Skip to main content
Secure
Professor pointing at computer screen with students using wearables

Cyber Operations (MS)

About The Program

The Master of Science in Cyber Operations (MSCyOps) is a 36-credit program that provides advanced study in the theory and practice of the cybersecurity computing-based discipline with a hardcore focus on both cyber offense and defense strategies. Discovering and investigating sophisticated breaches and providing adequate responses, going beyond the minds of hackers and analyzing their techniques, tactics, and procedures, intelligence gathering, malware analysis, and reversing are some critical aspects of the cyber operations program. The program provides an interdisciplinary course of study, including aspects of information technology, law, policy, human factors and risk management, often in the context of adversaries.

National Security Agency, Center of Academic Excellence, and Center of Academic Excellence Community seals

Metro State University is a National Security Agency (NSA) designated National Center of Academic Excellence in Cyber Defense (NCAE-CD) Institution. NCAE-CD institutions receive formal recognition from the U.S. Government and opportunities for prestige and publicity for securing our Nation's information systems. The Cybersecurity program curriculum also conforms to the NSA requirements for maintaining the NCAE-CD designation. Metro State is also a member of the CAE Community.

The MSCyOps graduate degree is unique in the state of Minnesota. Key features of the program include:

  • A highly technical accelerated degree designed mainly for working professionals.
  • Fully-online Cyber Operations degree coursework offered on weekday evenings and Saturday mornings.
  • A cohort-based lock-step program; each cohort progresses as a group and develops a professional and supportive network that helps them improve their ability to work in teams.
  • Industry vetted competency-based curriculum and performance-based assessment, conforming to the requirements of the U.S. Government’s National Security Agency Center of Academic Excellence in Cyber Operations knowledge units.
  • A value-added program with access to necessary hardware and software resources and a cloud environment for completing hands-on activities.
  • A program with a forward-looking emphasis on current and future challenges resulting from emerging technological paradigms (e.g., cloud computing, mobile devices, embedded computing, and Internet of Things), societal trends (e.g., privacy awareness), and the opportunity to leverage the human element in computing (social factors in cybersecurity).
  • Top-quality faculty who are industry experts.
  • Priority access to available internships and job opportunities through our robust network of industry partners and recruiters.
  • Exposure to state-of-the-art technology through field trips; discounted access to local conferences, and guest lectures from industry professionals.
  • Various community engagement opportunities. For example, the students will be asked to conduct cybersecurity awareness sessions as well as cyber hygiene sessions for K-12 schools in their respective communities.

Program Oversight

Positioned under the College of Sciences, MN Cyber Institute is a statewide initiative to position Minnesota as a national leader in cybersecurity through education, innovative public/private partnerships, interdisciplinary research, and community engagement. MN Cyber advisory board comprises of representatives from public/private sectors who provide advice and guidance on the Institute’s strategic plans and performance as well as ensure that Metro's cyber-related program offerings are relevant, valuable, and targeted to meet workforce needs.

Job Prospects

With a master’s degree in cyber operations, there is no limit to what a student can accomplish. Metro State Cyber Operations MS degree graduates can seek employment opportunities in the military, government, and private sectors including the National Security Agency (NSA), Department of Defense (DoD), Navy Space and Naval Warfare System Command, and National Labs (Sandia National Laboratory, Pacific Northwest National Laboratory).

Student Outcomes

  1. Analyze adversaries’ tactics, techniques, and procedures (TTPs), and understand their attack strategies to identify potential attack vectors to strategically improve defenses against advanced persistent threats.
  2. Recommend security plans, strategies, and appropriate countermeasures to upper management based on observed attack patterns.
  3. Apply advanced techniques such as malware analysis and reverse engineering to obtain threat intelligence; correlate relevant data to confirm breaches; and identify attack vectors, targets, and the scope of the attacks.
  4. Identify, analyze, and synthesize scholarly and professional literature on cyber operations and related areas.
  5. Demonstrate proficiency in communicating technical information in formal reports, documentation, and oral presentations to various stakeholders regardless of their technical backgrounds.
  6. Understand the importance of team dynamics to provide an adequate response to sophisticated breaches.
  7. Demonstrate sensitivity to and sound judgment on ethical issues and dilemmas as they arise in cybersecurity and operations and will adhere to accepted norms of professional responsibility.

How to enroll

Program eligibility requirements

Admission into the Master of Science in Cyber Operations (MSCyOps) program is determined by evaluating the applicant's academic history, professional experience in computing/cybersecurity, and letters of recommendation. The graduate director is responsible for deciding on admissions to the master's program and assessing the equivalency of transferred coursework.

