CAB444 Secure Network Architectures
To view more information for this unit, select Unit Outline from the list below. Please note the teaching period for which the Unit Outline is relevant.
| Unit code: | CAB444 |
|---|---|
| Prerequisite(s): | CAB222 and (CAB440 or CAB443) |
| Credit points: | 12 |
| Timetable | Details in HiQ, if available |
| Availabilities |
|
| CSP student contribution | $1,192 |
| Domestic tuition unit fee | $4,704 |
| International unit fee | $5,640 |
Unit Outline: Semester 2 2026, Gardens Point, Internal
| Unit code: | CAB444 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | CAB222 and (CAB440 or CAB443) |
Overview
As a system administrator or information security professional, you are expected to have an in-depth understanding of various network security controls, principles, and analysis tools and their use in a wider cybersecurity context. In this unit, you will analyse real-world security incidents and learn to use tools and protection measures to design, build, test and maintain an organisation’s security infrastructure that can effectively withstand cyber threats and fortify defenses.
Learning Outcomes
On successful completion of this unit you will be able to:
- Apply cyber security principles to ensure organisational risk management and compliance.
- Design secure network systems to ensure critical information assets are protected.
- Analyse networks using appropriate tools and technologies to identify cyber security vulnerabilities.
- Communicate cyber security issues and propose mitigation strategies appropriate for technical and non-technical audiences.
- Collaborate in a team environment to monitor and maintain security of a network.
Content
This unit covers network security principles, industry practices, controls, and analysis tools, including:
- The cybersecurity context of network security, encompasses risk identification and assessment, secure network design principles, cloud, hybrid, and on-premises architectures, zero trust, governance, and risk mitigation strategies.
- Network security controls, including firewalls, VPNs, proxies, IDS/IPS, network segmentation, AI/ML-based detection, and resilience measures.
- Network security analysis, covering ethical hacking, penetration testing, vulnerability scanning, exploitation, documentation, reporting, and incident root cause analysis.
Learning Approaches
This unit will use a mix of theoretical lectures and practical exercises. During lectures we will learn the principles of techniques used for security and why. During practicals you will implement those techniques in a virtualised environment.
Feedback on Learning and Assessment
You can expect to spend 10-15 hours per week preparing for and attending scheduled weekly lectures and tutorials, preparing and completing assessment tasks, conducting independent study and consolidating your learning.
There are multiple opportunities to receive feedback on your learning in this unit. You will receive individual and whole-of-class feedback during tutorial classes. Support and feedback will also be provided in response to questions posed through the unit communication channel from your peers and teaching staff. Assessment tasks will be graded using a rubric, which will include formal written feedback for each of assessment task.
Assessment
Overview
Assessment in this unit is designed to develop and evaluate your capabilities in secure network design and testing. You will apply theoretical concepts to practical scenarios, demonstrating their ability to design secure architectures, implement appropriate security controls, and assess the security posture of networked systems through penetration testing. The assessments provide you with opportunities to engage with real-world security challenges and communicate technical findings effectively.
The assessment covers both the knowledge acquired throughout the semester and practical application using industry standard tools. You should be able to work both independently and as a productive and cooperative team member.
- Independent work is required to complete some assessment items. For these items, although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort. It is your responsibility to ensure that your work is completed in a timely manner.
- For group assessment tasks it is the responsibility of all group members to ensure the work is completed.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Design and implementation of secure network architecture and services
You will design and implement a secure network for a simulated enterprise/organisation. The assessment will consist of a working implementation on a virtualised network and a report communicating the secure design of the network.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Penetration testing and mitigations
Working in teams, you will engage in a security exercise to conduct a penetration test of a network. You will be required to write a report detailing the vulnerabilities discovered, and proposed mitigation strategies.
You will undertake a self and peer evaluation as part of the assessment task.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Academic Integrity
Academic integrity is a commitment to undertaking academic work and assessment in a manner that is ethical, fair, honest, respectful and accountable.
The Academic Integrity Policy sets out the range of conduct that can be a failure to maintain the standards of academic integrity. This includes, cheating in exams, plagiarism, self-plagiarism, collusion and contract cheating. It also includes providing fraudulent or altered documentation in support of an academic concession application, for example an assignment extension or a deferred exam.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Breaching QUT’s Academic Integrity Policy or engaging in conduct that may defeat or compromise the purpose of assessment can lead to a finding of student misconduct (Code of Conduct – Student) and result in the imposition of penalties under the Management of Student Misconduct Policy, ranging from a grade reduction to exclusion from QUT.
Resources
All learning materials to support your learning in this unit will be provided in the unit Canvas site
Risk Assessment Statement
There is minimal health and safety risk in this unit. It is your responsibility to familiarise yourself with the Health and Safety policies and procedures applicable within campus areas.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IN01 Bachelor of Information Technology
- Demonstrate a broad theoretical and technical knowledge of well-established and emerging IT disciplines, with in-depth knowledge in at least one specialist area aligned to multiple ICT professional roles.
Relates to: ULO1, Penetration testing and mitigations - Critically analyse and conceptualise complex IT challenges and opportunities using modelling, abstraction, ideation and problem-solving to generate, evaluate and justify recommended solutions.
Relates to: ULO3, Design and implementation of secure network architecture and services, Penetration testing and mitigations - Integrate and apply technical knowledge and skills to analyse, design, build, operate and maintain sustainable, secure IT systems using industry-standard tools, technologies, platforms, and processes.
Relates to: ULO2 - Demonstrate initiative, autonomy and personal responsibility for continuous learning, working both independently and collaboratively within multi-disciplinary teams, employing state-of-the-art IT project management methodologies to plan and manage time, resources, and risk.
Relates to: ULO5, Penetration testing and mitigations - Communicate professionally and effectively in written, verbal and visual formats to a diverse range of stakeholders, considering the audience and explaining complex ideas in a simple and understandable manner in a range of IT-related contexts.
Relates to: ULO4, Design and implementation of secure network architecture and services
Unit Outline: Semester 2 2026, Online
| Unit code: | CAB444 |
|---|---|
| Credit points: | 12 |
| Pre-requisite: | CAB222 and (CAB440 or CAB443) |
Overview
As a system administrator or information security professional, you are expected to have an in-depth understanding of various network security controls, principles, and analysis tools and their use in a wider cybersecurity context. In this unit, you will analyse real-world security incidents and learn to use tools and protection measures to design, build, test and maintain an organisation’s security infrastructure that can effectively withstand cyber threats and fortify defenses.
Learning Outcomes
On successful completion of this unit you will be able to:
- Apply cyber security principles to ensure organisational risk management and compliance.
- Design secure network systems to ensure critical information assets are protected.
- Analyse networks using appropriate tools and technologies to identify cyber security vulnerabilities.
- Communicate cyber security issues and propose mitigation strategies appropriate for technical and non-technical audiences.
- Collaborate in a team environment to monitor and maintain security of a network.
Content
This unit covers network security principles, industry practices, controls, and analysis tools, including:
- The cybersecurity context of network security, encompasses risk identification and assessment, secure network design principles, cloud, hybrid, and on-premises architectures, zero trust, governance, and risk mitigation strategies.
- Network security controls, including firewalls, VPNs, proxies, IDS/IPS, network segmentation, AI/ML-based detection, and resilience measures.
- Network security analysis, covering ethical hacking, penetration testing, vulnerability scanning, exploitation, documentation, reporting, and incident root cause analysis.
Learning Approaches
This unit will use a mix of theoretical lectures and practical exercises. During lectures we will learn the principles of techniques used for security and why. During practicals you will implement those techniques in a virtualised environment.
Feedback on Learning and Assessment
You can expect to spend 10-15 hours per week preparing for and attending scheduled weekly lectures and tutorials, preparing and completing assessment tasks, conducting independent study and consolidating your learning.
