Course Title: Gather, analyse and interpret threat data
Part B: Course Detail
Teaching Period: Term2 2025
Course Code: INTE5053C
Course Title: Gather, analyse and interpret threat data
Important Information:
Please note that this course may include compulsory in-person attendance requirements for some or all teaching activities.
It is recommended that you check your Canvas course shell closer to the course start date for details about any mandatory in-person attendance requirements.
Please be aware that the course delivery method may need to change quickly in response to evolving course requirements. Students must maintain regular communication with their teachers to stay informed about any updates.
School: 520T Future Technologies
Campus: City Campus
Program: C5402 - Diploma of Information Technology
Course Contact: Akhtar Jalbani
Course Contact Phone: +61399254612
Course Contact Email: Akhtar.jalbani@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 40
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
None
Course Description
In this course you will gain the skills and knowledge required to gather data from various sources, analyse, and interpret information for threats, inconsistencies and discrepancies.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
ICTCYS407 Gather, analyse and interpret threat data |
Element: |
1. Gather threat data |
Performance Criteria: |
1.1 Identify legislative requirements and organisational policies and procedures to gather, analyse and interpret threat data 1.2 Identify security equipment on network and data sources 1.3 Discuss and confirm data log requirements and strategy to process data with required personnel 1.4 Collect information from alerts, logs and reported events and create a dataset according to organisational policies and procedures |
Element: |
2. Analyse threat data |
Performance Criteria: |
2.1 Ingest data logs into analytic platform according to user instructions 2.2 Obtain and analyse results for reliability and consistency 2.3 Check for false positives and false negative results 2.4 Detect and describe discrepancies and inconsistencies in data |
Element: |
3. Interpret and finalise threat data |
Performance Criteria: |
3.1 Discuss and review threat data and results with required personnel 3.2 Discuss and assess identified threats, risks and their likelihood of occurrence and impacts of risks, 3.3 Suggest and confirm lessons learnt, action steps, recommendations and mitigation strategies with required personnel 3.4 Document results, findings and recommendations into report according to organisational procedures 3.5 Distribute documentation to required personnel and store according to organisational policies and procedures |
Learning Outcomes
On successful completion of this course the candidate will demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit.
Details of Learning Activities
This unit describes the skills and knowledge required to gather data from various sources, analyse, and interpret information for threats, inconsistencies and discrepancies.
It applies to individuals who work in information technology security, including network and security specialists, and gather logs from devices, check abnormalities and respond accordingly. These individuals are responsible for supporting and preventing cyber threats attacking data in all business functions and in any industry context.
The learning activities include : 1) Weekly quizzes, 2) Theory Questions, 3) Practical work.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Teaching Schedule
| Week | Date |
Topics/Discussions |
Assessment/Lab Activities |
| 1 | 14-20 July |
Identify legislative requirements Assessment:
|
Pre-Course Quiz |
| 2 | 21-27 July |
Identify organisational policies and procedures to gather, analyse and interpret threat data Assessment:
|
|
| 3 | 28 July - 3 August |
Identify security equipment on network and data sources Assessment:
|
|
| 4 | 4-10 August |
Security Information and Event Management (SIEM) / Discuss and confirm data log requirements Assessment:
|
|
| 5 | 11-17 August |
Types of attacks, including: Denial-of-service attack (DDOS), SQL injection (SQLi), Cross-site scripting (XSS) attacks, Scripted attacks, Hardware attacks, Attacks against Wi Fi, Discuss strategy to process data with required personnel Assessment:
|
|
| 6 | 18-24 August |
Collect information from alerts, logs and reported events Assessment:
|
|
| 7 | 25-31 August |
Legislative requirements applicable to gathering, analysing and interpreting threat data Assessment:
|
|
| Mid-semester break | 1-7 September |
No classes | |
| 8 | 8-14 September |
Create a dataset according to organisational policies and procedures | |
| 9 | 15-21 September |
Ingest data logs into analytic platform according to user instructions | Due: Assessment 1 Knowledge Test |
| 10 |
22-28 September 26th September AFL Grand Final public holiday (Friday) |
Obtain and analyse results for reliability and consistency Check for false positives and false negative results |
|
| 11 | 29 September - 5 October |
Detect and describe discrepancies and inconsistencies in data |
|
| 12 | 6-12 October |
Discuss and review threat data and results with required personnel |
|
| 13 | 13-19 October |
Discuss and assess identified threats, risks and their likelihood of occurrence and impacts of risks | |
| 14 | 20-26 October |
Suggest and confirm lessons learnt, action steps, recommendations and mitigation strategies with required personnel | |
| 15 | 27 October- 2 November |
Document results, findings and recommendations into a report according to organisational procedures. Distribute documentation to required personnel and store it according to organisational policies and procedures. |
Due: Assessment 2 Practical Task |
| 16 |
3-9 November 4th Nov Melbourne Cup Day public holiday (Tuesday) |
Assessment Re-Submissions (if applicable) | |
| 17 | 10-16 November |
Assignment Resubmission | Assessment 2 – Resubmission (if needed) |
| 18 | 17-23 November |
Final Resubmissions (If available) | Final Resubmissions (if permitted) |
*Please note that this timeline is subject to change based on semester requirements. We recommend checking your Canvas course shell regularly to stay updated with the latest schedule.
Student directed hours involve completing activities such as reading online resources, assignments, individual student/teacher course-related consultation. Students are required to self-study the learning materials and complete the assigned out of class activities for the scheduled non-teaching hours.
Learning Resources
Prescribed Texts
References
Other Resources
Must have the latest version of Packet Tracer installed on your personal computer.
All assessments must be backed up on OneDrive an external hard drive or an RMIT network drive.
Overview of Assessment
Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises and various types of assessments.
Full assessment briefs will be provided and can be found on CANVAS.
Assessment Tasks
The student must complete the following assessments:
- Assessment Task 1: Online Quiz/Knowledge
- Assessment Task 2: Practical Task
Assessment Matrix
|
Element |
Performance criteria |
||
|
Assessment Task 1: AT 1 |
Assessment Task 2: AT 2 |
||
|
1. Gather threat data |
|
Q34, Q35, Q36, Q37, Q38, Q39 |
Part 1 |
|
Q35 |
Part 1 |
|
|
Q14, Q15, Q36, Q37 |
Part 1 |
|
|
Q14, Q15, Q36, Q37 |
Part 1 |
|
|
2. Analyse threat data |
|
Q13, Q16 |
Part 2 |
|
Q16 |
Part 2 |
|
|
Q16 |
Part 2 |
|
|
Q17 |
Part 2 |
|
|
3. Interpret and finalise threat data |
|
Part 2 |
|
|
Q27, Q28, Q29, Q30, Q33 |
Part 3 |
|
|
Q34 |
Part 3 |
|
|
|
Part 3 |
|
|
|
Part 3 |
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL.
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
- assignment writing, thesis writing and study skills advice
- maths and science developmental support and advice
- English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Email communication:
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview