Students
COMP8300 – Security Management
2020 – Session 2, Special circumstance
Notice
As part of Phase 3 of our return to campus plan, most units will now run tutorials, seminars and other small group learning activities on campus for the second half-year, while keeping an online version available for those students unable to return or those who choose to continue their studies online.
To check the availability of face to face activities for your unit, please go to timetable viewer. To check detailed information on unit assessments visit your unit's iLearn space or consult your unit convenor.
General Information
Download as PDF
| Unit convenor and teaching staff |
Unit convenor and teaching staff
Milton Baar
|
|---|---|
| Credit points |
Credit points
10
|
| Prerequisites |
Prerequisites
ITEC602 or COMP6770
|
| Corequisites |
Corequisites
|
| Co-badged status |
Co-badged status
|
| Unit description |
Unit description
The intent of this unit is to provide students with a working knowledge of commercial information security governance requirements, tools and techniques. The unit has a practical focus with tutorial and laboratory work that will include aspects of physical security and hacking, information security architectures and the creation of a dummy company on which the tools and techniques will be developed and tested. Topics include an introduction to information security, standard and governance, risk management concepts, security threats, controls, practical hacking, server hardening, evidence collection, business community planning and DRP, creating an enterprise information security framework, and EISF/ISMS certification.
|
Important Academic Dates
Information about important academic dates including deadlines for withdrawing from units are available at https://www.mq.edu.au/study/calendar-of-dates
Learning Outcomes
On successful completion of this unit, you will be able to:
- ULO1: Describe and explain the differences between security frameworks and standards
- ULO2: Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
- ULO3: Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
- ULO4: Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls
Assessment Tasks
| Name | Weighting | Hurdle | Due |
|---|---|---|---|
| Quiz 1 | 10% | No | Week 5 |
| Mid-semester workbook assessment | 40% | No | 1st week of mid-semester break |
| Quiz 2 | 10% | No | Week 9 |
| Industry Presentation | 40% | Yes | Week 13 |
Quiz 1
Assessment Type 1: Quiz/Test
Indicative Time on Task 2: 10 hours
Due: Week 5
Weighting: 10%
A multiple choice quiz covering material from weeks 1-4
On successful completion you will be able to:
- Describe and explain the differences between security frameworks and standards
- Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
- Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
- Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls
Mid-semester workbook assessment
Assessment Type 1: Practice-based task
Indicative Time on Task 2: 40 hours
Due: 1st week of mid-semester break
Weighting: 40%
Review and assessment of the workbook content that contains results from group tasks undertaken from weeks 1-7.
On successful completion you will be able to:
- Describe and explain the differences between security frameworks and standards
- Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
- Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
- Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls
Quiz 2
Assessment Type 1: Quiz/Test
Indicative Time on Task 2: 10 hours
Due: Week 9
Weighting: 10%
A short-answer quiz covering material from weeks 4-8
On successful completion you will be able to:
- Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
- Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
- Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls
Industry Presentation
Assessment Type 1: Viva/oral examination
Indicative Time on Task 2: 40 hours
Due: Week 13
Weighting: 40%
This is a hurdle assessment task (see assessment policy for more information on hurdle assessment tasks)
Presentation of completed tasks to an external panel of Industry Experts
On successful completion you will be able to:
- Describe and explain the differences between security frameworks and standards
- Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
- Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
- Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls
1 If you need help with your assignment, please contact:
- the academic teaching staff in your unit for guidance in understanding or completing this type of assessment
- the Writing Centre for academic skills support.
2 Indicative time-on-task is an estimate of the time required for completion of the assessment task and is subject to individual variation
Delivery and Resources
- Delivery using Zoom, Echo360, iLearn and other online technologies as appropriate.
- Some readings will be provided on iLearn, others will have references included in weekly presentations for students to download
Unit Schedule
- Week 1 - Introduction & overview
- Week 2 - Standards & Governance
- Week 3 - Risk Management concepts
- Week 4 - Threats & Vulnerabilities
- Week 5 - Controls & Quiz 1
- Week 6 - BCP/DRP
- Week 7 - Creating an EISF
- Week 8 - Information Classification
- Week 9 - Practical Hacking for fun & profit, Quiz 2
- Week 10 - Incidents, Response & Hardening
- Week 11 - Introduction to Computer Forensics
- Week 12 - Unit Review
- Week 13 - Industry Presentation
Policies and Procedures
Macquarie University policies and procedures are accessible from Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central). Students should be aware of the following policies in particular with regard to Learning and Teaching:
- Academic Appeals Policy
- Academic Integrity Policy
- Academic Progression Policy
- Assessment Policy
- Fitness to Practice Procedure
- Grade Appeal Policy
- Complaint Management Procedure for Students and Members of the Public
- Special Consideration Policy (Note: The Special Consideration Policy is effective from 4 December 2017 and replaces the Disruption to Studies Policy.)
Students seeking more policy resources can visit the Student Policy Gateway (https://students.mq.edu.au/support/study/student-policy-gateway). It is your one-stop-shop for the key policies you need to know about throughout your undergraduate student journey.
If you would like to see all the policies relevant to Learning and Teaching visit Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central).
Student Code of Conduct
Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/study/getting-started/student-conduct
Results
Results published on platform other than eStudent, (eg. iLearn, Coursera etc.) or released directly by your Unit Convenor, are not confirmed as they are subject to final approval by the University. Once approved, final results will be sent to your student email address and will be made available in eStudent. For more information visit ask.mq.edu.au or if you are a Global MBA student contact globalmba.support@mq.edu.au
Late Submission
No extensions will be granted without an approved application for Special Consideration. There will be a deduction of 10% of the total available marks made from the total awarded mark for each 24 hour period or part thereof that the submission is late. For example, 25 hours late in submission for an assignment worth 10 marks – 20% penalty or 2 marks deducted from the total. No submission will be accepted after solutions have been posted.
Student Support
Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/
Learning Skills
Learning Skills (mq.edu.au/learningskills) provides academic writing resources and study strategies to help you improve your marks and take control of your study.
The Library provides online and face to face support to help you find and use relevant information resources.
Student Services and Support
Students with a disability are encouraged to contact the Disability Service who can provide appropriate help with any issues that arise during their studies.
Student Enquiries
For all student enquiries, visit Student Connect at ask.mq.edu.au
If you are a Global MBA student contact globalmba.support@mq.edu.au
IT Help
For help with University computer systems and technology, visit http://www.mq.edu.au/about_us/offices_and_units/information_technology/help/.
When using the University's IT, you must adhere to the Acceptable Use of IT Resources Policy. The policy applies to all who connect to the MQ network including students.