cse5ism cybersecurity incident management
CYBERSECURITY INCIDENT MANAGEMENT
CSE5ISM
2019
Credit points: 15
Subject outline
In this subject, students will learn the art and science of incident response. Students will develop business continuity plans, and assess how these can support business operations during cyber incidents. Students will learn key tools and approaches for attacker identification and attribution, including the role played by law enforcement, vendors and government in critical infrastructure protection.
SchoolSchool Engineering&Mathematical Sciences
Credit points15
Subject Co-ordinatorAlex Ng
Available to Study Abroad StudentsYes
Subject year levelYear Level 5 - Masters
Exchange StudentsYes
Subject particulars
Subject rules
Prerequisites Must have passed CSE5CSP and must be admitted into SMCYC or SMCYL or SMCYB or must obtain subject coordinator's approval.
Co-requisitesN/A
Incompatible subjectsN/A
Equivalent subjectsN/A
Special conditionsN/A
Graduate capabilities & intended learning outcomes
01. Formulate a ranked list of incident response approaches based on impact and likelihood
- Activities:
- Students to listen to lectures, discuss case studies, read/watch videos about concepts of incident response approaches. They then apply their learning by engaging in a moderated online forum discussion.
02. Identify business processes and technical mechanisms to respond to specific security incidents
- Activities:
- Students to read about the effect of incident response on business processes and technical responses within specific incidents. They will be provided with various case scenarios to determine their application to practice. They then apply their learning by engaging in a moderated online forum discussion.
03. Evaluate and propose a business continuity plan
- Activities:
- Students to interact with lectures, discuss case studies, read/watch videos about concepts of business continuity planning. They then apply their learning by engaging in a moderated online forum discussion. Assessment will be by a report developing a business continuity plan.
04. Formulate a legal and regulatory compliance strategy to support incident management
- Activities:
- Students to engage with lectures, discuss case studies, read/watch videos about legal and regulatory within incident management compliance. They then apply their learning by engaging in a moderated online forum discussion.
Subject options
Select to view your study options…
Melbourne, 2019, Semester 1, Day
Overview
Online enrolmentYes
Maximum enrolment sizeN/A
Enrolment information
Subject Instance Co-ordinatorAlex Ng
Class requirements
LectureWeek: 10 - 22
Six 4.0 hours lecture every two weeks on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.
Computer LaboratoryWeek: 10 - 22
Six 4.0 hours computer laboratory every two weeks on any day including weekend during the day from week 10 to week 22 and delivered via face-to-face.
Assessments
| Assessment element | Comments | % | ILO* |
|---|---|---|---|
| Incident response approaches forum (500 words equivalent) | Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. | 10 | 01 |
| Business and technical response forum (500 words equivalent) | Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents. | 10 | 03 |
| Develop a business continuity plan. Case study and report (2000 words equivalent) | Development of a business continuity plan with discussion of its applicability. | 40 | 01, 02, 03 |
| 1 closed book test x 2 hours (2000 words equivalent) | With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop) | 40 | 01, 02, 03, 04 |
Melbourne, 2019, Summer, Day
Overview
Online enrolmentYes
Maximum enrolment sizeN/A
Enrolment information
Subject Instance Co-ordinatorAlex Ng
Class requirements
LectureWeek: 45
Six 4.0 hours lecture every two weeks on any day including weekend during the day in week 45 and delivered via face-to-face.
Computer LaboratoryWeek: 45
Six 4.0 hours computer laboratory every two weeks on any day including weekend during the day in week 45 and delivered via face-to-face.
Assessments
| Assessment element | Comments | % | ILO* |
|---|---|---|---|
| Incident response approaches forum (500 words equivalent) | Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. | 10 | 01 |
| Business and technical response forum (500 words equivalent) | Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents. | 10 | 03 |
| Develop a business continuity plan. Case study and report (2000 words equivalent) | Development of a business continuity plan with discussion of its applicability. | 40 | 01, 02, 03 |
| 1 closed book test x 2 hours (2000 words equivalent) | With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop) | 40 | 01, 02, 03, 04 |
Melbourne, 2019, Semester 1, Blended
Overview
Online enrolmentYes
Maximum enrolment sizeN/A
Enrolment information
Subject Instance Co-ordinatorAlex Ng
Class requirements
Unscheduled Online ClassWeek: 10 - 22
Twelve 2.0 hours unscheduled online class per study period on weekdays during the day from week 10 to week 22 and delivered via online.
"Consists of online, reading and self-check tests, for self-directed study. All materials will be available asynchronously on the LMS."
PracticalWeek: 10 - 22
Ten 1.0 hours practical per study period on weekdays during the day from week 10 to week 22 and delivered via blended.
"Synchronous online practical tutorial
supported by practical notes and
reading material on the LMS.
"
PracticalWeek: 10 - 22
Two 7.0 hours practical per study period on weekdays during the day from week 10 to week 22 and delivered via face-to-face.
"A compulsory practical workshop
of 2 days at the end of the semester will
be offered for all off campus students.
"
Assessments
| Assessment element | Comments | % | ILO* |
|---|---|---|---|
| Incident response approaches forum (500 words equivalent) | Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. | 10 | 01 |
| Business and technical response forum (500 words equivalent) | Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents. | 10 | 03 |
| Develop a business continuity plan. Case study and report (2000 words equivalent) | Development of a business continuity plan with discussion of its applicability. | 40 | 01, 02, 03 |
| 1 closed book test x 2 hours (2000 words equivalent) | With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop) | 40 | 01, 02, 03, 04 |
Melbourne, 2019, Summer, Blended
Overview
Online enrolmentYes
Maximum enrolment sizeN/A
Enrolment information
Subject Instance Co-ordinatorAlex Ng
Class requirements
Unscheduled Online ClassWeek: 45
Twelve 2.0 hours unscheduled online class per study period on weekdays during the day in week 45 and delivered via online.
"Consists of online, reading and self-check tests, for self-directed study. All materials will be available asynchronously on the LMS."
PracticalWeek: 45
Ten 1.0 hours practical per study period on weekdays during the day in week 45 and delivered via blended.
"Synchronous online practical tutorial
supported by practical notes and
reading material on the LMS.
"
PracticalWeek: 45
Two 7.0 hours practical per study period on weekdays during the day in week 45 and delivered via face-to-face.
"A compulsory practical workshop
of 2 days at the end of the semester will
be offered for all off campus students.
"
Assessments
| Assessment element | Comments | % | ILO* |
|---|---|---|---|
| Incident response approaches forum (500 words equivalent) | Students to use online forum to discuss incident response approach concepts. Marking rubric to specify the structure of the forum discussion. | 10 | 01 |
| Business and technical response forum (500 words equivalent) | Students to use online forum to discuss the affect of incident response on business processes and technical responses within specific incidents. | 10 | 03 |
| Develop a business continuity plan. Case study and report (2000 words equivalent) | Development of a business continuity plan with discussion of its applicability. | 40 | 01, 02, 03 |
| 1 closed book test x 2 hours (2000 words equivalent) | With a focus on technical, business, legal and regulatory compliance strategies To be given in last lecture (or for off campus students at end of 2 day compulsory residential workshop) | 40 | 01, 02, 03, 04 |