Year
2024Credit points
10Campus offering
Prerequisites
Nil
Incompatible
ITEC326 Information Systems Security
Teaching organisation
150 hours over a twelve-week semester or equivalent study period
Unit rationale, description and aim
Cyber security is the practice of protecting networks, computer systems, and data from malicious attacks. With the increasing threats of data breach and leaks in our interconnected world, fintech companies, hospitals, government agencies, and every other sector are investing in cybersecurity infrastructure to protect their data and consumers from malicious attacks. However, there is a global shortage of cyber security experts and this number is growing every year. This unit is designed to help students develop a deeper understanding of modern information and cyber security challenges, mitigation techniques and tools.
The unit demonstrates the basic cyber security concepts, security tools and the common architectures used as industry standards. Students will learn how to defend against cyber threats and attacks and study existing techniques for managing security issues and maintaining the working environment.
The unit also covers ethical and legal issues in cyberspace to understand how cyber security affects legal compliance and solidarity in communities and society. The aim of this unit is to equip students with some background knowledge in cyber security, which scaffolds an advanced unit in network security.
Learning outcomes
To successfully complete this unit you will be able to demonstrate you have achieved the learning outcomes (LO) detailed in the below table.
Each outcome is informed by a number of graduate capabilities (GC) to ensure your work in this, and every unit, is part of a larger goal of graduating from ACU with the attributes of insight, empathy, imagination and impact.
Explore the graduate capabilities.
| Learning Outcome Number | Learning Outcome Description | Relevant Graduate Capabilities |
|---|---|---|
| LO1 | Identify vulnerabilities and potential security threats to information systems and analyse their consequences in real world scenarios | GC1, GC2, GC7 |
| LO2 | Demonstrate basic knowledge and understanding of cyber security concepts and investigate how cyber security affects legal compliance and solidarity in communities and society | GC1, GC2, GC6 |
| LO3 | Evaluate the level of risks in an IT system using standard security models and prescribe appropriate countermeasures | GC1, GC2, GC4, GC8 |
| LO4 | Apply knowledge and skills in designing efficient security solutions to ensure common security goals | GC1, GC2, GC8 |
Content
Topics will include:
- Fundamental issues in cyber security
- Cybersecurity Cube
- Threats, Attacks & Vu,nerabilities
- Basic cryptography
- Risk assessment and management
- Hash function and digital signature
- Web security
- Database security
- Digital Forensics
- Legal and ethical issues, privacy & social solidarity
- Protecting a CS Domain
Learning and teaching strategy and rationale
This unit is offered in different modes. These are: “Attendance” mode, “Multi” mode and “Online” mode. This unit is offered in three modes to cater for the learning needs and preferences of a range of participants and maximise effective participation for isolated and/or marginalised groups.
Attendance Mode
In a weekly attendance mode, students will require face-to-face attendance in specific physical location/s. Students will have face-to-face interactions with lecturer(s) to further their achievement of the learning outcomes. This unit is structured with required upfront preparation before workshops, most students report that they spend an average of one hour preparing before the workshop and one or more hours after the workshop practicing and revising what was covered. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for students to prepare and revise.
Multi-Mode
In a multi-mode, students will require face-to-face attendance in blocks of time determined by the School. Students will have first and last 3 weeks (in total 6 weeks) face-to-face on-campus workshops with lecturer(s) to further their achievement of the learning outcomes. In weeks 4-9 (6 weeks) workshops will run in aysnchronous online mode. This unit is structured with required upfront preparation before workshops. The online learning platforms used in this unit provide multiple forms of preparatory and practice opportunities for students to prepare and revise.
ACU Online
This unit uses an active learning approach to support students in the exploration of knowledge essential to the discipline. Students are provided with choice and variety in how they learn. Students are encouraged to contribute to asynchronous weekly discussions. Active learning opportunities provide students with opportunities to practice and apply their learning in situations similar to their future professions. Activities encourage students to bring their own examples to demonstrate understanding, application and engage constructively with their peers. Students receive regular and timely feedback on their learning, which includes information on their progress.
Assessment strategy and rationale
A range of assessment procedures will be used to meet the unit learning outcomes and develop graduate attributes consistent with University assessment requirements. The first assessment item includes a number of weekly labs designed to apply theoretical knowledge in a lab environment. The purpose of this item is to give students the opportunity of gaining essential knowledge on fundamental concepts of IT. The second assessment item is a scientific report, where students will assess risk factors of an IT system in an organisation and recommend appropriate countermeasures. The purpose of this assessment is to assess students’ critical and analytical ability to delve into complex concepts about cyber security through reflection and collaboration. The final assessment is an open book exam, where students will study several case studies, critically analyse them and answer a number of open-ended questions. The purpose of this assessment is to test students’ ability to apply their knowledge and skills in solving problems
The assessments for this unit are designed to demonstrate the achievement of each learning outcome. To pass this unit, students are required to obtain an overall mark of at least 50%.
Overview of assessments
| Brief Description of Kind and Purpose of Assessment Tasks | Weighting | Learning Outcomes |
|---|---|---|
Assessment Task 1: Lab Assessments This assessment consists of a series of weekly lab exercises where students are required to analyse different cybersecurity threats, breaches and apply their knowledge to countermeasure those threats/breaches. The feedback from this assessment will help students to understand security threats and vulnerabilities and identify appropriate security solutions. Submission Type: Individual Assessment Method: Lab Practical task Artefact: Source Code/Lab report | 30% | LO1, LO4 |
Task 2: Report on Risk Analysis Students are expected to write a report reflecting their critical analysis on potential security threats and their consequences for a cyber physical system through online collaboration. The purpose of this assessment is to assess the students’ critical and analytical ability to delve into complex concepts about cyber security through reflection and online collaboration. Students will work on a recent security breach and participate in weekly discussion forum to complete a particular section of the report each week. Students will be marked for their online engagement in this assessment task. Submission Type: Individual Assessment Method: Scientific Report Artefact: Written report (2500 words) | 30% | LO3 |
Assessment Task 3: Problem Solving This assessment task tests the students’ grasp of both theoretical and practical aspects of the unit. Students will study several case studies, critically analyse them and answer a number of open-ended questions. They also have to use different security models (e.g., STRIDE & DREAD) and security tools to investigate the given scenarios and recommend security solutions to safeguard physical and digital resources of an organisation. Submission Type: Individual Assessment Method: Assignment Artefact: Answer Script | 40% | LO1, LO2, LO4 |
Representative texts and references
Stallings W & Brown L, 2018, Computer Security: Principle and Practices, 4th Edn, Pearson US.
Stallings W 2020, Cryptography & Network Security: Principles and Practices, 8th edn, Pearson US
Charles J. Brooks, Philip Craig, Donald Short, Cybersecurity Essentials, SYBEX, 2017.
Anderson, R 2020, Security Engineering: A Guide to Building Dependable Distributed Systems, 3rd edn, Wiley.
Whitman, M & Mattord, H 2018, Principles of Information Security, 6th edn, Cengage, Boston, ISBN-13:978-1-337-10206-3.