Overview
This unit is the capstone to the Cyber Security specialisation of the Bachelor of Information Technology course. The unit is designed so that you can demonstrate your learning across the whole course of study before making the transition to the next stage of your career. To this end, you are to conduct a group project including the design and implementation of a cyber security plan that meets the client's requirements. Deliverables will include the formal security plan and configured secure infrastructure as part of an overall portfolio of planning and design documentation, scripts, and rules. In order to deliver a robust solution, you will need to choose and employ an appropriate project management methodology. The delivered infrastructure will undergo stress testing and simulated security attack scenarios.
Details
Pre-requisites or Co-requisites
Prerequisites: (COIS13064 ICT Project Management or COIT12208 ICT Project Management) and COIT12202 Network Security Concepts Corequisites: COIT13146 System and Network Administration and (COIT13229 Applied Distributed Systems or COIT13240 Applied Cryptography)
Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).
Offerings For Term 3 - 2024
Attendance Requirements
All on-campus students are expected to attend scheduled classes - in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).
Recommended Student Time Commitment
Each 12-credit Undergraduate unit at CQUniversity requires an overall time commitment of an average of 25 hours of study per week, making a total of 300 hours for the unit.
Class Timetable
Assessment Overview
Assessment Grading
This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of 'pass' in order to pass the unit. If any 'pass/fail' tasks are shown in the table above they must also be completed successfully ('pass' grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the 'assessment task' section (note that in some instances, the minimum mark for a task may be greater than 50%). Consult the University's Grades and Results Policy for more details of interim results and final grades.
All University policies are available on the CQUniversity Policy site.
You may wish to view these policies:
- Grades and Results Policy
- Assessment Policy and Procedure (Higher Education Coursework)
- Review of Grade Procedure
- Student Academic Integrity Policy and Procedure
- Monitoring Academic Progress (MAP) Policy and Procedure - Domestic Students
- Monitoring Academic Progress (MAP) Policy and Procedure - International Students
- Student Refund and Credit Balance Policy and Procedure
- Student Feedback - Compliments and Complaints Policy and Procedure
- Information and Communications Technology Acceptable Use Policy and Procedure
This list is not an exhaustive list of all University policies. The full list of University policies are available on the CQUniversity Policy site.
Feedback, Recommendations and Responses
Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.
Feedback from Students' informal feedback.
Individual contributions should be recognised in group assessments.
Provide clear instruction and marking criteria to recognise individual contributions in the context of group assessments.
Feedback from Students' feedback and teaching team's reflection.
Students enjoyed working on real world projects and meeting real clients.
Continue to include real-world projects.
- Analyse cyber security requirements to produce a comprehensive cyber security plan
- Implement well-documented and tested security technologies to meet a cyber security plan
- Evaluate security protections for compliance and effectiveness
- Produce the project management artefacts required in a typical cyber security project
- Demonstrate productive participation and contribution to a project team or work environment
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
The Australian Computer Society (ACS) recognises the Skills Framework for the Information Age (SFIA). SFIA is adopted by organisations, governments and individuals in many countries and provides a widely used and consistent definition of ICT skills. SFIA is increasingly being used when developing job descriptions and role profiles. ACS members can use the tool MySFIA to build a skills profile.
This unit contributes to the following workplace skills as defined by SFIA 7 (the SFIA code is included)- Project Management (PRMG)
- IT Management (ITMG)
- Information Security (SCTY)
- Security Administration (SCAD)
- Enterprise IT Governance (GOVN)
- Specialist Advice (TECH)
- IT Infrastructure (ITOP)
- Systems Installation/Decommissioning (HSIN)
- Network Support (NTAS)
- Network Planning (NTPL)
- Network Design (NTDS)
- Systems Design (DESN)
- Penetration testing (PENT)
- Information Assurance (INAS)
Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks | Learning Outcomes | |||||
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
1 - Report - 40% | ||||||
2 - Portfolio - 20% | ||||||
3 - Written Assessment - 20% | ||||||
4 - Presentation - 20% |
Alignment of Graduate Attributes to Learning Outcomes
Graduate Attributes | Learning Outcomes | |||||
---|---|---|---|---|---|---|
1 | 2 | 3 | 4 | 5 | 6 | |
1 - Communication | ||||||
2 - Problem Solving | ||||||
3 - Critical Thinking | ||||||
4 - Information Literacy | ||||||
5 - Team Work | ||||||
6 - Information Technology Competence | ||||||
7 - Cross Cultural Competence | ||||||
8 - Ethical practice | ||||||
9 - Social Innovation | ||||||
10 - Aboriginal and Torres Strait Islander Cultures |
Textbooks
There are no required textbooks.
IT Resources
- CQUniversity Student Email
- Internet
- Unit Website (Moodle)
- Access to computer with webcam, microphone and speakers
- Zoom
- Microsoft Teams
- Portfolium
All submissions for this unit must use the referencing style: Harvard (author-date)
For further information, see the Assessment Tasks.
f.sabrina@cqu.edu.au
Module/Topic
Weekly meeting with Unit Coordinator (UC)
Chapter
Events and Submissions/Topic
Meet the entire class to select a topic, create a team, and formulate project specifications. Agree upon a specific meeting time, discuss assessments and reporting requirements for each week.
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Introduce yourself to the project mentor and lay out a plan for the term.
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverables:
- Project Plan (9AM AEST, Monday, 18 November 2024)
- Self Assessment (9AM AEST, Monday, 18 November 2024)
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverable:
Discussion on progress report during weekly consultation with mentor.
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverable:
Draft Report (9AM AEST, Monday, 16 December 2024)
Module/Topic
No meeting
Chapter
Events and Submissions/Topic
Module/Topic
No meeting
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverable:
Discussion on progress report during weekly consultation with mentor.
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverable:
Practice Presentation (9:00 AM AEST, Monday, 27 January 2025)
Module/Topic
Weekly meeting with project mentor.
Chapter
Events and Submissions/Topic
Deliverable:
Project Reflection (9:00 AM AEST, Monday, 3 February 2025)
Module/Topic
Chapter
Events and Submissions/Topic
Deliverables:
Final Report (9:00 AM AEST, Monday, 10 February 2025)
Final Presentation (9:00 AM AEST, Monday, 10 February 2025)
For any term-specific information, please contact the Unit Coordinator via E-mail.
Unit Coordinator: Dr Fariza Sabrina
E-mail: f.sabrina@cqu.edu.au
1 Report
In this unit you integrate and apply the knowledge and skills you have gained in your course into an industry-relevant team project. Students must form teams of a minimum of 3 students and a maximum of 4 students, with any larger teams at the discretion of the Unit Coordinator. Teams should be formed before the end of Week 1, with roles and responsibilities agreed upon at your project meeting in Week 2. Change of topic or team once the Project Plan deadline has passed is only allowed in special circumstances with approval from Unit Coordinator.
Components
This assessment is split into two (2) deliverables:
1. Draft Report
2. Final Report
Expectations of Final Report
Your Final Report must document technical artefacts of the entire project. The content may vary depending on the chosen topic and the problem being addressed. As well as the technical artefacts, all Final Reports must include an overview of the entire project and an evaluation of the ethical and professional issues encountered during the project and/or envisaged in the future. The following are example technical artefacts that may be included in a Final Report.
• Detailed description of the problem from a business and technical perspective
• Review of existing/competing products, solutions, or literature
• Identification, selection and justification of appropriate network and security technologies to solve the problem
• Specification of requirements, for example, functional, usability, reliability, performance, security
• Logical and/or physical network designs
• Design of network/security architectures, protocols or algorithms
• Network and security policies, for example, disaster recovery plan, password policies, business continuity plan
• Risk assessment
• Recommended security controls to solve the problem
• Documentation on rapid prototype of a solution to the problem
• Results from security/penetration testing on a system
• Deployment of network/security components, for example, database/web servers in the cloud.
As different groups are undertaking different projects, you should discuss with your Project Mentor (tutor) the expected artefacts for your project.
Expectations of Draft Report
Your Draft Report consists of the latest versions of your technical artefacts produced by the deadline. See the list above for examples of technical artefacts from the Final Report. Some of the artefacts will be complete (or close to final version), and some may be partially complete (e.g. some sections complete, other sections empty). You will normally not include artefacts that you have started, but made very little progress (e.g. less than 50% complete). The Draft Report is an opportunity to get feedback on your current progress. As with the Final Report, discuss with your Project Mentor what is expected for your project. Your Project Mentor will also advise you on which artefacts to include or omit from the Draft Report. Your Draft Report will be released to other students.
Format and Submission
The Final Report should be presented as a formal, technical document (e.g. with title, section headings, references, diagrams, tables). The report must be submitted as a Microsoft Word document. You are encouraged to use separate documents/files for different artefacts. For example, if your group has developed a privacy policy and undertaken a risk assessment, they should be submitted as separate documents, with the Final Report simply referring to them. That is, you may submit Final Report (Word doc), Privacy Policy (Word doc), Risk Assessment (Word doc), Network Design (Visio file) and so on.
