Module Descriptors
CYBER SECURITY PRINCIPLES AND PRACTICES
COCS71200
Key Facts
Digital, Technology, Innovation and Business
Level 7
20 credits
Contact
Leader: Pantaleon Lutta Odongo
Email: pantaleon.lutta@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 27
Independent Study Hours: 173
Total Learning Hours: 200
Pattern of Delivery
- Occurrence A, Stoke Campus, PG Semester 1 to PG Semester 2
Sites
- Stoke Campus
Assessment
- REPORT - 2000 WORDS weighted at 50%
- PORTFOLIO OF CYBER SECURITY ACTIVITIES weighted at 50%
Module Details
Indicative Content
Information Security Models
Information Security Governance
Social engineering
Threat & Risk Assessment
Penetration Testing
Ethical Hacking
Cyber Domain & Cyber Operations
Operate and Collect/Cyber Intelligence
Network Traffic analyses
Machine Learning within the Cyber domain
This module will support the development and assessment of the following Knowledge, Skills, and Behaviours from the DTSS Apprenticeship Standard:
Cyber Security Technical Specialist
Knowledge
CSK1 The principles of threat intelligence, modelling and assessment. The range of modern attack techniques and how and where to research emerging attack techniques to inform the development of improved security controls, countermeasures and policies and standards;
CSK2 How to use human factor analysis in the assessment of threats, including the motivations and methods adopted by a wide range of human threat actors;
CSK3 How to select and apply tools and techniques to carry out a variety of security testing strategies including vulnerability scanning, penetration testing and ethical hacking, recognising that security testing itself cannot guarantee security and only reveal gaps in security provisioning;
CSK4 The different approaches and design principles that are used to engineer secure systems, focusing on the importance of building in security, privacy and resilience in the initial design;
CSK5 How to develop and implement security event response programmes, security event handling, and operational security activities;
CSK6 The different types of cyber security controls that can be implemented, the main principles of secure configuration of security components and devices, including firewalls and protective monitoring tools and how to apply them.
Skills
CSS1 Plan and carry out a variety of security testing strategies on IT infrastructures (fixed and wireless), middle-ware and applications, to identify new issues and recommend remediation and enhancements to security policies and information technology procedures;
CSS2 Perform cyber threat intelligence analysis to research, analyse and evaluate technical threats by reviewing open source and other information from trusted sources for new vulnerabilities, malware, or other threats that have the potential to impact the organisation;
CSS3 Identify, investigate and correlate actionable security events, including performing network traffic analysis using a range of techniques relevant to the security of communication networks to assess security risks and escalating where appropriate;
CSS4 Conduct a vulnerability assessment, to identify and report on vulnerability issues and possible solutions arising, including recommending cost-effective mitigations comprising careful combinations of technical, procedural and administrative controls;
CSS5 Select and apply cyber security forensic tools and techniques for attack reconstruction, including forensic analysis and volatile data collection and analysis;
CSS6 Conduct analysis of attacker tools providing indicators for enterprise defensive measures including classifying and identifying attack patterns.
Information Security Governance
Social engineering
Threat & Risk Assessment
Penetration Testing
Ethical Hacking
Cyber Domain & Cyber Operations
Operate and Collect/Cyber Intelligence
Network Traffic analyses
Machine Learning within the Cyber domain
This module will support the development and assessment of the following Knowledge, Skills, and Behaviours from the DTSS Apprenticeship Standard:
Cyber Security Technical Specialist
Knowledge
CSK1 The principles of threat intelligence, modelling and assessment. The range of modern attack techniques and how and where to research emerging attack techniques to inform the development of improved security controls, countermeasures and policies and standards;
CSK2 How to use human factor analysis in the assessment of threats, including the motivations and methods adopted by a wide range of human threat actors;
CSK3 How to select and apply tools and techniques to carry out a variety of security testing strategies including vulnerability scanning, penetration testing and ethical hacking, recognising that security testing itself cannot guarantee security and only reveal gaps in security provisioning;
CSK4 The different approaches and design principles that are used to engineer secure systems, focusing on the importance of building in security, privacy and resilience in the initial design;
CSK5 How to develop and implement security event response programmes, security event handling, and operational security activities;
CSK6 The different types of cyber security controls that can be implemented, the main principles of secure configuration of security components and devices, including firewalls and protective monitoring tools and how to apply them.
Skills
CSS1 Plan and carry out a variety of security testing strategies on IT infrastructures (fixed and wireless), middle-ware and applications, to identify new issues and recommend remediation and enhancements to security policies and information technology procedures;
CSS2 Perform cyber threat intelligence analysis to research, analyse and evaluate technical threats by reviewing open source and other information from trusted sources for new vulnerabilities, malware, or other threats that have the potential to impact the organisation;
CSS3 Identify, investigate and correlate actionable security events, including performing network traffic analysis using a range of techniques relevant to the security of communication networks to assess security risks and escalating where appropriate;
CSS4 Conduct a vulnerability assessment, to identify and report on vulnerability issues and possible solutions arising, including recommending cost-effective mitigations comprising careful combinations of technical, procedural and administrative controls;
CSS5 Select and apply cyber security forensic tools and techniques for attack reconstruction, including forensic analysis and volatile data collection and analysis;
CSS6 Conduct analysis of attacker tools providing indicators for enterprise defensive measures including classifying and identifying attack patterns.
Assessment Details
Written Report – A written report in the format of a white paper on approaches to managing cyber security within an organisation. Students will be required to develop a white paper following industry practice containing relevant practical examples of responses to cyber security issues within an organisation.
Learning Outcomes: 3, 4
A portfolio demonstrating skills in applying various cyber security tools and techniques in response to a security investigation.
Learning outcomes 1, 2, 4
Assessing the following KSBs from the DTSS apprenticeship standard
Cyber Security Technical Specialist
Knowledge
CSK1 The principles of threat intelligence, modelling and assessment. The range of modern attack techniques and how and where to research emerging attack techniques to inform the development of improved security controls, countermeasures and policies and standards;
CSK2 How to use human factor analysis in the assessment of threats, including the motivations and methods adopted by a wide range of human threat actors;
CSK3 How to select and apply tools and techniques to carry out a variety of security testing strategies including vulnerability scanning, penetration testing and ethical hacking, recognising that security testing itself cannot guarantee security and only reveal gaps in security provisioning;
CSK5 How to develop and implement security event response programmes, security event handling, and operational security activities;
CSK6 The different types of cyber security controls that can be implemented, the main principles of secure configuration of security components and devices, including firewalls and protective monitoring tools and how to apply them.
Skills
CSS1 Plan and carry out a variety of security testing strategies on IT infrastructures (fixed and wireless), middle-ware and applications, to identify new issues and recommend remediation and enhancements to security policies and information technology procedures;
CSS3 Identify, investigate and correlate actionable security events, including performing network traffic analysis using a range of techniques relevant to the security of communication networks to assess security risks and escalating where appropriate;
CSS4 Conduct a vulnerability assessment, to identify and report on vulnerability issues and possible solutions arising, including recommending cost-effective mitigations comprising careful combinations of technical, procedural and administrative controls
CSS6 Conduct analysis of attacker tools providing indicators for enterprise defensive measures including classifying and identifying attack patterns.
Learning Outcomes: 3, 4
A portfolio demonstrating skills in applying various cyber security tools and techniques in response to a security investigation.
Learning outcomes 1, 2, 4
Assessing the following KSBs from the DTSS apprenticeship standard
Cyber Security Technical Specialist
Knowledge
CSK1 The principles of threat intelligence, modelling and assessment. The range of modern attack techniques and how and where to research emerging attack techniques to inform the development of improved security controls, countermeasures and policies and standards;
CSK2 How to use human factor analysis in the assessment of threats, including the motivations and methods adopted by a wide range of human threat actors;
CSK3 How to select and apply tools and techniques to carry out a variety of security testing strategies including vulnerability scanning, penetration testing and ethical hacking, recognising that security testing itself cannot guarantee security and only reveal gaps in security provisioning;
CSK5 How to develop and implement security event response programmes, security event handling, and operational security activities;
CSK6 The different types of cyber security controls that can be implemented, the main principles of secure configuration of security components and devices, including firewalls and protective monitoring tools and how to apply them.
Skills
CSS1 Plan and carry out a variety of security testing strategies on IT infrastructures (fixed and wireless), middle-ware and applications, to identify new issues and recommend remediation and enhancements to security policies and information technology procedures;
CSS3 Identify, investigate and correlate actionable security events, including performing network traffic analysis using a range of techniques relevant to the security of communication networks to assess security risks and escalating where appropriate;
CSS4 Conduct a vulnerability assessment, to identify and report on vulnerability issues and possible solutions arising, including recommending cost-effective mitigations comprising careful combinations of technical, procedural and administrative controls
CSS6 Conduct analysis of attacker tools providing indicators for enterprise defensive measures including classifying and identifying attack patterns.
Learning Outcomes
Show systematic understanding and knowledge of managing an information infrastructure in terms of threat intelligence, deterrence, detection, protection and reaction to access
Show originality in the application of the different types of cyber operations and their utilization and deployment in response to a given scenario
Critically reflect on implementation and management issues and topics of Cyber Operations at all levels
Demonstrate self-direction and creativity in conducting risk and threat assessments
Show originality in the application of the different types of cyber operations and their utilization and deployment in response to a given scenario
Critically reflect on implementation and management issues and topics of Cyber Operations at all levels
Demonstrate self-direction and creativity in conducting risk and threat assessments
Learning Strategies
All teaching sessions will blend theory and practical learning. You will be introduced to curriculum concepts and ideas and will then be able to apply theory to practical examples.
