Overview
This unit is the capstone to the Network Security specialisation of the Bachelor of Information Technology course. The unit is designed so that you can demonstrate your learning across the whole course of study before making the transition to the next stage of your career. To this end, you are to conduct a group project including the design and implementation of a network security plan that meets client's requirements. Deliverables will include the formal security plan and configured secure infrastructure as part of an overall portfolio of planning and design documentation, scripts, and rules. In order to deliver a robust solution, you will need to choose and employ an appropriate project management methodology. The delivered infrastructure will undergo stress testing and simulated security attack scenarios.
Details
Pre-requisites or Co-requisites
Prerequisites: (COIS13064 or COIT12208) and COIT12202 Corequisites: COIT13146 and COIT13229
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 1 - 2021
Attendance Requirements
All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 12-credit Undergraduate unit at CQUniversity requires an overall time commitment of an average of 25 hours of study per week, making a total of 300 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University’s Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure – Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure – International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback – Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
Feedback, Recommendations and Responses
Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.
Feedback from Staff in Network and Information Security discipline
Most students work on the provided case study, as it is difficult for them to identify industry projects within a short time frame at the start of term.
Increase the number of topics provided to students, especially projects conducted for real clients such as researchers and industry partners.
Feedback from Student feedback in class
Early in the term students are not clear on tasks to be performed each week and where to find resources.
Clarify expectations of the project in the Unit Profile and again in the first workshop of the term, e.g. giving example tasks that could be included in reports and directing students to past units for learning resources.
Feedback from Student feedback in class and Unit Coordinator observations
Group formation is difficult when there are a small number of students on each campus.
Hold an online meeting with all students at the start of term to form groups.
- Analyse network security requirements and produce a comprehensive network security plan
- Create test plans and implement technically sound and well-documented security technologies
- Evaluate security protections and examine their level of compliance and effectiveness
- Produce the project management artefacts required in a typical network security project
- Demonstrate productive participation and contribution to a project team or work environment
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
- Project Management (PRMG)
- IT Management (ITMG)
- Information Security (SCTY)
- Security Administration (SCAD)
- IT Governance (GOVN)
- Technical specialism (TECH)
- IT Infrastructure (ITOP)
- Systems Installation/Decommissioning (HSIN)
- Network Support (NTAS)
- Network Planning (NTPL)
- Network Design (NTDS)
- System Design (DESN)
- Penetration testing (PENT)
- Information Assurance (INAS)
Alignment of Assessment Tasks to Learning Outcomes
| Assessment Tasks | Learning Outcomes | |||||
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 1 - Report - 40% | ||||||
| 2 - Portfolio - 20% | ||||||
| 3 - Written Assessment - 20% | ||||||
| 4 - Presentation - 20% | ||||||
Alignment of Graduate Attributes to Learning Outcomes
| Graduate Attributes | Learning Outcomes | |||||
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | |
| 1 - Communication | ||||||
| 2 - Problem Solving | ||||||
| 3 - Critical Thinking | ||||||
| 4 - Information Literacy | ||||||
| 5 - Team Work | ||||||
| 6 - Information Technology Competence | ||||||
| 7 - Cross Cultural Competence | ||||||
| 8 - Ethical practice | ||||||
| 9 - Social Innovation | ||||||
| 10 - Aboriginal and Torres Strait Islander Cultures | ||||||
Alignment of Assessment Tasks to Graduate Attributes
| Assessment Tasks | Graduate Attributes | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | |
| 1 - Report - 40% | ||||||||||
| 2 - Portfolio - 20% | ||||||||||
| 3 - Written Assessment - 20% | ||||||||||
| 4 - Presentation - 20% | ||||||||||
Textbooks
There are no required textbooks.
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
- Computer with webcam, microphone, speakers
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
s.d.gordon@cqu.edu.au
Module/Topic
Weekly meeting with project mentor
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Draft project plan completed
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Background study completed
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Deliverable: Project Plan (11:45 PM AEST Sunday 4 April 2021)
Deliverable: Journal 1 (11:45 PM AEST Sunday 4 April 2021)
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Initial designs completed
Module/Topic
No meeting
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Implementation started
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Draft Interim report completed
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Deliverable: Interim Report (11:45 PM AEST Sunday 9 May 2021)
Deliverable: Project Update (11:45 PM AEST Sunday 9 May 2021)
Deliverable: Journal 2 (11:45 PM AEST Sunday 9 May 2021)
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Milestone: Project implementation completed
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with the project mentor
Chapter
Events and Submissions/Topic
Deliverable: Final Report (11:45 PM AEST Sunday 6 June 2021)
Deliverable: Project Conclusion (11:45 PM AEST Sunday 6 June 2021)
Deliverable: Journal 3 (11:45 PM AEST Sunday 6 June 2021)
Module/Topic
Presentation Day
Chapter
Events and Submissions/Topic
Deliverable: Presentation Material (11:45 PM AEST Monday 7 June 2021)
You will need access to a computer (laptop or PC) that supports video conferencing and any software relevant for your project. As students may undertake different projects, the specific software requirements may vary. Therefore it is the responsibility of the project team to ensure they have sufficient hardware/software to complete the project.
