CMP73001 2019 1 - Uig

CMP73001
Cybersecurity Management
Unit Information Guide

Session 1, 2019
scu.edu.au
CRICOS Provider: 01241G
2 | CMP73001 Cybersecurity Management (Session 1, 2019)
Contents
.About
. . . . . . this
. . . . unit
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
Content
. . . . . . . . . attributes
Graduate . . . . . . . . .and. . . .unit
. . . .learning
. . . . . . . .outcomes
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
. . . . . . . . . .resources
Learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
. . . . . . . . . . texts
Prescribed . . . . .and
. . . .materials
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
. . . . . . . . . .this
Studying . . . . unit
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
. . . . . . . . .and
Teaching . . . .learning
. . . . . . . .arrangements
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
. . . . . . . . . .workload
Estimated ..............................................................6
. . . . . . . . . . Study
Scheduled . . . . . .Hours
........................................................6
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Assessment
. . . . . . . . . . . overview
Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
. . . . . . . . . . . details
Assessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
. . . . . . . . . . . 1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Assessment
. . . . . . . . . . . 2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Assessment
. . . . . . . . . . . 3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Assessment
. . . . . . . . . . . 4. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
Assessment
About this unit | 3
About this unit

Gives students an in-depth understanding of cybersecurity from a management perspective
including strategy (people), operations (process) and tactical (technology) pillars. Students
will learn the knowledge and skills to manage cyber risks, recommend appropriate controls
and contribute to developments of cyber security policies, standards and guidelines in SME.
Content
Topic 1: Cybersecurity management frameworks
Topic 2: Cybersecurity executive management
Topic 3: Cybersecurity intelligence
Topic 4: Cyber risk management
Topic 5: Cybersecurity assessment and testing
Topic 6: Secure systems
Topic 7: Secure network
Topic 8: Secure applications
Topic 9: Contemporary issues in cybersecurity
Graduate attributes and unit learning outcomes

As a graduate of Southern Cross University, you will have developed skills, values and attitudes
that are essential for gaining employment and advancing lifelong learning. The University
refers to these as graduate attributes (http://policies.scu.edu.au/view.current.php?id=00091#s3)
and identifies them as follows:
GA1 Intellectual rigour, GA2 Creativity, GA3 Ethical practice, GA4 Knowledge of a discipline,
GA5 Lifelong learning, GA6 Communication and social skills, GA7 Cultural competence.
This unit will assist students to develop the following graduate attributes (shown below as they
relate to this unit's learning outcomes):
Learning outcomes for this unit GA1 GA2 GA3 GA4 GA5 GA6 GA7
On completion of this unit, students should be able to:
1. Assess cyber security risks to a small-to- ✓

medium enterprise (SME) and define,
document and publish the directions the
required cybersecurity program will
adopt to address the risk
2. Develop and review cybersecurity ✓ ✓

policies, operational standards,
processes, procedures and other
collateral for ensuring security of a
business information system
3. Propose required cybersecurity controls ✓

to advanced, persistent threats and create
recovery procedures and business
continuity plans for use after any
successful penetration of an information
system
Learning outcomes for this unit GA1 GA2 GA3 GA4 GA5 GA6 GA7
4. Assess the effectiveness of cybersecurity ✓ ✓

controls used by an organisation and
communicate the evidence to
management
5. Conduct research and provide advice ✓ ✓

and guidance on recent trends and
development in cybersecurity
management.
Learning resources | 5
Learning resources
The referencing style used below is Harvard. PLEASE NOTE that you may need to use a
different style for this unit. Refer to Referencing guides (https://www.scu.edu.au/library/
study/referencing-guides/) for information about the referencing style you should use.
Prescribed texts and materials

Prescribed texts
Free e-book: Harris, S & Maymi, F 2016, CISSP All-in-One Exam Guide, 7th edn. ISBN:
B01G2RY8H0.
Free e-book available from https://www.nist.gov/cyberframework: NIST Cybersecurity
Framework.
Required for project: Free resource available from https://www.owasp.org/images/1/19/
OTGv4.pdf: OWASP Testing Guide 4.0.
There is a Study Guide for this unit. See MySCU (http://learn.scu.edu.au) for details.
Required online resources

NIST Cloud Computing Security Reference Architecture:NIST Special Publication 500-299 at
URL http://collaborate.nist.gov/twiki-cloud-computing/pub/CloudComputing/CloudSecurity/
NIST_Security_Reference_Architecture_2013.05.15_v1.0.pdf
European Commission (EC); “The Directive...concerning measures for a high common level of
security of network and information systems accross the Union" (NIS Directive)” at URL
http://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L1148&from=EN
Studying this unit

The first step in managing your study for this unit is to familiarise yourself with this document
and the MySCU (http://learn.scu.edu.au) Learning Site. You should refer frequently to the
MySCU Learning Site for announcements and updates.
Teaching and learning arrangements

Estimated workload
Scheduled hours Personal study Total
36 114 150
Your scheduled study hours are allocated as follows:
Gold Coast
Teaching method Duration Frequency
Lecture online 1 hour 12 weeks
Tutorial on-site 2 hours 12 weeks
Online
SCU Sydney
SCU Melbourne
SCU Perth

