Course Title: Test concepts and procedures for cyber security
Part B: Course Detail
Teaching Period: Term2 2025
Course Code: INTE5059
Course Title: Test concepts and procedures for cyber security
School: 520T Future Technologies
Campus: City Campus
Program: C4424 - Certificate IV in Cyber Security
Course Contact: Rakesh Kumar
Course Contact Phone: +61 3 9925 1409
Course Contact Email: rakesh.kumar@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 60
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
None
Course Description
This course describes the performance outcomes, skills and knowledge required to implement testing procedures for computer systems in an organisation. The unit examines common threats, ethical hacking principles, and an introduction to penetration testing, social engineering security issues, enumeration, port scanning, foot printing, traffic sniffers and wireless local area network (WLAN) vulnerabilities and also includes treatment of intrusions.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
VU23215 Test concepts and procedures for cyber security |
Element: |
1 Identify typical cyber security application layer testing methodologies and tools |
Performance Criteria: |
1.1 Existing frameworks that identify common application layer vulnerabilities are investigated 1.2 Common application layer security vulnerabilities are identified 1.3 Current policies to minimise the identified application layer vulnerabilities are reviewed |
Element: |
2 Use networking security testing methodologies, tools and commands |
Performance Criteria: |
2.1 End to end testing commands for network continuity are demonstrated 2.2 Systematic troubleshooting procedures for network connectivity are demonstrated 2.3 Use of networking monitoring tools are demonstrated |
Element: |
3 Implement the laboratory testing environment |
Performance Criteria: |
3.1 Laboratory testing environment is configured 3.2 Using end to end testing commands, the laboratory environment is tested for functionality |
Element: |
4 Identify common threats and mitigation strategies |
Performance Criteria: |
4.1 Current Trojans, Virus's and Worms are identified 4.2 Methods of Denial of Service (DOS) and Distributed Denial of Service (DDOS) attacks and corresponding mitigation strategies are investigated 4.3 Methods of Domain Name Server (DNS) attacks and corresponding mitigation strategies are identified 4.4 Zero day vulnerabilities are identified 4.5 Common vulnerabilities and exposures (CVEs) are defined 4.6 Heuristics as a methodology for string analysis and their corresponding toolset are described |
Element: |
5 Demonstrate ethical hacking principles and procedures |
Performance Criteria: |
5.1 Ethical hacking process and procedures are described 5.2 Base level troubleshooting procedures are demonstrated 5.3 Fundamentals of penetration testing are described 5.4 Legal implications of hacking are explained 5.5 Process of foot printing the computer systems of a company is examined 5.6 Methodologies of enumeration to gather system usernames are described 5.7 Tools to port scan a computer system are demonstrated 5.8 Methodologies of system hacking are described then demonstrated 5.9 Common sniffing tools are described and demonstrated |
Element: |
6 Identify security vulnerabilities of WLANs |
Performance Criteria: |
6.1 WLAN physical vulnerabilities are identified 6.2 WLAN software issues and vulnerabilities are determined |
Element: |
7 Demonstrate basic scripting for a cyber security environment |
Performance Criteria: |
7.1 Introduction to scripting languages is demonstrated 7.2 Scripts for testing tools are described and demonstrated 7.3 Key system and third-party import libraries are described 7.4 Scripting basic programming language is described and demonstrated |
Learning Outcomes
On successful completion of this course you will have developed and applied the skills and knowledge required to demonstrate competency in the above elements
Details of Learning Activities
You will be involved in the following learning activities to meet requirements for the two clustered competencies (VU23215 and VU23217). Both competencies's learning activities will incorporate
• Lectures
• Tutorials
• Individual work on assignments, practical labs and knowledge based assessments.
Cluster Information:
This course is delivered in a cluster referred to as Cyber Security Concepts. This cluster consists of two units of competencies from the 22603VIC National Unit Code. They are VU23215 (INTE5059) and VU23217 (INTE5060).
You must enrol in both of these courses delivered in this cluster. All the learning and assessment activities will include the components of all competencies VU23215 and VU23217.
Please click hereLinks to an external site. to view the Part A Course Guide.
Learning Activities (Mapped by Week)
Week 1 (14th Jul – 20th Jul)
Topic: Introduction to Cybersecurity – Understanding Cyber Security framework for an Organisation
VU21990 Elements: 1.1 – 1.5
Learning Activities:
- Participate in instructor-led discussions on cybersecurity principles.
