Module Descriptors
NETWORK SECURITY ANALYSIS
COMP50050
Key Facts
Digital, Technology, Innovation and Business
Level 5
20 credits
Contact
Leader: Christopher Hawkins
Hours of Study
Scheduled Learning and Teaching Activities: 28
Independent Study Hours: 172
Total Learning Hours: 200
Pattern of Delivery
- Occurrence A, Stoke Campus, UG Semester 3 to UG Semester 1
- Occurrence B, The Development Manager, UG Semester 3 to UG Semester 1
Sites
- Stoke Campus
- The Development Manager
Assessment
- PRACTICAL BASED REPORT - 1500 WORDS weighted at 70%
- RESEARCH BASED REPORT weighted at 30%
Module Details
Indicative Content
Module Indicative Content:
Network Protocols and Networking Fundamentals
Client / Server Modules
Network Analysis Tools – Wireshark and SNORT
Web Application Assessment
IDS
IPS
Network topologies and devices
Zone-based protection
Firewalls
Network defences – honeypots etc.
Network attacks
This module will support the development and assessment of the following Core Knowledge, Skills and Behaviours from the DTSP Apprenticeship Standard:
Knowledge
K1 How organisations adapt and exploit digital technology solutions to gain a competitive advantage.
K3 Principles of estimating the risks and opportunities of digital and technology solutions.
K7 The roles, functions and activities within digital technology solutions within an organisation.
K11 The nature and scope of common vulnerabilities in digital and technology solutions. For example, the risks of unsecure coding and unprotected networks
K13 Principles of data analysis for digital and technology solutions.
K14 A range of quantitative and qualitative data gathering methods and how to appraise and select the appropriate method.
K17 Reporting techniques, including how to synthesise information and present concisely, as appropriate to the target audience.
K18 Techniques of robust research and evaluation for the justification of digital and technology solutions.
Skills
S2 Identify risks, determine mitigation strategies and opportunities for improvement in a digital and technology solutions project.
S5 Apply relevant standard processes, methods, techniques and tools. For example, ISO Standards, Waterfall, Agile in a digital and technology solution project.
S12 Plan, design and manage simple computer networks with an overall focus on the services and capabilities that network infrastructure solutions enable in an organisational context.
S13 Report effectively to colleagues and stakeholders using the appropriate language and style, to meet the needs of the audience concerned.
S15 Apply relevant legal, ethical, social and professional standards to a digital and technology solution.
Behaviours
B1 Has a strong work ethic and commitment to meet the standards required.
B3 Acts with integrity with respect to ethical, legal and regulatory requirements ensuring the protection of personal data, safety and security.
B7 Maintains awareness of trends and innovations in the subject area, utilising a range of academic literature, online sources, community interaction, conference attendance and other methods which can deliver business value.
This module will support the development and assessment of the following Specialist Route Knowledge, Skills and Behaviours from the DTSP Apprenticeship Standard:
Cyber Security Analyst
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Principles of common security architectures and methodologies.
K52 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S40 Discover, identify and analyse security threats, attack techniques and vulnerabilities and recommend mitigation and security controls.
S42 Recommend improvements to the cyber security approaches of an organisation based on research into future potential cyber threats and considering threat trends.
S43 Manage cyber security risk.
Network Protocols and Networking Fundamentals
Client / Server Modules
Network Analysis Tools – Wireshark and SNORT
Web Application Assessment
IDS
IPS
Network topologies and devices
Zone-based protection
Firewalls
Network defences – honeypots etc.
Network attacks
This module will support the development and assessment of the following Core Knowledge, Skills and Behaviours from the DTSP Apprenticeship Standard:
Knowledge
K1 How organisations adapt and exploit digital technology solutions to gain a competitive advantage.
K3 Principles of estimating the risks and opportunities of digital and technology solutions.
K7 The roles, functions and activities within digital technology solutions within an organisation.
K11 The nature and scope of common vulnerabilities in digital and technology solutions. For example, the risks of unsecure coding and unprotected networks
K13 Principles of data analysis for digital and technology solutions.
K14 A range of quantitative and qualitative data gathering methods and how to appraise and select the appropriate method.
K17 Reporting techniques, including how to synthesise information and present concisely, as appropriate to the target audience.
