CYBERSECURITY INCIDENT MANAGEMENT

CSE5ISM

2021

Credit points: 15

Subject outline

In this subject, students will learn the art and science of incident response. Students will develop business continuity plans, and assess how these can support business operations during cyber incidents. Students will learn key tools and approaches for attacker identification and attribution, including the role played by law enforcement, vendors and government in critical infrastructure protection.

SchoolEngineering and Mathematical Sciences

Credit points15

Subject Co-ordinatorKayes Kayes

Available to Study Abroad/Exchange StudentsYes

Subject year levelYear Level 5 - Masters

Available as ElectiveNo

Learning ActivitiesN/A

Capstone subjectNo

Subject particulars

Subject rules

Prerequisites Must have passed CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval

Co-requisitesN/A

Incompatible subjectsN/A

Equivalent subjectsN/A

Quota Management StrategyN/A

Quota-conditions or rulesN/A

Special conditionsN/A

Minimum credit point requirementN/A

Assumed knowledgeN/A

Career Ready

Career-focusedNo

Work-based learningNo

Self sourced or Uni sourcedN/A

Entire subject or partial subjectN/A

Total hours/days requiredN/A

Location of WBL activity (region)N/A

WBL addtional requirementsN/A

Graduate capabilities & intended learning outcomes

Graduate Capabilities

Intended Learning Outcomes

01. Formulate a ranked list of incident response approaches based on impact and likelihood
02. Identify business processes and technical mechanisms to respond to specific security incidents
03. Evaluate and propose a business continuity plan
04. Formulate a legal and regulatory compliance strategy to support incident management

Subject options

Select to view your study options…

Start date between: and    Key dates

Melbourne (Bundoora), 2021, Semester 2, Day

Overview

Online enrolmentYes

Maximum enrolment sizeN/A

Subject Instance Co-ordinatorKayes Kayes

Class requirements

Computer LaboratoryWeek: 30 - 42
One 2.00 h computer laboratory per week on any day including weekend during the day from week 30 to week 42 and delivered via face-to-face.

LectureWeek: 30 - 42
One 2.00 h lecture per week on any day including weekend during the day from week 30 to week 42 and delivered via face-to-face.

Assessments

Assessment elementCommentsCategoryContributionHurdle% ILO*

Incident response approaches forum (500 words equivalent)Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion.

N/AN/AN/ANo10 SILO1

Business and technical response forum (500 words equivalent)Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents.

N/AN/AN/ANo10 SILO3

Develop a business continuity plan. Case study and report (2000 words equivalent)Development of a business continuity plan with discussion of its applicability.

N/AN/AN/ANo40 SILO1, SILO2, SILO3

1 Exam x 2 hours (2000-word equivalent)With a focus on technical, business, legal and regulatory compliance strategies

N/AN/AN/ANo40 SILO1, SILO2, SILO3, SILO4