Your final project presentation will be delivered to an audience outside of your campus, and therefore may be delivered using Zoom video conferencing software (even if you are an on-campus student). Therefore you must have a computer with webcam, microphone and speakers (e.g. headset). Note that you will be required to present with your webcam on - using a device without a webcam or not showing your face is not an acceptable method of presentation.
The Schedule in this Unit Profile lists Deliverables and Milestones. The Deliverables give the due dates of assessment tasks. All due dates except Presentation are on a Sunday at 11:45 PM AEST. Be aware that support from teaching staff may not be available over the weekend (or any public holidays) leading to the due date, therefore you are recommended to have draft submissions on Moodle at least two days before the due date.
1 Written Assessment
Components
Project Management is split into three deliverables:
- Project Plan
- Project Update
- Project Conclusion
Expectations of Project Plan
Your Project Plan must define:
- The problem your team will solve
- The approach you will use to solve the problem, and to manage the project
- The roles and responsiblities of team members
- A schedule of work, e.g. Gantt chart
- Anticipated challenges and mitigation strategies
- A set of deliverables and outcomes that will demonstrate success in the project
Expectations of Project Update
Your Project Update will be a short document that highlights the project issues encountered so far, and strategy for successful project completion. You will have an opportunity to identify and justify changes to your project relative to the original Project Plan.
Expectations of Project Conclusion
Your Projet Conclusion will be a document that discusses issues in the project management aspects of the project. You will present your final schedule and other project management artefacts, and have the opportunity to justify why the delivered system differs from the original project plan.
Format and Submission
All three deliverables must be submitted as Microsoft Word documents. Microsoft Project may be used for the Gantt chart, but if the Project file is submitted, then a readable screenshot or image of the Gantt chart must also be included in the Word document.
See the Schedule for due dates of deliverables
Two weeks after deadline
Contribution to Grade
- Project Plan: 12%
- Project Update: 4%
- Project Conclusion: 4%
Group Contributions
The deliverables are group work. In most cases, all team members will receive the same mark. However if the project mentor or Unit Coordinator detect significant differences in contributions across team members, then interviews may be held to determine individual contributions, and individual marks allocated based on those contributions.
Marking Criteria
Your Project Plan will be marked based on:
- Depth and quality of planning.
- Application of appropriate project management techniques.
- Presentation. For example, formatting, grammar, referencing.
Your Project Update and Project Conclusion will be marked based on:
- Application of appropriate project management techniques.
- Clear and appropriate justifications for changes to the plan.
Detailed marking criteria are available on Moodle.
- Analyse network security requirements and produce a comprehensive network security plan
- Create test plans and implement technically sound and well-documented security technologies
- Evaluate security protections and examine their level of compliance and effectiveness
- Produce the project management artefacts required in a typical network security project
- Communication
- Problem Solving
- Information Literacy
- Team Work
- Information Technology Competence
2 Portfolio
Components
The Journal is a live document containing evidence of your learning achievement throughout the project. You are required to deliver three versions of the Journal across the term, with each version containing entries from the start of the project up until the due date of that version.
- Journal 1: entries from start of project until end of Week 4
- Journal 2: entries from start of project until end of Week 8
- Journal 3: entries for entire project
Expectations of Journal
Your journal will consist of multiple (at least weekly) entries that you use to:
- demonstrate the activities you and your team conducted during the project
-
keep a record of key information need during the project
- comment on problems and successes in the project
- reflect on the relationship between activities in this project and your studies throughout the degree.
The journal serves as evidence to others (the project mentor, other team members, Unit Coordinator) that you have made significant contributions to the project and have the ability to critically evaluate your own performance. The journal also is a diary for yourself. You should use it not only to record information that may be needed later in the project, but also to document information and issues that you may refer to in your future career. For example, imagine you have graduated and are preparing for a job interview. You may present your journal to the prospective employer to demonstrate not only your technical knowledge and skills, but also your ability to identify difficulties, learn from mistakes and improve yourself.
