Course Title: Manage network security
Part B: Course Detail
Teaching Period: Term2 2022
Course Code: COSC7380C
Course Title: Manage network security
Important Information:
Please note that this course may have compulsory in-person attendance requirements for some teaching activities.
To participate in any RMIT course in-person activities or assessment, you will need to comply with RMIT vaccination requirements which are applicable during the duration of the course. This RMIT requirement includes being vaccinated against COVID-19 or holding a valid medical exemption.
Please read this RMIT Enrolment Procedure as it has important information regarding COVID vaccination and your study at RMIT: https://policies.rmit.edu.au/document/view.php?id=209.
Please read the Student website for additional requirements of in-person attendance: https://www.rmit.edu.au/covid/coming-to-campus
Please check your Canvas course shell closer to when the course starts to see if this course requires mandatory in-person attendance. The delivery method of the course might have to change quickly in response to changes in the local state/national directive regarding in-person course attendance.
School: 520T Future Technologies
Campus: City Campus
Program: C4408 - Certificate IV in Cyber Security
Course Contact: Luke Eberbach
Course Contact Phone: +61 3 9925 4381
Course Contact Email: luke.eberbach@rmit.edu.au
Name and Contact Details of All Other Relevant Staff
Course Coordinator: Syed Mohammad Zohaib
Email: syed.zohaib@rmit.edu.au
Nominal Hours: 80
Regardless of the mode of delivery, represent a guide to the relative teaching time and student effort required to successfully achieve a particular competency/module. This may include not only scheduled classes or workplace visits but also the amount of effort required to undertake, evaluate and complete all assessment requirements, including any non-classroom activities.
Pre-requisites and Co-requisites
NIL
Course Description
This unit describes the skills and knowledge required to implement and manage security functions throughout a network.
It applies to individuals with excellent information and communications technology (ICT) expertise who lead the development of strategic reviews of security and provide technical advice, guidance and leadership in resolution of specified problems.
National Codes, Titles, Elements and Performance Criteria
National Element Code & Title: |
ICTNWK511 Manage network security |
Element: |
1. Define a process for designing security |
Performance Criteria: |
1.1 Define planning phase for network security design 1.2 Define building phase for network security design 1.3 Define managing phase for network security design |
Element: |
2. Identify threats to network security |
Performance Criteria: |
2.1 Determine why attacks occur 2.2 Determine who the attack may come from 2.3 Analyse common types of network vulnerabilities 2.4 Determine how attacks occur 2.5 Design a threat model to categorise treats |
Element: |
3. Analyse security risks |
Performance Criteria: |
3.1 Determine elements of risk management 3.2 Determine assets that require protection 3.3 Categorise assets and calculate their value to the organisation 3.4 Create a risk management plan |
Element: |
4. Create a security design |
Performance Criteria: |
4.1 Determine attacker scenarios and threats 4.2 Design security measures for network components 4.3 Obtain feedback and adjust if required 4.4 Develop security policies |
Element: |
5. Design and implement responses to security incidents |
Performance Criteria: |
5.1 Design auditing and incident response procedure 5.2 Document security incidents 5.3 Implement configurations aligned with incident response procedure design 5.4 Test and sign off |
Learning Outcomes
Refer to Elements
Details of Learning Activities
This unit describes the skills and knowledge required to implement and manage security functions throughout a network.
It applies to individuals with excellent information and communications technology (ICT) expertise who lead the development of strategic reviews of security and provide technical advice, guidance and leadership in resolution of specified problems.
No licensing, legislative or certification requirements apply to this unit at the time of publication.
