth examination of security issues within modern operating systems. It covers fundamental security mechanisms such as access control, memory protection, and process isolation. Students will study vulnerabilities, threats, and defense mechanisms in both Windows and Linux environments, with a focus on system hardening and secure configuration.
Learning Objectives:
  • Explain the security architecture of modern operating systems (Kernel vs. User mode).
  • Describe different access control models (DAC, MAC, RBAC) and their implementation.
  • Identify common OS vulnerabilities like buffer overflows and race conditions.
  • Apply system hardening techniques to secure Windows and Linux systems.
  • Understand the role of virtualization and sandboxing in enhancing OS security.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Configuring file permissions and ACLs on both Windows and Linux VMs.
  • Using Group Policy Editor to enforce security settings on a Windows machine.
  • Applying a security baseline to a Linux server using a hardening script.
  • Setting up a sandboxed environment to run a suspicious application.
  • Analyzing system logs to trace an unauthorized login attempt.
Key Tools & Technologies: Windows Server, Ubuntu/CentOS Linux, VirtualBox/VMware, Group Policy Editor, SELinux/AppArmor.
Certification Alignment: CompTIA Security+, CompTIA Linux+, Microsoft and LPI certifications.
DB 201: Database Security
Course Description: This course focuses on the principles and practices of securing database systems, a critical component of organizational data protection. Topics include access control models, authentication, auditing, encryption of data at rest, and preventing common database attacks such as SQL injection. The course will use a popular database system like PostgreSQL or MySQL for practical exercises.
Learning Objectives:
  • Implement granular access controls using roles and privileges in a database system.
  • Identify and mitigate SQL injection vulnerabilities in web applications.
  • Configure database auditing to monitor for suspicious activity.
  • Explain methods for encrypting sensitive data within a database.
  • Develop a secure configuration baseline for a database server.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Creating users and roles with different levels of permissions in PostgreSQL.
  • Performing a basic SQL injection attack on a vulnerable web application.
  • Implementing prepared statements in a simple application to prevent SQL injection.
  • Configuring database auditing and reviewing the audit logs for specific actions.
  • Setting up SSL/TLS to encrypt client-server database connections.
Key Tools & Technologies: PostgreSQL/MySQL, SQL, a simple web application stack (e.g., PHP/Python with a database backend), Burp Suite.
Certification Alignment: Provides specialized knowledge relevant to CISSP (Domain 2: Asset Security) and database-specific certifications from vendors like Oracle.
CS 201: Secure Coding Practices (OWASP Top 10)
Course Description: This course introduces students to the principles of writing secure software. It focuses on identifying and mitigating common vulnerabilities throughout the Software Development Lifecycle (SDLC). The curriculum is heavily structured around the OWASP Top 10, providing practical guidance on preventing critical web application security risks such as injection, broken authentication, and cross-site scripting.
Learning Objectives:
  • Integrate security considerations into all phases of the SDLC.
  • Identify and explain each of the OWASP Top 10 vulnerabilities.
  • Apply secure coding techniques to prevent common vulnerabilities like SQL injection and XSS.
  • Perform basic static and dynamic analysis of code to find security flaws.
  • Understand the importance of input validation, output encoding, and proper error handling.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Using a vulnerable web application (e.g., OWASP Juice Shop, DVWA) to exploit and then patch an SQL injection flaw.
  • Performing a Cross-Site Scripting (XSS) attack and implementing output encoding to fix it.
  • Conducting a manual code review of a small application to identify security bugs.
  • Using a dependency checker tool to find outdated and vulnerable libraries in a project.
Key Tools & Technologies: OWASP Juice Shop, Burp Suite, SonarQube (or similar static analysis tool), Git, a web programming language (e.g., Python with Flask/Django, or PHP).
Certification Alignment: CompTIA Security+.
Year 3: Advanced Specialization
Semester Focus: The third year is designed to transition students from core competencies to advanced, specialized domains. Semester 5 introduces key professional disciplines: Web Application Security, Advanced Digital Forensics, Incident Response, and Cyber Threat Intelligence. Semester 6 builds on this with expert-level topics like Malware Analysis, Cloud Security, and IoT/OT Security. This year prepares students for advanced technical certifications such as CEH and CompTIA CySA+ and lays the groundwork for the strategic focus of Year 4.
Web Application Security
Advanced techniques for testing and securing complex web applications
Digital Forensics
Recovering and analyzing evidence from digital devices and networks
Incident Response
Structured approaches to handling security breaches and attacks
Threat Intelligence
Collecting and analyzing information about threats and threat actors
CYB 301: Web Application Security
Course Description: This advanced course builds upon secure coding principles to provide a comprehensive examination of web application security from an offensive and defensive perspective. Students will explore complex attack vectors, including advanced injection techniques, business logic flaws, and modern client-side attacks. The course emphasizes manual testing techniques and the use of professional tools to assess and secure complex web applications.
Learning Objectives:
  • Conduct in-depth penetration tests of web applications using a structured methodology.
  • Identify and exploit complex vulnerabilities beyond the basic OWASP Top 10, such as XML External Entity (XXE) and Deserialization flaws.
  • Analyze and bypass client-side security controls.
  • Understand the security implications of modern web architectures, including APIs (REST, GraphQL) and Single Page Applications (SPAs).
  • Articulate advanced web vulnerabilities and their remediation in a professional report.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Performing a blind SQL injection attack to exfiltrate data from a database.
  • Crafting a payload to achieve stored XSS and hijack a user session.
  • Using Burp Suite's advanced features (Intruder, Repeater, Scanner) to automate testing.
  • Conducting a full penetration test on a provided vulnerable application and writing a professional report.
Key Tools & Technologies: Burp Suite Professional, OWASP ZAP, Postman (for API testing), various vulnerable web applications (e.g., WebGoat, PortSwigger Labs).
Certification Alignment: Burp Suite Certified Practitioner (BSCP), Offensive Security Web Assessor (OSWA), GIAC Web Application Penetration Tester (GWAPT).
DF 301: Advanced Digital Forensics
Course Description: This course moves beyond foundational forensics to cover advanced topics in digital investigation. Students will learn to analyze complex artifacts from modern operating systems, conduct memory forensics, and investigate incidents in non-traditional environments. The course emphasizes the use of advanced tools and manual analysis techniques to uncover evidence that automated tools might miss.
Learning Objectives:
  • Conduct live response and memory acquisition on running systems.
  • Analyze memory dumps to identify running processes, network connections, and injected code.
  • Perform in-depth analysis of advanced Windows artifacts (e.g., Shellbags, Amcache, SRUM).
  • Analyze file systems manually to recover data from unallocated space and complex data structures.
  • Create comprehensive timelines by correlating artifacts from multiple evidence sources.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Using Volatility to analyze a memory dump from a malware-infected machine.
  • Manually parsing the MFT from a disk image to recover a deleted file.
  • Building a super-timeline of user activity using Plaso/Log2timeline.
  • Analyzing browser history from a disk image to reconstruct web activity.
  • Participating in a mock trial as an expert witness based on a case investigation.
Key Tools & Technologies: Volatility Framework, Autopsy, The Sleuth Kit, Plaso, Eric Zimmerman's Tools, FTK Imager.
IR 301: Incident Response and Handling
Course Description: This course provides a systematic approach to handling cybersecurity incidents. Students will learn the entire incident response lifecycle, from preparation and detection to containment, eradication, and recovery. The course uses case studies and simulation exercises to prepare students for the high-pressure environment of a real-world security breach.
Learning Objectives:
  • Develop and implement an organizational incident response plan.
  • Apply the six phases of the incident response lifecycle (Preparation, Identification, Containment, Eradication, Recovery, Lessons Learned).
  • Differentiate between and respond to various incident types (e.g., malware, data breach, DoS).
  • Coordinate incident response activities with different stakeholders (IT, legal, management, PR).
  • Conduct post-incident analysis and document lessons learned to improve security posture.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Drafting an incident response plan for a fictional company.
  • Analyzing a set of logs to identify indicators of compromise (IOCs) for a simulated incident.
  • Participating in a tabletop exercise to walk through the response to a major data breach.
  • Using an IR playbook to contain and eradicate malware in a virtual lab.
  • Writing a "Lessons Learned" report after a simulated incident.
Key Tools & Technologies: SIEM (e.g., Splunk Free, ELK Stack), TheHive (Incident Response Platform), Yara, Network and Host analysis tools.
Certification Alignment: GIAC Certified Incident Handler (GCIH), CompTIA CySA+.