Format and Submission
The software you use to maintain your journal should:
- Allow inclusion of different artefacts, including: written, formatted entries; screenshots; logs and outputs; code samples; links to other resources.
- Include evidence of date of contribution (e.g. timestamp)
- Be private to you, but shareable to your project mentor and/or Unit Coordinator
- Be able to be uploaded to Moodle before the deadline *.
Given these requirements, you are recommended to select one of the following options for creating and maintaining your journal.
- Microsoft OneDrive: Create a folder in your CQU student OneDrive account and share it with your project mentor. Use one Word documents (.docx) for your written entries. To get started, go to https://cqu365.cqu.edu.au/ and login with your CQUniversity username and password. All CQU students already have a free Microsoft Office365 account, which includes OneDrive.
- Git Repository: Create a private Git repository, e.g. on GitHub.com, and invite your project mentor as a collaborator. Use one or more Markdown (.md) files in your repository for your written entries.
If you would prefer to use another option, discuss with your project mentor and seek approval from the Unit Coordinator. But keep in mind it should meet all four of the requirements in the above dot points.
See the Schedule for due dates of deliverables
Two weeks after deadline (Certification of Grades day for final version)
Contribution to Grade
- Journal 1: 5%
- Journal 2: 5%
- Journal 3: 10%
Individual Contribution
The journal is individual assessment. Every student must maintain their own journal. There is no need to share your journal with any other student (doing so may be considered academic misconduct). Your score will be based upon your own contributions, and not related to scores of your team members.
Marking Criteria
You will be marked based on your contributions to your journal:
- Significant and relevant contributions. Your contributions must contain information and reflections that are relevant to your project. This should be about technical issues and project management issues (e.g. teamwork, planning the project). The entries should demonstrate your significant contribution to the project. Entries about activities that you haven't been actively involved in or are not relevant to your project should not be included, and will result in low marks. For example, discussion of difficulties in other units or at work is not relevant, however discussion of how these external factors are impacting on your project schedule (and how you are resolving that) may be relevant.
- Professional contributions. Your contributions should be presented at the same level as any report you would submit. While the journal is similar to a diary, it is not an informal document. Similary, if you are reflecting on teamwork and other team members, be professional in your writing. While your journal will be private between you, your project mentor and the Unit Coordinator, write entries as if other people may read them.
- Regular contributions. You must make contributions (that is, write entries) at least weekly. And the entries must be made when the activities occur. For example, you cannot just add 12 "weekly" contributions at the end of term. Infrequent contributions does not provide sufficient evidence of your significant contributions and does not demonstrate true reflections, and therefore will receive very low marks. You are responsible for ensuring there is evidence of your regular contributions.
Each journal version (1, 2 and 3) must contain entries from the start of the project up until the deadline. However most marks will be allocated based on the entries since the previous version. For example, most marks for Journal 2 will be based on the new entries since Journal 1 (although you must still include the entries from Journal 1).
Detailed marking criteria are available on Moodle.
- Produce the project management artefacts required in a typical network security project
- Demonstrate productive participation and contribution to a project team or work environment
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
- Communication
- Information Literacy
- Information Technology Competence
- Ethical practice
- Social Innovation
3 Report
Components
The Project Report is split into two deliverables, an Interim Report due mid way through the term and a Final Report due at the end of term.
Expectations of Interim Report
Your Interim Report must document the progress made so far on your project. The content may vary depending on project and the problem being addressed. The following are examples of what may be included in the Interim Report. You are not expected to have all of these items complete in the Interim Report, rather that you are working towards some of them (relevant for your project).
- Detailed description of the problem from a business and technical perspective
- Review of existing/competing products, solutions, or literature
- Identification, selection and justification of appropriate network and security technologies to solve the problem
- Specification of requirements, e.g. functional, usability, reliability, performance, security
- Logical and/or physical network designs
- Design of network/security architectures, protocols or algorithms
- (Draft) network and security policies, e.g. disaster recovery plan, password policies, business continuity plan
- (Initial) risk assessment
- Recommended security controls to solve the problem
- Rapid prototype of a solution to the problem
- Plans for or results of (initial) security/penetration testing on a system
- Deployment of network/security components, e.g. database/web servers in the cloud
Expectations of Final Report
The Final Report is a continuation of the Interim Report that documents the complete project. You should document all technical aspects of your project, for example, finalising the items listed above and adding other relevant content. Your final report may also include other technical deliverables in the main body, in appendices or attachments, e.g. test results, code, installation instructions, configuration files, videos, experimental data, packet captures, simulation files.
