| Semester 2, 2022 Toowoomba On-campus | |
| Units : | 1 |
| Faculty or Section : | Faculty of Health, Engineering and Sciences |
| School or Department : | School of Mathematics, Physics & Computing |
| Grading basis : | Graded |
| Course fee schedule : | /current-students/administration/fees/fee-schedules |
Staffing
Examiner:
Requisites
Pre-requisite: CSC8520
Overview
In today鈥檚 interconnected world, existing and emerging threats to privacy and security are of ever-growing concern. In addition to technical skills, security professionals need to be aware of the regulatory and ethical dimensions of security and privacy. Development of sound security policies and procedures to ensure compliance via security auditing are crucial in being confident that an organisation鈥檚 data and communications are secure. This advanced course forms an end-point in the formal investigation into security, and provides the skills for practitioners to continue to grow their expertise over a large range of present and future security technologies.
Building on basic knowledge of security concepts, this course introduces more advanced topics in IT security. Students will gain knowledge and hands-on experience with AAA (authentication, authorization and accounting), penetration testing and other concepts around security auditing and forensic analysis. A key task for security professionals, beyond the technical skills, is to take business requirements and craft appropriate policies, with reference to regulations and ethical conduct, and thus the course discusses ethics and legal issues in security and privacy and also presents methods of developing policy.
Course learning outcomes
On completion of this course students should be able to:
- Confidently analyse business requirements and develop security and privacy policies;
- Adequately apply regulatory, cultural and ethical dimensions of security and privacy to the practice of network management;
- Utilise penetration testing and other tools to audit security and identify security vulnerabilities;
- Utilise AAA tools to implement access control to servers or applications;
- Analysis and manage server security issues and implement server hardening professionally;
- Relate roles in security to the ACS Code of Ethics;
- Professionally communicate with other areas of an IT or business organisation for security related issues via formal documentations;
- Identify and critically assess emerging trends in wireless networking.
Topics
| Description | Weighting(%) | |
|---|---|---|
| 1. | Developing security policy | 10.00 |
| 2. | AAA and multifactor authentication | 15.00 |
| 3. | Privacy policies and data management | 10.00 |
| 4. | Security auditing | 15.00 |
| 5. | Penetration testing, intrusion detection and prevention | 15.00 |
| 6. | Server security and server hardening | 15.00 |
| 7. | Ethics and legal issues in security and privacy | 10.00 |
| 8. | Emerging trends and regulatory, cultural, and ethical dimensions in network security management | 10.00 |
Text and materials required to be purchased or accessed
Student workload expectations
To do well in this subject, students are expected to commit approximately 10 hours per week including class contact hours, independent study, and all assessment tasks. If you are undertaking additional activities, which may include placements and residential schools, the weekly workload hours may vary.
Assessment details
| Description | Group Assessment |
Weighting (%) | Course learning outcomes |
|---|---|---|---|
| Planning document | No | 24 | 1,2,5,7 |
| Tech and/or scntific artefact | No | 26 | 3,4,5 |
| Report | No | 50 | 1,2,3,4,5,6,7,8 |