K18 Techniques of robust research and evaluation for the justification of digital and technology solutions.
Skills
S2 Identify risks, determine mitigation strategies and opportunities for improvement in a digital and technology solutions project.
S5 Apply relevant standard processes, methods, techniques and tools. For example, ISO Standards, Waterfall, Agile in a digital and technology solution project.
S12 Plan, design and manage simple computer networks with an overall focus on the services and capabilities that network infrastructure solutions enable in an organisational context.
S13 Report effectively to colleagues and stakeholders using the appropriate language and style, to meet the needs of the audience concerned.
S15 Apply relevant legal, ethical, social and professional standards to a digital and technology solution.
Behaviours
B1 Has a strong work ethic and commitment to meet the standards required.
B3 Acts with integrity with respect to ethical, legal and regulatory requirements ensuring the protection of personal data, safety and security.
B7 Maintains awareness of trends and innovations in the subject area, utilising a range of academic literature, online sources, community interaction, conference attendance and other methods which can deliver business value.
This module will support the development and assessment of the following Specialist Route Knowledge, Skills and Behaviours from the DTSP Apprenticeship Standard:
Cyber Security Analyst
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Principles of common security architectures and methodologies.
K52 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S40 Discover, identify and analyse security threats, attack techniques and vulnerabilities and recommend mitigation and security controls.
S42 Recommend improvements to the cyber security approaches of an organisation based on research into future potential cyber threats and considering threat trends.
S43 Manage cyber security risk.
Additional Assessment Details
Assignment 1
An analysis of a PCAP file containing a range of network activities, both malicious and legitimate to identify activities and information.
Learning Outcomes: 3, 4
Assessing the following Cyber Security Analyst KSBs
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Principles of common security architectures and methodologies.
K52 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S40 Discover, identify and analyse security threats, attack techniques and vulnerabilities and recommend mitigation and security controls.
Assignment 2
A research report analysing network security tools, including their use, benefits, and advantages / disadvantages of their use to network security.
Learning Outcomes: 1,2
Assessing the following Cyber Security Analyst KSBs
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S42 Recommend improvements to the cyber security approaches of an organisation based on research into future potential cyber threats and considering threat trends.
S43 Manage cyber security risk.
An analysis of a PCAP file containing a range of network activities, both malicious and legitimate to identify activities and information.
Learning Outcomes: 3, 4
Assessing the following Cyber Security Analyst KSBs
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Principles of common security architectures and methodologies.
K52 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S40 Discover, identify and analyse security threats, attack techniques and vulnerabilities and recommend mitigation and security controls.
Assignment 2
A research report analysing network security tools, including their use, benefits, and advantages / disadvantages of their use to network security.
Learning Outcomes: 1,2
Assessing the following Cyber Security Analyst KSBs
Knowledge
K45 Principles of cyber security tools and techniques.
K48 Key legislative frameworks and the regulatory landscape for cyber security including Data Protection Act 2018, Network Information System Directive 2018, Regulation of Investigatory Powers Act 2000, ISO 27001.
K49 Approaches to incident response and management including escalation and investigation of cyber security breaches and their root cause.
K50 Ethical principles and codes of good practice of at least one significant cyber security professional body and the ethical responsibilities of a cyber security professional.
K51 Approaches to deployment of cyber security technology components in digital systems to provide security functionality. For example, hardware and software to implement security controls.
Skills
S42 Recommend improvements to the cyber security approaches of an organisation based on research into future potential cyber threats and considering threat trends.
S43 Manage cyber security risk.
