Course Title: Manage the security infrastructure for an organisation
Part B: Course Detail
Teaching Period: Term2 2024
Course Code: INTE5064
Course Title: Manage the security infrastructure for an organisation
School: 520T Future Technologies
Campus: City Campus
Program: C4424 - Certificate IV in Cyber Security
Course Contact: Anar Haque
Course Contact Phone: +61 3 9925 1409
Course Contact Email: anar.haque@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 80
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
None
Course Description
In this course you will gain knowledge and skills required to manage the security infrastructure for an organisation. It includes assessing risk, implementing appropriate controls, monitoring their effectiveness and compiling reports for future audit purposes
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
VU23219 Manage the security infrastructure for an organisation |
Element: |
1 Identify the key features from information and security policies for an organisation |
Performance Criteria: |
1.1 Information and security policy documents for the organisation are accessed and examined 1.2 Implications of the organisation’s employees work habits relating to its security policy are evaluated 1.3 Implications of the organisation’s configuration and change management capability are evaluated 1.4 Levels of security clearances to access organisational data are identified |
Element: |
2 Determine risk category for the security infrastructure |
Performance Criteria: |
2.1 Audit of existing tools and security infrastructure for the organisation is conducted 2.2 Asset valuation for the organisation is determined 2.3 Security infrastructure baseline is determined 2.4 Risk assessment of the organisation assets is conducted and associated risks categorised 2.5 Resources required by risk categories to minimise disruption to business operation is identified |
Element: |
3 Identify the physical security vulnerabilities of the organisation's security infrastructure |
Performance Criteria: |
3.1 Physical structure of the organisation’s security infrastructure is examined 3.2 Security infrastructure vulnerabilities are identified and documented 3.3 Physical security infrastructure vulnerabilities are communicated to appropriate management personnel |
Element: |
4 Implement appropriate security system controls for managing the risk |
Performance Criteria: |
4.1 Effective controls to manage risk are devised and implemented 4.2 Policies and procedures to cover user access to the system are developed 4.3 Security recovery plan is developed 4.4 System controls to reduce risks in human interaction with the system are implemented |
Element: |
5 Monitor security infrastructure tools and procedures |
Performance Criteria: |
5.1 Controls that manage risks are reviewed and monitored 5.2 Vendor products that monitor risk rating criteria for an organisation are reviewed |
Element: |
6 Promote cyber security awareness in the organisation |
Performance Criteria: |
6.1 Strategies to promote security policy awareness amongst the staff of the organisation are planned and implemented 6.2 Security policy awareness strategies are evaluated for their effectiveness within the organisation and if required modified for increased impact 6.3 Training to implement the organisation’s security policy practices is planned and implemented |
Element: |
7 Implement cyber hygiene principles |
Performance Criteria: |
7.1 Best practices in cyber hygiene are identified 7.2 Cyber hygiene process is identified and implemented |
Learning Outcomes
: On successful completion of this course you will have developed and applied the skills and knowledge required to demonstrate competency in the above elements.
Details of Learning Activities
During the semester you will do activities that allow you to satisfactorily achieve competency in the course requirements.
