Master in Cyber Security (MCS)

The Master in Cybersecurity (MCS) is a full-time, two-year, 30-credit program that is offered by the College of Engineering and Architecture (CoEA) at Al Yamamah University. The degree provides practitioners with the necessary knowledge to assess organizational assets and design solutions to protect them. It is designed to equip professional managers with the knowledge needed to understand and mitigate the ever-increasing cyberattacks. The program is suitable for IT professionals, IT managers, persons with bachelor degree in computer science and computer engineering graduates, or professionals with similar qualifications. The program focuses on scientific and practical applications to apply security principles and practices to maintain operations in the presence of risks and threats.

Core Courses

# Course Code Course Title Credit Pre-requisites
1 CYB511 Cybersecurity planning and management 3
2 CYB512 Digital forensics and incident management 3
3 CYB513 Information assurance architectures and standards 3
4 CYB514 Penetration testing and ethical hacking 3
5 CYB515 Vulnerability assessment 3 CYB511
6 CYB516 Advanced cryptography 3 CYB513
7 CYB530 Project – I 3 12 credits
8 CYB531 Project – II 3 CYB530

Elective Courses

# Course Code Course Title Credit Pre-requisites
1 CYB520 Selected topics in cybersecurity 3 CYB516
2 CYB521 Software security 3 CYB513
3 CYB522 Cybersecurity policies and procedures 3 CYB513
4 CYB523 Cloud security 3 CYB516
5 CYB524 Security risk analysis 3 CYB513
6 CYB525 Operating systems administration 3 CYB513

Core Courses

CYB511: This course aims to familiarize the students with the procedures and processes for Cybersecurity planning and management at the operational, tactical, and strategic levels. The course addresses a range of topics that include senior executives’ role in Cybersecurity, Intellectual property protection, managing system updates, and access control. Students will also be introduced to the incident response, business continuity, and disaster recovery procedures.

CYB512: This course aims to familiarize the students with basic terminologies in cybercrimes, forensics, response to security incidents, cybercrime investigations and prosecution. Students will understand the role of technology in investigating cybercrimes and conduct digital forensics and analysis. They will learn tools of imaging different types of electronic media and then analyze these images to retrieve the evidence. They will also learn how an organization can set up a security response team, prepare for security incidents and manage these incidents.

CYB513: This course covers the Knowledge of security architectures used to protect Information systems. Topics related to depth defense, intermediary demilitarized zone, proxy servers, TCB subgroups, Institutional and security structures, and design of secure network will be presented. The course also focuses on the standards of information assurance. In this regard, the course details national standards, international regulations and standards (for example NIST), commercial standards (for example PCI/DSS) and open standards (as OWSAP) related to cybersecurity.

CYB514: This course aims to provide the students with a good understanding of ethical penetration testing methodologies. Students learn methods for target reconnaissance, host and service enumeration, vulnerability identification and exploitation, and how attackers use access to expand their influence and control. They will also learn the tools to identify vulnerabilities, exploit, and assess security risks to networks, operating systems, and applications. They will use open-source tools for penetration testing and report the results.

CYB515: This course aims to provide the students with an introduction to the methodologies and software tools for vulnerability assessment. The course places emphasis on the use of these methodologies to demonstrate, document, report on, and provide a clear roadmap for remediation of vulnerabilities. Students learn methods for target reconnaissance, deep packet scan, detect anomalies, cross-comparison, and log file analysis. They will also be introduced to different filtering algorithms and open-source tools to detect and prevent intrusion at the host and network level.

CYB516: This course provides an extensive overview of topics of advanced cryptography. Students will learn, introduction to theory of numbers, introduction to probabilities and statistics, introduction to linear algebra, Elliptic Curve (EC) cryptography, RSA, AES, RSA fundamental, Non-military and non-sensitization algorithms Suite B, Types of cryptography attacks: Differential cryptanalysis, Man in the middle attack, Linear Analysis, Hashing in digital signatures, keys management, Cryptography Classical analysis, Side Attacks: Timing, Energy Consumption, Attacks by analyzing error differencing, Identity based encryption, Digital signatures, Virtual private networks, quantum computing and Cryptography.

CYB530: This course allows students to master a specialized field within the broad field of Cybersecurity by carrying a creative, research-oriented work. The research findings must be documented and defended successfully in a viva voce examination. In project-I, students will be introduced to research methodologies and plan, design, and document their proposals. Prerequisite: 12 credits.

CYB531: This course allows students to master a specialized field within the broad field of Cybersecurity by carrying a creative, research-oriented work. The research findings must be documented and defended successfully in a viva voce examination. In project-II, students will continue working on their proposals by developing implementations or simulations, and experimental evaluations and analysis of their findings. Prerequisite: CYB530.