The Draft Report should be presented and submitted in the same manner as the final report. Where sections are missing or incomplete, you should clearly mark them (e.g. "This section is not yet complete.").
All group documents and technical artefacts must be stored on a Microsoft Teams channel created for your group by the Unit Coordinator, and shared with your Project Mentor (tutor) and Unit Coordinator. With prior approval of the Unit Coordinator, a collaborative platform other than Microsoft Teams may be used. While documents are stored Teams, they must also be submitted on Moodle.
See the Schedule for due dates of deliverables.
Certification of Grades day for Final Report; Two weeks after the submission for the Draft Report
Contribution to Grade
- Draft Report: 10%
- Final Report: 30%
Individual and Group Contributions
Both reports are group work. If all team members make similar contributions, then all team members will typically receive the same mark. However if there are noticeably different contributions from some team members, then different individual marks may be awarded for some or all parts of the assessment. In the report you must declare individual contributions (even if you contributed equally) with specific details. If your report does not have an individual contribution declaration, you may receive a deduction as specified in the marking guide in Moodle. The project mentor or Unit Coordinator may seek further information from team members, including via interviews, to evaluate the contributions.
Marking Criteria
Your Final Report will be marked based on:
- Problem definition. You must give a clear and concise statement of the problem your project is attempting to solve.
- Approach. The methodologies, tools and techniques you use to solve the problem must be appropriate.
- Solution quality and depth. Your solution must demonstrate an investigation into significant depth and the resulting outputs must be of quality expected of a graduate.
- Evaluation of ethical and professional issues. Your evaluation must demonstrate understanding of the issues and must identify appropriate strategies for handling the issues.
- Presentation. For example, formatting, grammar, referencing.
The reports, and especially the solution quality and depth, will be assessed taking into account the project management activities (for example, Project Plan, progress reports, quality review). For example, if the project does not deliver what the Project Plan promised and the changes are have not been justified in progress reports, then a low score may be awarded. However, if the project does deliver what is promised, but there is little technical depth in that deliverable, then a low score may still be awarded.
The Draft Report will be marked in the same manner as the Final Report.
This unit is 12 credit points, and therefore requires significant amount of work every week with frequent assessment deadlines. If you get behind and miss a deadline, then it will be very hard for you to catch up. Therefore, for all assessments any late submissions more than 7 days after the original deadline will receive 0 marks.
Detailed marking criteria are available on Moodle.
- Analyse cyber security requirements to produce a comprehensive cyber security plan
- Implement well-documented and tested security technologies to meet a cyber security plan
- Evaluate security protections for compliance and effectiveness
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
2 Portfolio
Components
This assessment is split into two (2) deliverables:
- Self-Assessment
- Progress reporting
Expectations of Self-Assessment:
At the start of the project you must identify your career goals, including preferred job role upon graduation, and self-assess your current knowledge, skills and abilities against those expected for an IT professional. You will highlight gaps and identify tasks that you aim to focus on in the project to work towards filling those gaps.
At the end of the project you must reflect on your project, your achievement in filling gaps identified at the start of the term, and identify plans for the next steps in your career.
Expectations of Progress Reporting:
You must use a GitHub repository for maintaining all project documentation as well as project management tracking, e.g. with a Kanban board. You must use Microsoft Teams for all communications within your group, including online meetings. You must meet at least weekly with your project mentor, discussing status of project status (e.g. on the Kanban board), significant issues or risks, and resource utilisation (e.g. budget usage).
You will be expected to answer questions about your progress report during week 5 and week 9 consultations. The final part of the progress report will be included in the final report.
Format and Submission
Self-Assessment:
Self-assement report (individual submission) should be uploaded on Moodle. Details available on Moodle.
Progress Reporting:
All groups must create a GitHub private repository at the start of term (one student creates, invites other students, project mentor and the unit coordinator as collaborator). All working documents and code should be uploaded on the GitHub repository contains all working documents and code. Contributions (commits) to the repository are used as one indicator of student contribution to the project. Individual marks may be awarded based on this and other information. Groups must create and maintain a GitHub project, e.g. a Kanban board, that lists tasks. Each weekly meeting with project mentor starts with 10 minutes of the groups showing and updating the Kanban board.
See the Schedule for due dates of deliverables.
Two weeks after submission due date.
