Course Title: Develop a cyber security industry project
Part B: Course Detail
Teaching Period: Term1 2023
Course Code: COSC6238
Course Title: Develop a cyber security industry project
Important Information:
Please note that this course may have compulsory in-person attendance requirements for some teaching activities.
To participate in any RMIT course in-person activities or assessment, you will need to comply with RMIT vaccination requirements which are applicable during the duration of the course. This RMIT requirement includes being vaccinated against COVID-19 or holding a valid medical exemption.
Please read this RMIT Enrolment Procedure as it has important information regarding COVID vaccination and your study at RMIT: https://policies.rmit.edu.au/document/view.php?id=209.
Please read the Student website for additional requirements of in-person attendance: https://www.rmit.edu.au/covid/coming-to-campus
Please check your Canvas course shell closer to when the course starts to see if this course requires mandatory in-person attendance. The delivery method of the course might have to change quickly in response to changes in the local state/national directive regarding in-person course attendance.
School: 520T Future Technologies
Campus: City Campus
Program: C4408 - Certificate IV in Cyber Security
Course Contact: Michael Barton
Course Contact Phone: +61 3 9925 4381
Course Contact Email: michael.barton2@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Nominal Hours: 120
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
NIL
Course Description
The purpose of this unit is to undertake a project that simulates a real cyber security environment. The project may include using a Cyber Security Operations Centre (CSOC) sandbox or equivalent laboratory environment. This environment allows the participant to demonstrate configuring and testing of firewalls, implementing Intrusion Detection System (IDS) and evaluating and identifying any traffic anomalies. The use of Red & Blue teaming exercises to identify security breaches and apply mitigation strategies to minimise further risk should be included as part of the exercise.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
VU21992 Develop a cyber security industry project |
Element: |
1.Determine context of business need or problem |
Performance Criteria: |
1.1 Scope and system boundaries of the business problem are determined together with the problem solving methodology 1.2 Background information is gathered and development of questions appropriate to business problem are prepared 1.3 Objectives and expected outcomes to be achieved are identified and documented 1.4 Key elements for project milestones are identified 1.5 Work plan statement is developed 1.6 Documentation for substantiation is submitted to relevant person/s |
Element: |
2.Establish project team |
Performance Criteria: |
2.1 Team members for the project are selected 2.2 Individual responsibilities for each team member are defined 2.3 Team performance criteria is established 2.4 Methodology of team performance measurement is defined |
Element: |
3.Support the project plan development |
Performance Criteria: |
3.1 Process of identify tasks and resources needed to complete the project plan is determined 3.2 Schedule of project tasks including realistic timeframes and costs is prepared 3.3 Specific responsibilities to project team members are allocated 3.4 Process to manage risks and/or unexpected events that may impact upon the project objectives and/or timelines is developed |
Element: |
4.Evaluate the suitability of the gathered resources |
Performance Criteria: |
4.1 Key components required from the provided design are identified 4.2 Resources for the project are allocated 4.3 Team members familiarise themselves with the operation of the selected resources and investigate in more detail where required, for project implementation |
Element: |
5.Implement the provided project design |
Performance Criteria: |
5.1 Suitable systematic processes that implement the provided design are identified 5.2 Each section of the provided design is implemented and tested for functionality according to prescribed test procedures 5.3 Verification of end to end functionality of the design with team members input is performed 5.4 Feedback to the system designer is provided 5.5 System changes provided by the system designer are implemented 5.6 Documentation for the process is prepared such as meeting minutes, reports, email trails and presentations |
Element: |
6.Support the development of an implementation plan |
Performance Criteria: |
6.1 Implementation plan with minimal end user's disruption is developed and implemented 6.2 Where appropriate, end user training is provider |
Element: |
7.Review team activities and performances |
Performance Criteria: |
7.1 Completed technical documentation covering the scope of work is drafted and checked for accuracy 7.2 Technical documentation is submitted for approval by appropriate person/s 7.3 Technical documentation for publication is prepared, printed and distributed 8.1 Team performance against objectives is reviewed 8.2 Matters affecting policies, plans and other related issues are discussed regularly with the team 8.3 Team members input during the decision making process is sought 8.4 Proposed workplace changes and improvements to processes are determined with team members input 8.5 Individual achievement of team members is recognized 8.6 Team objectives against targets are validated |
Element: |
8.Support project completion and handover |
Performance Criteria: |
9.1 Project timeframes, scope, cost and quality expectations are evaluated 9.2 Project risks strategy is reviewed by team members 9.3 Ability of project deliverables to meet project expectations are verified 9.4 Support or maintenance documents if applicable are prepared 9.5 Where appropriate end users are trained 9.6 Final project sign-off from sponsor and key stakeholders is obtained from the client 9.7 Project is closed and experience gained and lessons learnt are documented |
Learning Outcomes
Refer to Elements
Details of Learning Activities
Evidence should show competency working in a realistic environment and a variety of conditions. The candidate will have access to all tools, equipment, materials and documentation required. The candidate will be permitted to refer to any relevant workplace procedures, product and manufacturing specifications, codes, standards, manuals and reference materials.
