ITD240 Cyber Security
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
| Unit code: | ITD240 |
|---|---|
| Equivalent(s): | IFB240 |
| Credit points: | 12 |
| Timetable | Details in HiQ, if available |
| Availabilities |
|
| CSP student contribution | $1,118 |
| Domestic tuition unit fee | $4,104 |
| International unit fee | $4,788 |
Unit Outline: College 1 2024, Kelvin Grove, Internal
| Unit code: | ITD240 |
|---|---|
| Credit points: | 12 |
| Equivalent: | IFB240 |
| Coordinator: | Fariba Shadabi | fariba.shadabi@qut.edu.au |
Overview
Cybersecurity breaches, from database hacking to malware campaigns, are increasing. The interconnectedness of information systems means the actions of individuals impact many others. This unit is important in developing an understanding of the challenges involved in protecting information assets, introducing fundamental information security concepts. Security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Threats to information and vulnerabilities that could be exploited are identified. Technical and non-technical measures to provide security for information are discussed in areas including access control, cryptography, and network communications. Security management standards and guidelines on best practice implementation are reviewed. You can take this unit as a stand-alone course to raise your information security awareness, or as a pathway into information security units, including network security and cryptography.
Learning Outcomes
On successful completion of this unit you will be able to:
- Define major information security goals and identify those which relate to the strategic goals of an organisation.
- Conduct a risk analysis of the security of information assets in a range of practical situations and determine the ethical and information security implications.
- Apply appropriate industry standard methods to IT Systems for addressing information security risks.
- Collaborate with others in a team environment to write a risk report for a client.
- Explain the information security management standards that organisations need to follow to safeguard stakeholder privacy and other legal rights.
Content
This unit introduces fundamental information security concepts (aspects of the protection of information assets) and explains why you must understand information security principles and how they can be applied. Information security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Risk factors impacting on the security of information assets are identified and discussed. Methods of protecting information are outlined, including both technical and human-centered approaches, in areas such as access control, cryptography (symmetric and asymmetric) and network security. Security management standards are also reviewed. Discussions of information security issues emphasize the high standard of ethical conduct expected of those working in areas which affect information security.
We will discuss real world cases of threats, vulnerabilities and security incidents, and examine the consequences and impact from the perspectives of multiple stakeholders. The role of people, processes and technology will be considered- vulnerabilities in any of these aspects can be exploited to cause harm. Security is a team sport, and increased diversity in a team provides the opportunity to examine a situation from multiple perspectives, enabling a stronger organisational response.
Learning Approaches
This unit takes a blended approach to learning and teaching. You will be provided with both eContent and timetabled activities such as tutorials and workshops. eContent will be provided on your Canvas site for you to engage with on a weekly basis before your classes. eContent could include videos, readings, self-reflection and/or peer activities designed to enhance your learning experience. During the timetabled activities, the unit coordinator and/or your tutor will further explain content and you will be provided with opportunities to explore this content in a collaborative learning environment. After your weekly classes, you should continue to engage with unit resources to ensure you consolidate your understanding of unit content. Teaching team members will also be available for one-on-one consultations to assist you with your learning journey.
Feedback on Learning and Assessment
Throughout semester feedback will be provided in various forms which may include:
• Informal: worked examples, such as verbal feedback in class, personal consultation
• Formal: in writing, such as checklists, rubrics, written commentary
• Direct: to individual students, either in written form or in consultation
• Indirect: to the whole class
Assessment
Overview
This unit introduces foundational concepts and principles, so its assessment is largely based around the knowledge acquired throughout the semester.
You should be able to work both independently and as a productive and cooperative team member. Independent work is required to complete some assessment items. For these items, although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort. It is your responsibility to ensure that your work is completed in a timely manner. For group assessment tasks it is the responsibility of all group members to ensure the work is completed.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Quiz/Test
Multiple Choice Quiz
Assessment: Risk report
This assignment comprises a series of practical tasks each requiring you to identify security vulnerabilities, select and apply appropriate control measures to mitigate the vulnerabilities, and demonstrate the use of industry standard tools applicable in this design.
This is an assignment for the purposes of an extension.
Assessment: Examination (written)
This examination will test your knowledge and understanding of concepts and principles presented throughout the semester.
Assessment: Online Ethics Module
In this self-contained online Ethics module (Part 2) you will learn how to identify challenges when faced with ethical decision-making and how to apply the principles of ethical behaviour. You will then need to pass an online quiz to test your knowledge of the topics covered. You must pass the quiz in order to pass this unit, however, you may attempt the quiz an unlimited number of times until you pass.
This Ethics Module Part 2 has as a prerequisite Ethics Module Part 1 which you will normally have completed as part of an earlier unit IFB105. However, if you haven't already completed Module Part 1 then you will need to complete this first before completing Part 2.
Threshold Assessment:
As an IT professional you will be legally bound by a code of ethics and professional conduct. Knowledge of these codes is therefore essential for all IT graduates. You must pass this Online Ethics Module in order to pass this unit, i.e. regardless of how well you do in the other assessment items, you cannot pass this unit if you fail this assessment item. You may however attempt this assessment items an unlimited number of times until you pass
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No extraordinary charges or costs are associated with the requirements for this unit.
There is no required text for this unit.
There are many useful online sources of material on information security. However, if you want a hardcopy reference book, consider purchasing either (not both) of the following recommended texts. (Browse in the library or the bookshop to see which writing style you prefer.)
Resource Materials
Recommended text(s)
Matt Bishop. Introduction to Computer Security. Addison Wesley, 2008.
Michael Whitman and Herbert Mattord. Principles of Information Security. Thomson, 2012.
Risk Assessment Statement
There are no unusual health or safety risks associated with this unit.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IT10 Diploma in Information Technology
- Demonstrate IT discipline knowledge
Relates to: ULO1, Quiz/Test, Examination (written) - Employ introductory IT methods
Relates to: ULO3, Risk report, Examination (written) - Critically apply design and problem solving skills
Relates to: Risk report - Understand personal values, attitudes and performance in your continuing professional development
Relates to: Online Ethics Module - Create considered and relevant IT solutions
Relates to: Risk report, Examination (written) - Work independently and within effective teams
Relates to: ULO4
Unit Outline: College 2 2024, Kelvin Grove, Internal
| Unit code: | ITD240 |
|---|---|
| Credit points: | 12 |
| Equivalent: | IFB240 |
| Coordinator: | Fariba Shadabi | fariba.shadabi@qut.edu.au |
Overview
Cybersecurity breaches, from database hacking to malware campaigns, are increasing. The interconnectedness of information systems means the actions of individuals impact many others. This unit is important in developing an understanding of the challenges involved in protecting information assets, introducing fundamental information security concepts. Security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Threats to information and vulnerabilities that could be exploited are identified. Technical and non-technical measures to provide security for information are discussed in areas including access control, cryptography, and network communications. Security management standards and guidelines on best practice implementation are reviewed. You can take this unit as a stand-alone course to raise your information security awareness, or as a pathway into information security units, including network security and cryptography.
Learning Outcomes
On successful completion of this unit you will be able to:
- Define major information security goals and identify those which relate to the strategic goals of an organisation.
- Conduct a risk analysis of the security of information assets in a range of practical situations and determine the ethical and information security implications.
- Apply appropriate industry standard methods to IT Systems for addressing information security risks.
- Collaborate with others in a team environment to write a risk report for a client.
- Explain the information security management standards that organisations need to follow to safeguard stakeholder privacy and other legal rights.
Content
This unit introduces fundamental information security concepts (aspects of the protection of information assets) and explains why you must understand information security principles and how they can be applied. Information security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Risk factors impacting on the security of information assets are identified and discussed. Methods of protecting information are outlined, including both technical and human-centered approaches, in areas such as access control, cryptography (symmetric and asymmetric) and network security. Security management standards are also reviewed. Discussions of information security issues emphasize the high standard of ethical conduct expected of those working in areas which affect information security.
We will discuss real world cases of threats, vulnerabilities and security incidents, and examine the consequences and impact from the perspectives of multiple stakeholders. The role of people, processes and technology will be considered- vulnerabilities in any of these aspects can be exploited to cause harm. Security is a team sport, and increased diversity in a team provides the opportunity to examine a situation from multiple perspectives, enabling a stronger organisational response.
Learning Approaches
This unit takes a blended approach to learning and teaching. You will be provided with both eContent and timetabled activities such as tutorials and workshops. eContent will be provided on your Canvas site for you to engage with on a weekly basis before your classes. eContent could include videos, readings, self-reflection and/or peer activities designed to enhance your learning experience. During the timetabled activities, the unit coordinator and/or your tutor will further explain content and you will be provided with opportunities to explore this content in a collaborative learning environment. After your weekly classes, you should continue to engage with unit resources to ensure you consolidate your understanding of unit content. Teaching team members will also be available for one-on-one consultations to assist you with your learning journey.