Studying this unit | 7
PNG-IBSUniversity-Port Moresby
Workshop on-site N/A N/A

Assessment
Assessment overview
Group/ Learning Grading Min Length/ Professional
Assessment individual outcomes indicator Score Weight duration Due accreditation
1. Risk Individual 1 Graded 30% 30% 15 hours 07 Apr N/A

assessment 2019
exercise. 11:00 PM
2. Plans/ Individual 2, 3 Graded 30% 30% 15 hours 05 May N/A

programs/ 2019
policy 11:00 PM
development
exercise.
3. Group 4, 5 Graded 30% 30% 30 hours 31 May N/A

Vulnerability 2019
assessment 11:00 PM
and Business
Impact
Analysis
exercise.
4. Reflective Individual 2 Graded N/A 10% 300 31 May N/A

writing words 2019
11:00 PM
Assessment details
Assessment 1: Risk assessment exercise.
This assessment is for these students only: Gold Coast; Online; PNG-IBSUniversity-Port
Moresby; SCU Melbourne; SCU Perth; SCU Sydney.

Risk Individual 1 Graded 30% 30% 15 hours 07 Apr N/A

assessment 2019
exercise. 11:00 PM
Risk assessment exercise: Perform a full cyber risk assessment exercise for a SME and
document the outcome.
Assessment 2: Plans/programs/policy development exercise.

Assessment | 9

Plans/ Individual 2, 3 Graded 30% 30% 15 hours 05 May N/A

programs/ 2019
policy 11:00 PM
development
exercise.
Plans/programs/policy development exercise: develop/review program direction and policy,

and propose controls and changes to secure the organisation information system based on the
risk assessment results.
Assessment 3: Vulnerability assessment and Business Impact

Analysis exercise.

Vulnerability Group 4, 5 Graded 30% 30% 30 hours 31 May N/A

assessment 2019
and Business 11:00 PM
Impact
Analysis
exercise.
Penetration testing and network/application security: perform penetration testing and propose
security measures in a given scenario. Communicate the result to management. (group
assessment)
Assessment 4: Reflective writing


Reflective Individual 2 Graded N/A 10% 300 31 May N/A

writing words 2019
11:00 PM
Vulnerability assessment and Business Impact Analysis exercise: perform vulnerability

assessment and testing to assess a fictional business information system. Perform BIA in a
given scenario. Communicate the result to management. (individual assessment)

CMP73001 2019 1 - Uig

Enviado por

Dados do documento

Descrição original:

Título original

Direitos autorais

Formatos disponíveis

Compartilhar este documento

Compartilhar ou incorporar documento

Opções de compartilhamento

Você considera este documento útil?

Este conteúdo é inapropriado?

Direitos autorais:

Formatos disponíveis

CMP73001 2019 1 - Uig

Enviado por

Direitos autorais:

Formatos disponíveis

CMP73001

Unit Information Guide

About this unit

Graduate attributes and unit learning outcomes

On completion of this unit, students should be able to:

1. Assess cyber security risks to a small-to- ✓

2. Develop and review cybersecurity ✓ ✓

3. Propose required cybersecurity controls ✓

4. Assess the effectiveness of cybersecurity ✓ ✓

5. Conduct research and provide advice ✓ ✓

Prescribed texts and materials

Required online resources

Studying this unit

Teaching and learning arrangements

Your scheduled study hours are allocated as follows:

Lecture online 1 hour 12 weeks

Tutorial on-site 2 hours 12 weeks

Lecture online 1 hour 12 weeks

Lecture online 1 hour 12 weeks

Tutorial on-site 2 hours 12 weeks

Lecture online 1 hour 12 weeks

Tutorial on-site 2 hours 12 weeks

Lecture online 1 hour 12 weeks

Tutorial on-site 2 hours 12 weeks

Workshop on-site N/A N/A

1. Risk Individual 1 Graded 30% 30% 15 hours 07 Apr N/A

2. Plans/ Individual 2, 3 Graded 30% 30% 15 hours 05 May N/A

3. Group 4, 5 Graded 30% 30% 30 hours 31 May N/A

4. Reflective Individual 2 Graded N/A 10% 300 31 May N/A

Group/ Learning Grading Min Length/ Professional

Risk Individual 1 Graded 30% 30% 15 hours 07 Apr N/A

Assessment 2: Plans/programs/policy development exercise.

Group/ Learning Grading Min Length/ Professional

Plans/ Individual 2, 3 Graded 30% 30% 15 hours 05 May N/A

Plans/programs/policy development exercise: develop/review program direction and policy,

Assessment 3: Vulnerability assessment and Business Impact

Group/ Learning Grading Min Length/ Professional

Vulnerability Group 4, 5 Graded 30% 30% 30 hours 31 May N/A

Assessment 4: Reflective writing

Group/ Learning Grading Min Length/ Professional

Reflective Individual 2 Graded N/A 10% 300 31 May N/A

Vulnerability assessment and Business Impact Analysis exercise: perform vulnerability

Você também pode gostar