Contribution to Grade
- Self-Assessment = 5 %
- Progress Reporting: 15%
Marking Criteria
Your Self Assessment will be marked based on:
- Genuine and in-depth self-assessment of knowledge, skills and abilities
- Ability to identify specific, relevant activities to fill in gaps that will contribute to future career goals
Your progress reporting will be marked based on:
- Effective use of tools and techniques for project management
- Regular contributions to the project activities by all team members
- Depth and quality of your technical contributions
- Identification of challenges in the project, and practical approaches to deal with those challenges
Failure to publish artefacts on github will result in 0 marks for the individual and group Project progress reports. Attendance at scheduled project meeting with mentor is required for each week that a progress report is due (week 5 and 9). If you do not attend (and do not have a valid reason, for example, a medical certificate) then you may receive 0 marks for the progress report.
This unit is 12 credit points, and therefore requires significant amount of work every week with frequent assessment deadlines. If you get behind and miss a deadline, then it will be very hard for you to catch up. Therefore, for all assessments any late submissions more than 7 days after the original deadline will receive 0 marks.
Detailed marking criteria are available on Moodle.
- Produce the project management artefacts required in a typical cyber security project
- Demonstrate productive participation and contribution to a project team or work environment
- Demonstrate work readiness in terms of technical skills, communication skills, and both professional and ethical behaviour.
3 Written Assessment
Components
This assessment is split into two (2) deliverables:
- Project Plan
- Project Reflection
Expectations of Project Plan
Your Project Plan must:
- Define the problem your team will solve
- Identify the roles and responsibilities of team members
- Schedule a set of tasks and deliverable, i.e. artefacts
- List anticipated challenges and mitigation strategies
- Budget for software or hardware costs, as well as access to resources (e.g. labs, cloud computing)
- Predict ethical or professional issues that may arise during the project or after the project (e.g. as a result of the product you deliver) and identify strategies to deal with those issues.
Expectations of Reflection
This is a written task where you will reflect on your project experience, including the technical and management issues that arose in the project, as well as your key learnings from the project. You will also be expected to reflect on how the project will contribute to your future career goals.
Format and Submission
Both the Project Plan and Project reflection must be submitted as reports (for example, Microsoft Word documents). Where appropriate, other documents (for example, initial network designs) may be submitted in other file formats as an appendix to the report.
All group documents and technical artefacts must be stored on a Microsoft Teams channel created for your group by the Unit Coordinator, and shared with your Project Mentor (tutor) and Unit Coordinator. With prior approval of the Unit Coordinator, a collaborative platform other than Microsoft Teams may be used. While documents are stored Teams, they must also be submitted on Moodle.
Online via Moodle
Two weeks after the due date via Moodle for project plan. Certification of Grades day for Project Reflection.
Contribution to Grade
- Project Plan: 12%
- Project Reflection: 8%
Individual and Group Contributions
The Project Plan is group work and the Project Reflection is an individual work.
Marking Criteria
Your Project Plan will be marked based on:
- Depth and quality of planning.
- Ability to identify issues relevant to your specific project.
In most cases, all group members will receive the same mark for the project plan. However if the project mentor or Unit Coordinator detect significant differences in contributions across group members, then interviews may be held to determine individual contributions, and individual marks allocated based on those contributions.
Your Project Reflection will be marked based on:
- Genuine and in-depth reflection on your experience of doing the project tasks.
- Ability to identify what have you learnt during this project.
- Analysis of hurdles faced while doing this project and how you overcame those hurdles. Discussion on lessons learnt from this experience.
- Analysis of how this project experience will contribute to your future career goals.
- Ethical and professional issue handled during this project.
Failure to publish artefacts on Portfolium will result in 0 marks for the Project Reflection.
This unit is 12 credit points, and therefore requires significant amount of work every week with frequent assessment deadlines. If you get behind and miss a deadline, then it will be very hard for you to catch up. Therefore, for all assessments any late submissions more than 7 days after the original deadline will receive 0 marks.
Detailed marking criteria are available on Moodle.
- Analyse cyber security requirements to produce a comprehensive cyber security plan
- Implement well-documented and tested security technologies to meet a cyber security plan
- Evaluate security protections for compliance and effectiveness
- Produce the project management artefacts required in a typical cyber security project
4 Presentation
Components
This assessment is split into two (2) deliverables:
- Practice Presentation
- Final Presentation
Expectations of Final Presentation
In your Final Presentation you must convince the audience that the work you have done is substantial, high quality and relevant for your major, and that you have applied appropriate processes to complete the work. The audience may include students from this unit, other students, your project mentor, Unit Coordinator, other academic staff, alumni, and industry representatives. The presentation will be time-limited (to be confirmed during the term). Therefore, you must design your presentation to convey the key aspects of your project, taking into account the audience and time limitations. While the content/structure of your presentation is mainly your choice, it must at least include:
- Identification of your project topic, mentor, group members and major contributions of group members.