The following are the minimum requirements for potential admission into the program. Meeting these requirements does not guarantee admission.

  • A bachelor's degree (preferably in Cybersecurity, Computer Science, Information Technology, or Computer Forensics) with a minimum cumulative GPA of 3.00. GPA exceptions can be made on a case-by-case basis for those applicants who demonstrate a potential for academic success in other ways.
  • A competency statement (two pages maximum) that describes the following:
    1. Applicant's knowledge and interest in cybersecurity discipline and human factors impacting personal use policies and monitoring.
    2. Applicant's ability to identify and analyze problems, distinguish between relevant and irrelevant information to make logical decisions, and provide solutions to individual and organizational problems.
    3. Applicant's ability to make clear and convincing oral presentations to individuals or groups, listen effectively, and clarify information as needed; facilitate an open exchange of ideas and foster an atmosphere of open communication.
  • Two letters of recommendation from people (faculty, supervisor, etc.) qualified to judge the applicant's ability for graduate study in Cyber Operations.
  • Demonstrate English language proficiency by one of the following ways:
    • The applicant is a US citizen or permanent resident
    • The applicant has a bachelor's, master's, or doctoral degree from an English-speaking institution in the United States, Canada, the United Kingdom, Ireland, Australia, or New Zealand.
    • The applicant possesses a TOEFL score of at least 80 for the internet-based test or 550 for the paper-based test, achieved within the last 24 months before their planned enrollment date.
    • The applicant has an IELTS score of 6.5 or higher, achieved within 24 months of intended enrollment.

Applicants who have a bachelor's degree in a non-technical field may be admitted to the program if they meet the following conditions:

  • Completed undergraduate courses in Discrete Mathematics and Statistics with a minimum grade of B.
  • Successfully finished undergraduate courses in cybersecurity with a minimum grade of B, along with proven proficiency in Python Programming, C Programming, Assembly Language, PowerShell, Basic Data Structures and Algorithms, Systems Administration, Computer Networking, and Linux Fundamentals.
  • You must possess a minimum of one year of verifiable experience in the IT or cybersecurity sector. Depending on the comprehensive quality of the application package, considerations for exceptions may be made.

Application instructions

Metro State University is participating in the common application for graduate programs (GradCAS). Applications are only accepted via the CAS website.

CAS steps

  1. Select the term for which you are seeking admission (below), and navigate to the CAS website. Open applications include:
  2. Create or log in to your account and select the Cyber Operations (MS) program.
  3. Carefully review all instructions and complete all four sections of the application.

Specific application requirements for individual programs can be found on each program page in CAS. Carefully read the instructions that appear throughout the application pages. You can only submit your application once. If you need to update information you have submitted, please notify graduate.studies@metrostate.edu

Application fee

A nonrefundable $38 fee is required for each application.
Applications will not be processed until this fee is received.

Active-duty military, veterans, and Metro State alumni can receive an application fee waiver. Contact graduate.studies@metrostate.edu.

Courses and Requirements

SKIP TO COURSE REQUIREMENTS

Guidelines for completing the Cyber Operations MS Program

The Master of Science in Cyber Operations (MSCyOps) program operates on a cohort model, mandating that all students progress through the identical set of coursework at a unified pace. The program lacks elective courses, making every course a core requirement essential for obtaining the degree. The program encompasses 36 credits of coursework, detailed as follows:

  • 29 credits in cyber operations and related courses;
  • Four credits in risk assessment, law, policy, and ethics; and
  • Three credits capstone experience, one credit each semester (Fall, Spring, Fall) of the cohort sequence.

Fulfilling the capstone requirement entails undertaking a practical research project, producing a written report for a graduate committee's review, and subsequently presenting and defending the project in an oral examination during the program's final year. Alternatively, the capstone requirement can be satisfied by obtaining advanced industry certifications, like CISSP, CASP+, or OSCP, in lieu of conducting the practical research project.

Students interested in the Cyber Operations MS program should work with the graduate director to understand the program details and course sequencing.

Students must maintain a minimum cumulative GPA of 3.0 and a grade of B or above in all graduate coursework.

Prerequisite Knowledge and Skills

Given the program's technical complexity and accelerated pace, students are expected to possess essential knowledge and skills. Proficiency in Python Programming, C Programming, Assembly Language, PowerShell, basic Data Structures and Algorithms, Systems Administration, Computer Networking, and Linux Fundamentals is crucial. For success in the program, it is strongly advised that students attain these competencies either through undergraduate courses or by taking short courses prior to commencing the graduate degree.

Program Requirements (36 credits)

The 36 credits cohort-based graduate program is divided into four semesters as follows:

+ Fall Semester (Cohort Inauguration): 9 credits

Understanding the Operating Systems (OS) theory and the OS security concepts is required to perform critical roles in the cybersecurity and cyber operations fields. This course exposes the students to topics of the OS theory with an emphasis on security applications. The course begins with an introduction of low-level programming, including Assembly and C. It continues with the basic Unix-like operating system Application Programming Interfaces (APIs) along with the fundamentals of OS concepts.

Full course description for Secure System Programming and OS Theory

Cyber Operations, a more specific area of cybersecurity, is a highly technical field with a hardcore focus on both cyber offense and defense strategies. This course will provide an introduction to cyber operations fundamentals. Topics include Security fundamental principles, network architecture and security technologies, network traffic and protocol analysis, and offensive and defensive cyber operations and user experience.

Full course description for Cyber Operations Fundamentals

The cyber operation capstone project is aimed at building a connection between cyber concepts and the application of these concepts into a real-world context. Students identify and develop their capstone projects throughout the graduate program and produce a serious, in-depth, scholarly and professional level written component that is reflective of their knowledge and skills that they have gained during the program. This capstone project uses a phased approach where students solidify their project ideas by the end of the first semester and complete the project with an oral defense by the end of the MS program. The final project will demonstrate students' summative expression of what they have learned in the graduate program and hence the project should be a culmination of theory, principles, best industry practices, methodologies, tools, and technologies associated with cyber operations.

Full course description for Cyber Operations Capstone Project

+ Spring Semester: 9 credits

This course covers advanced topics of digital forensics procedures, legal issues, and scientific principles. The course addresses the current and new issues in digital forensics by offering various topics such as windows, smart phones, memory, network forensics, Macintosh forensics, and updated and expanded coverage on legal issues. Moreover, the students will learn how to report their findings to present them to the court using the state-of-the-art tools in digital forensics.

Full course description for Digital Forensics I

This course covers how to conduct successful digital forensic examinations in Windows, Linux, and Mac OS, the methodologies used, key technical concepts, and the tools needed to perform examinations. The required technical details of how each operating system works and how to find artifacts is also covered. Topics like File systems, data recovery, memory forensics, executable layouts are discussed in details. Moreover, Hands-On Network Forensics that starts with the core concepts within network forensics, including coding, networking, forensics tools, and methodologies for forensic investigations are covered.

Full course description for Digital Forensics II

The ubiquitous nature of Internet of Everything (IoE) and the prevalence of computing technologies in critical infrastructure sectors have brought an unprecedented digital transformation to individuals, businesses, and industries. On the other hand, the IoE has also enabled the increased spread of malicious software (malware). Malware attacks are increasing exponentially over time with total number of known malware surpassed one billion. As a result, the ability to detect, analyze, understand, control, and eradicate malware derive threat intelligence, helps provide timely response to security incidents, fortify defenses, and is essential to nation¿s economic vitality and security. This course introduces malware analysis and reverse engineering techniques which will allow students to recognize, analyze and remediate infections. Using modern tools and procedures the student will understand how to dissect and reverse engineered a malware to understand its behavior, propagation,…

Full course description for Malware Analysis and Reverse Engineering

The cyber operation capstone project is aimed at building a connection between cyber concepts and the application of these concepts into a real-world context. Students identify and develop their capstone projects throughout the graduate program and produce a serious, in-depth, scholarly and professional level written component that is reflective of their knowledge and skills that they have gained during the program. This capstone project uses a phased approach where students solidify their project ideas by the end of the first semester and complete the project with an oral defense by the end of the MS program. The final project will demonstrate students' summative expression of what they have learned in the graduate program and hence the project should be a culmination of theory, principles, best industry practices, methodologies, tools, and technologies associated with cyber operations.

Full course description for Cyber Operations Capstone Project

+ Summer Semester: 9 credits

Vulnerability analysis and its connection to exploit development are core skills for one involved in cyber operations. This course covers vulnerability discovery and exploitation. The focus is to understand the pattern of vulnerabilities and attacks to allow students to experience protection, risk mitigation, and identify vulnerabilities in new contexts. Topics will include buffer overflows, privilege escalation attacks, input validation issues, vulnerability discovery (fuzzing and crash dump analysis), exploit development, and mitigations (e.g., DEP, ASLR, ¿).

