CAB441 Network Security
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
| Unit code: | CAB441 |
|---|---|
| Prerequisite(s): | (IFB240 or CAB240 or INB255) and (CAB440 or INB351) |
| Antirequisite(s): | INN251 |
| Credit points: | 12 |
| Timetable | Details in HiQ, if available |
| Availabilities |
|
| CSP student contribution | $1,118 |
| Domestic tuition unit fee | $4,104 |
| International unit fee | $4,788 |
Unit Outline: Semester 2 2024, Gardens Point, Internal
| Unit code: | CAB441 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | (IFB240 or CAB240 or INB255) and (CAB440 or INB351) |
| Anti-requisite: | INN251 |
| Coordinator: | Chadni Islam | chadni.islam@qut.edu.au |
Overview
As a system administrator or information security professional you are expected to have an in depth understanding of a variety of network security controls, principles and analysis tools and their use in a wider cybersecurity context. In this unit you will learn these tools by building and testing a secure network in a virtualised environment in accordance with cybersecurity principles.
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the organisational and cyber-security context of network security.
- Apply secure network design principles.
- Implement a variety of network security controls.
- Analyse networks using network security monitoring, analysis, and testing tools and methodologies.
- Communicate about network security requirements, risks, designs, controls, systems, tools and vulnerabilities in written form.
Content
This unit covers network security principles, industry practices, controls and analysis tools such as:
- The cyber-security context of network security, such as principles for secure designs, cyber-security frameworks, cloud security models, hybrid cloud/on premises networks, governance, risk management and complementary controls.
- Network security controls, such as network segmentation, firewalls, VPNs, proxies, security groups, access control lists, firewalls, intrusion detection, monitoring, information and event management, and incident response
- Network security analysis such as penetration testing, network discovery, vulnerability scanning, exploitation, reporting, and monitoring
Learning Approaches
This unit will use a mix of theoretical lectures and practical exercises. During lectures we will learn the principles of techniques used for security and why. During practicals you will implement those techniques in a virtualised environment.
Feedback on Learning and Assessment
There are multiple opportunities to receive feedback on your learning in this unit. You will receive individual and whole-of-class feedback during practical classes. Support and feedback will also be provided in response to questions posed through the unit communication channel from your peers and teaching staff. Assessment tasks will be graded using a rubric, which will include formal written feedback for each of assessment task.
Assessment
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Design and implementation of a secure network
Students will design and implement a secure network for a simulated enterprise network. The assessment will consist of a report and a working implementation on a virtualised network.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Deployment of network security controls
Students will deploy a variety of network security controls and report on how they are used in relation to risk and security principles.
Assessment: Penetration testing report
Students will engage in a security exercise involving penetration testing, and write a report detailing the vulnerabilities discovered along with recommendations for improving security.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
We will be using two prescribed textbooks that detail cloud and network security practices
Resource Materials
Reference book(s)
Computer Security and the Internet by Paul C. van Oorschot. Available online through QUT's library subscription to SpringerLink
Practical Cloud Security by Chris Dotson. Available online through QUT's library subscription to O'Reilly
Risk Assessment Statement
There is minimal health and safety risk in this unit. It is your responsibility to familiarise yourself with the Health and Safety policies and procedures applicable within campus areas.
Unit Outline: Semester 2 2024, Online
| Unit code: | CAB441 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | (IFB240 or CAB240 or INB255) and (CAB440 or INB351) |
| Anti-requisite: | INN251 |
Overview
As a system administrator or information security professional you are expected to have an in depth understanding of a variety of network security controls, principles and analysis tools and their use in a wider cybersecurity context. In this unit you will learn these tools by building and testing a secure network in a virtualised environment in accordance with cybersecurity principles.
Learning Outcomes
On successful completion of this unit you will be able to:
- Discuss the organisational and cyber-security context of network security.
- Apply secure network design principles.
- Implement a variety of network security controls.
- Analyse networks using network security monitoring, analysis, and testing tools and methodologies.
- Communicate about network security requirements, risks, designs, controls, systems, tools and vulnerabilities in written form.
Content
This unit covers network security principles, industry practices, controls and analysis tools such as:
- The cyber-security context of network security, such as principles for secure designs, cyber-security frameworks, cloud security models, hybrid cloud/on premises networks, governance, risk management and complementary controls.
- Network security controls, such as network segmentation, firewalls, VPNs, proxies, security groups, access control lists, firewalls, intrusion detection, monitoring, information and event management, and incident response
- Network security analysis such as penetration testing, network discovery, vulnerability scanning, exploitation, reporting, and monitoring
Learning Approaches
This unit will use a mix of theoretical lectures and practical exercises. During lectures we will learn the principles of techniques used for security and why. During practicals you will implement those techniques in a virtualised environment.
Feedback on Learning and Assessment
There are multiple opportunities to receive feedback on your learning in this unit. You will receive individual and whole-of-class feedback during practical classes. Support and feedback will also be provided in response to questions posed through the unit communication channel from your peers and teaching staff. Assessment tasks will be graded using a rubric, which will include formal written feedback for each of assessment task.
Assessment
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Design and implementation of a secure network
Students will design and implement a secure network for a simulated enterprise network. The assessment will consist of a report and a working implementation on a virtualised network.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Deployment of network security controls
Students will deploy a variety of network security controls and report on how they are used in relation to risk and security principles.
Assessment: Penetration testing report
Students will engage in a security exercise involving penetration testing, and write a report detailing the vulnerabilities discovered along with recommendations for improving security.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Academic Integrity
Students are expected to engage in learning and assessment at QUT with honesty, transparency and fairness. Maintaining academic integrity means upholding these principles and demonstrating valuable professional capabilities based on ethical foundations.
Failure to maintain academic integrity can take many forms. It includes cheating in examinations, plagiarism, self-plagiarism, collusion, and submitting an assessment item completed by another person (e.g. contract cheating). It can also include providing your assessment to another entity, such as to a person or website.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Further details of QUT’s approach to academic integrity are outlined in the Academic integrity policy and the Student Code of Conduct. Breaching QUT’s Academic integrity policy is regarded as student misconduct and can lead to the imposition of penalties ranging from a grade reduction to exclusion from QUT.
Resources
We will be using two prescribed textbooks that detail cloud and network security practices
Resource Materials
Reference book(s)
Computer Security and the Internet by Paul C. van Oorschot. Available online through QUT's library subscription to SpringerLink
Practical Cloud Security by Chris Dotson. Available online through QUT's library subscription to O'Reilly
Risk Assessment Statement
There is minimal health and safety risk in this unit. It is your responsibility to familiarise yourself with the Health and Safety policies and procedures applicable within campus areas.