Feedback on Learning and Assessment
Throughout semester feedback will be provided in various forms which may include:
• Informal: worked examples, such as verbal feedback in class, personal consultation
• Formal: in writing, such as checklists, rubrics, written commentary
• Direct: to individual students, either in written form or in consultation
• Indirect: to the whole class
Assessment
Overview
This unit introduces foundational concepts and principles, so its assessment is largely based around the knowledge acquired throughout the semester.
You should be able to work both independently and as a productive and cooperative team member. Independent work is required to complete some assessment items. For these items, although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort. It is your responsibility to ensure that your work is completed in a timely manner. For group assessment tasks it is the responsibility of all group members to ensure the work is completed.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Quiz/Test
Multiple Choice Quiz
Assessment: Risk report
This assignment comprises a series of practical tasks each requiring you to identify security vulnerabilities, select and apply appropriate control measures to mitigate the vulnerabilities, and demonstrate the use of industry standard tools applicable in this design.
This is an assignment for the purposes of an extension.
Assessment: Examination (written)
This examination will test your knowledge and understanding of concepts and principles presented throughout the semester.
Assessment: Online Ethics Module
In this self-contained online Ethics module (Part 2) you will learn how to identify challenges when faced with ethical decision-making and how to apply the principles of ethical behaviour. You will then need to pass an online quiz to test your knowledge of the topics covered. You must pass the quiz in order to pass this unit, however, you may attempt the quiz an unlimited number of times until you pass.
This Ethics Module Part 2 has as a prerequisite Ethics Module Part 1 which you will normally have completed as part of an earlier unit IFB105. However, if you haven't already completed Module Part 1 then you will need to complete this first before completing Part 2.
Threshold Assessment:
As an IT professional you will be legally bound by a code of ethics and professional conduct. Knowledge of these codes is therefore essential for all IT graduates. You must pass this Online Ethics Module in order to pass this unit, i.e. regardless of how well you do in the other assessment items, you cannot pass this unit if you fail this assessment item. You may however attempt this assessment items an unlimited number of times until you pass
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No extraordinary charges or costs are associated with the requirements for this unit.
There is no required text for this unit.
There are many useful online sources of material on information security. However, if you want a hardcopy reference book, consider purchasing either (not both) of the following recommended texts. (Browse in the library or the bookshop to see which writing style you prefer.)
Resource Materials
Recommended text(s)
Matt Bishop. Introduction to Computer Security. Addison Wesley, 2008.
Michael Whitman and Herbert Mattord. Principles of Information Security. Thomson, 2012.
Risk Assessment Statement
There are no unusual health or safety risks associated with this unit.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IT10 Diploma in Information Technology
- Demonstrate IT discipline knowledge
Relates to: ULO1, Quiz/Test, Examination (written) - Employ introductory IT methods
Relates to: ULO3, Risk report, Examination (written) - Critically apply design and problem solving skills
Relates to: Risk report - Understand personal values, attitudes and performance in your continuing professional development
Relates to: Online Ethics Module - Create considered and relevant IT solutions
Relates to: Risk report, Examination (written) - Work independently and within effective teams
Relates to: ULO4
Unit Outline: College Summer 2024, Kelvin Grove, Internal
| Unit code: | ITD240 |
|---|---|
| Credit points: | 12 |
| Equivalent: | IFB240 |
Overview
Cybersecurity breaches, from database hacking to malware campaigns, are increasing. The interconnectedness of information systems means the actions of individuals impact many others. This unit is important in developing an understanding of the challenges involved in protecting information assets, introducing fundamental information security concepts. Security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Threats to information and vulnerabilities that could be exploited are identified. Technical and non-technical measures to provide security for information are discussed in areas including access control, cryptography, and network communications. Security management standards and guidelines on best practice implementation are reviewed. You can take this unit as a stand-alone course to raise your information security awareness, or as a pathway into information security units, including network security and cryptography.
Learning Outcomes
On successful completion of this unit you will be able to:
- Define major information security goals and identify those which relate to the strategic goals of an organisation.
- Conduct a risk analysis of the security of information assets in a range of practical situations and determine the ethical and information security implications.
- Apply appropriate industry standard methods to IT Systems for addressing information security risks.
- Collaborate with others in a team environment to write a risk report for a client.
- Explain the information security management standards that organisations need to follow to safeguard stakeholder privacy and other legal rights.
Content
This unit introduces fundamental information security concepts (aspects of the protection of information assets) and explains why you must understand information security principles and how they can be applied. Information security goals including confidentiality, integrity, availability, authentication and non-repudiation are defined. Risk factors impacting on the security of information assets are identified and discussed. Methods of protecting information are outlined, including both technical and human-centered approaches, in areas such as access control, cryptography (symmetric and asymmetric) and network security. Security management standards are also reviewed. Discussions of information security issues emphasize the high standard of ethical conduct expected of those working in areas which affect information security.
We will discuss real world cases of threats, vulnerabilities and security incidents, and examine the consequences and impact from the perspectives of multiple stakeholders. The role of people, processes and technology will be considered- vulnerabilities in any of these aspects can be exploited to cause harm. Security is a team sport, and increased diversity in a team provides the opportunity to examine a situation from multiple perspectives, enabling a stronger organisational response.
Learning Approaches
This unit takes a blended approach to learning and teaching. You will be provided with both eContent and timetabled activities such as tutorials and workshops. eContent will be provided on your Canvas site for you to engage with on a weekly basis before your classes. eContent could include videos, readings, self-reflection and/or peer activities designed to enhance your learning experience. During the timetabled activities, the unit coordinator and/or your tutor will further explain content and you will be provided with opportunities to explore this content in a collaborative learning environment. After your weekly classes, you should continue to engage with unit resources to ensure you consolidate your understanding of unit content. Teaching team members will also be available for one-on-one consultations to assist you with your learning journey.
Feedback on Learning and Assessment
Throughout semester feedback will be provided in various forms which may include:
• Informal: worked examples, such as verbal feedback in class, personal consultation
• Formal: in writing, such as checklists, rubrics, written commentary
• Direct: to individual students, either in written form or in consultation
• Indirect: to the whole class
Assessment
Overview
This unit introduces foundational concepts and principles, so its assessment is largely based around the knowledge acquired throughout the semester.
You should be able to work both independently and as a productive and cooperative team member. Independent work is required to complete some assessment items. For these items, although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort. It is your responsibility to ensure that your work is completed in a timely manner. For group assessment tasks it is the responsibility of all group members to ensure the work is completed.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Quiz/Test
Multiple Choice Quiz
Assessment: Risk report
This assignment comprises a series of practical tasks each requiring you to identify security vulnerabilities, select and apply appropriate control measures to mitigate the vulnerabilities, and demonstrate the use of industry standard tools applicable in this design.
This is an assignment for the purposes of an extension.
Assessment: Examination (written)
This examination will test your knowledge and understanding of concepts and principles presented throughout the semester.
Assessment: Online Ethics Module
In this self-contained online Ethics module (Part 2) you will learn how to identify challenges when faced with ethical decision-making and how to apply the principles of ethical behaviour. You will then need to pass an online quiz to test your knowledge of the topics covered. You must pass the quiz in order to pass this unit, however, you may attempt the quiz an unlimited number of times until you pass.
This Ethics Module Part 2 has as a prerequisite Ethics Module Part 1 which you will normally have completed as part of an earlier unit IFB105. However, if you haven't already completed Module Part 1 then you will need to complete this first before completing Part 2.
Threshold Assessment:
As an IT professional you will be legally bound by a code of ethics and professional conduct. Knowledge of these codes is therefore essential for all IT graduates. You must pass this Online Ethics Module in order to pass this unit, i.e. regardless of how well you do in the other assessment items, you cannot pass this unit if you fail this assessment item. You may however attempt this assessment items an unlimited number of times until you pass
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
No extraordinary charges or costs are associated with the requirements for this unit.
There is no required text for this unit.
There are many useful online sources of material on information security. However, if you want a hardcopy reference book, consider purchasing either (not both) of the following recommended texts. (Browse in the library or the bookshop to see which writing style you prefer.)
Resource Materials
Recommended text(s)
Matt Bishop. Introduction to Computer Security. Addison Wesley, 2008.
Michael Whitman and Herbert Mattord. Principles of Information Security. Thomson, 2012.
Risk Assessment Statement
There are no unusual health or safety risks associated with this unit.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IT10 Diploma in Information Technology
- Demonstrate IT discipline knowledge
Relates to: ULO1, Quiz/Test, Examination (written) - Employ introductory IT methods
Relates to: ULO3, Risk report, Examination (written) - Critically apply design and problem solving skills
Relates to: Risk report - Understand personal values, attitudes and performance in your continuing professional development
Relates to: Online Ethics Module - Create considered and relevant IT solutions
Relates to: Risk report, Examination (written) - Work independently and within effective teams
Relates to: ULO4