The instructions and resources for these activities will be available on Canvas
These activities include:
*Weekly Lectorials
*Lab activities
*Study using a list of Reading resources including internet references and YouTube links
Teaching Schedule
| Week 1 | 15-21 July |
The Danger of Cyber Attack Cyber Security Attacks, Concepts and Techniques |
|
| Week 2 | 22-28 July |
The Need for Cybersecurity Protecting Data and Privacy Protecting the Organization |
|
| Week 3 | 29 July - 4 August | Attackers and Their Tools |
|
| Week 4 | 5-11 Aug |
Understanding Defense, policies Threat Intelligence |
|
| Week 5 |
12-18 Aug |
Endpoint Vulnerability Assessment, NIST |
|
| Week 6 | 19-25 Aug |
Security Management, change management Cloud Security |
|
| Week 7 | 26 Aug-1 Sep | Risk Management Process /Framework |
|
02 Sep - 8 Sep |
Mid-semester break |
|
|
| Week 8 | 9-15 Sep |
Project work |
|
| Week 9 | 16-22 Sep | System Hardening -Security Maintenance and Management |
|
| Week 10 | 23-29 Sep |
Digital Forensics and Incident Analysis and Response |
|
| Week 11 | 30 Sep - 6 Oct |
Cyber Hygiene - Security Planning and Risk Management Complete Short answer questions |
|
| Week 12 | 7-13 Oct |
Cyber Hygiene - Cyber Incident Response Plan Security tools, Encryption |
|
| Week 13 | 14-20 Oct |
Will Your Future be in Cybersecurity? Evaluating Alerts |
|
| Week 14 | 21-27 Oct | Promote cyber security awareness in the organisation |
|
| Week 15 | 28 Oct - 3 Nov |
Fighters in the War Against Cybercrime Project work |
|
| Week 16 | 4-10 Nov | Project work |
|
| Week 17 | 11-17 Nov |
Resubmission if available |
|
| Week 18 | 18-24 Nov |
|
Learning Resources
Prescribed Texts
References
Other Resources
Course Overview:Access Course Overview
Overview of Assessment
Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises, oral/written presentations and through the application of learned skills and insights. Full assessment briefs will be provided and can be found on CANVAS
Assessment Tasks
Assessment in this course is competency-based. To be deemed competent for this course, students must satisfactorily complete all assessment tasks.
There are two (2) assessment tasks in this course.
Assessment Task 1: Product Assessment Task
- Project_Part 1 Observation - Individual task, attendance mandatory - released in week 5, due week 7,8
- Project_Part 2 Observation - Individual task, attendance mandatory - released in week 9, due week 15,16
Assessment Task 2: Practical Assessment Task
- Practical Observation - Group of 2 tasks, attendance mandatory - released in week13, due week 14
Results that apply to courses that are delivered and assessed per competency-based assessment are:
CA: Competency Achieved
NYC: Not Yet Competent
DNS: Did not Submit for Assessment
Assessment Matrix
| Elements/Performance Criteria | Assessment 1 | Assessment 2 |
| 1.1 | X | |
| 1.2 | X | |
| 1.3 | X | |
| 1.4 | X | |
| 2.1 | X | |
| 2.2 | X | |
| 2.3 | X | |
| 2.4 | X | |
| 2.5 | X | |
| 3.1 | X | |
| 3.2 | X | |
| 3.3 | X | |
| 4.1 | X | |
| 4.2 | X | |
| 4.3 | X | |
| 4.4 | X | |
| 5.1 | X | |
| 5.2 | X | |
| 6.1 | X | |
| 6.2 | X | |
| 6.3 | X | |
| 7.1 | X | X |
| 7.2 | X | X |
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
- assignment writing, thesis writing and study skills advice
- maths and science developmental support and advice
- English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from a long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Late submission:
If you require an Extension of Submittable Work (assignments, reports project work etc.) for 7 calendar days or less (from the original due date) and have valid reasons, you must complete and lodge an Application for an Extension of Submittable Work (7 Calendar Days or less) form and lodge it with the Senior Educator/ Program Manager.
The application must be lodged no later than one working day before the official due date. You will be notified within no more than 2 working days of the date of lodgment as to whether the extension has been granted.
If you seek an Extension of Submittable Work for more than 7 calendar days (from the original due date) must lodge an Application for Special Consideration form under the provisions of the Special Consideration Policy, preferably prior to, but no later than 5 working days after the official due date.
Submittable Work (assignments, reports or project work etc.) submitted late without approval of an extension will not be accepted or marked.
Special consideration:
Please Refer http://www.rmit.edu.au/students/specialconsideration to find more information about special consideration
Plagiarism:
Plagiarism is a form of cheating and it is a very serious academic offence that may lead to expulsion from the University.
Please Refer www.rmit.edu.au/academicintegrity to find more information about plagiarism.
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview