CYBERSECURITY INCIDENT MANAGEMENT

CSE5ISM

2020

Credit points: 15

Subject outline

In this subject, students will learn the art and science of incident response. Students will develop business continuity plans, and assess how these can support business operations during cyber incidents. Students will learn key tools and approaches for attacker identification and attribution, including the role played by law enforcement, vendors and government in critical infrastructure protection.

School: Engineering and Mathematical Sciences (Pre 2022)

Credit points: 15

Subject Co-ordinator: Kayes Kayes

Available to Study Abroad/Exchange Students: Yes

Subject year level: Year Level 5 - Masters

Exchange Students: No

Available as Elective: No

Learning Activities: N/A

Capstone subject: No

Subject particulars

Subject rules

Prerequisites: Must have passed CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval

Co-requisites: N/A

Incompatible subjects: N/A

Equivalent subjects: N/A

Quota Management Strategy: N/A

Quota-conditions or rules: N/A

Special conditions: N/A

Minimum credit point requirement: N/A

Assumed knowledge: N/A

Career Ready

Career-focused: No

Work-based learning: No

Self sourced or Uni sourced: N/A

Entire subject or partial subject: N/A

Total hours/days required: N/A

Location of WBL activity (region): N/A

WBL addtional requirements: N/A

Graduate capabilities & intended learning outcomes

Graduate Capabilities

Intended Learning Outcomes

01. Formulate a ranked list of incident response approaches based on impact and likelihood

02. Identify business processes and technical mechanisms to respond to specific security incidents

03. Evaluate and propose a business continuity plan

04. Formulate a legal and regulatory compliance strategy to support incident management

Melbourne (Bundoora), 2020, Semester 2, Day

Overview

Online enrolment: Yes

Maximum enrolment size: N/A

Enrolment information: N/A

Subject Instance Co-ordinator: Kayes Kayes

Class requirements

Computer LaboratoryWeek: 31 - 43
One 2.00 hours computer laboratory per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.

LectureWeek: 31 - 43
One 2.00 hours lecture per week on any day including weekend during the day from week 31 to week 43 and delivered via face-to-face.

Assessments

Assessment element	Comments	Category	Contribution	Hurdle	%	ILO*
Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion.	N/A	N/A	N/A	No	10	SILO1
Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.	N/A	N/A	N/A	No	10	SILO3
Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.	N/A	N/A	N/A	No	40	SILO1, SILO2, SILO3
1 Exam x 2 hours (2000-word equivalent)With a focus on technical, business, legal and regulatory compliance strategies	N/A	N/A	N/A	No	40	SILO1, SILO2, SILO3, SILO4