Format and Submission
The reports should be presented as formal, technical documents (e.g. with title, section headings, references, diagrams, tables). The reports must be submitted as a Microsoft Word document. Where appropriate, additional files may be submitted using different formats (e.g. code in .java files, packet captures in .pcap files). Any additional files must be referred to in the main document.
See the Schedule for due dates of deliverables
Certification of Grades day for Final Report; two weeks after deadline for Interim Report
Contribution to Grade
- Interim Report: 15%
- Final Report: 25%
Group Contributions
Both reports are group work. In most cases, all team members will receive the same mark. However if the project mentor or Unit Coordinator detect significant differences in contributions across team members, then interviews may be held to determine individual contributions, and individual marks allocated based on those contributions.
Marking Criteria
Your reports will be marked based on:
- Problem definition. You must give a clear and concise statement of the problem your project is attempting to solve.
- Approach. The methodologies, tools and techniques you use to solve the problem must be appropriate.
- Solution quality and depth. Your solution must demonstrate an investigation into significant depth and the resulting outputs must be of quality expected of a graduate.
- Presentation. For example, formatting, grammar, referencing.
The reports, and especially the solution quality and depth, will be assessed taking into account the Project Management documentation. For example, if the project does not deliver what the Project Plan promised and the changes are not justified in the Project Conclusion, then a low score may be awarded. However, if the project does deliver what is promised, but there is little technical depth in that deliverable, then a low score may still be awarded.
Detailed marking criteria are available on Moodle.
- Analyse network security requirements and produce a comprehensive network security plan
- Create test plans and implement technically sound and well-documented security technologies
- Evaluate security protections and examine their level of compliance and effectiveness
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
- Communication
- Problem Solving
- Critical Thinking
- Information Literacy
- Information Technology Competence
- Ethical practice
4 Presentation
Components
The Presentation is a single deliverable involving a live group presentation on the main contributions of your project.
Expectations of Presentation
In your presentation you must convince the audience that the work you have done is substantial, high quality and relevant for your major, and that you have applied appropriate processes to complete the work. The audience may include students from this unit, other students, your project mentor, Unit Coordinator, other academic staff, alumni, and industry representatives. The presentation will be time limited (30 minutes or less; to be confirmed during term). Therefore you must design your presentation to convey the key aspects of your project, taking into account the audience and time limitations. While the content/structure of your presentation is mainly your choice, it must at least include:
- Identification of your project topic, mentor and group members
- Reflection on technical challenges, e.g. what new things did you learn, what was difficult, how did you solve problems.
- Demonstration of the system you develop or problem solved.
You may use a variety of presentation tools (including live demonstrations, videos, screenshots), but must be supported by slides.
Format and Submission
Your group must deliver your presentation using Zoom video conferencing. The presentations will be scheduled in a conference-style event, running up to 1 day. Groups will be assigned to present at time slots during the day, and also be required to view presentations of other groups. The presentation day is planned for Monday 7 June 2021; the detailed schedule for presentations will be announced during the term.
You must submit at least Powerpoint slides on Moodle by the deliverable deadline. Other formats of the slides (including PDF) are not acceptable, unless permission is granted in advance by the Unit Coordinator. You may optionally submit other resources (e.g. videos) in addition to the slides.
See the Schedule for due dates of deliverables
Certification of Grades day
Contribution to Grade
- Presentation: 20%
Individual and Group Contributions
This is a group presentation. All members of the group must present in the group timeslot. 15% will be a group score, while 5% will be an individual score. All members will receive the same group score (unless exceptional circumstances, e.g. one member does not present). The individual score will be based on how you present your part and answer questions. Different students in your team may receive different individual scores.
Marking Criteria
You will be marked based on:
- Content quality and relevance (Group 10%). For example: sufficient technical depth, appropriate contributions presented, interesting and clearly explained content, reflections on learnings.
- Presentation organisation and flow (Group 5%). For example: keeping to time limit, preparedness, visual aids.
- Presentation skills (Individual 5%). For example: speaking skills, confidence, responding to questions, demonstrated understanding of the content.
Detailed marking criteria are available on Moodle.
- Demonstrate productive participation and contribution to a project team or work environment
- Communication
- Information Literacy
- Team Work
- Information Technology Competence
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.
What can you do to act with integrity?
