The BAS Cybersecurity degree prepares graduates to monitor and maintain system security solutions, including legal, regulatory and internal compliance solutions. Graduates will be able to translate security policy into technical architectures. In addition, this program prepares students for system administration tasks which include interoperation, automation, virtualization and storage.
Program Requirements
The 2025-26 catalog information provides degree requirements for students who are admitted into the program Fall 2025, Winter 2026 or Spring 2026, and include the core technical and general education courses. For course information, learning outcomes and program eligibility view the current course catalog requirements.
FAQs
Current students should follow the catalog requirements of the academic year they started on the program unless advised otherwise. If you have any questions regarding the courses on your education plan please reach out to the program manager.
- Per the School of Business and Technology BAS Academic Standing Policy a student must maintain a grade of C or better in all classes required for the BAS program. You will be required to retake this course to obtain a grade of C or better. Students must also adhere Bellevue College Academic Standing policy and procedure.
- Elective credits can be fulfilled by any transferable college level credits not used for general education or program prerequisites (commonly fulfilled from courses in AA degree)
- Refer to the AAS-DTA transfer list of courses to satisfy Natural Science, Humanities and 200-Level Social Science requirements
- Old technical (more than three years old) and math credits (past five years) cannot be applied to this degree
- Students completing the Information Technology, AAS-T will have all program prerequisites to be eligible for the BAS. A grade of C or better is required for all program prerequisites.
- Students admitted into the BAS program Fall 2021, Winter 2022 or Spring 2022 should follow the degree requirements for 2021-22 academic year
- Students admitted into the BAS program Fall 2022, Winter 2023 or Spring 2023 should follow the degree requirements for 2022-23 academic year
- Students admitted into the BAS program Fall 2023, Winter 2024 or Spring 2024 should follow the degree requirements for 2023-24 academic year
Still have questions? Students can find answers to many of their questions on our Cybersecurity FAQ page.
Program Changes
Degree requirements can experience curriculum changes every academic year. Click on the dropdowns below to view the latest degree requirement changes.
Effective July 1, 2024, two courses in the program have been replaced with new offerings that we believe will better equip you with the skills and knowledge needed to excel in today’s rapidly evolving cybersecurity landscape.
- SEC 344 – Virtualization & Storage has been replaced with DATA 333 – Applied Programming Concepts
- SEC 452 – Network Security Monitoring has been replaced with SEC 460 – DevSecOps
If you have completed SEC 344 and SEC 452 then you do not have to take DATA 333 and SEC 460. If you have yet to complete SEC 344 and SEC 452, then you will be required to take DATA 333 and SEC 460.
Additionally, DATA 333 is now a prerequisite to SEC 444 and SEC 460. The prerequisite requirement will be waived for students admitted to the BAS Cybersecurity Program before the 2024-25 school year
- 2023-24 BAS admission now requires IT 231 and any two courses from the following options below 10 CR:
- CS 210, CS 211, CS 212, DEV 110, DEV 111, DEV 113, DEV 120, DEV 128, IT 234, IT 241 (IT 231 and IT 241 must be taken together)
- NSCOM 201 = Now IT 211
- NSCOM 202 = Now IT 212
- NSCOM 203 = Now IT 213
- NSCOM 231 = Now IT 231
- NSCOM 235/240 = Now IT 234/241
- ISIT 300 = Now DEV 300
- ISIT 312 = Now DEV 312
- ISIT 305 = Now SEC 305
- ISIT 344 = Now SEC 344
- ISIT 350 = Now SEC 350
- ISIT 440 = Now SEC 440
- ISIT 444 = Now SEC 444
- ISIT 450 = Now SEC 450
- ISIT 452 = Now SEC 452
- ISIT 454 = Now SEC 454
- ISIT 490 = Now SEC 490
- ISIT 491 = Now SEC 491
Permission Codes
Students may need permission codes in order to get registered for one or more of the following reasons:
- Overriding a required course prerequisite (if permitted by instructor and/or program manager)
- Taking upper division classes prior to being admitted into a BAS program
- Registering for capstone courses
- System errors (review common registration errors first)
- When attempting late registration
Students can request permission codes by contacting Rod Pascual. Depending on the situation students may need to obtain instructor permission first or upload unofficial transcripts to verify prerequisites of transfer courses.
Example Course Schedule
Schedule is subject to change. Admitted students will work with the program manager to get a customized education plan. If students are unable to follow their education plan, they should contact the program manager to update. *SEC courses are only offered once a year.
Year 3
Fall
SEC 305: Network Security and Firewalls 5 cr.
This course covers the skills required to develop a security infrastructure, recognize threats and vulnerabilities to networks, and mitigate those threats. Emphasizes core security technologies on premise and in the cloud. Topics will include installation, troubleshooting and monitoring of network devices to maintain integrity, confidentiality and availability of data and devices. Previously ISIT 305. Fee: $75.00 VLab.
SEC 440: Linux Tools for Security 5 cr.
