Module Code: H9CDOS
Long Title Cloud DevOpsSec
Title Cloud DevOpsSec
Module Level: LEVEL 9
EQF Level: 7
EHEA Level: Second Cycle
Credits: 5
Module Coordinator: Horacio Gonzalez-Velez
Module Author: Vikas Sahni
Departments: School of Computing
Specifications of the qualifications and experience required of staff

This module requires a lecturer holding a Master’s degree or higher, in a discipline with a significant programming/mathematics component. e.g. Computer Science, Mathematics, Computational Physics. Lecturer: Mr Vikas Sahni

Learning Outcomes
On successful completion of this module the learner will be able to:
# Learning Outcome Description
LO1 Critically analyse different techniques to perform code analysis, plan and implement static code analysis.
LO2 Develop and implement a plan for provisioning and configuration of software applications through CI/CD.
LO3 Critically evaluate and implement methodologies for secure application development and secure execution in production.
Dependencies
Module Recommendations

This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).

No recommendations listed
Co-requisite Modules
No Co-requisite modules listed
Entry requirements

A cognate level 8 degree.

 

Module Content & Assessment

Indicative Content
Introduction
The Business Value of DevOps, the importance of integrating security
Static Code Analysis
What is static and dynamic analysis, the importance of static analysis, when is static analysis performed, how do the tools work
Provisioning
What is provisioning, what is cloud provisioning, infrastructure as code, open source and proprietary tools
Configuring
Configuring on-premises, cloud and hybrid resources, configuration management
Continuous Integration
The importance of CI, check-out, check-in, branching, automation of the build process
Continuous Delivery
The manual process, Visibility, Feedback and Deployment
Load Testing
Positive and Negative Testing, Load Testing, Stress Testing, Concurrent users, response time
Build and Release Automation
Automating Compiling, Packaging, Testing and Deployment. Rollback.
Monitoring
Network, Infrastructure, Platform, and Application monitoring
Security
CIA, Threat Modelling, OWASP
DevOpsSec Process assessment
Tools and templates
Review
Best Practices and Wrap up
Assessment Breakdown%
Coursework100.00%

Assessments

Full Time

Coursework
Assessment Type: Project % of total: 60
Assessment Date: n/a Outcome addressed: 1,2,3
Non-Marked: No
Assessment Description:
Build, deploy, monitor and update a web application by setting up a full lifecycle CI/CD pipeline. To be assessed for functionality at Stage 1, and for the DevOps process at Stage 2.
End of Module Assessment
Assessment Type: Terminal Exam % of total: 40
Assessment Date: End-of-Semester Outcome addressed: 1,2,3
Non-Marked: No
Assessment Description:
n/a
No Workplace Assessment
Reassessment Requirement
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
Reassessment Description
This module is reassessed solely on the basis of re-submitted coursework.

NCIRL reserves the right to alter the nature and timings of assessment

 

Module Workload

Module Target Workload Hours 0 Hours
Workload: Full Time
Workload Type Workload Description Hours Frequency Average Weekly Learner Workload
Lecture Classroom & Demonstrations (hours) 24 Every Week 24.00
Tutorial Other hours (Practical/Tutorial) 24 Every Week 24.00
Independent Learning Independent learning (hours) 77 Every Week 77.00
Total Weekly Contact Hours 48.00
 

Module Resources

Recommended Book Resources
  • Gerardus Blokdyk. (2019), Devopssec a Complete Guide - 2019 Edition, 5starcooks, p.312, [ISBN: 978-0655541059].
  • DevOpsSec A Clear and Concise Reference by Gerardus Blokdyk Apr,. (2018), ASIN: B07CVS6SH6.
Supplementary Book Resources
  • Emily Freeman. (2019), DevOps For Dummies, 1st. 23, John Wiley & Sons, p.320, [ISBN: 978-1119552222].
This module does not have any article/paper resources
This module does not have any other resources
Discussion Note: