Module Code: |
H9CDOS |
Long Title
|
Cloud DevOpsSec
|
Title
|
Cloud DevOpsSec
|
Module Level: |
LEVEL 9 |
EQF Level: |
7 |
EHEA Level: |
Second Cycle |
Module Coordinator: |
Horacio Gonzalez-Velez |
Module Author: |
Vikas Sahni |
Departments: |
School of Computing
|
Specifications of the qualifications and experience required of staff |
This module requires a lecturer holding a Master’s degree or higher, in a discipline with a significant programming/mathematics component. e.g. Computer Science, Mathematics, Computational Physics. Lecturer: Mr Vikas Sahni
|
Learning Outcomes |
On successful completion of this module the learner will be able to: |
# |
Learning Outcome Description |
LO1 |
Critically analyse different techniques to perform code analysis, plan and implement static code analysis. |
LO2 |
Develop and implement a plan for provisioning and configuration of software applications through CI/CD. |
LO3 |
Critically evaluate and implement methodologies for secure application development and secure execution in production. |
Dependencies |
Module Recommendations
This is prior learning (or a practical skill) that is required before enrolment on this module. While the prior learning is expressed as named NCI module(s) it also allows for learning (in another module or modules) which is equivalent to the learning specified in the named module(s).
|
No recommendations listed |
Co-requisite Modules
|
No Co-requisite modules listed |
Entry requirements |
A cognate level 8 degree.
|
Module Content & Assessment
Indicative Content |
Introduction
The Business Value of DevOps, the importance of integrating security
|
Static Code Analysis
What is static and dynamic analysis, the importance of static analysis, when is static analysis performed, how do the tools work
|
Provisioning
What is provisioning, what is cloud provisioning, infrastructure as code, open source and proprietary tools
|
Configuring
Configuring on-premises, cloud and hybrid resources, configuration management
|
Continuous Integration
The importance of CI, check-out, check-in, branching, automation of the build process
|
Continuous Delivery
The manual process, Visibility, Feedback and Deployment
|
Load Testing
Positive and Negative Testing, Load Testing, Stress Testing, Concurrent users, response time
|
Build and Release Automation
Automating Compiling, Packaging, Testing and Deployment. Rollback.
|
Monitoring
Network, Infrastructure, Platform, and Application monitoring
|
Security
CIA, Threat Modelling, OWASP
|
DevOpsSec Process assessment
Tools and templates
|
Review
Best Practices and Wrap up
|
Assessment Breakdown | % |
Coursework | 100.00% |
AssessmentsFull Time
Coursework |
Assessment Type: |
Project |
% of total: |
60 |
Assessment Date: |
n/a |
Outcome addressed: |
1,2,3 |
Non-Marked: |
No |
Assessment Description: Build, deploy, monitor and update a web application by setting up a full lifecycle CI/CD pipeline. To be assessed for functionality at Stage 1, and for the DevOps process at Stage 2. |
|
End of Module Assessment |
Assessment Type: |
Terminal Exam |
% of total: |
40 |
Assessment Date: |
End-of-Semester |
Outcome addressed: |
1,2,3 |
Non-Marked: |
No |
Assessment Description: n/a |
|
Reassessment Requirement |
Repeat examination
Reassessment of this module will consist of a repeat examination. It is possible that there will also be a requirement to be reassessed in a coursework element.
|
Reassessment Description This module is reassessed solely on the basis of re-submitted coursework.
|
NCIRL reserves the right to alter the nature and timings of assessment
Module Workload
Module Target Workload Hours 0 Hours |
Workload: Full Time |
Workload Type |
Workload Description |
Hours |
Frequency |
Average Weekly Learner Workload |
Lecture |
Classroom & Demonstrations (hours) |
24 |
Every Week |
24.00 |
Tutorial |
Other hours (Practical/Tutorial) |
24 |
Every Week |
24.00 |
Independent Learning |
Independent learning (hours) |
77 |
Every Week |
77.00 |
Total Weekly Contact Hours |
48.00 |
Module Resources
Recommended Book Resources |
---|
-
Gerardus Blokdyk. (2019), Devopssec a Complete Guide - 2019 Edition, 5starcooks, p.312, [ISBN: 978-0655541059].
-
DevOpsSec A Clear and Concise Reference by Gerardus Blokdyk Apr,. (2018), ASIN: B07CVS6SH6.
| Supplementary Book Resources |
---|
-
Emily Freeman. (2019), DevOps For Dummies, 1st. 23, John Wiley & Sons, p.320, [ISBN: 978-1119552222].
| This module does not have any article/paper resources |
---|
This module does not have any other resources |
---|
|