Al Idian

Course Review: Introduction to Information Security


Georgia Tech Online Master of Science in Computer Science (OMSCS) is an innovative, award-winning graduate program offered by the College of Computing at Georgia Tech. (Wikipedia)

As I make my way through this program, I intend to write short, opinionated reviews of the courses I complete. My intended audience for this is the current or prospective OMSCS student who is considering taking these courses.


CS6035 is a true introductory graduate course. It assumes an undergraduate-level familiarity with the course material and tackles a breadth of topics across the Information Security field. CS6035 gives students the lay of the land in Information Security and aims to prepare them for more focused study in one or more of its subfields.

Topics covered in the course include software security, operating system security, authentication, database security, malware and malicious code, cryptography and encryption, and web security.


There were four full projects in the course this past semester, along with a short one for a little extra credit. A custom x86 VM image (either Debian or Kali) was provided for each of the projects below. This means Apple Silicon machines are not a viable option here.

In my opinion, the projects were by far the most interesting and challenging part of this course. They also account for at least 80% of your grade.

Learning materials

The lectures were all pre-recorded and are of generally good quality. I found them to be a good first pass at the material, before diving into the textbook readings.

The textbook Computer Security by Stallings is comprehensive (if a little dry). In my opinion, anyone taking this course should get it. Since the quizzes are all open-book and many questions are derived from the textbook, it helps to have a digital version handy so you can ctrl + f. I found that as I naturally progressed in the course, I read almost the entire book.

Several times in CS6035, students are required to read from other provided sources which include journal articles and technical blogs. I found many of these interesting and almost always helpful towards completing the projects.


There were two exams. Both were closed-notes and proctored through Honorlock. There were also four quizzes, and they were open-notes and unproctored. Neither the exams or the quizzes were very difficult. I found them fair especially since they don’t count for very much in the final grade.

Teaching staff

The course feels like it is run solely by the TAs. The professor (along with a colleague) appeared mostly only in the pre-recorded lectures. This might be a deliberate strategy on the part of the teaching staff. I found I did not mind this at all — I don’t think I would have taken away more from the course if the professor was more involved in office hours or in the discussion boards.

The TAs were usually patient, helpful, and responsive. In general, they will not spoon-feed information to students (which is to be expected in a graduate-level course). Interestingly, the TAs can also be quite stingy in giving out solutions to projects even after the due date. Students would need to find the answers by researching the material themselves.


This course was mostly easy. There were certainly components of the projects that I had to wrestle with for many hours but I was always able to complete the projects with time to spare. The exams and quizzes were fair, and ample time was provided to complete each component of the course.

I spent around 10-15 hours per week on this course. If you don’t meet some of the prerequisites, expect to spend a little extra time to get yourself up to speed.


CS6035 was an excellent first course in OMSCS. The material covered is mostly interesting and not overly challenging. Although some aspects of security is exciting to me (e.g. operating system security, cryptography, etc.), I was not as keen on the organizational security topics in the course. CS6035 did for me exactly what an introductory graduate course should do: tell me which parts of the Information Security field I might want to study more deeply.