Course Title: Manage the security infrastructure for an organisation

Part B: Course Detail

Teaching Period: Term1 2023

Course Code: INTE5064

Course Title: Manage the security infrastructure for an organisation

School: 520T Future Technologies

Campus: City Campus

Program: C4424 - Certificate IV in Cyber Security

Course Contact: Luke Eberbach

Course Contact Phone: +61 3 9925 4381

Course Contact Email:

Name and Contact Details of All Other Relevant Staff

Offering coordinator:

Name: Anar Haque

Phone: +61 3 9925 4755


Nominal Hours: 80

Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.

Pre-requisites and Co-requisites


Course Description

In this course you will gain  knowledge and skills required to manage the security infrastructure for an organisation. It includes assessing risk, implementing appropriate controls, monitoring their effectiveness and compiling reports for future audit purposes

National Codes, Titles, Elements and Performance Criteria

National Element Code & Title:

VU23219 Manage the security infrastructure for an organisation


1 Identify the key features from information and security policies for an organisation

Performance Criteria:

1.1 Information and security policy documents for the organisation are accessed and examined

1.2 Implications of the organisation’s employees work habits relating to its security policy are evaluated

1.3 Implications of the organisation’s configuration and change management capability are evaluated

1.4 Levels of security clearances to access organisational data are identified


2 Determine risk category for the security infrastructure

Performance Criteria:

2.1 Audit of existing tools and security infrastructure for the organisation is conducted

2.2 Asset valuation for the organisation is determined

2.3 Security infrastructure baseline is determined

2.4 Risk assessment of the organisation assets is conducted and associated risks categorised

2.5 Resources required by risk categories to minimise disruption to business operation is identified


3 Identify the physical security vulnerabilities of the organisation's security infrastructure

Performance Criteria:

3.1 Physical structure of the organisation’s security infrastructure is examined

3.2 Security infrastructure vulnerabilities are identified and documented

3.3 Physical security infrastructure vulnerabilities are communicated to appropriate management personnel


4 Implement appropriate security system controls for managing the risk

Performance Criteria:

4.1 Effective controls to manage risk are devised and implemented

4.2 Policies and procedures to cover user access to the system are developed

4.3 Security recovery plan is developed

4.4 System controls to reduce risks in human interaction with the system are implemented


5 Monitor security infrastructure tools and procedures

Performance Criteria:

5.1 Controls that manage risks are reviewed and monitored

5.2 Vendor products that monitor risk rating criteria for an organisation are reviewed


6 Promote cyber security awareness in the organisation

Performance Criteria:

6.1 Strategies to promote security policy awareness amongst the staff of the organisation are planned and implemented

6.2 Security policy awareness strategies are evaluated for their effectiveness within the organisation and if required modified for increased impact

6.3 Training to implement the organisation’s security policy practices is planned and implemented


7 Implement cyber hygiene principles

Performance Criteria:

7.1 Best practices in cyber hygiene are identified 

7.2 Cyber hygiene process is identified and implemented

Learning Outcomes

: On successful completion of this course you will have developed and applied the skills and knowledge required to demonstrate competency in the above elements. 

Details of Learning Activities

During the semester you will do activities that allow you to satisfactorily achieve competency in the course requirements.

The instructions and resources for these activities will be available on Canvas

These activities include:

*weekly Lectorials 

*lab activities 

*study using a list of Reading resources including internet references  and You Tube links

Teaching Schedule

Class Schedule

Week  Topics 
1 Cyber Security Attacks, Concepts and Techniques
2 Protecting Data and Privacy and the Organization
3 Attackers and Their Tools
4 Understanding Defense, policies
5 Vulnerability Assessment, NIST
6 Security Management, change management
7 Risk Management Framework
8 Assessment 
9 System Hardening -Security Maintenance and Management
10 Digital Forensics and Incident Analysis and Response
11 Cyber Hygiene - Security Planning and Risk Management, assessment
12 Cyber Hygiene - Cyber Incident Response Plan, Security tools, Encryption
13 Evaluating Alerts
14  Promote cyber security awareness in the organisation
15 Assessment
16 Assessment
17 Resubmission if available
18 Final Re-submissions (if available)


Learning Resources

Prescribed Texts


Other Resources

Overview of Assessment

Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises, oral/written presentations and through the application of learned skills and insights. Full assessment briefs will be provided and can be found on CANVAS

Assessment Tasks

Assessment One:  Product Assessment

Assessment Two: Practical Assessment

Assessment Three: Knowledge Assessment 

Assessment Matrix

Elements/Performance Criteria

Assessment 1

Assessment 2

Assessment 3





























































































Other Information

Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:

  • Relevant
  • Current
  • Satisfies the learning/competency outcomes of the course

Please refer to to find more information about credit transfer and RPL

Study and learning Support:

Study and Learning Centre (SLC) provides free learning and academic development advice to you. 
Services offered by SLC to support your numeracy and literacy skills are: 

  • assignment writing, thesis writing and study skills advice 
  • maths and science developmental support and advice 
  • English language development 

Please Refer to find more information about Study and learning Support 

Equitable Learning Services (ELS):

If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to to find more information about services offered by Equitable Learning Services (ELS).

Late submission: 

If you require an Extension of Submittable Work (assignments, reports or project work etc.) for 7 calendar days or less (from the original due date) and have valid reasons, you must complete and lodge an Application for Extension of Submittable Work (7 Calendar Days or less) form and lodge it with the Senior Educator/ Program Manager. 
The application must be lodged no later than one working day before the official due date. You will be notified within no more than 2 working days of the date of lodgment as to whether the extension has been granted. 
If you seek an Extension of Submittable Work for more than 7 calendar days (from the original due date) must lodge an Application for Special Consideration form under the provisions of the Special Consideration Policy, preferably prior to, but no later than 5 working days after the official due date. 

Submittable Work (assignments, reports or project work etc.) submitted late without approval of an extension will not be accepted or marked. 

Special consideration: 

Please Refer to find more information about special consideration 


Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University. 

Please Refer: to find more information about plagiarism. 

Other Information: 

All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.

Course Overview: Access Course Overview