Year
2021Credit points
10Campus offering
No unit offerings are currently available for this unitPrerequisites
Nil
Incompatible
ITEC640 Information Systems Security
Teaching organisation
3 hours per week for twelve weeks or equivalent.
Unit rationale, description and aim
This unit will cover the importance of cyber security, security threats, risk analysis and mitigation techniques. The unit demonstrates the basic cyber security concepts, security tools and the common architectures used as industry standards. Students will learn how to defend against cyber threats and attacks and study existing techniques for managing security issues and maintaining the working environment. This unit introduces the broad discipline of cybersecurity and outlines how to ensure data confidentiality, privacy, integrity and availability of information. The unit also covers ethical and legal issues in cyber–space to understand how cyber security affects legal compliance and solidarity in communities and society. The aim of this unit is to equip students with some background knowledge in cyber security, which scaffolds an advanced unit in network security.
Learning outcomes
To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.
Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.
Explore the graduate capabilities.
On successful completion of this unit, students should be able to:
LO1 - synthetise vulnerabilities and potential security threats to information systems and analyse their consequences in real world scenarios in collaboration with peers (GA5, GA7)
LO2 - apply appropriate security tools to safeguard data, systems and networks from malicious attacks (GA5, GA10)
LO3 - critically evaluate the consequences of different level of risks in an organisation and propose appropriate security countermeasures to minimise the impacts or likelihood of risks (GA4, GA5)
LO4 - appraise the impact of cybersecurity systems across societies and national borders (GA2, GA5)
Graduate attributes
GA2 - recognise their responsibility to the common good, the environment and society
GA4 - think critically and reflectively
GA5 - demonstrate values, knowledge, skills and attitudes appropriate to the discipline and/or profession
GA7 - work both autonomously and collaboratively
GA10 - utilise information and communication and other relevant technologies effectively.
Content
Topics will include:
- Fundamental issues in cyber security
- Physical security
- Software security: intruder, malware
- Basic cryptography
- Risk assessment and management
- Hash and Digital Signature
- Web security
- Database security
- Digital Forensics
- Legal, privacy and ethical issues
- Social and global Impacts of cyber attacks
Learning and teaching strategy and rationale
This unit will be delivered in attendance mode over a twelve-week semester or equivalent study period. Students will have access to all primary learning materials online through LEO, along with formative and summative assessments, all of which will be available online, to provide a learning experience beyond the classroom. While there are no formal classroom lectures for this unit, students will be required to attend weekly three-hour workshops, which will include a seminar and specific tasks related to achievement of the unit learning outcomes. Workshops facilitate learning by doing, which is particularly effective for information technology units as technical skills can be better learned through hands on practices.
Students should anticipate undertaking 150 hours of study for this unit, including class attendance, readings, online forum participation and assessment preparation.
Assessment strategy and rationale
A range of assessment procedures will be used to meet the unit learning outcomes and develop graduate attributes consistent with University assessment requirements. The first assessment provides students with an opportunity to apply and test a number of security tools and techniques in laboratory set-up. In assessment task 2, students will critically analyse a recent security breach and investigate the cause of breach and will also apply their knowledge to propose an appropriate security solution. The last assessment provides students with an opportunity to apply theoretical knowledge and assess risk for a cyber physical system using standard risk analysis models.
Overview of assessments
| Brief Description of Kind and Purpose of Assessment Tasks | Weighting | Learning Outcomes | Graduate Attributes |
|---|---|---|---|
Task 1: Lab assessment This assessment consists of a series of weekly lab exercises where students are required to apply different security tools and techniques to solve practical problems. The feedback from this assessment will help students to be ready to apply the concepts in other two assessments. Submission Type: Individual Assessment Method: Lab Practical task Artefact: Source Code/Lab report | 20% | LO1, LO2, LO3, LO4 | GA2, GA4, GA5, GA7, GA10 |
Task 2: Report on cyber security issues The purpose of this task is to assess students’ critical thinking and reflective analysis of contemporary cyber security issues. This report has to be written based on a recent cyber-attack. Students will learn how to write a scientific report and format it using the IEEE template. Submission Type: Group Assessment Method: Scientific report Artefact: Written report (2000 words) | 30% | LO1, LO2 | GA5, GA7, GA10 |
Task 3: Report on Risk Analysis The students are expected to write a report reflecting their critical analysis on potential security threats and their consequences for an IT or information system. They have to use STRIDE and DREAD models to identify risk factors of an IT or information system. The purpose of this assessment is to assess the students’ critical and analytical ability to delve into complex concepts about cyber security through reflection and collaboration. Submission Type: Individual Assessment Method: Written Report Artefact: Written report (3000 words) | 50% | LO3, LO4 | GA2, GA4, GA5 |
Representative texts and references
Stallings W, 2020, Cryptography & Network Security: Principles and Practice, 8th edn, Pearson US.
Stallings W & Brown L, 2018, Computer Security: Principle and Practice, 4th Edn, Pearson US.
Stallings, W. (2018). Effective Cybersecurity: A Guide to Using Best Practices and Standards. Addison-Wesley Professional.
Anderson, R 2020, Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd edn, Wiley.
Charles J. Brooks, Philip Craig, Donald Short, Cybersecurity Essentials, SYBEX, 2017.
Whitman, M & Mattord, H 2016, Principles of Information Security, 5th edn, Cengage, Boston.
Pfleeger C & Pfleeger S & Margulies J 2015, Security in Computing, 5th edn, Prentice Hall, New Jersey.