Part A: Course Overview

Course Title: Cyber Attack Analysis and Incident Response

Credit Points: 12.00

Terms

Course Code	Campus	Career	School	Learning Mode	Teaching Period(s)
INTE2673	City Campus	Postgraduate	175H Computing Technologies	Face-to-Face	Sem 1 2025

Course Coordinator: Mohammad Saidur Rahman

Course Coordinator Phone: -

Course Coordinator Email: mohammadsaidur.rahman@rmit.edu.au

Course Coordinator Location: -

Course Coordinator Availability: Contact via email

Pre-requisite Courses and Assumed Knowledge and Capabilities

Enforced Pre-Requisite Courses 

Successful completion of the following course/s: 

• INTE2665 Introduction to Cyber Security (course ID: 056390)

Note: it is a condition of enrolment at RMIT that you accept responsibility for ensuring that you have completed the prerequisite/s and agree to concurrently enrol in co-requisite courses before enrolling in a course. 

For information go to RMIT Course Requisites webpage. 

 

Recommended Prior Study 

You should have satisfactorily completed or received credit for the following course/s before you commence this course: 

• COSC2537 Security in Computing and Information Technology (course ID: 045940)
• INTE2580/INTE2604 Ethical Hacking and Security Testing (course ID: 054233)
• COSC2061 Data Communication and Net-Centric Computing (course ID: 004110)

 

If you have completed prior studies at RMIT or another institution that developed the skills and knowledge covered in the above course/s you may be eligible to apply for credit transfer. 

Alternatively, if you have prior relevant work experience that developed the skills and knowledge covered in the above course/s you may be eligible for recognition of prior learning. 

Please follow the link for further information on how to apply for credit for prior study or experience. 

Course Description

In today's highly connected digital world, most of our digital assets are accessible remotely in real-time from anywhere. This increased connectivity has made cybersecurity more critical than ever. To ensure cybersecurity, it is essential to detect and respond to cyber threats promptly.

Cyber attack analysis is a process that helps us understand and investigate cyberattacks, including their origins, methods, and potential impacts. It involves examining the data and evidence left behind by a cyber attack to determine how it occurred, which vulnerabilities were exploited, and the extent of the damage.

Incident response (IR) is the organized approach an organization takes when dealing with a data breach or cyberattack. Its aim is to swiftly identify an attack, minimize its impact, contain any damage, and fix the root cause to prevent future incidents.

In this course, you will gain a comprehensive understanding of cyber threats and explore various types of attacks, such as malware, phishing, and advanced persistent threats. You'll also learn about the motives driving cyberattacks and how to spot early signs of a potential breach. Additionally, we'll cover the latest tools and techniques used in incident response, providing you with the skills to reduce damage and safeguard critical assets. Overall, mastering these strategies will enable you to effectively counter threats and protect organizations from potentially devastating cyberattacks.

Objectives/Learning Outcomes/Capability Development

Program Learning Outcomes

This course is an option course so it is not required to contribute to the development of program learning outcomes (PLOs) though it may assist your achievement of several PLOs.

For more information on the program learning outcomes for your program, please see the program guide.

Upon successful completion of this course, you will be able to:

1. Exhibit a deep understanding of the evolving landscape of cyber threats in our interconnected digital world, including the motivations behind cyberattacks.
2. Identify early warning signs of potential breaches, allowing you to take preemptive action and protect digital assets.
3. Perform a systematic analysis of cyberattacks, enabling you to uncover their origins, methods, and potential impacts.
4. Demonstrate the ability to critically assess and respond to cyber threats and incidents.
5. Employ an organized and methodical approach to swiftly identify attacks, minimize their impact, and contain damage.

Overview of Learning Activities

This course is delivered in on-campus mode but aims to provide multiple modes of delivery with course materials available electronically wherever possible. Each topic (in standard on-campus mode) consists of lectures and workshops.

The learning activities included in this course are:

• Lectorials where key concepts will be explained, course material will be presented, and the subject matter will be illustrated with demonstrations and examples.
• Workshops will focus on practical work, problem-solving, and the exploration of concepts with teaching staff and other students.
• Group discussions (including in-class and online forums) with teaching staff and other students will focus on solving problems related to lecture examples, workshop tasks, and exploration of advanced relevant concepts.

Assignment work will require an integrated understanding of the subject matter; and private study, working through the course as presented in classes and learning materials, and gaining practice at solving conceptual and technical problems.

Overview of Learning Resources

You will make use of computer laboratories and relevant software provided by the School. RMIT will provide you with resources and tools for learning in this course through myRMIT Studies Course. The learning resources accessible through myRMIT Studies Course include: course related material, e-books, journals and databases. Use the RMIT Bookshop textbook list search page to find recommended textbook(s).

There are services available to support your learning through the University Library. The Library provides guides on academic referencing and subject specialist help as well as a range of study support services. For further information, please visit the Library page on the RMIT University website and the myRMIT student portal. These services can provide extra support to organise your studies, assignment planning or learning skills advice you may wish to contact the Study and Learning Centre. http://www.rmit.edu.au/studyandlearningcentre.

Overview of Assessment

This course has no hurdle requirements.

Assessment tasks

Assessment Task 1: Industry focused Timed Assignment 1
Weighting 30%
This assessment task supports CLOs 1 - 3

Assessment Task 2: Industry focused Timed Assignment 2
Weighting 50% 
This assessment task supports CLOs 3 – 5

Assessment 3: Lab exam on Cyber Attack Analysis and Incident Response Procedure
Weighting 20% 
This assessment supports CLOs 1 - 5

If you have a long-term medical condition and/or disability it may be possible to negotiate to vary aspects of the learning or assessment methods. You can contact the program coordinator or Equitable Learning Services if you would like to find out more.