CTI 301: Cyber Threat Intelligence
Course Description: This course introduces the discipline of Cyber Threat Intelligence (CTI), focusing on the collection, analysis, and dissemination of information about threats and threat actors. Students will learn how to produce actionable intelligence that can be used to inform defensive strategies and incident response efforts. The course covers the intelligence lifecycle, threat modeling, and common CTI frameworks.
Learning Objectives:
  • Explain the intelligence lifecycle and its application to cybersecurity.
  • Differentiate between strategic, operational, and tactical threat intelligence.
  • Collect and analyze data from open-source intelligence (OSINT) and other sources.
  • Apply structured analytic techniques and frameworks like the Diamond Model and MITRE ATT&CK.
  • Produce and disseminate clear and actionable intelligence reports for different audiences.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Using OSINT tools (e.g., Maltego, Shodan) to gather information on a target organization.
  • Mapping the TTPs of a known malware campaign (e.g., WannaCry) to the MITRE ATT&CK framework.
  • Using the Diamond Model to analyze a provided intrusion scenario.
  • Writing a tactical intelligence report containing actionable IOCs.
  • Setting up a basic MISP instance to share threat data.
Key Tools & Technologies: Maltego, Shodan, MISP, VirusTotal, Python for scripting.
Year 4: Practical Application and Industry Immersion
Semester Focus: The final year is designed to transition students from academic learning to professional practice. Semester 7 focuses on high-level strategic and technical skills, including advanced penetration testing, security auditing, and leadership. This semester culminates in the first phase of the Capstone Project, where students research and propose a solution to a real-world problem. Semester 8 is dedicated entirely to a full-time industry internship, providing immersive, practical experience and preparing students for executive-level certifications like CISSP and CISM.
Capstone Project
Applying knowledge to solve real-world cybersecurity challenges
Advanced Penetration Testing
Enterprise-level security assessment techniques
Security Assessment
Evaluating security controls against frameworks and standards
Cybersecurity Leadership
Strategic management of security programs and teams
Industry Internship
Hands-on experience in professional cybersecurity roles
CYB 490: Capstone Project I (Proposal and Research)
Course Description: This is the first part of a two-semester capstone experience where students apply the cumulative knowledge and skills gained throughout the program to a significant, independent project. In this semester, students will identify a real-world cybersecurity or digital forensics problem, conduct a thorough literature review, define the project scope and objectives, and develop a detailed project proposal and research plan.
Learning Objectives:
  • Identify a relevant and researchable problem in cybersecurity or digital forensics.
  • Conduct a comprehensive literature review to understand the current state of the art.
  • Formulate clear research questions, objectives, and project scope.
  • Develop a detailed project plan, including methodology, timeline, and required resources.
  • Write a formal project proposal and present it for approval.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Using academic search engines (IEEE Xplore, ACM Digital Library) for literature review.
  • Creating a project timeline using project management tools (e.g., Trello, Gantt charts).
  • Developing and delivering a "pitch" for their proposed project.
  • Peer-reviewing other students' project proposals.
Key Tools & Technologies: Reference management software (Zotero, Mendeley), project management tools, presentation software.
Certification Alignment: Develops project management and research skills applicable to senior-level roles and management certifications like CISM and CISSP.
CYB 491: Advanced Penetration Testing II
Course Description: This course builds on the ethical hacking foundations to cover advanced, enterprise-level penetration testing. Students will learn to navigate complex network environments, bypass modern defenses, and exploit Active Directory. The course focuses on developing a stealthy, objective-driven approach to testing that mimics advanced persistent threats (APTs).
Learning Objectives:
  • Perform advanced post-exploitation techniques, including lateral movement and persistence.
  • Identify and exploit common Active Directory misconfigurations.
  • Bypass security controls like antivirus (AV) and application whitelisting.
  • Understand and execute client-side and social engineering attacks.
  • Conduct a full red team-style engagement from initial access to objective completion.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Setting up and attacking a virtual Active Directory lab.
  • Using BloodHound to visualize and execute an attack path to Domain Admin.
  • Executing a Kerberoasting attack to crack service account passwords.
  • Pivoting through multiple machines in a segmented network.
  • Participating in a multi-day Capture the Flag (CTF) event simulating a full enterprise compromise.
Key Tools & Technologies: Cobalt Strike (or similar C2 framework), BloodHound, Mimikatz, Impacket suite, PowerShell Empire.
