cse5ism cybersecurity incident management

CYBERSECURITY INCIDENT MANAGEMENT

CSE5ISM

2019

Credit points: 15

Subject outline

In this subject, students will learn the art and science of incident response. Students will develop business continuity plans, and assess how these can support business operations during cyber incidents. Students will learn key tools and approaches for attacker identification and attribution, including the role played by law enforcement, vendors and government in critical infrastructure protection.

SchoolSchool Engineering&Mathematical Sciences

Credit points15

Subject Co-ordinatorAlex Ng

Available to Study Abroad StudentsYes

Subject year levelYear Level 5 - Masters

Exchange StudentsYes

Subject particulars

Subject rules

Prerequisites Must have passed CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval.

Co-requisitesN/A

Incompatible subjectsN/A

Equivalent subjectsN/A

Special conditionsN/A

Graduate capabilities & intended learning outcomes

01. Formulate a ranked list of incident response approaches based on impact and likelihood

Activities:
Students to listen to lectures, discuss case studies, read/watch videos about concepts of incident response approaches. They then apply their learning by engaging in a moderated online forum discussion.

02. Identify business processes and technical mechanisms to respond to specific security incidents

Activities:
Students to read about the effect of incident response on business processes and technical responses within specific incidents. They will be provided with various case scenarios to determine their application to practice. They then apply their learning by engaging in a moderated online forum discussion.

03. Evaluate and propose a business continuity plan

Activities:
Students to interact with lectures, discuss case studies, read/watch videos about concepts of business continuity planning. They then apply their learning by engaging in a moderated online forum discussion. Assessment will be by a report developing a business continuity plan.

04. Formulate a legal and regulatory compliance strategy to support incident management

Activities:
Students to engage with lectures, discuss case studies, read/watch videos about legal and regulatory within incident management compliance. They then apply their learning by engaging in a moderated online forum discussion.

Subject options

Select to view your study options…

Start date between: and    Key dates

Melbourne, 2019, Semester 1, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Enrolment information

Subject Instance Co-ordinatorAlex Ng

Class requirements

LectureWeek: 10 - 22
Six 4.0 hours lecture every two weeks on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.

Computer LaboratoryWeek: 10 - 22
Six 4.0 hours computer laboratory every two weeks on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.

Assessments

Assessment elementComments%ILO*
Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. 1001
Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.1003
Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.4001, 02, 03
1 closed book test x 2 hours (2000 words equivalent)With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop)4001, 02, 03, 04

Melbourne, 2019, Summer, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Enrolment information

Subject Instance Co-ordinatorAlex Ng

Class requirements

LectureWeek: 45
Six 4.0 hours lecture every two weeks on any day including weekend during the day in week 45 and delivered via face-to-face.

Computer LaboratoryWeek: 45
Six 4.0 hours computer laboratory every two weeks on any day including weekend during the day in week 45 and delivered via face-to-face.

Assessments

Assessment elementComments%ILO*
Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. 1001
Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.1003
Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.4001, 02, 03
1 closed book test x 2 hours (2000 words equivalent)With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop)4001, 02, 03, 04

Melbourne, 2019, Semester 1, Blended

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Enrolment information

Subject Instance Co-ordinatorAlex Ng

Class requirements

Unscheduled Online ClassWeek: 10 - 22
Twelve 2.0 hours unscheduled online class per study period on weekdays during the day from week 10 to week 22 and delivered via online.
"Consists of online, reading and self-check tests, for self-directed study. All materials will be available asynchronously on the LMS."

PracticalWeek: 10 - 22
Ten 1.0 hours practical per study period on weekdays during the day from week 10 to week 22 and delivered via blended.
"Synchronous online practical tutorial supported by practical notes and reading material on the LMS. "

PracticalWeek: 10 - 22
Two 7.0 hours practical per study period on weekdays during the day from week 10 to week 22 and delivered via face-to-face.
"A compulsory practical workshop of 2 days at the end of the semester will be offered for all off campus students. "

Assessments

Assessment elementComments%ILO*
Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. 1001
Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.1003
Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.4001, 02, 03
1 closed book test x 2 hours (2000 words equivalent)With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop)4001, 02, 03, 04

Melbourne, 2019, Summer, Blended

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Enrolment information

Subject Instance Co-ordinatorAlex Ng

Class requirements

Unscheduled Online ClassWeek: 45
Twelve 2.0 hours unscheduled online class per study period on weekdays during the day in week 45 and delivered via online.
"Consists of online, reading and self-check tests, for self-directed study. All materials will be available asynchronously on the LMS."

PracticalWeek: 45
Ten 1.0 hours practical per study period on weekdays during the day in week 45 and delivered via blended.
"Synchronous online practical tutorial supported by practical notes and reading material on the LMS. "

PracticalWeek: 45
Two 7.0 hours practical per study period on weekdays during the day in week 45 and delivered via face-to-face.
"A compulsory practical workshop of 2 days at the end of the semester will be offered for all off campus students. "

Assessments

Assessment elementComments%ILO*
Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. 1001
Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.1003
Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.4001, 02, 03
1 closed book test x 2 hours (2000 words equivalent)With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop)4001, 02, 03, 04