Teaching Schedule
Week |
Topics/Discussions |
ICTNWK511 Elements |
1 |
Topics
Tutorials
Revision
|
2.2 - 2.4 |
2 |
Topics
Labs
Revision
|
4.1 |
3 |
Topics
Labs
Revision
|
1.1 - 1.3, 2.3, 2.4, 4.2, 4.4 |
4 |
Topics
Labs
Tutorial
Assessments
|
1.1 - 1.3, 2.3, 2.4, 2.5, 4.2, 4.4
|
5 |
Topics
Assessments
|
4.4
|
6 |
Topics
Lab
Assessment
|
1.1 - 1.3
|
7 |
Topics
Tutorials
Assessment
|
3.1-3.4
|
8 |
Topics
Labs
|
2.1 - 2.4, 4.1, 4.2 |
9 |
Topics
Labs
Assessment
|
1.1, 1.2, 3.1, 4.1, 4.2 |
10 |
Topics
Lab
Tutorial
|
2.1 - 2.4, 4.1, 4.2 |
11 |
Topics
Labs
Revision
Assessment
|
4.2, 4.3 |
12 |
Topics
|
3.1 - 3.4, 5.1 - 5.4 |
13 |
Topics
Labs
Revision
Assessments
|
5.1 |
14 |
Topics
Tutorial
Revision
Assessments
|
1.1, 2.2 - 2.4, 3.1, 4.1, 5.1, 5.3 |
15 |
Topics
Revision
Assessments
|
5.1, 5.2 |
16 |
Resubmissions (If Applicable) |
|
17 |
Resubmissions (If Applicable) |
|
18 |
Results finalise |
|
Learning Resources
Prescribed Texts
References
Other Resources
We will be using Virtualisation to create different operating systems for this course.
You will be required to bring or purchase an External Hard Drive (Minimum 500GB) to complete your assessments. Without it, you will not be able to complete this course.
It is your responsibility to have this organized by the end of week 1 at the latest.
The school computers do not allocate enough disk space for you to install Virtual Machines on your profiles.
All other resources will be provided via the Cisco Networking academy
Overview of Assessment
Assessment 1: Knowledge Tests
Assessment 2: Project 1
Assessment 3: Project 2
These tasks assesses the following Course Learning Outcomes (CLOs):
Assessment Mapping Matrix
Elements/Performance Criteria |
Assessment 1 |
Assessment 2 |
Assessment 3 |
1.1 |
X |
||
1.2 |
X |
||
1.3 |
X |
||
2.1 |
X |
||
2.2 |
X |
||
2.3 |
X |
||
2.4 |
X |
||
2.5 |
X |
||
3.1 |
X |
||
3.2 |
X |
||
3.3 |
X |
||
3.4 |
X |
||
4.1 |
X |
||
4.2 |
X |
||
4.3 |
X |
||
4.4 |
X |
||
5.1 |
X |
||
5.2 |
X |
||
5.3 |
X |
||
5.4 |
X |
Assessment Tasks
Task 1 | Knowledge Tests |
Task 2 | Project 1 |
Task 3 | Project 2 |
Assessment Matrix
Unit Code |
ICTNWK511 |
Unit Title |
Manage network security |
Date Competency Assessment Map completed/revised |
July 2022 |
||
Position of the person/s who mapped assessments to the unit |
Syed Mohammad Zohaib |
||
Approved by |
Luke Eberbach |
||
Description This Competency Assessment Map is a key document for assessors and must be completed for all units delivered and assessed. This document confirms that that all aspects of the unit of competency and assessment requirements have been addressed. This document is part of your assessment tool and once completed, must be filed with the other assessment documents.