Certification Alignment: Offensive Security Certified Professional (OSCP), GIAC Penetration Tester (GPEN), GIAC Exploit Researcher and Advanced Penetration Tester (GXPN).
GRC 401: Security Assessment and Auditing
Course Description: This course focuses on the principles and practices of information security auditing and assessment. Students will learn how to evaluate an organization's security posture against established frameworks and standards (e.g., NIST, ISO 27001/27032). The course covers audit planning, execution, reporting, and the role of the auditor in driving security improvements.
Learning Objectives:
  • Understand the difference between a security assessment and a security audit.
  • Plan and scope a security audit based on organizational objectives.
  • Evaluate the design and effectiveness of security controls.
  • Use common security frameworks (NIST CSF, ISO 27001/27032) as a basis for assessment.
  • Write a formal audit report with actionable findings and recommendations.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Performing a gap analysis of a fictional company's security policies against the NIST CSF.
  • Conducting a mock interview with a "system administrator" to assess control implementation.
  • Reviewing system configuration files and logs to verify control effectiveness.
  • Writing an audit finding with the five key elements: Condition, Criteria, Cause, Effect, and Recommendation.
  • Developing an audit plan for a specific system or process.
Key Tools & Technologies: GRC platforms (conceptual), audit checklists, policy templates.
LDR 401: Cybersecurity Leadership and Management
Course Description: This course prepares students for leadership roles by focusing on the strategic management of cybersecurity within an organization. It covers topics such as developing a security strategy, building and managing security teams, budgeting, communicating risk to executive leadership, and fostering a security-conscious culture.
Learning Objectives:
  • Develop a cybersecurity strategy that aligns with organizational goals and objectives.
  • Create a business case and budget for security initiatives.
  • Understand the principles of building and leading effective cybersecurity teams.
  • Communicate cybersecurity risk and program effectiveness to executive stakeholders.
  • Design and implement a security awareness and training program.
Weekly Outline:
Hands-on Labs & Practical Exercises:
  • Developing a cybersecurity strategy document for a case study organization.
  • Creating a budget proposal for a new security tool or initiative.
  • Role-playing a board-level presentation on the organization's cyber risk posture.
  • Designing a phishing simulation campaign and awareness materials.
  • Analyzing case studies of security leadership failures and successes.
Key Tools & Technologies: Primarily case studies, strategic frameworks, and presentation tools.
7. Assessment and Evaluation
The program employs a robust and multifaceted assessment and evaluation framework to ensure that students achieve the intended learning outcomes and that the curriculum remains relevant, rigorous, and effective. This framework is designed to measure both theoretical knowledge and practical competence, in alignment with academic standards and industry expectations.
Assessment Methods
A variety of assessment methods are used to provide a holistic view of student progress and mastery:
Formative Assessments
These are ongoing, low-stakes evaluations designed to monitor student learning and provide continuous feedback.
They include:
  • Weekly quizzes and in-class activities to check comprehension.
  • Lab submissions and code reviews to assess practical skills development.
  • Participation in class discussions, case study analyses, and peer-review exercises to foster critical thinking and communication skills.
Summative Assessments
These are higher-stakes evaluations that measure student learning at the end of an instructional unit.
They include:
  • Mid-term and final examinations to assess theoretical knowledge.
  • Major individual and group projects that require students to apply and integrate knowledge from multiple topics.
  • Research papers and comprehensive case study analyses.
Performance-Based Assessments
These are designed to evaluate hands-on skills in realistic scenarios. This is a cornerstone of the program's assessment philosophy and includes:
  • Practical lab examinations conducted in a controlled virtual environment.
  • "Capture The Flag" (CTF) competitions that test offensive and defensive skills.
Capstone and Internship Evaluation
The final year assessments serve as the ultimate demonstration of a student's integrated knowledge and professional readiness.
  • The Capstone Project is evaluated based on the quality of the research, the technical implementation (if applicable), the final report (dissertation), and an oral defense.
  • The Industry Internship is evaluated through the student's final report, presentation, and comprehensive feedback from the workplace supervisor.
Preparation for Industry Certifications
The curriculum is designed to systematically prepare students for industry certification exams. This is achieved through:
Direct Alignment
Course content is explicitly mapped to the domains and objectives of certifications like CompTIA Security+/SecurityX, CEH, and CISSP.
