Course unit details:
Cyber Security
| Unit code | COMP61421 |
|---|---|
| Credit rating | 15 |
| Unit level | FHEQ level 7 – master's degree or fourth year of an integrated master's degree |
| Teaching period(s) | Semester 1 |
| Available as a free choice unit? | No |
Overview
The spectacular growth of the Internet and wireless communication amidst a constantly transforming threat landscape has spawned an increased need for awareness in security techniques. This course unit covers a broad range of security issues in relation to networked environments, ranging from risk assessment, threat modeling, business continuity management, to security policy specifications, from threats and vulnerabilities to practical countermeasures through the ‘kill chain’.
Pre/co-requisites
| Unit title | Unit code | Requirement type | Description |
|---|---|---|---|
| Cryptography | COMP61411 | Pre-Requisite | Compulsory |
Aims
The course unit covers risk, human factors, and compensating technologies by considering the requirements of cyber and information system security with a systemic view of the development process from the 'Acquisition' through to the 'Disposal' stages.
Learning outcomes
- Apply critical thinking to assess the risk to an information system.
Understand risk, threats, and vulnerabilities in the context of cyber security and those who rely on it.
Evaluate intelligence to create a structured plan to reduce the risk posed by threats to an acceptable level
Translate the treatment of cyber security risk into consistent policy for resilient security management.
Apply a risk-based approach to cyber security testing.
Analyse and identify security vulnerabilities and threats in a networked or distributed system context.
Design and analyse security protocols or solutions for a given security problem or for achieving a given security goal.
Describe, analyse and apply security techniques and technologies learnt in the course unit to solve real-life security problems in practical systems.
Demonstrate your awareness of recent research directions or activities in the area of cyber security.
Syllabus
Information assurance: the need for computer and network security
- Security Breaches
- Mistakes, criminality and cyber terrorism
- System Life cycles
- Plan-do-check-act
- Propose, direct, monitor
- Trustworthy software
- Vulnerabilities
- Technological
- Human vulnerabilities in computer and network security
Cyber and information security management
- Risk management
- Threats and breaches
- Risk and threat modelling
- Technologies and countermeasures
- Entity identification and authentication
- Access control in computer systems and in networks
- Communication security, Virtual Private Networks (VPNs) and Web security
- Wireless network security
- E-Commerce/cloud computing security
Controls and regulators
- Protection
- Security Policy
- Secure System Development and Maintenance
- Security Organisation
- Asset Management
- Access Control
- Physical and Environmental Security
- Human factors
- Operation
- Communications and Operations Management
- Security Incident and Event Management
- Business Continuity Management
- Self preservation
- Kill-chain disruption
- Intrusion prevention
- Intrusion detection
- Recovery
- Compliance
- Cyber and information security management standards
- Laws and regulations
- Audits reviews, and inspection
- Vulnerability scanners
- Penetration testing
- Computer forensics
Employability skills
- Analytical skills
- Group/team working
- Innovation/creativity
- Problem solving
- Research
- Written communication
Assessment methods
| Method | Weight |
|---|---|
| Written assignment (inc essay) | 100% |
Feedback methods
Via question/answer session during lectures and course works.
Study hours
| Scheduled activity hours | |
|---|---|
| Assessment written exam | 2 |
| Lectures | 20 |
| Practical classes & workshops | 15 |
| Independent study hours | |
|---|---|
| Independent study | 113 |
Teaching staff
| Staff member | Role |
|---|---|
| Ning Zhang | Unit coordinator |