You will be provided with a range of resources for independent study such as case studies, academic papers and industry stories. There will be a mixture of practical and theoretical formative (mock or practice) exercises which will help build your knowledge and confidence in preparation for summative (formal) assessment.
The module will be delivered through a Blended learning Approach, with a Module Launch, Guided Learning, Independent Learning and Individual Reviews:
Module Launch – 9 hours
There will be a module launch with 9 hours face to face contact which will provide details of the modules purpose, content and approach.
Guided Learning – 16 hours
There are a number of approached that may be used:
Weekly delivery - whilst there will be materials online there will be a series of webinars which will be content driven, these will either be 1 hour weekly or 2 hours on alternate weeks
Block delivery – a series of extended face to face sessions e.g. 4 x 4 hours
Independent Learning – 173 hours
You will be required to complete activities in support of developing your learning and your assessment solutions, as an apprentice some of these hours are drawn from the experience and the development of knowledge and skills in the workplace.
Individual Reviews – 2 hours
You will have 2 hours of tutorials sessions with your module tutor during the course of the module. In the main these will be individual but may be small group sessions during which your module tutor will be able to answer any queries that you have regarding module work.
You will be provided with a range of resources for independent study such as case studies, academic papers and industry stories. There will be a mixture of practical and theoretical formative (mock or practice) exercises which will help build your knowledge and confidence in preparation for summative (formal) assessment.
The module will be delivered through a Blended learning Approach, with a Module Launch, Guided Learning, Independent Learning and Individual Reviews:
Module Launch – 9 hours
There will be a module launch with 9 hours face to face contact which will provide details of the modules purpose, content and approach.
Guided Learning – 16 hours
There are a number of approached that may be used:
Weekly delivery - whilst there will be materials online there will be a series of webinars which will be content driven, these will either be 1 hour weekly or 2 hours on alternate weeks
Block delivery – a series of extended face to face sessions e.g. 4 x 4 hours
Independent Learning – 173 hours
You will be required to complete activities in support of developing your learning and your assessment solutions, as an apprentice some of these hours are drawn from the experience and the development of knowledge and skills in the workplace.
Individual Reviews – 2 hours
You will have 2 hours of tutorials sessions with your module tutor during the course of the module. In the main these will be individual but may be small group sessions during which your module tutor will be able to answer any queries that you have regarding module work.
Resources
Specialist networking laboratory with CISCO equipment and equivalent simulation tools
- Library
- Windows/Linux workstations
- Internet access
CISCO Academy
- CISCO Networking Academy programme assessment server
- Laboratory exercise sheets provided by course instructor.
- Library
- Windows/Linux workstations
- Internet access
CISCO Academy
- CISCO Networking Academy programme assessment server
- Laboratory exercise sheets provided by course instructor.
Texts
All texts and electronic resources will be updated and refreshed on an annual basis and available for students via the online Study Links resource platform. All reference materials will be collated and curated and aligned to Equality, Diversity & Inclusion indicators.
CCNA Cyber Ops SECOPS 210-255 Official Cert Guide Santos, Omar ; Muniz, Joseph 2017
Chapple. M, and Seidl. D, (2015) Cyberwarfare: information operations in a connected world, Jones & Barlett Learning, ISBN: 978-1-284-05848-2.
Czosseck. C, and Geers, K. (2009), Virtual Battlefield: perspectives on cyber warfare, IOS Press, ISBN 9781607500605.
Porche, I. et.al. (2013) Redefining information warfare boundaries for an army in a wireless world, RAND Corporation, ISBN 9780833059123.
Kilger, M. et.al. (2012) Reverse Deception: organised cyber threat counter-exploitation, McGraw-Hill Education, ISBN 0071772499.
CCNA Cyber Ops SECOPS 210-255 Official Cert Guide Santos, Omar ; Muniz, Joseph 2017
Chapple. M, and Seidl. D, (2015) Cyberwarfare: information operations in a connected world, Jones & Barlett Learning, ISBN: 978-1-284-05848-2.
Czosseck. C, and Geers, K. (2009), Virtual Battlefield: perspectives on cyber warfare, IOS Press, ISBN 9781607500605.
Porche, I. et.al. (2013) Redefining information warfare boundaries for an army in a wireless world, RAND Corporation, ISBN 9780833059123.
Kilger, M. et.al. (2012) Reverse Deception: organised cyber threat counter-exploitation, McGraw-Hill Education, ISBN 0071772499.
Web Descriptors
You will learn to conduct risk and threat assessments and plan a cyber-operation at strategic, tactical and operational levels. At the end of it you should have become expert in evaluating risks and threats to the level you can suggest suitable strategy to lower the potential of an attack to a computer system.