Course Title: Manage system security
Part B: Course Detail
Teaching Period: Term1 2011
Course Code: COSC5351C
Course Title: Manage system security
School: 650T TAFE Business
Campus: City Campus
Program: C6074 - Advanced Diploma of Information Technology
Course Contact : Paul Lewis
Course Contact Phone: +61 3 9925 1615
Course Contact Email:paul.lewis@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 50
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
NONE
Course Description
This unit defines the competency required to implement and manage security on an operating system such as Windows Server according to organizational guidelines of a client.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
ICAS5118A Manage system security |
Element: |
1. Identify threats to system |
Performance Criteria: |
1.1 Identify and understand the organisation’s system |
Element: |
2. Determine risk category |
Performance Criteria: |
2.1 Conduct a risk assessment on the system and categorise risks
|
Element: |
3. Identify appropriate controls |
Performance Criteria: |
3.1 Identify and put in place effective controls to manage risk |
Element: |
4. Include controls in the system |
Performance Criteria: |
4.1 Develop security plan and procedures to include in management system |
Element: |
5. Monitor system tools and procedures |
Performance Criteria: |
5.1 Review and monitor risks and controls using a management review process |
Learning Outcomes
Details of Learning Activities
Learning activities will include laboratory-based sessions on a variety of topics as shown in the Teaching Schedule below. Learning activities will generally consist of practical computer exercises based on the prescribed textbook and additional teacher handouts. Students should attend all sessions.
Students will also be expected to perform reading, research and other activities for homework.
Students may wish to replicate Windows Server practical activities in a virtual environment such as VMware or Virtual PC.
Teaching Schedule
The total number of scheduled hours of teaching, learning and assessment involved in this course includes all planned activities including face to face classes, lectures, workshops and seminars, workplace visits, online learning and other forms of structured teaching and learning.
The total scheduled hours also covers the amount of effort required to undertake, evaluate and complete all assessment requirements, including observation of work performance, discussions with supervisors and others providing third party evidence and one on one and group assessment sessions with students.
Competency Elements
Elements 1, 2 and 3 of this competency are covered every week in this course. Element 4 is covered in weeks 3 to 16. Element 5 is covered in weeks 12 to 16.
| Week | Week Commencing | Topics / learning Activities | Assessment Tasks |
| 1 | 7th Feb 2011 | Course introduction & overview. System threats, risks & controls. Installing Windows Server 2008. Configuring the system | |
| 2 | 14th Feb 2011 | Intro to Windows Server 2008. Windows Server 2008 platforms, features & alternative installation methods. Virtualisation methods | Demonstations & submissions |
| 3 | 21st Feb 2011 | Server Manager & server roles. Introduction to Active Directory & account management. Containers, users & groups | Demonstations & submissions |
| 4 | 28th Feb 2011 | More on Active Directory & accounts | Demonstations & submissions |
| 5 | 7th Mar 2011 | Configuring, managing & troubleshooting resource access. Permissions & sharing | Theory Review Test 1 |
| 6 |
14th Mar 2011 Mon Labour Day PH |
More on resource access. Auditing | Demonstations & submissions |
| 7 | 21st Mar 2011 | Configuring & managing data storage. Disk backups. Disaster recovery. Recovery plans | Demonstations & submissions |
| 8 | 28th Mar 2011 | Managing Windows Server 2008 network services. DNS, DHCP & IIS | Demonstations & submissions |
| 9 | 11th Apr 2011 | More on network services. Remote access | Theory Review Test 2 |
| 10 | 18th Apr 2011 | Securing Windows Server 2008. Group Policy objects | Demonstations & submissions |
| Vacation | Mid-Semester (Easter) Break - Thu 21st - Wed 27th Apr 2011 | ||
| 11 | 25th Apr 2011 | More on Group Policy. Firewalls & network access | Demonstations & submissions |
| 12 | 2nd May 2011 | Server & network monitoring. Services, Task Manager, Performance Monitor etc | Demonstations & submissions |
| 13 | 9th May 2011 | Risk management & security planning. Managing availability. Catch-up session | Theory Review Test 3 |
| 14 | 16th May 2011 | Revision for final practical test | Final Demonstations & submissions |
| 15 | 23rd May 2011 | Final Practical Test conducted | Final Practical Test |
| 16 | 30th May 2011 | Course review. Assessment feedback | |
| Students who have been granted special consideration or are required to re-submit, will be able to submit/sit their assessment by arrangement with the class teacher in weeks 17 or 18. |
Learning Resources
Prescribed Texts
Palmer, J (2008), Hands-On Windows Server 2008, 6th edn, Thomson Course Technology |
1423901479 |
References
Other Resources
It is expected that all students will purchase the p[rescribed text by Palmer as soon as possible, as many of the practical activities in the book will be performed by students in the lab. This textbook will also be used in semester 2 courses.
Students may also refer to various Websites or alternative textbooks on Windows Server 2008 from the RMIT Library, as indicated the teacher.
Overview of Assessment
Assessment may incorporate a variety of methods including technical requirements documentation, homework, assignments, group and/or individual projects and in class exercises, written tests, practical problem solving exercises, presentations, practical tests and a final exam. Students are advised that they are likely to be asked to personally demonstrate their assessment work to their teacher to ensure that the relevant competency standards are being met. Students will be provided with feedback throughout the course to check their progress.
Assessment Tasks
Demonstrations & Submissions
Students will be expected to demonstrate class work and submit screen shots for selected activities from the prescribed text. Work is to be submitted within one week of the corresponding class exercise.
Theory Review Tests
Students will sit three multiple-choice tests based on the theory behind operating system security controls, as dealt with in the textbook. The questions at the end of each chapter should be used for revision purposes.
Final Practical Test
This will be a fully-graded in-lab practical assessment. Students will be required to perform a variety of tasks in Windows Server 2008 in order to manage system security.
Assessment Matrix
| ICAS5123C– Manage system security |
Demonstrations & Submissions CA/NYC (40%) |
Theory Review Tests CA/NYC (40%) |
Final Practical Test 20% |
| Element 1: Identify threats to system | Y | Y | Y |
| Element 2: Determine risk category | Y | Y | Y |
| Element 3: Identify appropriate controls | Y | Y | Y |
Element 4: Include controls in the system |
Y | Y | Y |
| Element 5: Monitor system tools and procedures | Y | Y | Y |
Other Information
Competency and grading requirements
To be deemed competent students must demonstrate an understanding of all elements of this competency. Assessment methods have been designed to measure achievement of each competency in a flexible manner over multiple tasks.
Students are advised that they are likely to be asked to personally demonstrate their work to their teacher to ensure that the relevant competency standards are being met.
All competency-based assessments for this course must be completed in order to achieve a CA (Competency Achieved) award.
Each assessment task will also carry a numerical weighting to be used for grading purposes. The grade applied will only be awarded if a CA has been achieved in all compulsory assessment tasks.
If a student has been assessed as NYC (Not Yet Competent) in any of the assessment tasks, the weighting will carry no value until the student has obtained a CA.
If a CA is achieved on re-assessment, a maximum mark of 50% of the original weighting will be granted for that assessment.
Re-assessments will only be granted to students who were either unsuccessful in the first attempt, or have an approved application for special consideration.
A final practcal test worth 20% will be offered to students who have achieved CA
Course Overview: Access Course Overview