Learning Strategies
The module will be delivered in a Blended Learning Mode consisting of face to face, online and guided learning sessions.¿
¿
Teaching sessions will blend theory and practical learning and most importantly where possible contextualised in your workplace as part of your apprenticeship. Learners will be introduced to curriculum concepts and ideas and will then be able to apply theory to practical examples. In addition, students will be provided with a range of resources for independent study such as case studies, academic papers, and industry case studies.¿ There will be a mixture of practical and theoretical formative (mock or practice) exercises which will help students build knowledge and confidence in preparation for summative (formal) assessment.¿
¿
The delivery will be delivered as follows:¿
¿
Module Launch week: 12 hours.¿
There will be a module launch session consisting of up to 12 hours face to face contact time devoted to developing your understanding of the core purpose and assessment of the module.¿ Learners will be presented with details of how the learning will be structure and how to access to the learning materials for the remainder of the module.¿
¿
Structured Learning Sessions: 15 hours¿
Following the module launch week you will have a further 15 hours of contact time as a class with the module team.¿ This will typically be as 10 x 1.5-hour online classes which will be a combination of activities including lectures, demonstrations, discussions, tutorials and seminars.¿ Some sessions are likely to be in flipped classroom style, where you will be expected to watch online recordings, read materials, or respond to practical activities in preparation for active engagement with problem solving in the online session.¿
¿
1:1 Progress Checks: 1 hour¿
As a Blended Learner understanding your progress can be a challenge so you are allocated an hour of 1:1 time with your tutor (typically 3 x 20 minute).¿ Some of these may be in small groups if appropriate.¿ These sessions may be used to discuss key topics, troubleshoot solutions, review working drafts etc.¿
¿
Guided Independent Learning: 178 hours.¿
The module leader will provide resources through the virtual learning environment which will include videos and presentations as well as links to useful websites and other resources.¿ Additional academic learning will be achieved through reading around the subject area, module tutors will suggest useful texts, though many others will be suitable and can be found in our e-library. You should also draw on the expertise in your workplace via your workplace mentor and other colleagues.¿ If you require help understanding any of the concepts, you should contact your module tutor for assistance.¿
As an apprentice you are constantly developing your Digital Skills as part of your substantial role, and this applies to the development of the knowledge for your modules too.¿ In some cases, there will be a significant cross over between the module content and your workplace experience to data and in others less so depending on the nature of your workplace duties, this will have a direct impact on to the number of Independent Learning required.¿
¿
Within the Independent learning time you will be expected to complete your assignments, as a guide a typical module assignment should take around 60 hours to complete.¿
Learning Outcomes
Critically discuss the principles of securing a network-based computer system
Critically analyse and evaluate various techniques used in network security
Demonstrate a practical understanding of network security concepts and threats
Demonstrate practical understanding of network security tools and their use
Critically analyse and evaluate various techniques used in network security
Demonstrate a practical understanding of network security concepts and threats
Demonstrate practical understanding of network security tools and their use
Texts
Below is an introduction for all modules followed by a breakdown for 3 key core texts/resource categories.
Please ensure that you indicate ‘most recent edition’ for regularly refreshed textbooks, i.e., don’t detail a resource that is likely to be out of print in 12-18 months.
For all other resources, please ensure all resources are recent, i.e., no more than 3-4 years old.
All texts and electronic resources will be updated and refreshed on an annual basis and available for students via the online Study Links resource platform. All reference materials will be collated and curated and aligned to Equality, Diversity & Inclusion indicators.
NSA (2022) Network Infrastructure Security Guidance
Nainar, Ramdoss, Orzach (2018) Network Analysis Using Wireshark 2 Cookbook. 2nd Ed. Packt Publishing.
Ballmann, B. (2021) Understanding Network Hacks – Attack and Defense with Python 3.2nd Ed. Springer.
Please ensure that you indicate ‘most recent edition’ for regularly refreshed textbooks, i.e., don’t detail a resource that is likely to be out of print in 12-18 months.
For all other resources, please ensure all resources are recent, i.e., no more than 3-4 years old.
All texts and electronic resources will be updated and refreshed on an annual basis and available for students via the online Study Links resource platform. All reference materials will be collated and curated and aligned to Equality, Diversity & Inclusion indicators.
NSA (2022) Network Infrastructure Security Guidance
Nainar, Ramdoss, Orzach (2018) Network Analysis Using Wireshark 2 Cookbook. 2nd Ed. Packt Publishing.
Ballmann, B. (2021) Understanding Network Hacks – Attack and Defense with Python 3.2nd Ed. Springer.
Resources
VMWare
Wireshark
SNORT
Packet Tracer (CISCO)
Wireshark
SNORT
Packet Tracer (CISCO)
Web Descriptors
In this module, you will learn about networks, and how they can be attacked by threat actors in the wild. You will learn how network defends utilise a range of pre and post incident tools and procedures to prevent, and detect, network-based attacks.