Logo Students

COMP8300 – Security Management

2020 – Session 2, Special circumstance

Notice

As part of Phase 3 of our return to campus plan, most units will now run tutorials, seminars and other small group learning activities on campus for the second half-year, while keeping an online version available for those students unable to return or those who choose to continue their studies online.

To check the availability of face to face activities for your unit, please go to timetable viewer. To check detailed information on unit assessments visit your unit's iLearn space or consult your unit convenor.

General Information

Pdf icon Download as PDF
Unit convenor and teaching staff Unit convenor and teaching staff
Milton Baar
Credit points Credit points
10
Prerequisites Prerequisites
ITEC602 or COMP6770
Corequisites Corequisites
Co-badged status Co-badged status
Unit description Unit description
The intent of this unit is to provide students with a working knowledge of commercial information security governance requirements, tools and techniques. The unit has a practical focus with tutorial and laboratory work that will include aspects of physical security and hacking, information security architectures and the creation of a dummy company on which the tools and techniques will be developed and tested. Topics include an introduction to information security, standard and governance, risk management concepts, security threats, controls, practical hacking, server hardening, evidence collection, business community planning and DRP, creating an enterprise information security framework, and EISF/ISMS certification.

Important Academic Dates

Information about important academic dates including deadlines for withdrawing from units are available at https://students.mq.edu.au/important-dates

Learning Outcomes

On successful completion of this unit, you will be able to:

  • ULO1: Describe and explain the differences between security frameworks and standards
  • ULO2: Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
  • ULO3: Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
  • ULO4: Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls

Assessment Tasks

Name Weighting Hurdle Due
Quiz 1 10% No Week 5
Mid-semester workbook assessment 40% No 1st week of mid-semester break
Quiz 2 10% No Week 9
Industry Presentation 40% Yes Week 13

Quiz 1

Assessment Type 1: Quiz/Test
Indicative Time on Task 2: 10 hours
Due: Week 5
Weighting: 10%

 

A multiple choice quiz covering material from weeks 1-4

 


On successful completion you will be able to:
  • Describe and explain the differences between security frameworks and standards
  • Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
  • Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
  • Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls

Mid-semester workbook assessment

Assessment Type 1: Practice-based task
Indicative Time on Task 2: 40 hours
Due: 1st week of mid-semester break
Weighting: 40%

 

Review and assessment of the workbook content that contains results from group tasks undertaken from weeks 1-7.

 


On successful completion you will be able to:
  • Describe and explain the differences between security frameworks and standards
  • Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
  • Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
  • Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls

Quiz 2

Assessment Type 1: Quiz/Test
Indicative Time on Task 2: 10 hours
Due: Week 9
Weighting: 10%

 

A short-answer quiz covering material from weeks 4-8

 


On successful completion you will be able to:
  • Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
  • Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
  • Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls

Industry Presentation

Assessment Type 1: Viva/oral examination
Indicative Time on Task 2: 40 hours
Due: Week 13
Weighting: 40%
This is a hurdle assessment task (see assessment policy for more information on hurdle assessment tasks)

 

Presentation of completed tasks to an external panel of Industry Experts

 


On successful completion you will be able to:
  • Describe and explain the differences between security frameworks and standards
  • Describe and demonstrate how to manage commercial risk, and unmitigated and mitigated risk
  • Identify and assess commercial threats and types of threats and statutory requirements in a commercial environment
  • Identify and analyse basic risk management errors and information exposures; assess various techniques and their suitability as controls

1 If you need help with your assignment, please contact:

  • the academic teaching staff in your unit for guidance in understanding or completing this type of assessment
  • the Learning Skills Unit for academic skills support.

2 Indicative time-on-task is an estimate of the time required for completion of the assessment task and is subject to individual variation

Delivery and Resources

  • Delivery using Zoom, Echo360, iLearn and other online technologies as appropriate.
  • Some readings will be provided on iLearn, others will have references included in weekly presentations for students to download

Unit Schedule

  1. Week 1 - Introduction & overview
  2. Week 2 - Standards & Governance
  3. Week 3 - Risk Management concepts
  4. Week 4 - Threats & Vulnerabilities
  5. Week 5 - Controls & Quiz 1
  6. Week 6 - BCP/DRP
  7. Week 7 - Creating an EISF
  8. Week 8 - Information Classification
  9. Week 9 - Practical Hacking for fun & profit, Quiz 2
  10. Week 10 - Incidents, Response & Hardening
  11. Week 11 - Introduction to Computer Forensics
  12. Week 12 - Unit Review
  13. Week 13 - Industry Presentation

Policies and Procedures

Macquarie University policies and procedures are accessible from Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central). Students should be aware of the following policies in particular with regard to Learning and Teaching:

Students seeking more policy resources can visit the Student Policy Gateway (https://students.mq.edu.au/support/study/student-policy-gateway). It is your one-stop-shop for the key policies you need to know about throughout your undergraduate student journey.

If you would like to see all the policies relevant to Learning and Teaching visit Policy Central (https://staff.mq.edu.au/work/strategy-planning-and-governance/university-policies-and-procedures/policy-central).

Student Code of Conduct

Macquarie University students have a responsibility to be familiar with the Student Code of Conduct: https://students.mq.edu.au/study/getting-started/student-conduct​

Results

Results published on platform other than eStudent, (eg. iLearn, Coursera etc.) or released directly by your Unit Convenor, are not confirmed as they are subject to final approval by the University. Once approved, final results will be sent to your student email address and will be made available in eStudent. For more information visit ask.mq.edu.au or if you are a Global MBA student contact globalmba.support@mq.edu.au

Late Submission

No extensions will be granted without an approved application for Special Consideration. There will be a deduction of 10% of the total available marks made from the total awarded mark for each 24 hour period or part thereof that the submission is late. For example, 25 hours late in submission for an assignment worth 10 marks – 20% penalty or 2 marks deducted from the total. No submission will be accepted after solutions have been posted.

Student Support

Macquarie University provides a range of support services for students. For details, visit http://students.mq.edu.au/support/

Learning Skills

Learning Skills (mq.edu.au/learningskills) provides academic writing resources and study strategies to help you improve your marks and take control of your study.

The Library provides online and face to face support to help you find and use relevant information resources. 

Student Enquiry Service

For all student enquiries, visit Student Connect at ask.mq.edu.au

If you are a Global MBA student contact globalmba.support@mq.edu.au

Equity Support

Students with a disability are encouraged to contact the Disability Service who can provide appropriate help with any issues that arise during their studies.

IT Help

For help with University computer systems and technology, visit http://www.mq.edu.au/about_us/offices_and_units/information_technology/help/

When using the University's IT, you must adhere to the Acceptable Use of IT Resources Policy. The policy applies to all who connect to the MQ network including students.