| |||
National Qualification Title |
Certificate IV in Cyber Security |
||
National Qualification Code |
22334VIC |
||
Elective unit or Core unit |
Elective |
Assessment task number and title Use correct Assessment Title as per Templates. For Example, Knowledge, Product or Practical |
Assessment One: ü Knowledge Assessment ☐ Product Assessment ☐ Practical Assessment |
Assessment Two: ☐ Knowledge Assessment ü Product Assessment ☐ Practical Assessment |
Assessment Three: ☐ Knowledge Assessment ü Product Assessment ☐ Practical Assessment
|
Foundation Skills – This section is only completed when foundation are explicitly stated in the unit of competency. In most Training Packages the foundation skills are integrated into the unit of competency and this is clearly stated. | ||
Foundation skill
|
Description
|
Describe how each foundation skill is demonstrated through the relevant assessment |
Writing
|
Uses factual information and industry related terminology to develop organisational plans, security policies and document security breaches |
AT1: Writing answers to knowledge questions AT2: 2.5 - Provide explanations on dealing with threats 4.2 - Design security measures needed that can be applied to an existing network 5.4 - Record the outcome of tests and identifying modifications required, if applicable. AT3 3.4 - Creating a Risk Management plan based on a scenario provided, writing clear information for staff in the event of a cybersecurity incident. 4.4 Write a security policy that is to be used for wireless connections when travelling for employees. 5.1 Creating an incident response plan which involves listing devices that require an audit, staff responsibilities, processes for alerting stakeholders and a review timeframe. |
Oral Communication |
Uses active listening, observational and questioning techniques in order to identify different perspectives and confirm and clarify understanding |
AT2: 4.3 Students are required to run a series of tests created by another student. The student running the tests will be required to verbally report the outcomes and any modifications required to the student who originally created the test so the outcome can be documented. |
Numeracy |
Calculates equipment costs in order to assess their business related value |
AT2: Calculate the value of a variety of IT equipment to an organisation. |
Get the work done |
Demonstrates a sophisticated understanding of principles, concepts, language and practices associated with the digital world and uses these to troubleshoot and reduce risks |
1.1-1.3 - AT1 Quiz 1 Q1d, e, f Students will be required to identify the 3 steps in planning, building and maintenance phases of security design. 2.1-2.3 - AT1 Quiz 1 Q1f, g. Quiz 2 Q2a, b Students need to identify why attacks occur, who they come from and some common vulnerabilities that exist that could be exploited. 2.4 - AT2 Section 1 Students will have to research and identify 3 main potential threats that could affect an employee while travelling, 3.1 AT1 Quiz 4 Q4a Students will identify 3 key elements of Risk Management in Network Security 3.2 -3.3 AT2 Section 1 Students will be required to audit a company’s assets, categorise them, identify their value and then the cost of replacing them. 4.1 AT3 Section 1, Task 1 Students must analyse a transcript which shows a cybersecurity attack. They must identify the type of attack and the red flags that could have prevented it. 4.2 AT2 Section 2 Students will need to identify vulnerabilities within a network, explain the vulnerability and create a solution to treat the vulnerability. 5.3, AT3 Section 2, Task 3a Students will add network controls to a network based on existing documentation that has been provided to them. 5.4 AT2 Section 3 and Section 4 Students will need to take their created solutions and test them with another person to ensure their solutions have successfully treated identified vulnerabilities. They will then need to sign off on their work as part of completing a report.
|
Uses digital tools to access and organise complex data and analyse multiple sources of information for strategic purposes | ||
Is acutely aware of the importance of understanding, monitoring and controlling access to digitally stored and transmitted information | ||
Uses a combination of formal and logical planning processes and an increasingly intuitive understanding of context to plan control methods for managing system security | ||
Makes a range of critical decisions in relatively complex situations, taking a range of constraints into account | ||
Recognises and addresses complex problems, including systems processes and rapid deployment of solutions to problems involving failure and security incidents |
Performance Evidence | |||
|
Assessment Task 1: Knowledge Tests |
Assessment Task 2: Project-1 |
Assessment Task 3: Project-2 |
identify threats to security
|
|
Section 1 |
Section 1, Task 2 |
develop risk management plan
|
|
|
Section 2, Task 1 |
design network security policies
|
|
|
Section 1, Task 3 |
analyse and plan solutions to compromised networks and design incident response
|
|
|
Section 2, Task 2 |
evaluate security information and use it to plan suitable control methods and countermeasures
|
|
|
Section 2, Task 3a |
add network controls, according to system security policies, procedures and risk management plan.