- Read and review case studies outlining cyber security frameworks in organisational settings.
- Complete introductory quizzes on cybersecurity concepts.
Week 2 (21st Jul – 27th Jul)
Topic: Preparing the Lab Environment – Need of Cyber Security; VM Installation; Lab Setup
VU21990 Elements: 2.1 – 2.4
Learning Activities:
- Watch demonstrations and follow instructions to install Oracle VirtualBox and virtual machines.
- Engage in lab setup activities for a safe cybersecurity testing environment.
- Begin work on Assessment 1 (Project) and Assessment 2 (Report).
Week 3 (28th Jul – 3rd Aug)
Topic: Continued Lab Setup
VU21989 Elements: 3.1 – 3.2
VU21990 Elements: 2.1 – 2.4
Learning Activities:
- Continue configuring virtual machines and testing tools.
- Perform validation checks for virtual environments.
- Practice snapshot and rollback techniques in Oracle VirtualBox.
Week 4 (4th Aug – 10th Aug)
Topic: End-to-End Testing Using Ping and Traceroute
VU21990 Elements: 2.1 – 2.3
Learning Activities:
- Conduct practical network connectivity tests using ping and traceroute.
- Record and interpret results in lab journals.
- Identify network latency and routing paths through exercises.
Week 5 (11th Aug – 17th Aug)
Topic: Application Layer Testing & Emerging Trends
VU21989 Elements: 1.1 – 1.3
Learning Activities:
- Participate in discussions on application vulnerabilities.
- Use tools to simulate application layer attacks in a lab environment.
- Read industry articles on cybersecurity trends and write summaries.
Week 6 (18th Aug – 24th Aug)
Topic: Cyber Threats, Vulnerabilities, and Data Protection
VU21990 Elements: 4.1 – 4.5, 5.1 – 5.5
Learning Activities:
- Perform vulnerability assessments and identify common attack vectors.
- Apply methods to secure personal and organisational data in lab simulations.
- Document threat mitigation strategies.
Week 7 (25th Aug – 31st Aug)
Topic: String Analysis and Threat Mitigation
VU21990 Elements: 4.1 – 4.6
Learning Activities:
- Analyse string patterns of malware in a controlled environment.
- Practice detecting Trojans, worms, viruses, and DOS/DDoS indicators.
- Conduct simulated DNS poisoning exercises.
Week 8 (8th Sep – 14th Sep)
Topic: Continued – String Analysis and Threat Mitigation
VU21990 Elements: 4.1 – 4.6
Learning Activities:
- Complete in-depth malware string comparison tasks.
- Explore zero-day exploit simulations.
- Document mitigation strategies in lab journals.
Week 9 (15th Sep – 21st Sep)
Topic: Assessment 1 – Project Stage 1 Observation
Learning Activities:
- Present project progress and demonstrate practical lab implementation.
- Receive feedback from instructors and peers.
Week 10 (22nd Sep – 28th Sep)
Topic: Cyber Attacks & Ethical Hacking Practices
VU21989 Elements: 5.1 – 5.9
VU21990 Elements: 3.1 – 3.7
Learning Activities:
- Perform port scanning and system footprinting using tools.
- Simulate sniffing attacks in a controlled lab.
- Begin compiling findings for Assessment 1 – Stage 1 submission.
Week 11 (29th Sep – 5th Oct)
Topic: Continued – Cyber Attacks & Ethical Hacking Practices
VU21989 Elements: 5.1 – 5.9
VU21990 Elements: 3.1 – 3.7
Learning Activities:
- Execute enumeration techniques.
- Practice infiltration and basic exploitation in sandbox environments.
- Reflect and document findings for lab reports.
Week 12 (6th Oct – 12th Oct)
Topic: WLAN Security Vulnerabilities
VU21989 Elements: 6.1 – 6.2
Learning Activities:
- Identify weak encryption protocols and open networks.
- Use wireless analysis tools to detect vulnerabilities.
- Complete worksheets on WLAN threat scenarios.
Week 13 (13th Oct – 19th Oct)
Topic: IoT Security Risks
VU21990 Elements: 3.8
Learning Activities:
- Evaluate IoT devices in a network setup.
- Simulate attacks on vulnerable IoT systems.
- Map risks and mitigation in worksheets.
Week 14 (20th Oct – 26th Oct)
Topic: Basic Scripting for Cyber Security
VU21989 Elements: 7.1 – 7.4
Learning Activities:
- Write and execute basic scripts in PowerShell/Bash for security automation.