There are multiple opportunities to receive feedback on your learning in this unit. You will receive individual and whole-of-class feedback during tutorial classes. Support and feedback will also be provided in response to questions posed through the unit communication channel from your peers and teaching staff. Assessment tasks will be graded using a rubric, which will include formal written feedback for each of assessment task.
Assessment
Overview
Assessment in this unit is designed to develop and evaluate your capabilities in secure network design and testing. You will apply theoretical concepts to practical scenarios, demonstrating their ability to design secure architectures, implement appropriate security controls, and assess the security posture of networked systems through penetration testing. The assessments provide you with opportunities to engage with real-world security challenges and communicate technical findings effectively.
The assessment covers both the knowledge acquired throughout the semester and practical application using industry standard tools. You should be able to work both independently and as a productive and cooperative team member.
- Independent work is required to complete some assessment items. For these items, although you may discuss the assessment topics with others, the work you submit for assessment must be your own individual effort. It is your responsibility to ensure that your work is completed in a timely manner.
- For group assessment tasks it is the responsibility of all group members to ensure the work is completed.
Unit Grading Scheme
7- point scale
Assessment Tasks
Assessment: Design and implementation of secure network architecture and services
You will design and implement a secure network for a simulated enterprise/organisation. The assessment will consist of a working implementation on a virtualised network and a report communicating the secure design of the network.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Assessment: Penetration testing and mitigations
Working in teams, you will engage in a security exercise to conduct a penetration test of a network. You will be required to write a report detailing the vulnerabilities discovered, and proposed mitigation strategies.
You will undertake a self and peer evaluation as part of the assessment task.
This assignment is eligible for the 48-hour late submission period and assignment extensions.
Academic Integrity
Academic integrity is a commitment to undertaking academic work and assessment in a manner that is ethical, fair, honest, respectful and accountable.
The Academic Integrity Policy sets out the range of conduct that can be a failure to maintain the standards of academic integrity. This includes, cheating in exams, plagiarism, self-plagiarism, collusion and contract cheating. It also includes providing fraudulent or altered documentation in support of an academic concession application, for example an assignment extension or a deferred exam.
You are encouraged to make use of QUT’s learning support services, resources and tools to assure the academic integrity of your assessment. This includes the use of text matching software that may be available to assist with self-assessing your academic integrity as part of the assessment submission process.
Breaching QUT’s Academic Integrity Policy or engaging in conduct that may defeat or compromise the purpose of assessment can lead to a finding of student misconduct (Code of Conduct – Student) and result in the imposition of penalties under the Management of Student Misconduct Policy, ranging from a grade reduction to exclusion from QUT.
Resources
All learning materials to support your learning in this unit will be provided in the unit Canvas site
Risk Assessment Statement
There is minimal health and safety risk in this unit. It is your responsibility to familiarise yourself with the Health and Safety policies and procedures applicable within campus areas.
Course Learning Outcomes
This unit is designed to support your development of the following course/study area learning outcomes.IN01 Bachelor of Information Technology
- Demonstrate a broad theoretical and technical knowledge of well-established and emerging IT disciplines, with in-depth knowledge in at least one specialist area aligned to multiple ICT professional roles.
Relates to: ULO1, Penetration testing and mitigations - Critically analyse and conceptualise complex IT challenges and opportunities using modelling, abstraction, ideation and problem-solving to generate, evaluate and justify recommended solutions.
Relates to: ULO3, Design and implementation of secure network architecture and services, Penetration testing and mitigations - Integrate and apply technical knowledge and skills to analyse, design, build, operate and maintain sustainable, secure IT systems using industry-standard tools, technologies, platforms, and processes.
Relates to: ULO2 - Demonstrate initiative, autonomy and personal responsibility for continuous learning, working both independently and collaboratively within multi-disciplinary teams, employing state-of-the-art IT project management methodologies to plan and manage time, resources, and risk.
Relates to: ULO5, Penetration testing and mitigations - Communicate professionally and effectively in written, verbal and visual formats to a diverse range of stakeholders, considering the audience and explaining complex ideas in a simple and understandable manner in a range of IT-related contexts.
Relates to: ULO4, Design and implementation of secure network architecture and services