Elective Courses

CYB520: This course goes beyond the fundamentals of Cybersecurity to cover state of the art, emerging and topical aspects related to Cybersecurity. It describes new threats and types of attacks against computers, networks, and systems. This course allows students to update the understanding and analysis of security requirements and define new adapted security policies. Prerequisite: CYB516.

CYB521: The software security course discusses how to develop secure programs. It covers the theories and tools used in developing secure software, such as security coding techniques, security testing, threats and defending source code variabilities, and techniques to verify software design security. The course will also discuss web application security and attacks in addition to operating systems security. Students will be exposed to techniques necessary for developing dependable software systems. Prerequisite: CYB513.

CYB522: This course enables the students to define the security goals of an organization and describe the workflows to achieve these goals. The students learn to develop cybersecurity policies and procedures and tailor them to specific industry needs. They will identify different types of security risks in any organization. Students also learn how to survey/ audit an organization from a physical/IT/network security point of view in the light of different standards set by International Standardization Organizations. Prerequisite: CYB513.

CYB523: This course is designed to introduce the students to the basics of cloud security. It will include Evaluate security issues with cloud infrastructure, review the case studies and standard documents on cloud security, cloud computing security guidelines set forth by the International Organization for Standardization (ISO), National Institute of Standards and Technology (NIST), European Union Agency for Network and Information Security (ENISA), and Cloud Security Alliance (CSA). It will also review reviews security characteristics of leading cloud infrastructure providers and applied deployment scenarios with the internet of things (IoT) and blockchain. Prerequisite: CYB516.

CYB524: This course covers principles and concepts of cybersecurity risk analysis and management (cycle and steps). Methodologies for assessing, measuring and analyzing analytical and quantitative cyber risks will be presented. The course covers standards and frameworks for managing cyber risks, cyber risk management processes at several levels in the organization, the economics of mitigating and reducing cyber risks, transfer, acceptance and handling of cyber risks. This course also deals with organizational characteristics that influence the analysis and management of cyber risks in addition to the policies for dealing with cyber risks for technologies and people and entities. Prerequisite: CYB513.

CYB525: This course is designed to introduce the students about Administration of Operating Systems. This will include Installing the operating system, User Account Management, manage settings, Saving and checking events, System services management, Virtual environments, Backup and restore data, File System Security, Network Settings, Host intrusion detection, Development of security policies. Prerequisite: CYB513.

MCS Admission Requirements

Prospective students seeking admission to MSC program at the College of Engineering and Architecture must have the following:

  1. Bachelors of Science degree or equivalent from an accredited institution recognized by the Ministry of Education (MOE) in the computing domain, such as Computer Science (CS), Information Technology (IT), Information Systems (IS), Computer Engineering (CE), Software Engineering (SWE), or a related field (degree in other field is accepted only if a candidate has either previous work experience or in-service training in IT, with coordinator’s approval).
  2. Applicants with non-computing backgrounds may be required to complete one or two of the Pre-Grad courses (foundation courses).
  3. Grade-Point average (GPA) of at least 3.0 on a scale of 5.00 or equivalent.
  4. Applicants who earned their Bachelor’s degrees from a country where English is not the official language must satisfy, at least, one of the following English proficiency tests (not older than three years from the admission date):
  • TOEFL iBT = 70 or above with a minimum score of 65 in all parts
  • IELTS = 6.0 or above with a minimum score of 5.5 in all parts
  • Al Yamamah University’s English Placement Test (EPT) = L7 or above
  1. Two letters of recommendation from professors who taught you in the past. Alternatively, two letters from managers/supervisors to whom you reported at the workplace in the last five years.
  2. Updated curriculum vitae (CV).
  3. As per need of the candidates applying for this program, one or more out of following courses can be offered as pre-requisites:
  • IT Systems Components
  • Basic Networking
  • Basic Scripting and Programming
  • Operating Systems Concepts
  • Data Structures
  • Database Systems
  • Cybersecurity Foundations
  • Cybersecurity Design Principles
  • Network Defense
  • Cyber Threats

Application Process

To complete your application file, please follow steps detailed below: As well, you may contact YU Graduate Admission Office at adpgs@yu.edu.sa for further information and guidance.

STEP 1:  Fill-in the application form; (Click Here)

STEP 2: Submit (scan) the following documents:

  • A copy of the original college certificate/diploma
  • A copy of the original college transcript of records/student academic records
  • English Proficiency Scores: TOEFL, IELTS
  • A copy of the national ID or Iqama
  • An updated curriculum vitae (CV)
  • Two recommendation letters

STEP 3: The Graduate Admission Office will review all applications. Acceptance letters will be sent to applicants who have been admitted into the graduate programs.

STEP 4: After receiving the acceptance letter, you need to visit YU campus and pay the registration fees to reserve your seat, get your student ID card, and YU email account.