Course Title: Cyber Security Attack Analysis and Incidence Response

Part A: Course Overview

Course Title: Cyber Security Attack Analysis and Incidence Response

Credit Points: 12.00

Important Information:

Please note that this course may have compulsory in-person attendance requirements for some teaching activities. 

To participate in any RMIT course in-person activities or assessment, you will need to comply with RMIT vaccination requirements which are applicable during the duration of the course. This RMIT requirement includes being vaccinated against COVID-19 or holding a valid medical exemption. 

Please read this RMIT Enrolment Procedure as it has important information regarding COVID vaccination and your study at RMIT:

Please read the Student website for additional requirements of in-person attendance: 

Please check your Canvas course shell closer to when the course starts to see if this course requires mandatory in-person attendance. The delivery method of the course might have to change quickly in response to changes in the local state/national directive regarding in-person course attendance. 

Course Coordinator: Professor Xun Yi

Course Coordinator Phone: .

Course Coordinator Email:

Course Coordinator Availability: Please email for appointment

Pre-requisite Courses and Assumed Knowledge and Capabilities


INTE2625 - Introduction to Cyber Security (Course ID 054986)

Course Description

A cyber attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks. It can lead to electrical blackouts, breaches of government security details, failure of military equipment, disruption of computer networks, paralysation of phone networks, unavailability of confidential data and it may affect the functioning of human life. In order to protect our business against cyber attacks, it is important for us to understand how cyber attacks work and how we should respond them.

In this course, you will be introduced to recent cyber attacks and the impact on business, review attacker profiles, motivations and the cyber attack lifecycle. You will learn how to recognise high-profile cyber attacks and advanced persistent threats, identify malware types, vulnerabilities, exploits, spamming and phishing attacks, and configure and test a malware analysis security profile. Cyber Incidence Response (IR) associates with both human and technological factors, which covers preparation, identification, remediation and recovery from cyber incidents. You will also be introduced to data preservation, forensic analysis, peripheral log analysis and malware analysis. Technical details about incident response for target enterprises will be given as case studies, more specifically, the protection of proprietary data, control network access, and manage system operation.

Objectives/Learning Outcomes/Capability Development

The course is a program option course, however, will contribute to following program learning outcomes for:

BP094 Bachelor of Computer Science
BP096 Bachelor of Software Engineering
BP162 Bachelor of Information Technology
BP340 Bachelor of Data Science
BP347 Bachelor of Computer Science (Professional)
BP348 Bachelor of Data Science (Professional)
BP349 Bachelor of Information Technology (Professional)

PLO2: Problem Solving - Apply systematic problem solving and decision-making methodologies to identify, design and implement computing solutions to real world problems, demonstrating the ability to work independently to self-manage processes and projects.

PLO3: Cognitive and Technical Skill - Critically analyse and evaluate user requirements and design systems employing software development tools, techniques, and emerging technologies.

PLO6: Responsibility and Accountability - Demonstrate integrity, ethical conduct, sustainable and culturally inclusive professional standards, including First Nations knowledges and input in designing and implementing computing solutions.

On successful completion of this course, you should be able to:

  • CLO 1: Explain cyber attacks and its potential consequences. 
  • CLO 2: Identify malware types, and detection methods for computer systems and networks and identify potential problems to avoid.
  • CLO 3: Describe incident management processes and gather the information required to handle an incident.
  • CLO 4: Perform analysis and response tasks for various sample incidents using incident tools and technologies
  • CLO 5: Demonstrate critical thinking skills when responding to incidents and suggest ways to recover and prevent reoccurrence of incidents.
  • CLO 6: Present risk mitigation mechanisms for given case studies.    

Overview of Learning Activities

This course uses highly structured learning activities to guide your learning and prepare you to complete the assessment tasks. These activities consist of a combination of individual, peer-supported and facilitator-guided activities, and where possible project-led, with opportunities for regular feedback. 

Authentic and industry-relevant learning is critical to this course as you will be expected to critically evaluate current thinking and practice within this discipline. You will apply your thinking by producing relevant real-world assessment tasks and engage with scenarios and case studies.  

You will be expected to participate in class and group activities, as well as provide and receive peer feedback on drafts of work as social learning is an important component of this course. 

Overview of Learning Resources

The learning and teaching approaches used in this program may include webinars, problem-based learning and case studies.  

The activities and tasks are designed to facilitate the application of theory and encourage peer learning in a collaborative, open manner using online tools and interactive discussion forums. Assessment is integrated throughout the program to ensure that you graduate with a set of applicable skills and knowledge.  

There are services available to support your learning via the RMIT University Library. The Library provides guides on academic referencing and subject specialist help as well as a range of study support services.  

RMIT Online provides support and equal opportunities for students with a disability, long-term illness and/or mental health condition and primary carers of individuals with a disability. If you need assistance, please speak to your Program Manager or contact the Equitable Learning Services (ELS). 

At RMIT you can apply for credit so your previous learning or experience counts toward your RMIT Online program. For further information on how to apply for credit, please click here.  

Please view the Assessment and Assessment Flexibility Policy for further information regarding applying for an extension, special consideration, equitable assessment arrangements and supplementary assessment. 

Overview of Assessment

This course has no hurdle requirements.

Assessment Task 1: Knowledge Assignment
Weighting: 30%  
This assessment task supports CLOs:  1, 2 & 3.

Assessment Task 2: Cyber Attack Analysis Assignment
Weighting: 30%  
This assessment task supports CLOs: 2, 3 & 4.

Assessment Task 3: Incident Response Assignment
Weighting: 40% 
This assessment task supports CLOs: 3, 4, 5 & 6.  

Note: Feedback will be given on all assessment tasks.