Practical Labs
Hands-on exercises are designed to build the practical skills tested in performance-based questions on exams.
Practice Exams
Students will be provided with access to practice exam software and materials to familiarize themselves with the format, style, and difficulty of certification exams.
Supporting Resources
Curated reading lists and study guides for each targeted certification will be made available to students to support their self-study efforts.
8. Curriculum Evaluation and Improvement
To ensure the BSc in Cybersecurity remains at the forefront of the field and continues to meet the needs of students and employers, a robust framework for ongoing evaluation and improvement is essential. This framework is built on a continuous feedback loop involving all key stakeholders.
Ongoing Curriculum Assessment
The curriculum will be subject to continuous assessment to ensure its relevance, rigor, and effectiveness. This includes:
Course-Level Reviews
At the end of each semester, faculty will review course content, learning outcomes, and assessment methods to identify areas for improvement.
Program-Level Reviews
An annual program-level review will be conducted to assess the overall curriculum structure, course sequencing, and alignment with program objectives.
Technology and Tool Audits
The tools, software, and lab environments used in the curriculum will be audited annually to ensure they are current and aligned with industry standards.
Stakeholder Feedback Processes
A multi-stakeholder feedback process is critical for maintaining curriculum relevance:
Student Feedback
Formal end-of-course surveys and informal mid-semester feedback sessions will be used to gather student perspectives on course content, teaching effectiveness, and learning resources.
Faculty Feedback
Regular departmental meetings and dedicated curriculum workshops will provide a forum for faculty to share insights, discuss challenges, and propose improvements.
Industry Advisory Board Feedback
The Cybersecurity Advisory Board will play a key role in providing strategic guidance, reviewing curriculum content, and ensuring alignment with industry needs.
Alumni Feedback
Annual surveys and focus groups with program alumni will provide valuable insights into how well the curriculum prepared them for their careers and what skills are most in demand.
Key Performance Indicators (KPIs)
The effectiveness of the curriculum will be measured using a set of Key Performance Indicators (KPIs), including:
85%
Student Performance
Pass rates, average grades, and performance on key assessments.
90%
Graduate Employability
Percentage of graduates employed in the cybersecurity field within six months of graduation.
75%
Certification Success
Percentage of students who successfully obtain industry certifications (e.g., CompTIA Security+/SecurityX, CEH) during or shortly after the program.
4.2/5
Employer Satisfaction
Feedback from internship supervisors and employers on the skills and preparedness of graduates.
4.5/5
Student Satisfaction
Results from end-of-course and program-level surveys.
Review and Revision Schedule
A formal review and revision schedule will ensure the curriculum remains current:
1
Annual Review
A comprehensive review of the curriculum will be conducted annually by the faculty and the Industry Advisory Board.
2
Minor Revisions
Minor updates to course content, readings, and lab exercises will be made on a semester-by-semester basis as needed.
3
Major Revisions
A major curriculum overhaul will be considered every 3-5 years to ensure alignment with significant shifts in the cybersecurity landscape, industry standards, and pedagogical best practices.
Industry Advisory Board
The Industry Advisory Board is a cornerstone of the curriculum evaluation and improvement process. Its structure and responsibilities include:
Composition
The board will consist of 10-15 senior cybersecurity professionals from diverse sectors in Sierra Leone and internationally, including government, finance, telecommunications, and technology.
Responsibilities
  • Provide strategic guidance on curriculum direction and content.
  • Review and provide feedback on course materials and learning outcomes.
  • Help identify emerging industry trends and skill gaps.
  • Facilitate guest lectures, workshops, and industry projects.
  • Support internship placements and career opportunities for students.
Meetings
The board will meet bi-annually to review program progress, discuss industry trends, and provide recommendations for improvement.
Career Pathways
Graduates of the BSc in Cybersecurity and will be equipped for a wide range of high-demand roles across the public and private sectors. The program's strong alignment with the NICE Workforce Framework and industry certifications provides a clear map from academic learning to specific, real-world job functions. The acute shortage of skilled professionals, both globally and particularly in Sierra Leone, ensures that our graduates will be highly sought after.
