| Semester 1, 2022 Online | |
| Units : | 1 |
| Faculty or Section : | Faculty of Business, Education, Law and Arts |
| School or Department : | School of Business |
| Grading basis : | Graded |
| Course fee schedule : | /current-students/administration/fees/fee-schedules |
Staffing
Examiner:
Requisites
Pre-requisite: CSC1401
Overview
Students entering the Information Communications and Technology profession need to develop a good understanding of the importance of information security for organisations and society. Students must have a good working knowledge of the role of information security in providing an appropriate level of confidentiality, integrity and availability while considering the legal, privacy and ethical implications. Students need to develop the knowledge and skills while using a range of security technologies and tools to identify potential threats and vulnerabilities that may exist in business systems and networks and manage security architecture and design and the associated risks and legal, privacy and ethical issues that may rise. This course provides students with an intermediate knowledge of the key principles necessary for managing the security of business information systems and networks.
Students study contemporary information security theory and practice in the context of threats, attacks and vulnerabilities that may exist in business systems and networks and the security controls that can be put in place to ensure that the risks are managed at an acceptable level. Students will develop their skills and knowledge so that they can evaluate information security situations. They will be able to identify specific threats, attacks, vulnerabilities, and manage security architecture and design legal, privacy or ethical issues that may arise. They will be able to clearly communicate and propose recommendations to manage the risks. Students will be assessed on their understanding of key concepts of information security and their ability to apply and communicate effectively contemporary information security theory and practice to real world problems in the assignments and the final examination.
Course learning outcomes
On successful completion of this course, students should be able to:
- analyse information security threats, attacks and vulnerabilities and determine appropriate security architecture, design and controls that can be applied to mitigate the potential risks;
- describe the role of disaster recovery and business continuity plans in recovering information and operational systems when systems and hardware fail;
- describe why legal privacy and ethical issues play an important part in effectively managing information security;
- communicate effectively written and orally about the management of information security in organisations.
Topics
| Description | Weighting(%) | |
|---|---|---|
| 1. | Threats, attacks and vulnerabilities | 20.00 |
| 2. | Legal, Ethical and Privacy Issues | 5.00 |
| 3. | Security technologies and tools | 16.00 |
| 4. | Security architecture and design | 20.00 |
| 5. | Identity and access management | 15.00 |
| 6. | Risk management | 13.00 |
| 7. | Cryptography and public key encryption | 11.00 |
Text and materials required to be purchased or accessed
(includes CD.)
Student workload expectations
To do well in this subject, students are expected to commit approximately 10 hours per week including class contact hours, independent study, and all assessment tasks. If you are undertaking additional activities, which may include placements and residential schools, the weekly workload hours may vary.
Assessment details
| Description | Weighting (%) | Course learning outcomes |
|---|---|---|
| QUIZ 1 | 10 | 1 |
| ASST 2 - ORAL PRESENTATION | 30 | 3,4 |
| ASST 3 - WRITTEN CASE STUDY | 40 | 1,2,4 |
| QUIZ 2 | 20 | 2,3 |