|
|
|
Section 2, Task 3b |
Knowledge Evidence | |||
|
Assessment Task 1: Knowledge Tests |
Assessment Task 2: Project-1 |
Assessment Task 3: Project-2 |
recognise and describe common ICT networks and their configuration |
Quiz 1: Q1a, Q1b, Q1c |
|
|
identify and describe network attacks, vulnerabilities and related weaknesses of installed infrastructure, including:
|
Quiz 2: Q2a, Q2b, Q2c, Q2d, Q2e, Q2f |
|
|
identify and describe network security measures, including:
|
Quiz 3: Q3a, Q3b, Q3c, Q3d, Q3e, Q3f, Q3g, Q3h |
|
|
explain network security implementation risk management plans and procedures, including:
|
Quiz 4: Q4a, Q4b, Q4c |
|
|
Assessment conditions |
Describe how assessments meet the assessment conditions |
Gather evidence to demonstrate consistent performance in conditions that are safe and replicate the workplace. Noise levels, production flow, interruptions and time variances must be typical of those experienced in the network industry, and include access to:
• a site or prototype where network security may be implemented and managed
• network support tools currently used in industry
• organisational security policies, manufacturer recommendations and security standards. |
Assessment performed in standard RMIT classrooms and computer labs under supervision. |
Assessors must satisfy NVR/AQTF assessor requirements. |
All assessors for this unit satisfy NVR/AQTF assessor requirements. |
Other Information
Assessments
To be deemed competent students must demonstrate an understanding of all aspects required of this course and must achieve a satisfactory standard in each assessment. Assessment methods have been designed to measure student's competency in each course over multiple tasks.
Resubmissions
For each assessment submitted by the due date in this course students will be given feedback within 2 weeks of the assessment submission. If you do not submit your assessment by the due date or if your first attempt is not satisfactory you will be allowed a single resubmission attempt for each assessment in this course. You will be provided with a new due date by your teacher for your resubmission attempt if a resubmission is required.
Due dates
All assessment tasks will have a due date provided and published in Canvas. Assessments submitted after the due date will not be accepted unless an extension has been provided or special consideration has been granted.
Extensions
If you will not be able to meet the due date for an assessment you may apply to your teacher for an extension of up to seven days by completing the Application of Time to Submit Assessment Work Form at https://www.rmit.edu.au/content/dam/rmit/documents/Students/Student_forms/Application-for-extension-of-time-to-submit-work.pdf (Links to an external site.) Applications for an extension of time must be received before the due date for an assessment.
Special Consideration
If unforeseen circumstances beyond your control prevent you from submitting your work on time you may be eligible to apply for special consideration. For further information regarding special consideration, please refer to the RMIT Special Consideration page at https://www.rmit.edu.au/students/student-essentials/assessment-and-results/special-consideration (Links to an external site.)
Credit Transfer and/or Recognition of Prior Learning (RPL):
You may be eligible for credit towards courses in your program if you have already met the learning/competency outcomes through previous learning and/or industry experience. To be eligible for credit towards a course, you must demonstrate that you have already completed learning and/or gained industry experience that is:
- Relevant
- Current
- Satisfies the learning/competency outcomes of the course
Please refer to http://www.rmit.edu.au/students/enrolment/credit to find more information about credit transfer and RPL.
Study and learning Support:
Study and Learning Centre (SLC) provides free learning and academic development advice to you.
Services offered by SLC to support your numeracy and literacy skills are:
assignment writing, thesis writing and study skills advice
maths and science developmental support and advice
English language development
Please Refer http://www.rmit.edu.au/studyandlearningcentre to find more information about Study and learning Support
Equitable Learning Services (ELS):
If you are suffering from long-term medical condition or disability, you should contact Equitable Learning Services (ELS) to seek advice and support to complete your studies.
Please refer to https://www.rmit.edu.au/students/support-and-facilities/student-support/equitable-learning-services to find more information about services offered by Equitable Learning Services (ELS).
Plagiarism:
Plagiarism is a form of cheating and it is very serious academic offence that may lead to expulsion from the University.
Please Refer: www.rmit.edu.au/academicintegrity to find more information about plagiarism.
Course Overview: Access Course Overview