Module Code: H9SFND
Long Title Security Fundamentals
Title Security Fundamentals
Module Level: LEVEL 9
EQF Level: 7
EHEA Level: Second Cycle
Credits: 10
Module Coordinator: Eugene McLaughlin
Module Author: Margarete Silva
Departments: School of Computing
Specifications of the qualifications and experience required of staff  
Learning Outcomes
On successful completion of this module the learner will be able to:
# Learning Outcome Description
LO1 Compare and contrast new threats and technologies with respect to regulations, standards, and practices in order to protect businesses from cyber-attacks.
LO2 Research, evaluate and apply security management methodologies & best practices.
LO3 Design and implement a secure systems architecture.
LO4 Devise and develop business continuity and disaster recovery plans.
LO5 Analyse and assemble responses from various Security Monitoring Systems.
Dependencies
Module Recommendations

This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).

No recommendations listed
Co-requisite Modules
No Co-requisite modules listed
Entry requirements  
 

Module Content & Assessment

Indicative Content
Cyber Security Fundamentals
• Current cyber landscape o Digital Footprint o Interconnected systems o Smart homes, devices, Internet of Things (IoT) • Common threats o Malware, Spyware, Phishing o Cyber extortion, activism, warfare o Social Engineering o Distributed Denial of Service (DDOS) attacks o Advanced Persistent Threats
Information Security Management
• Beyond the FUD (Fear, Uncertainty, Doubt) • Confidentiality, Integrity and Availability • Security Governance o Roles and responsibilities • Security Framework o Policies, Standards and Guidelines o Information Classification o ISO27001 o COBIT o NIST o FIPS • Risk Management • Threat Modelling • Security Training & Awareness
Secure Systems Architecture
• OSI vs TCP/IP • Architecture types: o Mainframes o Client/Server o Web & Mobile o Cloud computing • Encryption in transit, at rest and in use • Network Security o Different topologies o Firewalls, Switches, Routers o AV, IDS, IPS, Honeypots o Remote & wireless access • Secure Software Development Lifecycle
Security Operations
• Access Control o Authentication & Authorization • Logging and Monitoring o SIEM o Metrics • Patch Management • Vulnerability Management • Data Loss Prevention (DLP) Tools • Incident Management o Identification & Response o Remediation plan o Forensics
Business Continuity & Disaster Recovery
• Business & Technical Impact • Project plan development • Identification of key stakeholders • Legal, regulatory and organisational compliance
Assessment Breakdown%
Coursework40.00%
End of Module Assessment60.00%

Assessments

Full Time

Coursework
Assessment Type: Continuous Assessment % of total: 40
Assessment Date: n/a Outcome addressed: 4,5
Non-Marked: No
Assessment Description:
Practical work will be conducted throughout the semester to assess the learner’s evaluation skills. Also, case scenarios will be presented to students where they need to analyse best outcomes for a particular security challenge. Students may work in teams.
End of Module Assessment
Assessment Type: Terminal Exam % of total: 60
Assessment Date: End-of-Semester Outcome addressed: 1,2,3,4,5
Non-Marked: No
Assessment Description:
Learners are required to complete a formal end-of-semester examination.
No Workplace Assessment
Reassessment Requirement
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.

NCIRL reserves the right to alter the nature and timings of assessment

 

Module Workload

Module Target Workload Hours 0 Hours
Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture No Description 2 Every Week 2.00
Tutorial No Description 1 Every Week 1.00
Independent Learning No Description 17 Every Week 17.00
Total Weekly Contact Hours 3.00
 

Module Resources

Recommended Book Resources
  • J. M. Stewart, M. Chapple, D. Gibson. (2015), CISSP (ISC) 2 Certified Information Systems Security Professional Official Study Guide, 7th. Sybex Publisher.
  • P. W. Singer, A. Friedman. (2014), Cybersecurity and Cyberwar: What Everyone Needs To Know, 1st. Oxford University Press.
  • S. Adam. (2014), Threat Modeling: Design for Security, 1st. Wiley & Sons.
  • K. Mandia. (2014), Incident Response and Computer Forensics, 3rd. McGraw-Hill Osborne.
  • H. F. Tipton, M. Krause. (2008), Information Security Management Handbook, 6th. Auerbach Publications.
  • R. J. Anderson. (2008), Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd. John Wiley & Sons.
Supplementary Book Resources
  • P. Wilson, C. Hadnagy. (2010), Social Engineering: The Art of Human Hacking, 1st. John Wiley & Sons.
This module does not have any article/paper resources
Other Resources
Discussion Note: