Unit Outline
KIT215
CyberSecurity and Ethical Hacking
Semester 2, 2024
Tony Gray
School of Information and Communication Technology
College of Sciences and Engineering
CRICOS Provider Code: 00586B
Unit Coordinator
Tony Gray
Email: A.D.Gray@utas.edu.au
What is the Unit About?
Unit Description
 
This unit gives an introduction to the risks and threats to computer systems and some of the countermeasures that can be put in place to minimise them. Students will develop an understanding of the ethical and privacy issues relating to the security of computer systems and the professional code of conduct. This unit is also an introduction to ethical hacking which is attempting to penetrate secure systems in order to demonstrate vulnerability so that steps can be taken to mitigate risk. Students will develop an understanding of some of the techniques that can be employed to evaluate the security of, and defend against threats to, computer systems and networks through physical and electronic means.
Intended Learning Outcomes
As per the Assessment and Results Policy 1.3, your results will reflect your achievement against specified learning outcomes.
On completion of this unit, you will be able to:
1
explain ethical and privacy issues as they related to cybersecurity, hacking and the law.
2
analyse cyber threats and risks to computer systems.
3
penetrate specifically approved systems using ethical hacking techniques.
4
apply appropriate countermeasures to defend against cyber security threats.
Requisites
REQUISITE TYPE
REQUISITES
Pre-requisite
KIT111
Anti-requisite (mutual excl)
KIT112
Alterations as a result of student feedback
 
 
 
Teaching arrangements
ATTENDANCE MODE
TEACHING TYPE
LEARNING ACTIVITY
CONTACT HOURS
FREQUENCY
On Campus
Lecture (Online)
A real-time (i.e. synchronous) interactive activity involving the whole class whose primary purpose is the presentation and structuring of information/ideas/skills to facilitate student learning. All students are expected to attend.
2
Weekly
Tutorial
A structured real-time (i.e. synchronous) activity in a small-group setting where the primary purpose is the clarification, exploration or reinforcement of subject content presented or accessed at another time or place (e.g. lecture, preparatory work). It is reliant on student-teacher and student-student interaction and dialogue for achievement of its learning outcomes. The students enrolled in the tutorial are expected to attend.
2
Weekly
Attendance / engagement expectations
If your unit is offered On campus, it is expected that you will attend all on-campus and onsite learning activities. This is to support your own learning and the development of a learning community within the unit. If you are unable to attend regularly, please discuss the situation with your course coordinator and/or our UConnect support team.

If your unit is offered Online or includes online activities, it is expected you will engage in all those activities as indicated in the Unit Outline or MyLO, including any self-directed learning.

If you miss a learning activity for a legitimate reason (e.g., illness, carer responsibilities) teaching staff will attempt to provide alternative activities (e.g., make up readings) where it is possible.
 
 
 
 
How will I be Assessed?
 
For more detailed assessment information please see MyLO.
Assessment schedule
ASSESSMENT TASK #
ASSESSMENT TASK NAME
DATE DUE
WEIGHT
LINKS TO INTENDED LEARNING OUTCOMES
Assessment Task 1:
Practical Demonstration 1
Week 8
20 %
LO1, LO2, LO3
Assessment Task 2:
Report 1
Week 9
20 %
LO1, LO2, LO4
Assessment Task 3:
Practical Test 2
Week 13
20 %
LO1, LO3, LO4
Assessment Task 4:
Quiz
Week 15
20 %
LO1, LO2, LO3, LO4
Assessment Task 5:
Practical Demonstrations
Refer to Assessment Description
20 %
LO2, LO3, LO4
 
Assessment details
Assessment Task 1: Practical Demonstration 1
Task Description:
A practical demonstration of competency in network reconnaissance and penetration testing, held in an ICT Networks Laboratory during each student's regularly-scheduled tutorial. Students are given multiple tasks to complete relating to network reconnaissance and penetration testing, as covered during the preceding tutorials.
Task Length:
45 minutes
Due Date:
Week 8
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Detect connected devices by scanning a network
LO2
2
Penetrate systems using approved techniques
LO3
3
Explain ethical hacking and penetration testing techniques utilised
LO1
 
Assessment Task 2: Report 1
Task Description:
Students are required to develop a fictitious business, based on a series of parameters that are uniquely generated for each student. They then produce a plan, formatted as a proposal to that business, to conduct a vulnerability assessment of the business's ICT infrastructure. This report must include a timeline for the plan, a set of recommendations for what is in and out of scope, and any risks that the business needs to be aware of. The student must justify the recommendations and the plan must be consistent with the business's size and infrastructure footprint.
Task Length:
3000 words
Due Date:
Week 9
Weight:
20 %
 
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Quality and scope of vulnerability assessment plan matches the business's infrastructure
LO1, LO2, LO4
2
Identify and explain relevant cybersecurity, privacy and legal issues within the plan.
LO1
3
Evaluate cyber threats and risks to business ICT infrastructure
LO2
 
Assessment Task 3: Practical Test 2
Task Description:
A practical demonstration of competency in defensive techniques used in network security, held in an ICT Networks Laboratory during each student's regularly-scheduled tutorial. Students are given multiple tasks to complete relating to computer and network security, as covered during the preceding tutorials.
Task Length:
45 minutes
Due Date:
Week 13
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Use tools to detect potential system attacks
LO3
2
Apply defensive mechanisms to systems to detect and prevent penetration
LO4
3
Explain defences and penetration testing techniques utilised
LO1
 
Assessment Task 4: Quiz
Task Description:
Students are required to sit a MyLO quiz that assesses the content of the unit. This includes multiple choice, short answer, and written response questions, and examines the depth of the students' knowledge and ability to respond appropriately with the correct techniques to different security scenarios.
Task Length:
1 hour
Due Date:
Week 15
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Correctly answer questions relating to cybersecurity, ethical hacking, privacy, and the law
LO1, LO2
2
Correctly respond to scenarios relating to penetration testing in networked environments.
LO3
3
Correctly respond to scenarios relating to defensive techniques that can be applied to mitigate threats in networked environments.
LO4
 
Assessment Task 5: Practical Demonstrations
Task Description:
Practical Demonstrations - This is continuous assessment that demonstrates completion and understanding of the weekly tutorial tasks and/or the weekly lecture/theoretical content. Tasks could include configuring and using security tools, participating in small group tasks related to unit material, or completing a designated quiz that assesses understanding of the unit content.
 
Task Length:
2 hours (weekly)
Due Date:
Refer to Assessment Description
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Use security tools to estimate vulnerabilities in virtual infrastructure.
LO2
2
Use system configuration and processes to reduce the attack surface on infrastructure.
LO4
3
Penetrate vulnerable infrastructure with industry-standard ethical hacking tools.
LO3
 
 
 
How your final result is determined
To pass this unit, you need to demonstrate your attainment of each of the Intended Learning Outcomes, achieve a final unit grade of 50% or greater, and pass any hurdle tasks.
Submission of assignments
Where practicable, assignments should be submitted to an assignment submission folder in MYLO. You must submit assignments by the due date or receive a penalty (unless an extension of time has been approved by the Unit Coordinator). Students submitting any assignment in hard copy, or because of a practicum finalisation, must attach a student cover sheet and signed declaration for the submission to be accepted for marking.
Academic integrity
Academic integrity is about acting responsibly, honestly, ethically, and collegially when using, producing, and communicating information with other students and staff members.

In written work, you must correctly reference the work of others to maintain academic integrity. To find out the referencing style for this unit, see the assessment information in the MyLO site, or contact your teaching staff. For more detail about Academic Integrity, see Important Guidelines & Support.
Requests for extensions
If you are unable to submit an assessment task by the due date, you should apply for an extension.
 
A request for an extension should first be discussed with your Unit Coordinator or teaching support team where possible. A request for an extension must be submitted by the assessment due date, except where you can provide evidence it was not possible to do so. Typically, an application for an extension will be supported by documentary evidence: however, where it is not possible for you to provide evidence please contact your Unit Coordinator.
 
The Unit Coordinator must notify you of the outcome of an extension request within 3 working days of receiving the request.
Late penalties
Assignments submitted after the deadline will receive a late penalty of 5% of the original available mark for each calendar day (or part day) that the assignment is late. Late submissions will not be accepted more than 10 calendar days after the due date, or after assignments have been returned to other students on a scheduled date, whichever occurs first. Further information on Late Penalties can be found on the Assessments and Results Procedure.
Review of results and appeals
You are entitled to ask for a review of the marking and grading of your assessment task if there is an irregularity in the marking standards or an error in the process for determining the outcome of an assessment. Details on how to request a review of a mark for an assignment are outlined in the Review and Appeal of Academic Decisions Procedure.