Overview
Cyber security professionals need to create, analyse and test computer systems and networks to assure they will operate in the presence of attacks. In this unit, you will learn the types of attacks that may be encountered and the tools and techniques to prevent, detect and respond to those attacks. You will build your skills in virtualisation, cloud services and scripting to solve cyber security challenges. You will also learn special cyber security tools for detecting vulnerabilities, monitoring network traffic and responding to attacks.
Details
Pre-requisites or Co-requisites
Pre-Requisites: COIT11238 Networked Infrastructure Foundations AND COIT11222 Programming Fundamentals.
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 2 - 2022
Attendance Requirements
All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 6-credit Undergraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University’s Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure – Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure – International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback – Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
- Explain cyber security challenges and the technologies available to address those challenges
- Apply cyber security tools to identify vulnerabilities and protect computer systems
- Apply cloud services tools to automate common IT processes and task.
The Australian Computer Society (ACS) recognises the Skills Framework for the Information Age (SFIA). SFIA is adopted by organisations, governments and individuals in many countries and provides a widely used and consistent definition of ICT skills. SFIA is increasingly being used when developing job descriptions and role profiles. ACS members can use the tool MySFIA to build a skills profile.
This unit contributes to the following workplace skills as defined by SFIA 7 (the SFIA code is included)
- Information security (SCTY)
- Programming/software development (PROG)
- Security administration (SCAD)
- Penetration testing (PENT)
Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks | Learning Outcomes | ||
---|---|---|---|
1 | 2 | 3 | |
1 - Online Quiz(zes) - 30% | |||
2 - Portfolio - 50% | |||
3 - Presentation - 20% |
Alignment of Graduate Attributes to Learning Outcomes
Graduate Attributes | Learning Outcomes | ||
---|---|---|---|
1 | 2 | 3 | |
1 - Communication | |||
2 - Problem Solving | |||
3 - Critical Thinking | |||
4 - Information Literacy | |||
5 - Team Work | |||
6 - Information Technology Competence | |||
7 - Cross Cultural Competence | |||
8 - Ethical practice | |||
9 - Social Innovation | |||
10 - Aboriginal and Torres Strait Islander Cultures |
Alignment of Assessment Tasks to Graduate Attributes
Assessment Tasks | Graduate Attributes | |||||||||
---|---|---|---|---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | |
1 - Online Quiz(zes) - 30% | ||||||||||
2 - Portfolio - 50% | ||||||||||
3 - Presentation - 20% |
Textbooks
There are no required textbooks.
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
- A computer with suitable hardware resources ( 8GB Memory, Intel core i5 and above CPU, Dedicated GPU is desired) and Windows(7 or later) with admin rights to install Virtual Box software.
- PowerShell (version 7)
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
j.shield@cqu.edu.au
Module/Topic
1 Cybersecurity involves people, processes & ICTs
Chapter
Events and Submissions/Topic
Module/Topic
2 Strategy & PowerShell
Chapter
Events and Submissions/Topic
Module/Topic
3 Risks & Windows
Chapter
Events and Submissions/Topic
A1 Quiz: PowerShell (6%)
Module/Topic
4 Shells
Chapter
Events and Submissions/Topic
A2 Portfolio: PowerShell (10%)
Module/Topic
5 Tools
Chapter
Events and Submissions/Topic
A2 Portfolio: Plan (20%)
Module/Topic
Chapter
Events and Submissions/Topic
Module/Topic
6 Bash
Chapter
Events and Submissions/Topic
A1 Quiz: Bash (6%)
Module/Topic
7 Attacks
Chapter
Events and Submissions/Topic
A2 Portfolio: Bash (10%)
Module/Topic
8 Python
Chapter
Events and Submissions/Topic
A1 Quiz: Python (6%)
Module/Topic
9 Python with Tools
Chapter
Events and Submissions/Topic
Module/Topic
10 Tools
Chapter
Events and Submissions/Topic
A2 Portfolio: Python (10%)
Module/Topic
11 Presentations (tutorial only)
Chapter
Events and Submissions/Topic
A3 Presentation: Implementation (20%)
Presentation Due: Week 11 Friday (30 Sept 2022) 11:45 pm AEST
Module/Topic
No classes
Chapter
Events and Submissions/Topic
A1 Quiz: Review (12%)
Unit Coordinator: Jamie Shield, Cairns,
j.shield@cqu.edu.au,
Office: 07 4037 4750
1 Online Quiz(zes)
There are four quizzes to encourage your ongoing engagement with the unit materials. You will be assessed on background concepts in cybersecurity, networking, IT and computer security technologies, offensive type of cybersecurity technologies, and applying defensive cybersecurity technologies. The quizzes will involve short answer questions and activities such as writing shell commands. You might be required to download software to complete the quizzes. You may attempt the quiz(zes) as many times as you like until the due date.
4
Other
Weeks 3, 6, 8 and 12.
Immediate feedback
This assessment consists of short answer questions and small activities. Each question will be marked according to the correctness of the answer.
- Quiz 1: PowerShell
- Quiz 2: Bash
- Quiz 3: Python
- Quiz 4: Cybersecurity review
- Apply cyber security tools to identify vulnerabilities and protect computer systems
- Apply cloud services tools to automate common IT processes and task.
- Problem Solving
- Critical Thinking
- Information Literacy
- Information Technology Competence
- Ethical practice
2 Portfolio
You will create a portfolio to demonstrate that you can apply cybersecurity technologies to identify vulnerabilities, protect computer systems and automate common IT processes and tasks. You will be required to complete the following tasks:
- PowerShell: Write a PowerShell script to investigate aspects such as Windows processes, packages, services and servers
- Plan: Apply a framework to mature an organisation’s cybersecurity management. You will need to frame the organisation’s tolerance for risk, create an asset inventory, model the data flows for crucial data, assess the cyber risks and plan the implementation of controls.
- Bash: Write a Bash script that runs on a provided Kali virtual machine to investigate aspects such as Linux processes, packages, services and servers
- Python: Write a Python script that runs on a provided Kali virtual machine to investigate aspects such as computer processes, packages, services and server.
Portfolio
You will need to create a private Git repository and invite your tutor and the unit coordinator.
Weeks 4, 5, 7 and 10.
Feedback will be provided within 2 weeks of the due date.
You will be marked on aspects such as script functionality, code modularity, avoidance of deprecated functions in scripts, coding style, code documentation, code testing, use of Git, risk tolerance elicitation, quality of asset inventory and data flow models, and the identification and justification of risks and controls.
The PowerShell, Bash and Python tasks contribute 10% each to your grade. The Plan contributes 20% to your grade.
- Apply cyber security tools to identify vulnerabilities and protect computer systems
- Apply cloud services tools to automate common IT processes and task.
- Problem Solving
- Critical Thinking
- Information Literacy
- Information Technology Competence
- Ethical practice
3 Presentation
In Assignment 2 you are asked to plan risk controls for an organisation. In this assignment you will use tools to further search for vulnerabilities in the organisation’s ICT systems and you will implement the controls planned in Assignment 2. You will deliver a presentation to report the results including an overview of the tools and procedures you used, the vulnerabilities you found, and recommendations for how to manage those vulnerabilities.
Week 11 Friday (30 Sept 2022) 11:45 pm AEST
Certification of Grades day
You will be marked on aspects such as use of tools of identify vulnerabilities, analysis of the vulnerabilities found, recommendations for managing those recommendations, the evidence that the planned controls have been implemented, stage presence and slideshow framing.
- Explain cyber security challenges and the technologies available to address those challenges
- Communication
- Critical Thinking
- Information Literacy
- Team Work
- Information Technology Competence
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.