COIT20262 - Advanced Network Security

General Information

Unit Synopsis

In this unit, you will learn how to protect the confidentiality, integrity and availability of information and network services in business organisations. You will study the fundamental cryptographic techniques that many of the security mechanisms are built upon. You will also study network security attacks, including malware, denial of service, and application vulnerabilities, and the corresponding countermeasures. Through computer laboratory activities, you will gain hands-on experience in analysing attacks and deploying defences, including securing web applications, establishing access control mechanisms, and applying encryption in wired and wireless networks.

Details

Level Postgraduate
Unit Level 9
Credit Points 6
Student Contribution Band SCA Band 2
Fraction of Full-Time Student Load 0.125
Pre-requisites or Co-requisites

Prerequisite: COIT20261 Network Routing and Switching

Important note: Students enrolled in a subsequent unit who failed their pre-requisite unit, should drop the subsequent unit before the census date or within 10 working days of Fail grade notification. Students who do not drop the unit in this timeframe cannot later drop the unit without academic and financial liability. See details in the Assessment Policy and Procedure (Higher Education Coursework).

Class Timetable View Unit Timetable
Residential School No Residential School

Unit Availabilities from Term 1 - 2024

Term 1 - 2024 Profile
Brisbane
Melbourne
Online
Rockhampton
Sydney
Term 2 - 2024 Profile
Brisbane
Melbourne
Online
Rockhampton
Sydney

Attendance Requirements

All on-campus students are expected to attend scheduled classes – in some units, these classes are identified as a mandatory (pass/fail) component and attendance is compulsory. International students, on a student visa, must maintain a full time study load and meet both attendance and academic progress requirements in each study period (satisfactory attendance for International students is defined as maintaining at least an 80% attendance record).

Assessment Overview

Recommended Student Time Commitment

Each 6-credit Postgraduate unit at CQUniversity requires an overall time commitment of an average of 12.5 hours of study per week, making a total of 150 hours for the unit.

Assessment Tasks

Assessment Task Weighting
1. Written Assessment 35%
2. Online Quiz(zes) 25%
3. Written Assessment 40%

This is a graded unit: your overall grade will be calculated from the marks or grades for each assessment task, based on the relative weightings shown in the table above. You must obtain an overall mark for the unit of at least 50%, or an overall grade of ‘pass’ in order to pass the unit. If any ‘pass/fail’ tasks are shown in the table above they must also be completed successfully (‘pass’ grade). You must also meet any minimum mark requirements specified for a particular assessment task, as detailed in the ‘assessment task’ section (note that in some instances, the minimum mark for a task may be greater than 50%).

Consult the University’s Grades and Results Policy for more details of interim results and final grades

Past Exams

To view Past Exams,
please login
Previous Feedback

Term 1 - 2023 : The overall satisfaction for students in the last offering of this course was 91.67% (`Agree` and `Strongly Agree` responses), based on a 42.86% response rate.

Feedback, Recommendations and Responses

Every unit is reviewed for enhancement each year. At the most recent review, the following staff and student feedback items were identified and recommendations were made.

Source: Analysis by Unit Coordinator
Feedback
While students can give high level overviews of different cyber-attacks, the detailed operations of cyber-attacks are difficult for students to understand.
Recommendation
Include demonstrations of cyberattacks (e.g., denial of service) in the tutorial activities to help students understand how a cyberattack works.
Action Taken
DoS attack demonstration has been included in Week 2 Tutorial. Additionally, activities related to penetration testing have also been introduced.
Source: Student emails
Feedback
Virtual Box was difficult to use on the latest Mac version.
Recommendation
Make it clear that Windows is the only environment supported by the teaching team as the computer labs only have Windows. Explore the possibility of migration to the cloud environment from VirtualBox.
Action Taken
Nil.
Source: Teaching team
Feedback
Update the assessments to improve the complex computing coverage.
Recommendation
Review the assessments and update it with more open-ended and analytical questions.
Action Taken
Nil.
Unit learning Outcomes

On successful completion of this unit, you will be able to:

  1. Explain vulnerabilities and attacks, as well as their countermeasures
  2. Use and compare cryptographic techniques for securing computers and networks
  3. Design security controls for organisations, such as firewalls, authentication, and access control
  4. Develop and deploy network security technologies, including encryption software, VPNs and wireless security
  5. Assess emerging threats and security controls.

The Australian Computer Society (ACS) recognises the Skills Framework for the Information Age (SFIA). SFIA is adopted by organisations, governments and individuals in many countries and provides a widely used and consistent definition of ICT skills. SFIA is increasingly being used when developing job descriptions and role profiles. ACS members can use the tool MySFIA to build a skills profile.

This unit contributes to the following workplace skills as defined by SFIA 7 (the SFIA code is included):

  • Information Security (SCTY)
  • Security Administration (SCAD)
  • Information Assurance (INAS)
  • Specialist Advice (TECH)

The National Initiative for Cybersecurity Education (NICE) Framework defines knowledge, skills and tasks needed to perform various cyber security roles. Developed by the National Institute of Standards and Technology (NIST), the NICE Framework is used by organisations to plan their workforce, including recruit into cyber security positions.

This unit helps prepare you for roles such as Systems Security Analyst, Network Operations Specialist and Systems Administrator, contributing to the following knowledge and skills:

  • K0005 Knowledge of cyber threats and vulnerabilities.
  • K0018 Knowledge of encryption algorithms
  • K0019 Knowledge of cryptography and cryptographic key management concepts
  • K0044 Knowledge of cybersecurity and privacy principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
  • K0049 Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
  • K0056 Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
  • K0104 Knowledge of Virtual Private Network (VPN) security.
  • K0130 Knowledge of virtualization technologies and virtual machine development and maintenance.
  • K0158 Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
  • K0160 Knowledge of the common attack vectors on the network layer.
  • K0179 Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth).
  • K0201 Knowledge of symmetric key rotation techniques and concepts.
  • K0339 Knowledge of how to use network analysis tools to identify vulnerabilities.
  • K0622 Knowledge of controls related to the use, processing, storage, and transmission of data.
  • S0031 Skill in developing and applying security system access controls.
  • S0036 Skill in evaluating the adequacy of security designs.
  • S0040 Skill in implementing, maintaining, and improving established network security practices.
  • S0073 Skill in using virtual machines. (e.g., Microsoft Hyper-V, VMWare vSphere, Citrix XenDesktop/Server, Amazon Elastic Compute Cloud, etc.).
  • S0076 Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, antivirus software, anti-spyware).
  • S0077 Skill in securing network communications.
  • S0084 Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
  • S0167 Skill in recognizing vulnerabilities in security systems. (e.g., vulnerability and compliance scanning).
  • S0170 Skill in configuring and utilizing computer protection components (e.g., hardware firewalls, servers, routers, as appropriate).

Alignment of Assessment Tasks to Learning Outcomes
Assessment Tasks Learning Outcomes
1 2 3 4 5
1 - Written Assessment
2 - Online Quiz(zes)
3 - Written Assessment
Alignment of Graduate Attributes to Learning Outcomes
Advanced Level
Professional Level
Graduate Attributes Learning Outcomes
1 2 3 4 5
1 - Knowledge
2 - Communication
3 - Cognitive, technical and creative skills
4 - Research
5 - Self-management
6 - Ethical and Professional Responsibility
Alignment of Assessment Tasks to Graduate Attributes
Advanced Level
Professional Level
Assessment Tasks Graduate Attributes
1 2 3 4 5 6 7 8