Module Outline Template v7
Module Outline: COMP3371 Cyber Security 2017-18
Contents
Things you need to know at the beginning 1
Teaching team 1
What will I be able to do when I have passed this module? 1
How this module fits into your course 1
How this module engages with the external environment 2
How this module will enhance your employability 2
What you need to know before you start this module 2
Your responsibility 2
What help is there if you have a disability or a particular learning need? 3
Assessment(s) 3
Module Content 4
Things you need to know at the beginning
Occurrence A / Thurs 1615-1915 / Room: EE G031Occurrence B / Wed 1345-1645 / Room: EE G031
Teaching team / Richard Henson,
,
CH1004
Website:
http://staffweb.worc.ac.uk/hensonr / Richard Henson FBCS MSc ARCS CEng CITP is a Senior Lecturer in Computing at the University of Worcester, specializing in Information Security. He is also a member the government’s IAAC (Information Assurance Advisory Committee), through its Academic Liaison Panel. His research leans towards knowledge transfer, although he is also helping to develop a body of knowledge informing thinking on information security in smaller businesses. He has written and co-written published papers over a number of years covering aspects of information security, particularly in relation to small to medium enterprises (SMEs) and the supply chain.
What will I be able to do when I have passed this module?
/ 1. Analyse the information security issues and threats facing both users and information managers in organizations2. Identify methods, tools and techniques for combating security threats
3. Demonstrate and understanding of methods used to protect a device, computer or network from malware and unauthorized access
4. Review real-world security and/or forensics issues and synthesize appropriate solutions using a combination of technical and user controls
How this module fits into your course
/ It develops computing knowledge and skills relating to computer networking and computer hardware and platforms to cover securing data over local systems, local networks and the full expanse of the Internet, and introduces a system for securing organisations through information assuranceHow this module engages with the external environment
/ It covers all technical aspects of security, covering the basic knowledge required to secure a network against attack to the requirements of the UK government‘s Cyber Essentials and other controls to protect digital data, as well as more complex aspects of securing data against attack.A trip to the cyber day of the Malvern Festival of Innovation will be embedded into the schedule for the module.
How this module will enhance your employability
/ It will provide you with the technical skills and knowledge needed to provide security to an individual or networked computer, including principles relating to secure server and router configuration. All these skills are highly sought after in the IT industry, as can be readily confirmed through the website www.itjobswatch.co.ukIt will also enable you to develop and enhance the following and evidence them on your CV:
· Application of relevant knowledge; students will build a detailed knowledge base around the subject area to enhance security applications in their place of employment
· Research and problem solving; students will be able to develop and apply principles of research and problem solving to real world problems by understanding various types of security options available and which one to use in various circumstances
· Communication; students will be able to communicate effectively in a variety of formats e.g. orally in presentation format
· Self-management; students will be able to manage their own learning and development demonstrating initiative, motivation, drive and resilience.
Use of IT; students will be able to make effective use of IT over the entire duration of the module to achieve the learning outcomes, this will include the use of a variety of various security principles and software
What you need to know before you start this module
/ This module uses ‘flipped lectures’ that is all the basic information you need will be made available in advance of the class as a Powerpoint presentation. There is no soundtrack, however, and you must attend all sessions and undertake required pre-reading, since failure to do so will affect your performance. If you cannot attend for any reason you must notify the module leader by email as soon as possible.It is your responsibility to actively and positively engage with the 2 hour practical sessions - for example asking questions if stuck -and take responsibility for your learning. This way you’ll get the most out of the sessions.
Higher education requires a lot of reading; this means you need to get used to using the library resources (available from the Library website and add the link (www.worc.ac.uk/library) and in particular the Talis Aspire Resource List (https://worc.rl.talis.com/index.html) which is a list of all the things you need to read for each module.
If you have further questions please contact Stephanie Allen the Academic Liaison Librarian for the Business School or go to Business LibGuide www.worc.ac.uk/library/business or ComputingLibGuide www.worc.ac.uk/library/computing
Your responsibility
/ You must do all the required reading – or you will struggle with the classes and ultimately the assessments.You must attend all sessions and undertake any and all of the required pre-reading, since failure to do so will affect your performance. If you cannot attend for any reason you must notify the module leader as soon as possible.
It is your responsibility to actively engage positively with sessions for example contributing to group discussions, asking questions and taking responsibility for your learning. This way you’ll get the most out of the lessons.
If there is anything which is unclear or you do not understand you must ask a member of the module team.
What help is there if you have a disability or a particular learning need?
/ The University of Worcester is committed to ensuring diversity and equality within its teaching practice. If you have a registered disability or particular learning need and you wish this to be taken into account please speak to your Personal Academic Tutor or let the module leader know. You will find additional useful information on the Disability and Dyslexia webpages at http://www.worcester.ac.uk/student-services/disability-and-dyslexia.htmhttp://www.worcester.ac.uk/registryservices/documents/StudentFeedbackCharter.pdf
Assessment(s)
Assessment / Weighting / Learning outcomes assessed / Submission date / Return DateAssignment 1: Report / 1500 words (50%) / 1, 2 / 3pm, 9/11/17 / 7/12/17
Assignment 2: Report/Presentation / 1500 words (50%) with presentation / 3, 4 / 3pm, 11/1/18 / 8/2/18
1
BUSMXXXX-17/18v1
Module Content
W/C date / Teaching week number / Pre/post-class reading or activityThis symbol indicates points at which you should be in contact with your Personal Academic Tutor / Topic / How does this link to the Assessment?
25 Sept / 1 / Pre: Access reading lists. Read Presentation. Subscribe to free Open University course in Cyber Security / Introduction to Cyber security: Why digital information needs to be carefully looked after, especially when connected to a network, and why present-day organisations are often so bad at doing this! / LO1
2 Oct / 2 / Pre: Access online articles provided during session 1 / Cyber Security Day at Malvern Festival of Innovation (bus transport provided). Directed activities as well as attending lectures. On a Thursday (5th October) / LO2
9
Oct / 3 / Pre: Read Presentation,
This session will also contain an assessment briefing relating to both assignments / Technologies involved in the architecture of modern computer systems and networks to enable safe transport, processing, and storage, and in protecting them from attacks and accidental loss of data. Introduction to the concept of a security “control”. Business continuity and role of cyber security controls / LO1, LO2
16 Oct / 4 / access online articles from session 3 / Three categories of computer security controls: technical controls, management controls, people controls. Controls & Access. “Availability” v “Security”. / LO1
23 Oct / 5 / Pre: Read Presentation
Post: get on with assignment 1 / Technical controls. Safety and security of stored data and Single key Encryption. Hardware components that protect the system against natural/manmade disasters and data breaches / LO2
30 Oct / Worcester Week and Award Ceremonies:
Careers session on the many types of careers open to cyber security specialists (date/time tba)
6
Nov / 6 / Pre: Read Presentation Post: hand in assignment 1 by 3pm on deadline day / Human Vulnerabilities. Educating the user about digital data and methods used to steal it: phishing, “social engineering”, etc. / LO4
Assignment 1
3 pm, 9/11/17
50% weighting
13 Nov / 7 / Pre: Read Presentation / TCP/IP, Internet protocols, Sending data through networks, and access control methods. VPNs, and use of authentication/encryption combination for wireless transmission. Ethical hacking and systematic penetration testing - ways to test security of data inside and outside the network / LO3
20 Nov / 8 / Pre: Read Presentation / PKI (or “Secure Internet”): server certificates, HTTPs, SSL and Server Certificates and Validation Controls: controlling data input sent through HTML “input” command. E-commerce and secure http. Testing for robust implementation of digital certificates. / LO3
27 Nov / 9 / Pre: Read Presentation / Putting it all together: Information Assurance!
Gathering evidence to demonstrate security… auditing & vulnerability testing. Cyber Essentials (CE) and CE+. IASME. ISO27001. PCI-DSS / LO4
4 Dec / 10 / Pre: Read Presentation / Investigation of Cyber Essentials using a remote access tool on a local computer / LO4
11 Dec / 11 / Pre: Read Presentation / Cybercrime: four P’s (prevent, protect, prepare, pursue”. Evidence trail, the law (Computer Misuse Act), pursuing the cyber criminal
Data Protection, DPA/GDPR, and the information commissioner. / LO4
18 Dec / Christmas
25 Dec / Christmas
1
Jan / Christmas
8
Jan / 12 / Student Presentations / Presented with other students as audience over two weeks in timetabled sessions / Assignment 2
3 pm, 11/11/18
50% weighting
15 Jan / Assessment Week
22 Jan / Worcester Week
* 7th May Back Holiday
5