Potential career paths include, but are not limited to:
Defensive and Operational Roles
1
Cybersecurity Analyst / SOC Analyst
The frontline of defense, monitoring networks and systems for security events, triaging alerts, and initiating incident response. (NICE Work Role: Defensive Cybersecurity)
2
Security Engineer / Architect
Designs, builds, and maintains an organization's security infrastructure, including firewalls, IDS/IPS, and other security solutions. (NICE Work Role: Cybersecurity Architecture)
3
Systems Administrator (Security Focus)
Manages and hardens operating systems, servers, and network devices to ensure they are configured securely. (NICE Work Role: Systems Administration)
Offensive and Investigative Roles
1
Penetration Tester / Ethical Hacker
Proactively identifies and exploits vulnerabilities in an organization's systems to help them improve their defenses. (NICE Work Role: Vulnerability Analysis)
2
Digital Forensics Investigator
Collects, preserves, and analyzes digital evidence in response to cybercrime, data breaches, or internal investigations. (NICE Work Role: Digital Forensics)
3
Incident Responder
Specializes in responding to and managing the aftermath of cybersecurity incidents, from containment to recovery. (NICE Work Role: Incident Response)
9. Glossary of Terms and Acronyms
Glossary of Terms
Access Control
The selective restriction of access to a place or other resource.
Cryptography
The practice and study of techniques for secure communication in the presence of third parties called adversaries.
Cyber Threat Intelligence (CTI)
Information an organization uses to understand the threats that have, will, or are currently targeting the organization.
Digital Forensics
The process of uncovering and interpreting electronic data to be used in a court of law.
Incident Response
An organized approach to addressing and managing the aftermath of a security breach or cyberattack.
Malware
Software designed to disrupt, damage, or gain unauthorized access to a computer system.
Penetration Testing
An authorized simulated cyberattack on a computer system, performed to evaluate the security of the system.
Risk Management
The process of identifying, assessing, and controlling threats to an organization's capital and earnings.
Vulnerability
A weakness in a system that can be exploited by a threat actor.
List of Acronyms
This is a partial list. The full list of acronyms includes many more terms related to cybersecurity, networking, and information technology.
10. References and Resources
Academic Textbooks & Journals
  1. "Operating System Concepts" by Silberschatz, Galvin, and Gagne
  1. "Applied Cryptography" by Bruce Schneier
  1. "Practical Malware Analysis" by Michael Sikorski and Andrew Honig
  1. "The Art of Memory Forensics" by Ligh, Case, Levy, and Walters
  1. Journal of Cybersecurity Education, Research and Practice (JCERP)
  1. ACM Transactions on Information and System Security (TISSEC)
Industry Publications
  1. NIST Special Publications (e.g., SP 800-53, SP 800-61)
  1. ISACA Journal
  1. (ISC)² Security Transcends
  1. SANS Institute Reading Room
Online Learning Resources
PortSwigger Web Security Academy
OWASP Foundation
Open Web Application Security Project resources
Professional Organizations
ISACA
Global professional association focused on IT governance
SANS Institute
Leading provider of cybersecurity training and certification
EC-Council
Provider of ethical hacking and information security certifications
CompTIA
Non-profit trade association issuing vendor-neutral IT certifications
Certification Preparation Materials
  1. Official CompTIA Study Guides (for A+, Network+, Security+, CySA+)
  1. Official (ISC)² CISSP CBK Reference
  1. Official ISACA CISM Review Manual
  1. CEH Certified Ethical Hacker All-in-One Exam Guide" by Matt Walker
  1. "OSCP with Kali Linux" (various authors)
Sierra Leone-Specific Cybersecurity Resources
National Cybersecurity Strategy
Ministry of Communication, Technology, and Innovation (MoCTI)
Cybersecurity and Crime Act
The Cybersecurity and Crime Act, 2021 - Parliament of Sierra Leone
National Cybersecurity Coordination Centre
Others
  1. Sierra Leone's National Cybersecurity Strategy (2021–2025)https://dig.watch/resource/sierra-leones-national-cybersecurity-strategy-2021-2025
  1. Cybersecurity Technology Courses | 2025-2026 Academic Catalog https://catalog.siu.edu/programs/ctec/courses.php
  1. CISSP Certified Information Systems Security Professional - ISC2 https://www.isc2.org/certifications/cissp
  1. The CompTIA Cybersecurity Career Pathway: Employable Skills ... https://www.comptia.org/en-us/blog/the-comptia-cybersecurity-career-pathway-employable-skills-found-here/