Module Descriptors
CYBER SECURITY
COMP50003
Key Facts
Digital, Technology, Innovation and Business
Level 5
30 credits
Contact
Leader: Mohammad Hasan
Email: M.S.Hasan@staffs.ac.uk
Hours of Study
Scheduled Learning and Teaching Activities: 78
Independent Study Hours: 222
Total Learning Hours: 300
Pattern of Delivery
- Occurrence A, Stoke Campus, UG Semester 1 to UG Semester 2
- Occurrence B, Digital Institute London, UG Semester 1 to UG Semester 2
- Occurrence C, British University Vietnam, UG Semester 1 to UG Semester 3
- Occurrence C, British University Vietnam, UG Semester 1 to UG Semester 2
- Occurrence D, Asia Pacific Institute of Information Technology Sri Lanka (Colombo), UG Semester 1 to UG Semester 2
- Occurrence F, Asia Pacific Institute of Information Technology Sri Lanka (Colombo), UG Semester 3 to UG Semester 2
- Occurrence F, Asia Pacific Institute of Information Technology Sri Lanka (Colombo), UG Semester 3 to UG Semester 1
- Occurrence G, Asia Pacific Institute of Information Technology Sri Lanka (Colombo), UG Semester 2 to UG Semester 1
- Occurrence G, Asia Pacific Institute of Information Technology Sri Lanka (Colombo), UG Semester 2 to UG Semester 3
Sites
- Asia Pacific Institute of Information Technology Sri Lanka (Colombo)
- British University Vietnam
- Digital Institute London
- Stoke Campus
Assessment
- Coursework - Group assignment based on a case study. 6000 words. weighted at 60%
- Coursework - Individual Assignment, 3000 words. weighted at 40%
Module Details
Module Learning Outcomes
1. DEMONSTRATE A CRITICAL UNDERSTANDING AND BE ABLE TO EVALUATE FUNDAMENTAL ASPECTS OF CYBER SECURITY.
Learning,
Reflection
2. FORMALLY IDENTIFY RISKS TO THE SECURITY OF DATA, SYSTEMS AND NETWORKS WHEN PRESENTED WITH A GIVEN SCENARIO.
Enquiry
Analysis
Problem Solving
3. CRITICALLY ANALYSE AND EVALUATE THREATS TO DATA, SYSTEMS AND NETWORKS.
Enquiry
Analysis
4. CRITICALLY ANALYSE THE PROCESS BY WHICH DISASTER RECOVERY AND RISK PREVENTION PLANS ARE DEVELOPED AND BE ABLE TO APPRAISE SUCH PLANS
Analysis
Communication
Reflection
Learning,
Reflection
2. FORMALLY IDENTIFY RISKS TO THE SECURITY OF DATA, SYSTEMS AND NETWORKS WHEN PRESENTED WITH A GIVEN SCENARIO.
Enquiry
Analysis
Problem Solving
3. CRITICALLY ANALYSE AND EVALUATE THREATS TO DATA, SYSTEMS AND NETWORKS.
Enquiry
Analysis
4. CRITICALLY ANALYSE THE PROCESS BY WHICH DISASTER RECOVERY AND RISK PREVENTION PLANS ARE DEVELOPED AND BE ABLE TO APPRAISE SUCH PLANS
Analysis
Communication
Reflection
Module Indicative Content
The module has been designed to provide students with the necessary information about the fundamentals of cyber security and help them develop a comprehensive approach to security practices. The module introduces students to a variety of security topics:
• Fundamental concepts of security engineering.
• The significance of security protocols and frameworks
• Consideration of legal, ethical and standardisation requirements in information systems security.
• Basic principles of access-control and access-security
• Authentication in distributed systems and cloud security
• Basics of operating systems security
• Systems-administration, attack scenarios, failure mechanisms and defensive solutions
• Cryptography
• Physical or environmental security
• Software development security
• Information security governance and risk management
• Communication and network security
• Operation security
• Business continuity and disaster recovery
• Fundamental concepts of security engineering.
• The significance of security protocols and frameworks
• Consideration of legal, ethical and standardisation requirements in information systems security.
• Basic principles of access-control and access-security
• Authentication in distributed systems and cloud security
• Basics of operating systems security
• Systems-administration, attack scenarios, failure mechanisms and defensive solutions
• Cryptography
• Physical or environmental security
• Software development security
• Information security governance and risk management
• Communication and network security
• Operation security
• Business continuity and disaster recovery
Module Learning Strategies
26 hours of lectures and 52 hours of tutorials.
Practical tasks and workshops will be used to re-enforce and apply theory to encourage an analytical and problem-based approach. Student developed seminars will be used to enhance understanding where appropriate.
Practical tasks and workshops will be used to re-enforce and apply theory to encourage an analytical and problem-based approach. Student developed seminars will be used to enhance understanding where appropriate.
Module Texts
Data Protection Act 2018 and GDPR 2018 ISO/IEC/IEEE 29148:2011
Conklin, W. (2016). Principles of computer security. New York: McGraw-Hill Education. ISBN:0071835970 9780071835978.
Easttom, C. (2016). Computer security fundamentals. 3rd edn. Indianapolis, IN: Pearson Education. ISBN: 078975746x; 9780789757463.
