Course Title: Gather, analyse and interpret threat data
Part B: Course Detail
Teaching Period: Term1 2025
Course Code: INTE5053C
Course Title: Gather, analyse and interpret threat data
Important Information:
Please note that this course may include compulsory in-person attendance requirements for some or all teaching activities.
It is recommended that you check your Canvas course shell closer to the course start date for details about any mandatory in-person attendance requirements.
Please be aware that the course delivery method may need to change quickly in response to evolving course requirements. Students must maintain regular communication with their teachers to stay informed about any updates.
School: 520T Future Technologies
Campus: City Campus
Program: C5402 - Diploma of Information Technology
Course Contact: Sumeet Yadav
Course Contact Phone: +61399254612
Course Contact Email: sumeet.yadav@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 40
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
None
Course Description
In this course you will gain the skills and knowledge required to gather data from various sources, analyse, and interpret information for threats, inconsistencies and discrepancies.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
ICTCYS407 Gather, analyse and interpret threat data |
Element: |
1. Gather threat data |
Performance Criteria: |
1.1 Identify legislative requirements and organisational policies and procedures to gather, analyse and interpret threat data 1.2 Identify security equipment on network and data sources 1.3 Discuss and confirm data log requirements and strategy to process data with required personnel 1.4 Collect information from alerts, logs and reported events and create a dataset according to organisational policies and procedures |
Element: |
2. Analyse threat data |
Performance Criteria: |
2.1 Ingest data logs into analytic platform according to user instructions 2.2 Obtain and analyse results for reliability and consistency 2.3 Check for false positives and false negative results 2.4 Detect and describe discrepancies and inconsistencies in data |
Element: |
3. Interpret and finalise threat data |
Performance Criteria: |
3.1 Discuss and review threat data and results with required personnel 3.2 Discuss and assess identified threats, risks and their likelihood of occurrence and impacts of risks, 3.3 Suggest and confirm lessons learnt, action steps, recommendations and mitigation strategies with required personnel 3.4 Document results, findings and recommendations into report according to organisational procedures 3.5 Distribute documentation to required personnel and store according to organisational policies and procedures |
Learning Outcomes
On successful completion of this course the candidate will demonstrate the ability to complete the tasks outlined in the elements, performance criteria and foundation skills of this unit.
Details of Learning Activities
This unit describes the skills and knowledge required to gather data from various sources, analyse, and interpret information for threats, inconsistencies and discrepancies.
It applies to individuals who work in information technology security, including network and security specialists, and gather logs from devices, check abnormalities and respond accordingly. These individuals are responsible for supporting and preventing cyber threats attacking data in all business functions and in any industry context.
The learning activities include : 1) Weekly quizzes, 2) Theory Questions, 3) Practical work.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Teaching Schedule
This is the propose timeline for ICTCYS407:
| Week 0 | Any Course Concerns |
|
| Week 1 |
Identify legislative requirements Assessment:
|
AT 1 - Q38 AT 2 - Part 1 Release: Assessment 1 Knowledge Test |
| Week 2 |
Identify organisational policies and procedures to gather, analyse and interpret threat data Assessment:
|
AT 1 - Q34, Q35, Q36, Q37, Q39 AT 2 - Part 1 |
| Week 3 |
Identify security equipment on network and data sources Assessment:
|
AT 1 - Q35 AT 2 - Part 1 |
| Week 4 |
Security Information and Event Management (SIEM) / Discuss and confirm data log requirements Assessment:
|
AT 1 - Q11, Q12, Q13, Q14 AT 2 - Part 1
|
| Week 5 |
Types of attacks, including: Denial-of-service attack (DDOS), SQL injection (SQLi), Cross-site scripting (XSS) attacks, Scripted attacks, Hardware attacks, Attacks against Wi Fi, Discuss strategy to process data with required personnel Assessment:
|
AT 1 - Q22, Q23, Q24, Q25, Q26, Q15 AT 2 - Part 1, Part 2, Part 3 |
| Week 6 |
Collect information from alerts, logs and reported events Assessment:
|
AT 2 - Part 1 |
| Week 7 |
Legislative requirements applicable to gathering, analysing and interpreting threat data Assessment:
|
AT 1 , Q 27, 28
|
| Week 8 |
Create a dataset according to organisational policies and procedures
|
AT 1 - Q13, Q16
|
| Week 9 |
Ingest data logs into analytic platform according to user instructions |
AT 1 - Q16
Due: Assessment 1 Knowledge Test |
| Week 10 |
Obtain and analyse results for reliability and consistency Check for false positives and false negative results |
|
| Week 11 | Detect and describe discrepancies and inconsistencies in data |
|
| Week 12 | Discuss and review threat data and results with required personnel |
|
| Week 13 | Discuss and assess identified threats, risks and their likelihood of occurrence and impacts of risks |
AT 1 - Q27, Q28, Q29, Q30, Q33
|
| Week 14 | Suggest and confirm lessons learnt, action steps, recommendations and mitigation strategies with required personnel |
AT 1 - Q34
|
| Week 15 |
Document results, findings and recommendations into a report according to organisational procedures. Distribute documentation to required personnel and store it according to organisational policies and procedures. |
AT 2 - Part 3
|
| Week 16 | Assessment Re-Submissions (if applicable) | |
| Week 17 | Assessment Re-Submissions (if applicable) | |
| Week 18 | Finalize Results |
Learning Resources
Prescribed Texts
References
Other Resources
Must have the latest version of Packet Tracer installed on your personal computer.
All assessments must be backed up on OneDrive an external hard drive or an RMIT network drive.
Overview of Assessment
Assessment for this course is ongoing throughout the semester. Your knowledge and understanding of course content is assessed through participation in class exercises and various types of assessments.
Full assessment briefs will be provided and can be found on CANVAS.
Assessment Tasks
The student must complete the following assessments:
- Assessment Task 1: Online Quiz/Knowledge Test 1 and 2
- Assessment Task 2: Practical Task
Assessment Matrix
|
Element |
Performance criteria |
|
|
|
|
|
Assessment Task 1: AT 1 |
Assessment Task 2: AT 2 |
|
1. Gather threat data |
|
Q34, Q35, Q36, Q37, Q38, Q39 |
Part 1 |
|
Q35 |
Part 1 |
|
|
Q14, Q15, Q36, Q37 |
Part 1 |
|
|
Q14, Q15, Q36, Q37 |
Part 1 |
|
|
2. Analyse threat data |
|
Q13, Q16 |
Part 2 |
|
Q16 |
Part 2 |
|
|
Q16 |
Part 2 |
|
|
Q17 |
Part 2 |
|
|
3. Interpret and finalise threat data |
|
|
Part 2 |
|
Q27, Q28, Q29, Q30, Q33 |
Part 3 |
|
|
Q34 |
Part 3 |
|
|
|
Part 3 |
|
|
|
Part 3 |
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL.
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
assignment writing, thesis writing and study skills advice
maths and science developmental support and advice
English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Email communication:
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview