COIT12202 - Network Security Concepts

General Information

Unit Synopsis

As the Internet becomes more pervasive, so do the threats to the security of our computer systems and communications. This unit provides you with grounding in security technology. You will study common network security attacks, then the technologies to defend against those attacks. These technologies include cryptography, access control, authentication, firewalls, and wireless network protocols. This unit provides security knowledge that is required for industry standard certification exams, such as CompTIA.

Details

Level Undergraduate
Unit Level 2
Credit Points 6
Student Contribution Band SCA Band 2
Fraction of Full-Time Student Load 0.125
Pre-requisites or Co-requisites

Prerequisite: COIT12206 OR COIT13147

Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).

Class Timetable View Unit Timetable
Residential School No Residential School

Unit Availabilities from Term 1 - 2024

Term 2 - 2024 Profile
Brisbane
Cairns
Melbourne
Online
Rockhampton
Sydney
Townsville

Attendance Requirements

All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).

Assessment Overview

Recommended Student Time Commitment

Each 6-credit Undergraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.

Assessment Tasks

Assessment Task Weighting
1. Written Assessment 25%
2. Written Assessment 45%
3. Online Quiz(zes) 30%

This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%).

Consult the University’s Grades and Results Policy for more details of interim results and final grades

Past Exams

To view Past Exams,
please login
Previous Feedback

Term 2 - 2023 : The overall satisfaction for students in the last offering of this course was 78.26% (`Agree` and `Strongly Agree` responses), based on a 35.38% response rate.

Feedback, Recommendations and Responses

Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.

Source: Teaching staff and discipline team feedback
Feedback
Advanced security practices or exercises can be included as emerging topics in this unit, such as wireless, IoT applications, and cloud cybersecurity.
Recommendation
Update the teaching materials with advanced cybersecurity practices and exercises, such as wireless, IoT applications, and cloud cybersecurity.
Action Taken
The teaching materials have been updated to include new content and activities on cloud (Week 8), wireless (Week 10), and IoT (Week 11) cybersecurity.
Source: Students and teaching team feedback
Feedback
Python/(Power)Shell scripting can be introduced for cybersecurity practices/exercises.
Recommendation
Design some practices or lab exercises based on the Python/(Power)Shell scripting to enhance students' understanding of how to use the scripting technologies to perform cybersecurity practices.
Action Taken
Redesigned tutorial activities from Weeks 2 to 6, enabling students to practice Python and PowerShell scripting for cybersecurity tests. Questions 2 and 5 in Written Assignment 2 were devised to assess students' proficiency in Python and PowerShell scripting.
Source: Student Feedback
Feedback
The students felt restricted by the word count when addressing the final assessment adequately and suggested either increasing it or removing the limit.
Recommendation
Increase the word count limit from 2500 to 3000 words for the final assessment.
Action Taken
Nil.
Source: External Reviewer
Feedback
The teaching materials lack state-of-the-art cloud computing security practices.
Recommendation
Incorporate firewall configuration on the Azure cloud platform into the tutorial activities.
Action Taken
Nil.
Unit learning Outcomes

On successful completion of this unit, you will be able to:

  1. Describe key security concepts and principles
  2. Discuss how common security attacks and defences work
  3. Explain the role of cryptographic mechanisms in providing computer and network security
  4. Apply access control technologies, including firewalls and authentication, to secure computer networks
  5. Explain threats and defences that are specific to wireless networks.

Australian Computer Society (ACS) recognises the Skills Framework for the Information Age (SFIA). SFIA is in use in over 100 countries and provides a widely used and consistent definition of ICT skills. SFIA is increasingly being used when developing job descriptions and role profiles.

ACS members can use the tool MySFIA to build a skills profile at https://www.acs.org.au/professionalrecognition/mysfia-b2c.html

This unit contributes to the following workplace skills as defined by SFIA. The SFIA code is included:

  • Information Security (SCTY)
  • Penetration Testing (PENT)
  • Network Support (NTAS)
  • Security Administration (SCAD)
  • Problem Management (PBMG)
  • Data Analysis (DTAN)
  • System Design (DESN)
  • Incident Management (USUP)

The National Initiative for Cybersecurity Education (NICE) Framework defines knowledge, skills and tasks needed to perform various cyber security roles. Developed by the National Institute of Standards and Technology (NIST), the NICE Framework is used by organisations to plan their workforce, including recruit into cyber security positions.

This unit helps prepare you for roles such as Systems Security Analyst, Network Operations Specialist and Systems Administrator, contributing to the following knowledge and skills:

  • K0002 Knowledge of risk management processes (e.g., methods for assessing and mitigating risk).
  • K0003 Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy.
  • K0004 Knowledge of cybersecurity and privacy principles.
  • K0019 Knowledge of cryptography and cryptographic key management concepts
  • K0038 Knowledge of cybersecurity and privacy principles used to manage risks related to the use, processing, storage, and transmission of information or data.
  • K0049 Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • K0056 Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0075 Knowledge of security system design tools, methods, and techniques.
  • K0104 Knowledge of Virtual Private Network (VPN) security.
  • K0158 Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
  • K0160 Knowledge of the common attack vectors on the network layer.
  • K0179 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0203 Knowledge of security models (e.g., Bell-LaPadula model, Biba integrity model, Clark-Wilson integrity model).
  • K0260 Knowledge of Personally Identifiable Information (PII) data security standards.
  • K0261 Knowledge of Payment Card Industry (PCI) data security standards.
  • K0262 Knowledge of Personal Health Information (PHI) data security standards.
  • K0263 Knowledge of information technology (IT) risk management policies, requirements, and procedures.
  • K0274 Knowledge of transmission records (e.g., Bluetooth, Radio Frequency Identification (RFID), Infrared Networking (IR), Wireless Fidelity (Wi-Fi). paging, cellular, satellite dishes, Voice over Internet Protocol (VoIP)), and jamming techniques that enable transmission of undesirable information, or prevent installed systems from operating correctly.
  • K0276 Knowledge of security management.
  • K0284 Knowledge of developing and applying user credential management system.
  • K0297 Knowledge of countermeasure design for identified security risks.
  • K0333 Knowledge of network design processes, to include understanding of security objectives, operational objectives, and trade-offs.
  • S0027 Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • S0031 Skill in developing and applying security system access controls.
  • S0036 Skill in evaluating the adequacy of security designs.
  • S0040 Skill in implementing, maintaining, and improving established network security practices.
  • S0076 Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0077 Skill in securing network communications.
  • S0079 Skill in protecting a network against malware. (e.g., NIPS, anti-malware, restrict/prevent external devices, spam filters).
  • S0084 Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
  • S0141 Skill in assessing security systems designs.
  • S0147 Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.).
  • S0167 Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
  • S0170 Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).
  • S0367 Skill to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).

Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks Learning Outcomes
1 2 3 4 5
1 - Written Assessment
2 - Written Assessment
3 - Online Quiz(zes)
Alignment of Graduate Attributes to Learning Outcomes
Introductory Level
Intermediate Level
Graduate Level
Graduate Attributes Learning Outcomes
1 2 3 4 5
1 - Communication
2 - Problem Solving
3 - Critical Thinking
4 - Information Literacy
6 - Information Technology Competence
8 - Ethical practice
Alignment of Assessment Tasks to Graduate Attributes
Introductory Level
Intermediate Level
Graduate Level
Assessment Tasks Graduate Attributes
1 2 3 4 5 6 7 8 9 10