HM Government, National Cyber Security Strategy 2016 to 2021, Published on Nov. 2016, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/-national_cyber_security_strategy_2016.pdf
International Organization for Standardization, ISO/IEC 27001:2013 - Information technology -- Security techniques -- Information security management systems -- Requirements".
ISO 8000-8:2015 Data quality -- Part 8: Information and data quality: Concepts and measuring
Johnson, T.A. (2015). Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare. ISBN-13: 978-1-48223923-2
Kostopoulos, G.K. (2017). Cyberspace and Cybersecurity, 2nd edn. Auerbach Publications. ISBN: 9781351653077.
Meyers, M. (2016). Comptia A+ Certification All-In-One Exam Guide, 9th edn. McGraw-Hill Education. ISBN: 9781259589515.
Wu, C. and Irwin, J. (2016). Introduction to computer networks and cybersecurity. Hoboken: CRC Press., ISBN:1466572140
Conklin, W. (2016). Principles of computer security. New York: McGraw-Hill Education. ISBN:0071835970 9780071835978.
Easttom, C. (2016). Computer security fundamentals. 3rd edn. Indianapolis, IN: Pearson Education. ISBN: 078975746x; 9780789757463.
HM Government, National Cyber Security Strategy 2016 to 2021, Published on Nov. 2016, https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/-national_cyber_security_strategy_2016.pdf
International Organization for Standardization, ISO/IEC 27001:2013 - Information technology -- Security techniques -- Information security management systems -- Requirements".
ISO 8000-8:2015 Data quality -- Part 8: Information and data quality: Concepts and measuring
Johnson, T.A. (2015). Cybersecurity: Protecting Critical Infrastructures from Cyber Attack and Cyber Warfare. ISBN-13: 978-1-48223923-2
Kostopoulos, G.K. (2017). Cyberspace and Cybersecurity, 2nd edn. Auerbach Publications. ISBN: 9781351653077.
Meyers, M. (2016). Comptia A+ Certification All-In-One Exam Guide, 9th edn. McGraw-Hill Education. ISBN: 9781259589515.
Wu, C. and Irwin, J. (2016). Introduction to computer networks and cybersecurity. Hoboken: CRC Press., ISBN:1466572140
Module Resources
Access to an isolated Forensics / Security Lab
Access to Virtual Machines running on Lab PC’s
Case Studies provided by lecturer
Access to Virtual Machines running on Lab PC’s
Case Studies provided by lecturer
Module Special Admissions Requirement
None
ASSESSMENT DETAILS
Assignment 1 is a group assignment and covers Learning Outcomes 1, 2 and 4.
The assignment is based on a given case study which in part, will contain some form of risk prevention/mitigation planning, based upon the analysis and evaluation of a detailed scenario comprising 4 tasks. Students will submit a report of max 1500 words per task (total 6000 words, +/10%) and present their findings in a 15 minute group presentation.
Assignment 2 is an individual assessment and covers Learning Outcomes 1, 2 and 3.
Based upon individual research, report on an aspect of cybersecurity based around data/system security and recovery from a cyber-attack. A selection of topics will be provided from which one needs to be chosen. The word count is 3000 words (+/_10%).
The assignment is based on a given case study which in part, will contain some form of risk prevention/mitigation planning, based upon the analysis and evaluation of a detailed scenario comprising 4 tasks. Students will submit a report of max 1500 words per task (total 6000 words, +/10%) and present their findings in a 15 minute group presentation.
Assignment 2 is an individual assessment and covers Learning Outcomes 1, 2 and 3.
Based upon individual research, report on an aspect of cybersecurity based around data/system security and recovery from a cyber-attack. A selection of topics will be provided from which one needs to be chosen. The word count is 3000 words (+/_10%).
ASSESSMENT DETAILS
Assignment 1 is a group assignment and covers Learning Outcomes 1, 2 and 4.
The assignment is based on a given case study which in part, will contain some form of risk prevention/mitigation planning, based upon the analysis and evaluation of a detailed scenario comprising 4 tasks. Total 6000 words, +/10%
Assignment 2 is an individual assessment and covers Learning Outcomes 1, 2 and 3.
Based upon individual research, report on an aspect of cybersecurity based around data/system security and recovery from a cyber-attack. A selection of topics will be provided from which one needs to be chosen. The word count is 3000 words (+/_10%).
The assignment is based on a given case study which in part, will contain some form of risk prevention/mitigation planning, based upon the analysis and evaluation of a detailed scenario comprising 4 tasks. Total 6000 words, +/10%
Assignment 2 is an individual assessment and covers Learning Outcomes 1, 2 and 3.
Based upon individual research, report on an aspect of cybersecurity based around data/system security and recovery from a cyber-attack. A selection of topics will be provided from which one needs to be chosen. The word count is 3000 words (+/_10%).
Web Descriptor
The module has been designed to provide students with the necessary information about the fundamentals of cyber security and help them develop a comprehensive approach to security practices. The module introduces students to a variety of security topics including fundamental concepts of security engineering, the significance of security protocols and frameworks and consideration of legal, ethical and standardisation requirements in information systems security.