ECM3445 - Cyber Security 2 (2023)
| MODULE TITLE | Cyber Security 2 | CREDIT VALUE | 15 |
|---|---|---|---|
| MODULE CODE | ECM3445 | MODULE CONVENER | Mr Alexander Richardson-Hall (Coordinator) |
| DURATION: TERM | 1 | 2 | 3 |
|---|---|---|---|
| DURATION: WEEKS | 12 | 0 | 0 |
| Number of Students Taking Module (anticipated) | 15 |
|---|
A cyber security analyst is responsible for the implementation, maintenance and support of the security controls that protect an organisation’s systems and data assets from threats and hazards. You ensure that security technologies and practices are operating in accordance with the organisation’s policies and standards to provide continued protection. You require a broad understanding of network infrastructure, software and data to identify where threat and hazard can occur. You are responsible for performing periodic vulnerability assessments to evaluate the organisation’s ongoing security posture and will provide visibility to management of the main risks and control status on an ongoing basis. You will respond to security incidents and implement resolution activities across the organisation.
Pre-requisite ECM3437 Cyber Security 1
The aim of this module is to further develop your skills and knowledge in cyber security principles and techniques and their application in the business context, addressing social aspects of security, planning for and reacting to security incidents, and enhanced skills in implementing and demonstrating the effectiveness of security controls
On successful completion of this module you should be able to:
Module Specific Skills and Knowledge
1. Analyse and evaluate security threats and vulnerabilities to planned and installed information systems or services and identify how these can be mitigated against
2. Perform security risk assessments for a range of information systems and propose solutions
3. Develop a security case against recognised security threats, and recommend mitigation, security controls and appropriate processes.
4. Define and justify a user access policy for an information system given knowledge of the system architecture, security requirements and threat/risk environment. This should be in terms of what they can do, resources they can access, and operations they are allowed to perform
5. Perform a business impact analysis in response to a security incident and follow a disaster recovery plan to meet elements of a given business continuity policy
6. Conduct a range of cyber security audit activities to demonstrate security control effectiveness
7. Research and investigate common and emerging attack techniques and recommend how to defend against them
8. Identify and follow organisational security policies and standards and implement security processes in line with policies and standards
9. Analyse security requirements including functional and non-functional security requirements that may be presented in a security case.
Discipline Specific Skills and Knowledge
10. Assess the types of security (confidentiality, authentication; non-repudiation; service integrity) and security big picture (network security; host OS security; physical security)
11. Understand the main types of common attack techniques, including phishing, social engineering, malware, network interception, blended techniques, denial of service and theft
12. Recognise and assess risk including performing a risk assessment
13. Apply penetration testing effectively and how it contributes to assurance
14. Use different approaches to risk treatment and management in practice
15. Understand What the ‘cyber security culture’ in an organisation is, and how it may contribute to security risk
16. Recognise the typical security hazards that may concern an organisation
Personal and Key Transferable / Employment Skills and Knowledge
17. Communicate orally and in writing
18. Solve problems creatively
19. Think analytically and critically
20. Organise your own work
21. Work to a deadline
22. Make decisions
Cyber security in practice (2 weeks)
• Cyber security culture in organisations; contribution to risk
• Case studies in cyber security
Reacting to security incidents (3 weeks)
• Intrusion detection systems, honeypots, etc.
• Analysing business impact for a security incident
• Using logs and audit trails to reconstruct an attack
• Following a disaster recovery plan to provide business continuity
Developing a security threat response plan (2 weeks)
• The different approaches to risk treatment and management in practice
• Developing a security case against recognised security threats
• Defining and justifying a user access policy for an information system
• Recommending mitigation, security controls and appropriate processes
Implementing additional security controls (3 weeks)
• Backups
• Email protection and filtering
• Preventing physical intrusions
Demonstrating security control effectiveness (2 weeks)
• Cyber security audit; reviewing capabilities, resources and permitted operations
• Penetration testing and ethical hacking; contribution to assurance
| Scheduled Learning & Teaching Activities | 22.00 | Guided Independent Study | 128.00 | Placement / Study Abroad | 0.00 |
|---|
| Category | Hours of study time | Description |
| Scheduled learning and teaching activities | 18 |
Online learning activity, including virtual workshops, synchronous and asynchronous virtual lectures and other e-learning. |
| Scheduled learning and teaching activities | 2 | Lectures |
| Scheduled learning and teaching activities | 2 | Group workshops |
| Guided independent study | 128 | Coursework, exam preparation and self-study |
| Form of Assessment | Size of Assessment (e.g. duration/length) | ILOs Assessed | Feedback Method |
|---|---|---|---|
| Contribution to class discussion | N/A | 1-24 | Verbal |
| Coursework | 60 | Written Exams | 40 | Practical Exams | 0 |
|---|
| Form of Assessment | % of Credit | Size of Assessment (e.g. duration/length) | ILOs Assessed | Feedback Method |
|---|---|---|---|---|
| Threat/incident response assignment | 60 | 3,000 words | 1-3, 6, 7, 9, 12, 14, 16-22 | Written |
| Written Exam | 40 | 2 hours | 1-21, | Written |
| Original Form of Assessment | Form of Re-assessment | ILOs Re-assessed | Time Scale for Re-assessment |
|---|---|---|---|
| Threat/incident response assignment (60%) | Threat/incident response assignment | 1-3, 6, 7, 9, 12, 14, 16-22 | Completed over summer with a deadline in August |
| Written Exam (40%) | Written Exam (2 hours) | 1-21, | August assessment period |
Deferral – if you miss an assessment for certificated reasons judged acceptable by the Mitigation Committee, you will normally be deferred in the assessment. The mark given for a re-assessment taken as a result of deferral will not be capped and will be treated as it would be if it were your first attempt at the assessment.
Referral – if you have failed the module overall (i.e. a final overall module mark of less than 40%) you may be required to sit a referral. The mark given for a re-assessment taken as a result of referral will be capped at 40%.
information that you are expected to consult. Further guidance will be provided by the Module Convener
ELE: http://vle.exeter.ac.uk
Reading list for this module:
| Type | Author | Title | Edition | Publisher | Year | ISBN | Search |
|---|---|---|---|---|---|---|---|
| Set | Pfleeger, C. P., Pfleeger, S. L., Margulies, J | Security in Computing | 5th | Prentice Hall | 2015 | 978-0-13-408504-3 | [Library] |
| Set | Graham, J.. Howard, R., Olson, R. | Cyber Security Essentials | 1st | CRC Press | 2011 | 9781439851234 | [Library] |
| Set | Stewart, J. M., Chapple, M., Gibson, D. | CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide | 7th | Sybes | 2015 | 978-1119042716 | [Library] |
| CREDIT VALUE | 15 | ECTS VALUE | 7.5 |
|---|---|---|---|
| PRE-REQUISITE MODULES | ECM3437 |
|---|---|
| CO-REQUISITE MODULES |
| NQF LEVEL (FHEQ) | 6 | AVAILABLE AS DISTANCE LEARNING | No |
|---|---|---|---|
| ORIGIN DATE | Friday 22 January 2016 | LAST REVISION DATE | Wednesday 18 January 2023 |
| KEY WORDS SEARCH | Cyber Security |
|---|