This unit may be assessed on the job, off the job or a combination of both. Where assessment occurs off the job, then an appropriate simulation must be used where the range of conditions reflects realistic workplace situations. The competencies covered by this unit would be demonstrated by an individual working alone or as part of a team. The assessment environment should not disadvantage the candidate.
Evidence can be gathered in a combination of ways including:
- observation of processes and procedures
- oral and/or written questioning on required knowledge and skills
- testimony from supervisors, colleagues, clients and/or other appropriate persons
- inspection of the final product or outcome
- portfolio of documented evidence.
Where performance is not directly observed and/or is required to be demonstrated over a period of time and/or in a number of locations, any evidence should be authenticated by colleagues, supervisors, clients or other appropriate persons.
Teaching Schedule
| 1 | Introduction to Installing virtual Machines |
|
| 2 | Introduction to Security Testing |
|
| 3 | Introduction to Network Scanning |
Checkup |
| 4 | Introduction to Network Reconnaissance |
Checkup |
| 5 | Introduction to Application layer attacks |
Checkup |
| 6 | Introduction to Wireless Security |
Checkup |
| 7 | Introduction to IPS/IDS and Firewalls |
Checkup |
| 8 | Introduction to site to site VPN |
Checkup |
| 9 | Introduction to Team Development and Final lab Setup |
|
| 10 | Introduction to Tender Response Fundamentals and Final lab Setup |
Assessment 1 and 2 Released |
| 11 | Introduction to Assessment Day 1 and SOC Models |
Assessment 1 and 2 Checkup |
| 12 | Introduction to Assessment Day 2 and Network Design |
Assessment 1 and 2 Checkup |
| 13 | Introduction to Assessment Day 3 and Incident Response |
Assessment 1 and 2 Checkup |
| 14 | Introduction to Assessment Day 4 and Red Blue Teams |
Assessment 1 and 2 Checkup |
| 15 | Introduction to Assessment Day 5 Threat Intelligence |
Assessment 1 and 2 Due |
| 16 | Final Wrap up for assessment |
Learning Resources
Prescribed Texts
References
Other Resources
Students are Suggestd to have a windows based computer with at least 16 gig of ram and an i5 processor or better. or have access to an intel baased apple computer.
Students will have access to cisco courses at netacad.com
Students are advised to have a 500 gigabyte ssd hard drive to store virtual machines on for use with virtualbox and vmware
Overview of Assessment
Assessment 1: Industry Project Documentation
Assessment 2: Industry Project Practical Observations
These tasks assesses the following Course Learning Outcomes (CLOs):
Assessment Mapping Matrix
Elements/Performance Criteria |
Assessment 1 |
Assessment 2 |
1.1 |
X |
|
1.2 |
X |
X |
1.3 |
X |
|
1.4 |
X |
|
1.5 |
X |
|
1.6 |
X |
|
2.1 |
X |
|
2.2 |
X |
|
2.3 |
X |
|
2.4 |
X |
|
3.1 |
X |
|
3.2 |
X |
|
3.3 |
X |
|
3.4 |
X |
|
4.1 |
X |
|
4.2 |
X |
|
4.3 |
X |
|
5.1 |
x |
|
5.2 |
X |
|
5.3 |
X |
X |
5.4 |
X |
|
5.5 |
X |
|
5.6 |
X |
|
6.1 |
X |
|
6.2 |
X |
X |
7.1 |
X |
|
7.2 |
X |
|
7.3 |
X |
|
8.1 |
X |
|
8.2 |
|
X |
8.3 |
X |
X |
8.4 |
X |
|
8.5 |
X |
|
8.6 |
X |
|
9.1 |
X |
|
9.2 |
X |
|
9.3 |
X |
|
9.4 |
X |
X |
9.5 |
|
X |
9.6 |
X |
|
9.7 |
X |
|
Assessment Tasks
Assessment 1: Industry Project Documentation
Assessment 2: Industry Project Practical Observations
Assessment Matrix
Other Information
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
- assignment writing, thesis writing and study skills advice
- maths and science developmental support and advice
- English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Late submission:
If you require an Extension of Submittable Work (assignments, reports or project work etc.) for 7 calendar days or less (from the original due date) and have valid reasons, you must complete and lodge an Application for Extension of Submittable Work (7 Calendar Days or less) form and lodge it with the Senior Educator/ Program Manager.
The application must be lodged no later than one working day before the official due date. You will be notified within no more than 2 working days of the date of lodgment as to whether the extension has been granted.
If you seek an Extension of Submittable Work for more than 7 calendar days (from the original due date) must lodge an Application for Special Consideration form under the provisions of the Special Consideration Policy, preferably prior to, but no later than 2 working days after the official due date.
Submittable Work (assignments, reports or project work etc.) submitted late without approval of an extension will not be accepted or assessed.
Special consideration:
Please Refer http://www.rmit.edu.au/students/specialconsideration to find more information about special consideration
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Other Information:
All email communications will be sent to your RMIT email address and you must regularly check your RMIT emails.
Course Overview: Access Course Overview