Year
2024Credit points
10Campus offering
No unit offerings are currently available for this unit.Prerequisites
ITEC615 Information Technology Essentials
Teaching organisation
3 hours per week for twelve weeks or equivalent.Unit rationale, description and aim
Information security is crucial to all organisations to protect their data, privacy, hardware, software and stakeholders from intentional or unintentional threats while conducting their business. Information Systems Security combines systems, operations and internal controls to ensure integrity, confidentiality and availability of data and operation procedures in an organisation. This unit introduces concepts, theories, methodologies and techniques related to the implementation of information systems security.
The aim of this unit is to ensure students have a solid understanding and knowledge of the key issues pertaining to information systems security and are able to implement appropriate security countermeasures to mitigate information systems security threats.
Learning outcomes
To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.
Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.
Explore the graduate capabilities.
Learning Outcome Number | Learning Outcome Description |
---|---|
LO1 | Identify potential security threats and vulnerabilities to information systems and analyse their consequences in real world scenarios. |
LO2 | Demonstrate knowledge of security incidents, consumer privacy, security models, and policy required to design effective security solutions |
LO3 | Analyse the impacts of security threats on wireless networks and design appropriate security measures. |
LO4 | Integrate different security measures such as access control, authentication, encryption, authorisation and file protection to ensure an enhanced level of information systems security. |
LO5 | Evaluate the consequences of different level of risks in an organisation and propose appropriate security countermeasures to minimise the impacts or likelihood of risks. |
Content
Topics will include:
- Introduction to information security
- Intruders and malicious software
- Basic cryptography
- Authentication & IPSec
- Wireless network security
- Security Policy and Password Management
- Database security
- Network security
- Physical security
- Legal, privacy, and ethical issues
- Contemporary trends in information systems security
Learning and teaching strategy and rationale
The teaching and learning strategy is built on a “student-focused approach”. ACU’s teaching policy focuses on learning outcomes for students. Our teaching aims to engage students as active participants in the learning process while acknowledging that all learning must involve a complex interplay of active and receptive processes, the constructing of meaning for oneself, and learning from others. ACU promotes and facilitates learning that is autonomous and self-motivated, is characterised by the individual taking satisfaction in the mastering of content and skills and is critical, looking beneath the surface level of information for the meaning and significance of what is being studied.
The schedule of the workshops is designed in such a way that students can achieve intended learning outcomes sequentially. Teaching and learning activities will apply the experiential learning model, which encourages students to apply higher order thinking. The unit ensures that learning activities involve real-world scenarios that in turn assist with ‘real-world’ preparedness. The unit also uses a scaffolding technique that builds a student’s skills and prepares them for the next phase of the learning process.
Students should anticipate undertaking 150 hours of study for this unit, including class attendance, readings, forum participation and assessment preparation.
Mode of delivery: This unit is offered in different modes. These are: “Attendance” mode, “Multi” mode and “Online” mode. This unit is offered in three modes to cater to the learning needs and preferences of a range of participants and maximise effective participation for isolated and/or marginalised groups.
Attendance Mode
In a weekly attendance mode, students will require face-to-face attendance in specific physical location/s. Students will have face-to-face interactions with lecturer(s) to further their achievement of the learning outcomes. This unit is structured with required upfront preparation before workshops, most students report that they spend an average of one hour preparing before the workshop and one or more hours after the workshop practicing and revising what was covered. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for you to prepare and revise.
Multi-Mode
In a multi-mode, students will require intermittent face-to-face attendance determined by the School. Students will have face-to-face interactions with lecturer(s) to further their achievement of the learning outcomes. This unit is structured with required upfront preparation before workshops. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for you to prepare and revise.
Online Mode
In an Online mode, students are given the opportunity to attend facilitated synchronous online seminar classes with other students and participate in the construction and synthesis of knowledge, while developing their knowledge. Students are required to participate in a series of online interactive workshops which include activities, knowledge checks, discussion and interactive sessions. This approach allows flexibility for students and facilitates learning and participation for students with a preference for virtual learning.
Assessment strategy and rationale
A range of assessment procedures will be used to meet the unit learning outcomes and develop graduate attributes consistent with University assessment requirements.
The first assessment provides opportunities for students to work collaboratively on the concepts of IS Security in a contextual sense. The rationale behind this assessment item is to provide students with practice in good study habits and to reinforce group learning and understanding of workshop materials. The second assessment is an opportunity to apply IS Security concepts to create an IS policy for an organisation. The aim of this assessment item is to test students’ ability to apply and synthesise the knowledge and skills in deeper levels. The last assessment provides an opportunity to reflect on the theory and practice of IS Security.
Assessment one and two are the same regardless of whether teaching mode is attendance, multi-mode, or online. Assessment three is the same for attendance and multi-modes, but changes for online mode. This is indicated in overview of assessment table below. Both methods assess the same learning outcomes.
Overview of assessments
Brief Description of Kind and Purpose of Assessment Tasks | Weighting | Learning Outcomes |
---|---|---|
Assessment Task 1: Reflective Report on a Case Study Participate in online discussion forum to understand complex concepts through reflection and collaboration. The students are expected to write a report reflecting their critical analysis on potential security threats and their consequences for an information system. The purpose of this assessment is to assess the students’ critical and analytical ability to delve into complex concepts about information systems security through reflection and collaboration. | 20% | LO1, LO2 |
Assessment Task 2: Practical Project – Information systems Security analysis and planning Develop professional skills through the application of theoretical knowledge and understanding of information system security analysis and security planning for a small organisation. The students expected to analyse case study, investigate security issues and compliance, write an analysis report and propose appropriate Information systems security solutions. The purpose of this assessment is to assess the students’ ability to apply their theoretical knowledge about Information systems security for analysing and planning Information system security solutions for a small organisation. | 30% | LO4, LO5 |
Assessment Task 3 – Attendance and Multi Modes: Final Examination The final exam will be designed to assess all stated learning outcomes. This is a 2-hour invigilated examination covering all unit contents. The examination includes short answer questions and case study questions. The purpose of this assessment is to test the students’ grasp of the theoretical aspects of the unit. | 50% | LO2, LO3, LO4, LO5 |
Assessment Task 3 – Online Mode: Case Study Students will study several case studies, critically analyse them and answer a number of open-ended questions. They also have to use security tools to investigate the given scenarios and demonstrate the effects of cybersecurity on ethical and legal compliance and the social impact of cybersecurity breaches. The purpose of this assessment is to test the students’ grasp of the theoretical and soft skills (critical thinking, evaluation skills and understanding of relevant tools) aspects of the unit. | 50% | LO2, LO3, LO4, LO5 |
Representative texts and references
Gollmann,D 2011, Computer Security, 3rd edn, John Wiley & Sons, West Sussex.
Pfleeger C & Pfleeger S & Margulies J 2015, Security in Computing, 5th edn, Prentice Hall, New Jersey.
Stallings W 2016, Cryptography & Network Security: Principles and Practice, 7th edn, Pearson US.
Stallings W & Brown L, 2015, Computer Security: Principle and Practice, 3rd Edn, Pearson US.
Stallings W & Case T 2013, Business data communications: Infrastructure, networking and security, 7th edn, Pearson, Boston.
Whitman, M & Mattord, H 2016, Principles of Information Security, 5th edn, Cengage, Boston.