This course expands on core Linux use concepts to cover the use of various Linux tools used in cybersecurity applications. Students explore tools and exercises using various Linux distributions. Topics include user access and security, process and service control, monitoring, networks and networking services, interoperability, automation and essential command line interface commands. Practical activities will include capture-the-flag exercises. Previously ISIT 440. Fees: VLab $75.00
Winter
SEC 350: Digital Forensics 5 cr.
Introduces students to computer forensics, both its fundamentals and best practices for incident response. Includes the legal aspects of computer forensics, as well as its relationship to the Information Technology field. Hands-on projects will give students the tools and techniques to perform a full computer forensic investigation. Previously ISIT 350. Fee: $75.00 VLab.
PHIL& 115: Critical Thinking 5 cr.
An informal, non-symbolic introduction to logic and critical thinking emphasizing real-life examples, natural language applications, and the informal logical fallacies.
Spring
SEC 454: System Hardening 5 cr.
This course covers system hardening techniques for end devices, network devices, Cloud platforms, Windows and Unix/Linux server operating systems, and cross-platform applications. Students will learn to apply key system-hardening principles of segregation of duties, dual control, principle of least privilege, and economy of mechanism. Fee: $75.00 VLab.
SEC 344: Virtualization & Storage 5 cr.
This course introduces and applies the concepts of design, implementation, management and troubleshooting of server virtualization, network virtualization and large storage systems. Technologies include VMware and Storage Area Networks (SAN) solutions. Previously ISIT 344. Fee: $75.00 VLab.
Year 4
Fall
SEC 450: Security Vulnerabilities and Countermeasures 5 cr.
This course covers the concepts of network vulnerabilities from a hacker¿s perspective. Its focus is professional penetration testing and the securing of information assets. The course provides students with the knowledge to prevent, detect, and respond to security incidents. Previously ISIT 450. Fee: $75.00 VLab.
CMST 340: Advanced Communication in Business & Technology 5 cr.
This course is designed for students accepted into a baccalaureate degree program in business or technology fields. Students identify, self-assess, analyze and apply skills to effectively communicate in culturally diverse business and technology settings. Students explore original research and apply the information they learn to their communication skill repertoire. Topics include: active listening, intercultural communication, collaborating in teams, conflict management, verbal and nonverbal communication and public speaking. Recommended: CMST 220, CMST 230, or CMST 280.
Winter
SEC 452: Network Security Monitoring 5 cr.
This course focuses on the qualities that go into a sound Network Security Monitoring (NSM) system. Hands-on exercises use various network protocol analyzers and other tools to detect, investigate, and respond to network and system attacks. Students will learn how identify authorized and unauthorized malicious activity on an information systems network. Previously ISIT 452. Fee: $75.00 VLab.
PHIL 375: Ethical Issues in Information Technology 5 cr.
Investigates ethical problems relating to information technology through ethical theory and case studies. Involves in-depth and original research and discussion of ethical issues including privacy, control of information and intellectual property rights.
SEC 490: Security Capstone I 5 cr.
This course provides practical experience in Cybersecurity and System Administration. Students apply knowledge and skills learned in classes as they work in settings relevant to their future employment plans. This is part 1 of a 2 quarter series (SEC 490 and SEC 491) and is intended to be taken during the last two quarters of the program. Prerequisite: Permission of instructor.
Spring
SEC 444: Security Automation 5 cr.
Introduces the concepts and applications of basic scripting for a security administrator. Topics include using scripts for log analysis, writing simple monitoring scripts for intruders, interacting with databases and public APIs, and configuration automation. Previously ISIT 444.
BUS 355: Business of It: Legal Regulatory Business Env 5 cr.
This course focuses on managerial and legal principles and knowledge that are critical to IT organizations and the management of organizations focused on information technology in the modern business world. Students will develop skills and techniques in the areas of the relevant legal concepts and doctrines; regulatory and administrative agency requirements; and organizational development and management practice applicable in the IT environment. Case studies will be used.
SEC 491: Security Capstone II 5 cr.
Students continue their work from SEC 490 to further develop their project work. This is part 2 in a two quarter series (SEC 490 and SEC 491) and is intended to be taken during the last two quarters of the program. Prerequisite: SEC 490 with a C or better.
Winter 2026
Fall 2026
SEC 450 – Security Vulnerabilities and Countermeasures
Winter 2027
***May need to add BUS& 101 – Introduction to Business, Humanities, and elective courses.
Capstone Projects vs. Experiential Learning (Internships)
Bachelor’s students will complete either a final capstone project or an internship in their final quarters. Capstone gives students the opportunity to apply knowledge and skills learned throughout the program and work in settings relevant to their future employment plans. It also allows students to graduate with a project, which can be highlighted on their resume/portfolio for future employers.
If students find an internship in their area of study that meets the qualifications for EXPRL 490/491 this may be taken in place of SEC 490/491 (capstone classes). The internship must be approved by the program chair prior to starting. Learn more information on capstone vs. internship options.
Last Updated January 12, 2026