- Participate in script debugging sessions.
- Develop short scripts for use in vulnerability detection or mitigation.
Week 15 (27th Oct – 2nd Nov)
Topic: Assessment 1 – Project Stage 2 Observation and Submission
Learning Activities:
- Demonstrate the final project setup and security implementations.
- Submit completed documentation and project deliverables.
Week 16 (3rd Nov – 9th Nov)
Topic: Assessment 2 – Report Observation and Submission
Learning Activities:
- Present and explain the research report findings.
- Submit the final version of the written report.
Week 17–18 (10th Nov – 23rd Nov)
Topic: Resubmission Period (If Applicable)
Learning Activities:
- Receive feedback on assessments requiring resubmission.
- Correct and resubmit project/report work.
Teaching Schedule
The proposed teaching schedule for the two clustered competencies (VU32215 & VU23217) is detailed below:
Select the semester you are enrolled in for further information.
Week |
Date |
Topics/Discussions |
VU21989 Elements |
VU21990 Elements |
Assessments |
1 |
14th Jul - 20th Jul |
Topic 1 : Introduction to Cybersecurity Understanding Cyber Security framework for an Organisation |
1.1 – 1.5 |
||
2 |
21st Jul - 27th Jul |
Topic 2 : Preparing the Lab Environment Need of Cyber Security Virtual Machines Installation on Oracle VM Virtual Box Implementing the Lab Testing Environment |
2.1 – 2.4 |
Assessment 1 - Project Released Assessment 2 - Report Released |
|
3 |
28th Jul - 3rd Aug |
Topic 2 Continued... Virtual Machines Installation on Oracle VM Virtual Box Implementing the Lab Testing Environment |
3.1 – 3.2 |
2.1 – 2.4 |
|
4 |
4th Aug - 10th Aug |
Topic 3 End to End Testing Using Ping and Traceroute |
2.1 – 2.3 |
||
5 |
11th Aug - 17th Aug |
Topic 4 Application Layer Testing methodologies and tools Current and Emerging Cyber Security Trends |
1.1 – 1.3 |
||
6 |
18th Aug - 24th Aug |
Topic 5 Cybersecurity Threats, Vulnerabilities, and Attacks Implementing methods to Protect Personal Data and Privacy Implementing methods to Protect Organisation’s data |
4.1 – 4.5 5.1 – 5.5 |
||
7 |
25th Aug - 31st Aug |
Topic 6 String Analysis for common threats and their Mitigation Threats includes Trojans, Worms, Virus, Denial of Service (DOS) attacks, Distributed Denial of Service (DDoS) attacks, Zero Day Vulnerabilities and Domain Name Service (DNS) attacks |
4.1 – 4.6 |
||
|
Mid Semester Break (1st Sep - 7th Sep) | |||||
8 |
8th Sep - 14th Sep |
Topic 6 Continued... String Analysis for common threats and their Mitigation Threats includes Trojans, Worms, Virus, Denial of Service (DOS) attacks, Distributed Denial of Service (DDoS) attacks, Zero Day Vulnerabilities and Domain Name Service (DNS) attacks |
4.1 - 4.6 |
||
9 |
15th Sep- 21st Sep |
Assessment 1 - Project Stage 1 Observation |
|||
10 |
22nd Sep - 28th Sep |
Topic 7 Identifying current and emerging Cyber Security Attacks which includes Learning Ethical Hacking Practices Base Level Troubleshooting Techniques Port Scanning System Hacking and Infiltration Use of Sniffing tools Gathering Usernames via Enumeration Footprinting a system |
5.1 – 5.9 |
3.1 – 3.7 |
Assesement 1- Project Stage 1 Due |
11 |
29th Sep - 5th Oct |
Topic 7 Continued... Identifying current and emerging Cyber Security Attacks which includes Learning Ethical Hacking Practices Base Level Troubleshooting Techniques Port Scanning System Hacking and Infiltration Use of Sniffing tools Gathering Usernames via Enumeration Footprinting a system |
5.1 – 5.9 |
3.1 – 3.7 |
|
12 |
6th Oct - 12th Oct |
Topic 8 Identifying Security Vulnerabilities of WLAN |
6.1 – 6.2 |
||
13 |
13th Oct - 19th Oct |
Topic 9 Use of IOT devices in the business. Understanding risk to IOT devices |
3.8 |
||
14 |
20th Oct - 26th Oct |
Topic 10 Understanding Basic Scripting for a cyber security environment |
7.1 – 7.4 | ||
15 |
27th Oct - 2nd Nov |
Assessment 1 - Project Stage 2 Observation Assessment 1 Project Due |
Assessment 1 Project Stage-2 Due |
||
16 |
3rd Nov - 9th Nov |
Assessment 2 - Report Observation Assessment 2 Report Due |
Assessment 2 Report Due |
||
17 |
10th Nov - 16th Nov |
Re-submission of Assessments (If applicable) |
|||
18 |
17th Nov - 23rd Nov |
Re-submission of Assessments (If applicable) |
Learning Resources
Prescribed Texts
References
Other Resources
None
Overview of Assessment
Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises, oral/written presentations and through the application of learned skills and insights. Full assessment briefs will be provided and can be found on CANVAS
Assessment Tasks
The assessment is conducted in both theoretical and practical aspects of the course according to the performance criteria set in the National Training Package. Assessment may incorporate a variety of methods including written/oral activities and demonstration of practical skills to the relevant industry standards. Participants are advised that they are likely to be asked to personally demonstrate their assessment activities to their teacher/assessor. Feedback will be provided throughout the course. To successfully complete this course you will be required to demonstrate competency in each assessment task detailed under Assessment Tasks:
Assessment 1: Practical Assessment
Assessment 2: Cyber Security Report
You must be competent in all elements to successfully complete the course
Assessment Matrix
Assessment Mapping Matrix for VU23215 (INTE5059):
These tasks assess the following Course Learning Outcomes (CLOs):
Elements/Performance Criteria |
Assessment 1 |
Assessment 2 |
1.1 |
X |
X |
1.2 |
X |
X |
1.3 |
X |
X |
2.1 |
x |
|
2.2 |
X |
|
2.3 |
X |
|
3.1 |
X |
|
3.2 |
X |
|
4.1 |
X |
X |
4.2 |
X |
X |
4.3 |
X |
X |
4.4 |
X |
X |
4.5 |
X |
X |
4.6 |
X |
X |
5.1 |
X |
X |
5.2 |
X |
X |
5.3 |
X |
X |
5.4 |
X |
X |
5.5 |
X |
X |
5.6 |
X |
X |
5.7 |
X |
X |
5.8 |
X |
X |
5.9 |
X |
X |
6.1 |
X |
X |
6.2 |
X |
X |
7.1 |
X |
X |
7.2 |
X |
X |
7.3 |
X |
X |
7.4 |
X |
X |
Assessment Mapping Matrix for VU23217 (INTE5060):
These tasks assess the following Course Learning Outcomes (CLOs):
Elements/Performance Criteria |
Assessment 1 |
Assessment 2 |
1.1 |
X |
|
1.2 |
X |
|
1.3 |
X |
|
1.4 |
X |
|
1.5 |
X |
|
2.1 |
X |
|
2.2 |
X |
|
2.3 |
X |
|
2.4 |
X |
|
3.1 |
X |
X |
3.2 |
X |
|
3.3 |
X |
X |
3.4 |
X |
|
3.5 |
X |
|
3.6 |
X |
X |
3.7 |
X |
X |
4.1 |
X |
X |
4.2 |
X |
X |
4.3 |
X |
X |
4.4 |
X |
|
4.5 |
X |
X |
5.1 |
X |
|
5.2 |
X |
|
5.3 |
X |
|
5.4 |
X |
|
5.5 |
X |
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
- assignment writing, thesis writing and study skills advice
- maths and science developmental support and advice
- English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Late submission:
If you require an Extension of Submittable Work (assignments, reports or project work etc.) for 7 calendar days or less (from the original due date) and have valid reasons, you must complete and lodge an Application for Extension of Submittable Work (7 Calendar Days or less) form and lodge it with the Senior Educator/ Program Manager.
The application must be lodged no later than one working day before the official due date. You will be notified within no more than 2 working days of the date of lodgment as to whether the extension has been granted.
If you seek an Extension of Submittable Work for more than 7 calendar days (from the original due date) must lodge an Application for Special Consideration form under the provisions of the Special Consideration Policy, preferably prior to, but no later than 2 working days after the official due date.
Submittable Work (assignments, reports or project work etc.) submitted late without approval of an extension will not be accepted or marked.
Special consideration:
Please Refer http://www.rmit.edu.au/students/specialconsideration to find more information about special consideration
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Other Information:
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview