|Semester 2, 2021 Toowoomba On-campus|
|Short Description:||Securing Networks|
|Faculty or Section :||Faculty of Health, Engineering and Sciences|
|School or Department :||School of Sciences|
|Student contribution band :||Band 2|
|ASCED code :||029901 - Security Science|
|Grading basis :||Graded|
Examiner: Zhaohui Tang
Co-requisite: CSC5050 or CSC8100
In today’s interconnected world, existing and emerging threats to privacy and security are of ever-growing concern. Security is an integral part of every aspect of information technology, including the network, server infrastructure and even the implementation of programming code. The skills to understand the nature of security threats, and acquire knowledge of the techniques and tools available to mitigate these threats are critical for today’s information technology professional.
The course seeks to provide grounding in advanced security concepts and advanced knowledge of techniques and tools in securing information technology infrastructure. In addition to identifying threats, vulnerabilities and human factors in the security space, the course also focus some hands-on practical skills for improving security in servers and networks. Concepts around information privacy are discussed, as are mechanisms and tools used to implement basic privacy in communications across the internet. Ethics and professional conduct as a security professional are identified as a key component of the course, as it the relationship between security professionals and parts of the organisation or society in general.
On completion of this course students should be able to:
- Apply the knowledge of what security and privacy are by explaining the meaning of security and privacy in the information technology context;
- Analyse information about security and privacy threats by providing simple strategies for mitigating those threats;
- Utilise simple security tools, such as password crackers, live CDs, and log analysis scripts to perform basic security analysis;
- Design and implement firewall rules on servers and/or networks;
- Relate roles in security to the ACS Code of Ethics;
- Draw workflows and show how the security professional or security team interfaces with other areas of an IT or business organisation.
|1.||Security and privacy concepts||10.00|
|2.||Human factors in security||10.00|
|3.||An introduction to cryptography||15.00|
|4.||Basic threat analysis and simple mitigation techniques||20.00|
|5.||Firewalls in the network and on the server||20.00|
|6.||VPNs and their use||5.00|
|7.||An introduction to security tools||10.00|
|8.||Ethics and conduct as a security professional||5.00|
|9.||Security professionals and their role in the organisation||5.00|
Text and Materials
ALL textbooks and materials available to be purchased can be sourced from USQ's Online Bookshop (unless otherwise stated). (https://omnia.usq.edu.au/textbooks/?year=2021&sem=02&subject1=CSC8520)
Please contact us for alternative purchase options from USQ Bookshop. (https://omnia.usq.edu.au/info/contact/)
Student Workload Expectations
|Description||Marks out of||Wtg (%)||Due Date||Objectives Assessed||Notes|
|Encryption and Hash||20||20||30 Jul 2021||1,2,5,6|
|Key Exchange and Certificates||30||30||10 Sep 2021||2,3,4|
|Final Project||100||50||15 Oct 2021||1,2,3,4,5,6|
Important assessment information
It is the students' responsibility to attend and participate appropriately in all activities (such as lectures, tutorials, laboratories and practical work) scheduled for them, and to study all material provided to them or required to be accessed by them to maximise their chance of meeting the objectives of the course and to be informed of course-related activities and administration. This includes the recorded lectures and tutorials. To maximise their chances of satisfying the objectives of the course, students should actively participate in the course discussion group.
Requirements for students to complete each assessment item satisfactorily:
To satisfactorily complete an individual assessment item a student must achieve at least 50% of the marks. (Depending upon the requirements in Statement 4 below, students may not have to satisfactorily complete each assessment item to receive a passing grade in this course.)
Penalties for late submission of required work:
Students should refer to the Assessment Procedure http://policy.usq.edu.au/documents.php?id=14749PL (point 4.2.4)
Requirements for student to be awarded a passing grade in the course:
To be assured of receiving a passing grade students must obtain at least 50% of the total weighted marks available for the course.
Method used to combine assessment results to attain final grade:
The final grades for students will be assigned on the basis of the weighted aggregate of the marks (or grades) obtained for each of the summative assessment items in the course.
There is no examination in this course.
Examination period when Deferred/Supplementary examinations will be held:
Deferred and Supplementary examinations will be held in accordance with the Assessment Procedure https://policy.usq.edu.au/documents/14749PL.
University Student Policies:
Students should read the USQ policies: Definitions, Assessment and Student Academic Misconduct to avoid actions which might contravene University policies and practices. These policies can be found at http://policy.usq.edu.au.
The due date for an assignment is the date by which a student must despatch the assignment to the USQ. Students must retain a copy of each item submitted for assessment purposes. Such copies should be despatched to the USQ within 24 hours of receipt of a request to do so.
Electronic submission of assignments is required for this course. All submissions must be made through the Assignment Drop Box located on the USQ study desk for this course, unless directed otherwise by the examiner of the course. Students must retain a copy of each item submitted for assessment. This must be despatched to USQ within 24 hours if requested by the Examiner.
Reliable access to the internet is a requirement of this course as the course contains electronic assessment and submission elements. In order to avoid internet issues, on-campus students should upload their assignments electronically using the same computer laboratories. Online students who knowingly do not have reliable access to the internet should actively seek alternative internet access (e.g., Internet cafes, local libraries, or work places) for assessment submission. Online students are able to use the on-campus student computer laboratories once access has been enabled. To be granted access, Online students need to contact ICT and ask to have a student account enabled so that they can work on-campus.
Students are expected to open their university provided email account and check it regularly for personal communication. In accordance with the Electronic Communication with Students Policy and Procedure (http://policy.usq.edu.au/documents.php?id=13306PL) information sent to the student's USQ email account will be regarded as being received.
APA style is the referencing system required in this course. Students should use the 6th or 7th edition of the APA Style Manual to format their assignments. The APA Style to be used is defined by the USQ Library's referencing guide. http://www.usq.edu.au/library/referencing
Evaluation and Benchmarking
In meeting the University’s aims to establish quality learning and teaching for all programs, this course monitors and ensures quality assurance and improvements in at least two ways. This course:
- conforms to the USQ Policy on Evaluation of Teaching, Courses and Programs to ensure ongoing monitoring and systematic improvement.
- forms part of the Master of Information Technology and is benchmarked against the:
• professional accreditation standards of the Australian Computer Society (ACS).