Ivan F.

Master of Science
in Cybersecurity,
Ethical Hacking and
Pen Testing

computer icon


calendar icon


graduation cap icon

230K+ Alumni Worldwide


The Master of Science in Cybersecurity provides managers and professionals with the knowledge and skills to ensure the security, confidentiality, integrity, authenticity, control, availability and utility of the world’s computing and information systems infrastructure. Core cybersecurity coursework supports the variety of backgrounds (both education and work experience) that students may bring to the program, while the specializations provide for study in particular domains of knowledge within the field.

The Ethical Hacking & Pen Testing specialization focuses on testing enterprise systems by probing network and information security components with simulated attacks. These exercises and simulations prepare professionals for: developing rules of engagement, preparing cybersecurity tool kits, discovering and exploiting system vulnerabilities, ethically conducting penetration tests, and preparing penetration test documentation. Red-Teaming practices and Red vs. Blue team exercises will be executed and assessed as an important part of the coursework.

Admission Requirements

All students who seek to enroll in the Master of Science in Cybersecurity program must interview with the appropriate faculty advisor prior to enrolling in the first course of the program.

Course Details

Foundation Courses

For the MS in Cybersecurity with a specialization in Ethical Hacking and Pen Testing, you must complete nine foundation courses and four specialization courses.

Course Name

This course examines the fundamental concepts of cybersecurity and the associated technology. Topics of study include: securing the environment, security technologies in the environment, security threats, security responses, and the ethical and legal aspects of cybersecurity.

An introduction to the tools and techniques utilized in cyber defense and offensive cyber operations. Instruction will demonstrate the use of technical tools in virtual lab environments.

An analysis and evaluation of threat modeling and cyber threat intelligence to reduce risk and enhance cybersecurity posture. This course explores the development and use of threat models to identify threats to systems and applications. You’ll also examine methods for collecting and utilizing threat intelligence to identify organizational threats.

A comprehensive overview of wireless and mobile security. Coursework will survey the design, planning, installation, and maintenance of wireless network security infrastructures. Emphasis is placed on information warfare countermeasures relative to government, military, terrorist, rogue, and private enterprise demographics.

An introduction to the concepts of network security monitoring and incident response. This course analyzes and evaluates network security monitoring tools and techniques while also examining methods for conducting incident response.

An introduction to the concepts of cloud computing. Instruction and coursework examine the security implications of the cloud computing environment and the tools and techniques for implementing DevSecOps.

In this first course of a three-part master’s project sequence, you’ll begin creating an original project in your area of specialization using cybersecurity policy, regulatory, and testing frameworks. The project will integrate the concepts of cybersecurity and information assurance taught throughout the program. Throughout the process, project management techniques and collaboration will be emphasized along with ethical and legal aspects. Grading is H, S, or U only.

A continuation of CYB 699B, this is the second course of the three-part master’s project sequence. As you proceed with your specialized project work, you’ll integrate the concepts of cybersecurity and information assurance taught throughout the program. Project management, collaboration, and the legal and ethical aspects of your work will continue to be emphasized. Grading is H, S, or U only.

The final course in the three-part master’s project sequence, this class focuses on completing the original cybersecurity project you’ve worked on throughout CYB 699A and CYB 699B, and then presenting it to a panel for review. Again, project management, collaboration, and ethics will be emphasized throughout your project work. Grading is by H, S, or U only.

Specialization Courses

Course Name

This course explores the legal and regulatory requirements, ethical issues, basic methodology, and technical tools needed to conduct cybersecurity audits and assessments.

In this course, you’ll apply principles of penetration testing to identify and exploit vulnerabilities in networked and cloud-based information systems. After determining system weaknesses, you’ll then make and test recommendations for mitigation.

Red-teaming (or alternative analysis) is the practice of viewing a problem from an adversarial or competitor’s perspective. The objective of Red Teams is to enhance decision-making practices in the protection of secured systems by establishing countermeasures of defense. In this course, you’ll learn to employ open-minded problem-solving as you conduct unbiased Red Team assessments.

In this course, you’ll learn to analyze and utilize advanced penetration testing tools and techniques. Special emphasis will be given to web application attacks.

Learning Outcomes

Students earning the MS in Cybersecurity with an Ethical Hacking and Pen Testing specialization will learn to:

  • Produce a pen test authorization and rules of engagement document
  • Prepare and synthesize process specifications of Red Team actions against a Blue Team defense of a computer infrastructure
  • Prepare and synthesize process specifications of a Blue Team defense used to protect a computer infrastructure from a Red Team attack
  • Devise a mitigation plan against external and internal vulnerabilities of enterprise computer infrastructures and sensitive digital assets
  • Integrate and communicate systems-level infrastructure thinking into cybersecurity problem identification and resolution
  • Forecast the impact of advancing technology and national and international cybersecurity legislation on the practice of cybersecurity
  • Conduct in-depth research and integrate the research of others into a report on specific cybersecurity topics
  • Practice critical thinking in analyzing and synthesizing cybersecurity issues through both individual and team projects
  • Integrate project-development skills in the production of a security system
Program Disclosure

Successful completion and attainment of National University degrees do not lead to automatic or immediate licensure, employment, or certification in any state/country. The University cannot guarantee that any professional organization or business will accept a graduate’s application to sit for any certification, licensure, or related exam for the purpose of professional certification.

Program availability varies by state. Many disciplines, professions, and jobs require disclosure of an individual’s criminal history, and a variety of states require background checks to apply to, or be eligible for, certain certificates, registrations, and licenses. Existence of a criminal history may also subject an individual to denial of an initial application for a certificate, registration, or license and/or result in the revocation or suspension of an existing certificate, registration, or license. Requirements can vary by state, occupation, and/or licensing authority.

NU graduates will be subject to additional requirements on a program, certification/licensure, employment, and state-by-state basis that can include one or more of the following items: internships, practicum experience, additional coursework, exams, tests, drug testing, earning an additional degree, and/or other training/education requirements.

All prospective students are advised to review employment, certification, and/or licensure requirements in their state, and to contact the certification/licensing body of the state and/or country where they intend to obtain certification/licensure to verify that these courses/programs qualify in that state/country, prior to enrolling. Prospective students are also advised to regularly review the state’s/country’s policies and procedures relating to certification/licensure, as those policies are subject to change.

National University degrees do not guarantee employment or salary of any kind. Prospective students are strongly encouraged to review desired job positions to review degrees, education, and/or training required to apply for desired positions. Prospective students should monitor these positions as requirements, salary, and other relevant factors can change over time.