- Reflection on technical challenges, for example, what new things did you learn, what was difficult, how did you solve problems.
- Demonstration of the system you develop or problem solved.
You may use a variety of presentation tools (including live demonstrations, videos, screenshots), but must be supported by slides.
Expectations of Practice Presentation
This will be practice for the Final Presentation, and therefore the instructions for the Final Presentation apply. As your project may not be finished, not all aspects will be able to be presented. However it is expected a demonstration be included (that is, you cannot just discuss your design without demonstrating any parts).
Format and Submission
Your group must deliver your Practice Presentation live in your regular project meeting with your mentor.
Your group must deliver your Final Presentation live using Zoom video conferencing. The final presentations will be scheduled in a conference-style event, running up to 1 day. Groups will be assigned to present at time slots during the day, and also be required to view presentations of other groups. The presentation day is planned for Monday of Week 13; the final date and detailed schedule for presentations will be announced during the term.
For both the Practice Presentation and Final Presentation, you must submit at least PowerPoint slides on Moodle by the deliverable deadline. Other formats of the slides (including PDF) are not acceptable, unless permission is granted in advance by the Unit Coordinator. You may optionally submit other resources (e.g. videos) in addition to the slides.
All group documents and technical artefacts must be stored on a Microsoft Teams channel created for your group by the Unit Coordinator, and shared with your Project Mentor (tutor) and Unit Coordinator. With prior approval of the Unit Coordinator, a collaborative platform other than Microsoft Teams may be used. While documents are stored Teams, they must also be submitted on Moodle.
You may receive a Zero (0) in this assessment If you fail to appear on the planned demonstration/presentation day. The assessment specification on your Moodle website will further detail each of the points above.
See the Schedule for due dates of deliverables
One week after presentation for Practice Presentation; Certification of Grades day for Final Presentation
Contribution to Grade
- Practice Presentation: 5%
- Final Presentation: 15%
Individual and Group Contributions
Both presentations are a group presentation, however some marks will be allocated to individuals. All members of the group must present. All members will receive the same group score (unless exceptional circumstances, e.g. one member does not present). The individual score will be based on how you present your part and answer questions. Different students in your team may receive different individual scores.
Marking Criteria
Both presentations will be marked based on:
- Content quality and relevance [Group]. For example: sufficient technical depth, appropriate contributions presented, interesting and clearly explained content, reflections on learnings.
- Demonstration of prototype/system [Group]. For example: appropriate technologies are chosen and shown; demonstrates application of knowledge and skills.
- Presentation organisation and flow [Group]. For example: keeping to time limit, preparedness, visual aids, quality of demonstrations.
- Presentation skills [Individual]. For example: speaking skills, confidence, responding to questions, demonstrated understanding of the content.
Detailed marking criteria are available on Moodle.
- Demonstrate productive participation and contribution to a project team or work environment
As a CQUniversity student you are expected to act honestly in all aspects of your academic work.
Any assessable work undertaken or submitted for review or assessment must be your own work. Assessable work is any type of work you do to meet the assessment requirements in the unit, including draft work submitted for review and feedback and final work to be assessed.
When you use the ideas, words or data of others in your assessment, you must thoroughly and clearly acknowledge the source of this information by using the correct referencing style for your unit. Using others’ work without proper acknowledgement may be considered a form of intellectual dishonesty.
Participating honestly, respectfully, responsibly, and fairly in your university study ensures the CQUniversity qualification you earn will be valued as a true indication of your individual academic achievement and will continue to receive the respect and recognition it deserves.
As a student, you are responsible for reading and following CQUniversity’s policies, including the Student Academic Integrity Policy and Procedure. This policy sets out CQUniversity’s expectations of you to act with integrity, examples of academic integrity breaches to avoid, the processes used to address alleged breaches of academic integrity, and potential penalties.
What is a breach of academic integrity?
A breach of academic integrity includes but is not limited to plagiarism, self-plagiarism, collusion, cheating, contract cheating, and academic misconduct. The Student Academic Integrity Policy and Procedure defines what these terms mean and gives examples.
Why is academic integrity important?
A breach of academic integrity may result in one or more penalties, including suspension or even expulsion from the University. It can also have negative implications for student visas and future enrolment at CQUniversity or elsewhere. Students who engage in contract cheating also risk being blackmailed by contract cheating services.
Where can I get assistance?
For academic advice and guidance, the Academic Learning Centre (ALC) can support you in becoming confident in completing assessments with integrity and of high standard.