Full course description for Vulnerability Discovery and Exploitation

This course covers cryptography from both theoretical and practical perspective. The course provides details about advanced cryptography and its applications in the cybersecurity world. Students will learn various cryptographic algorithms and protocols and their relationships from both attack and defense perspectives. Various cryptographic tools to secure contemporary networks will be discussed as well. Students should be able to use advanced cryptographic algorithms based on elliptic curve cryptography.

Full course description for Applied Cryptography

The course will provide students with knowledge and practical skills in the field of cyber threat hunting and intelligence that can be leveraged to defend against sophisticated network intrusions and loss of proprietary information. The course will discuss various phases of the intelligence lifecycle including developing intelligence requirements, collecting, analyzing, and disseminating information; and using cyber threat intelligence to improve security at the tactical, operational, and strategic levels.

Full course description for Cyber Threat Hunting and Intelligence

Virtualization technology has rapidly expanded to become a core feature of various components of enterprise environments. It allows efficient use of physical IT infrastructure by sharing its capabilities among many users or environments. Virtualization is also an integral element to cloud computing and key technology in cybersecurity. Cloud computing provides organizations the ability to create and use IT services efficiently and rapidly without spending capital resources upfront. This course will discuss the capabilities and limitations of modern approaches to virtualization and the variety, complexity, and capabilities of modern cloud platforms and cloud security. The course will include hands-on lab exercises using leading Cloud infrastructure providers (ex. Amazon Web Services and Microsoft Azure). The course will review the applied concepts and techniques with end-to-end Cloud security architecture with real-world case studies using Web/Mobile based applications, and Internet…

Full course description for Virtualization and Cloud Security

+ Fall Semester (Cohort Adjournment): 9 credits

Wireless Communication and Mobile technologies have become an essential part of our daily lives. Modern cellular technologies have enabled smartphones to access fast Internet and app based services besides traditional voice communication and sending text messages. Additionally, today¿s network typically include a wide range of wireless devices, from computers and phones, to IP Cameras, smart TVs and connected appliances. As more and more communications are conducted via cellular and mobile technologies, these technologies have become critical (and continue to become more critical) to cyber operations. This course provides and in depth introduction to various wireless technologies (with a focus on cellular technology) and how data is processed and securely transmitted using these technologies and ubiquitous devices. An overview of smart phone technologies, their embedded operating systems, and mobile protocols will also be provided.

Full course description for Securing Wireless and Mobile Technologies

Cyber Operations, a more specific area of cybersecurity, is a highly technical field with a hardcore focus on both cyber offense and defense strategies. This course will cover special cyber operations topics that are not covered elsewhere in the MS Cyber Operations program. This course will provide the opportunity to keep the program current by introducing new and in-demand topics in cyber operations including but not limited to SCADA, IoT/IIoT, embedded systems, hardware reverse engineering, secure software development, programmable logic and microcontroller design, RF Analysis, Software defined Networking, etc.

Full course description for Special Topics in Cyber Operations

The cyber operation capstone project is aimed at building a connection between cyber concepts and the application of these concepts into a real-world context. Students identify and develop their capstone projects throughout the graduate program and produce a serious, in-depth, scholarly and professional level written component that is reflective of their knowledge and skills that they have gained during the program. This capstone project uses a phased approach where students solidify their project ideas by the end of the first semester and complete the project with an oral defense by the end of the MS program. The final project will demonstrate students' summative expression of what they have learned in the graduate program and hence the project should be a culmination of theory, principles, best industry practices, methodologies, tools, and technologies associated with cyber operations.

Full course description for Cyber Operations Capstone Project

Any IT development project contains significant risks. However, keeping the status quo is also risky in rapidly changing technological and competitive environments. This course is designed to familiarize the student with risk analysis concepts derived from many sources including financial, actuarial and statistical studies, insurance and risk analysis, software quality assurance methodologies, management and audit trails and many others. Student will learn to assess the risk in an information systems portfolio and develop strategies for managing the many risk types discussed: Prerequisites: MIS 600.

Full course description for Risk Analysis in Information Technology

With Information Technology playing an ever greater role in organizations, and the widespread availability of technology with the ability to collect and create information on everyone, many new ethical issues have been created. This course will frame many current ethic issues in IT and help the student develop methods of analyzing and dealing with these issues in real world situations. Topics may include issues such as privacy, copyright and intellectual property, employee monitoring approaches, multinational information flows, corporate intelligence and others. Hacking, computer security, viruses and other acts of destruction will be reviewed from an ethical perspective.

Full course description for Cyber Ethics