Course Title: Manage the security infrastructure for an organisation
Part B: Course Detail
Teaching Period: Term2 2023
Course Code: INTE5064
Course Title: Manage the security infrastructure for an organisation
School: 520T Future Technologies
Campus: City Campus
Program: C4424 - Certificate IV in Cyber Security
Course Contact: Luke Eberbach
Course Contact Phone: +61 3 9925 4381
Course Contact Email: Luke.Eberbach@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Offering coordinator:
Name: Anar Haque
Phone: +61 3 9925 4755
email: anar.haque@rmit.edu.au
Nominal Hours: 80
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
None
Course Description
In this course you will gain knowledge and skills required to manage the security infrastructure for an organisation. It includes assessing risk, implementing appropriate controls, monitoring their effectiveness and compiling reports for future audit purposes
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
VU23219 Manage the security infrastructure for an organisation |
Element: |
1 Identify the key features from information and security policies for an organisation |
Performance Criteria: |
1.1 Information and security policy documents for the organisation are accessed and examined 1.2 Implications of the organisation’s employees work habits relating to its security policy are evaluated 1.3 Implications of the organisation’s configuration and change management capability are evaluated 1.4 Levels of security clearances to access organisational data are identified |
Element: |
2 Determine risk category for the security infrastructure |
Performance Criteria: |
2.1 Audit of existing tools and security infrastructure for the organisation is conducted 2.2 Asset valuation for the organisation is determined 2.3 Security infrastructure baseline is determined 2.4 Risk assessment of the organisation assets is conducted and associated risks categorised 2.5 Resources required by risk categories to minimise disruption to business operation is identified |
Element: |
3 Identify the physical security vulnerabilities of the organisation's security infrastructure |
Performance Criteria: |
3.1 Physical structure of the organisation’s security infrastructure is examined 3.2 Security infrastructure vulnerabilities are identified and documented 3.3 Physical security infrastructure vulnerabilities are communicated to appropriate management personnel |
Element: |
4 Implement appropriate security system controls for managing the risk |
Performance Criteria: |
4.1 Effective controls to manage risk are devised and implemented 4.2 Policies and procedures to cover user access to the system are developed 4.3 Security recovery plan is developed 4.4 System controls to reduce risks in human interaction with the system are implemented |
Element: |
5 Monitor security infrastructure tools and procedures |
Performance Criteria: |
5.1 Controls that manage risks are reviewed and monitored 5.2 Vendor products that monitor risk rating criteria for an organisation are reviewed |
Element: |
6 Promote cyber security awareness in the organisation |
Performance Criteria: |
6.1 Strategies to promote security policy awareness amongst the staff of the organisation are planned and implemented 6.2 Security policy awareness strategies are evaluated for their effectiveness within the organisation and if required modified for increased impact 6.3 Training to implement the organisation’s security policy practices is planned and implemented |
Element: |
7 Implement cyber hygiene principles |
Performance Criteria: |
7.1 Best practices in cyber hygiene are identified 7.2 Cyber hygiene process is identified and implemented |
Learning Outcomes
: On successful completion of this course you will have developed and applied the skills and knowledge required to demonstrate competency in the above elements.
Details of Learning Activities
During the semester you will do activities that allow you to satisfactorily achieve competency in the course requirements.
The instructions and resources for these activities will be available on Canvas
These activities include:
*weekly Lectorials
*lab activities
*study using a list of Reading resources including internet references and You Tube links
Teaching Schedule
Class Schedule
Week | Topics |
1 | Cyber Security Attacks, Concepts and Techniques |
2 | Protecting Data and Privacy and the Organization |
3 | Attackers and Their Tools |
4 | Understanding defense, policies |
5 | Vulnerability Assessment, NIST |
6 | Security Management, change management |
7 | Risk Management process /Framework |
8 | Assessment |
9 | System Hardening -Security Maintenance and Management |
10 | Digital Forensics and Incident Analysis and Response |
11 | Cyber Hygiene - Security Planning and Risk Management, assessment |
12 | Cyber Hygiene - Cyber Incident Response Plan, Security tools, Encryption |
13 | Evaluating Alerts |
14 | Promote cyber security awareness in the organisation |
15 | War Against Cybercrime, Assessment |
16 | Assessment |
17 | Resubmission if available |
18 | Final Re-submissions (if available) |
Learning Resources
Prescribed Texts
References
Other Resources
Overview of Assessment
Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises, oral/written presentations and through the application of learned skills and insights. Full assessment briefs will be provided and can be found on CANVAS
Assessment Tasks
Assessment One: Product Assessment
Assessment Two: Practical Assessment
Assessment Matrix
Elements/Performance Criteria |
Assessment 1 |
Assessment 2 |
1.1 |
X |
|
1.2 |
X |
|
1.3 |
X |
|
1.4 |
X |
|
2.1 |
X |
|
2.2 |
X |
|
2.3 |
X |
|
2.4 |
X |
|
2.5 |
X |
|
3.1 |
X |
|
3.2 |
X |
|
3.3 |
X |
|
4.1 |
X |
|
4.2 |
X |
|
4.3 |
X |
|
4.4 |
X |
|
5.1 |
X |
|
5.2 |
X |
|
6.1 |
X |
|
6.2 |
X |
|
6.3 |
X |
|
7.1 |
X |
X |
7.2 |
X |
X |
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
- assignment writing, thesis writing and study skills advice
- maths and science developmental support and advice
- English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Late submission:
If you require an Extension of Submittable Work (assignments, reports or project work etc.) for 7 calendar days or less (from the original due date) and have valid reasons, you must complete and lodge an Application for Extension of Submittable Work (7 Calendar Days or less) form and lodge it with the Senior Educator/ Program Manager.
The application must be lodged no later than one working day before the official due date. You will be notified within no more than 2 working days of the date of lodgment as to whether the extension has been granted.
If you seek an Extension of Submittable Work for more than 7 calendar days (from the original due date) must lodge an Application for Special Consideration form under the provisions of the Special Consideration Policy, preferably prior to, but no later than 5 working days after the official due date.
Submittable Work (assignments, reports or project work etc.) submitted late without approval of an extension will not be accepted or marked.
Special consideration:
Please Refer http://www.rmit.edu.au/students/specialconsideration to find more information about special consideration
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Other Information:
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview