Unit Outline
ZAT119
Data Analytics for Cyber Security
Semester 1, 2024
Lachlan Hardy
University College
College of Business and Economics
CRICOS Provider Code: 00586B
Unit Coordinator
Lachlan Hardy
Email: Lachlan.Hardy@utas.edu.au
 
What is the Unit About?
Unit Description
In this unit you will learn about three key areas of data analytics in cyber security. Using a series of tools to develop your cyber security analytical tool kit, you will begin by conducting basic data analysis using Excel and build an analytical dashboard in Excel which will allow you to dynamically update the dashboard based on the dataset entered. With these skills you will then transition to network data analytics for threat hunting and incident response, culminating in an assessment  on post-infection threat analysis. Finally, you will undertake active network monitoring and analysis using cutting edge industry tools, that will form your final assessment. The progression of practical skill development in this unit will add progressive complexity to your understanding of data analytics scoped to cyber security and align with a Security Operations Centre (SOC) analysts’ role.
Intended Learning Outcomes
As per the Assessment and Results Policy 1.3, your results will reflect your achievement against specified learning outcomes.
On completion of this unit, you will be able to:
1.
Analyse the role and purpose of data for cyber security
2.
Explain how data analytics is applied in the cyber security industry
3.
Apply analytical cyber security processes to address industry challenges
Requisites
REQUISITE TYPE
REQUISITES
Anti-requisite (mutual excl)
ZAT201
ZAT213
Alterations as a result of student feedback
TBD
 
 
Teaching arrangements
ATTENDANCE MODE
TEACHING TYPE
LEARNING ACTIVITY
CONTACT HOURS
FREQUENCY
Attendance / engagement expectations
If your unit is offered On campus, it is expected that you will attend all on-campus and onsite learning activities. This is to support your own learning and the development of a learning community within the unit. If you are unable to attend regularly, please discuss the situation with your course coordinator and/or our UConnect support team.

If your unit is offered Online, it is expected you will engage in all those activities as indicated in the Unit Outline, including any self-directed learning.

If you miss a learning activity for a legitimate reason (e.g., illness, carer responsibilities) teaching staff will attempt to provide alternative activities (e.g., make up readings) where it is possible.
 
 
 
 
How will I be Assessed?
 
For more detailed assessment information please see MyLO.
Assessment schedule
ASSESSMENT TASK #
ASSESSMENT TASK NAME
DATE DUE
WEIGHT
LINKS TO INTENDED LEARNING OUTCOMES
Assessment Task 1:
AT1: Cybersecurity Dashboard (Microsoft Excel)
Week 4
20 %
LO1, LO2, LO3
Assessment Task 2:
AT2: Network Data Forensic Analysis (Wireshark)
Week 8
40 %
LO1, LO2, LO3
Assessment Task 3:
AT3: SOC Data Analytics (Splunk)
Week 12
40 %
LO1, LO2, LO3
 
Assessment details
    
Assessment Task 1: AT1: Cybersecurity Dashboard (Microsoft Excel)
Task Description:
This assessment task will introduce you to the basic use of data to create analytics and usable information. You will be supplied with a data set and asked to create a dashboard using several different Microsoft Excel charts that can update dynamically (including pivot tables), the output from this will be displayed as your dashboard.

Task Length:
1 x Microsoft Excel spreadsheet with up to 3 pages (one page with data, one page with analysis, and one extra page if required)
Due Date:
Week 4
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Understand cyber security data and its role in creating insights
LO2
2
Select informative analysis techniques to transform cyber security data
LO3
3
Apply analysis techniques to cyber security data
LO1
4
Design an informative dashboard layout to meet industry requirements
LO3
 
Assessment Task 2: AT2: Network Data Forensic Analysis (Wireshark)
Task Description:
For this assessment task, you will use one (1) of the three (3) Packet Capture (PCAP) files provided and perform an analysis using any relevant tools. In a report, you will then: • Explain the major packet types found in your PCAP file • Describe the problem that your PCAP file appears show • Describe and show your processes for analysing the PCAP • Present your findings and confirm or correct your initial problem description

Task Length:
1,200 - 1,500 Words
Due Date:
Week 8
Weight:
40 %
 
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Identify and discuss packet and protocol types in network data
LO2
2
Summarise packet data to create and test a hypothesis
LO1
3
Apply appropriate filters to analyse packet data
LO3
4
Apply pivoting techniques to explore packet data
LO3
5
Create an industry appropriate report format
LO2
 
Assessment Task 3: AT3: SOC Data Analytics (Splunk)
Task Description:
This assessment task will have you apply your data analytics skills to industry information and data. You will take on the role of a SOC analyst to demonstrate that your system has recently been breached, you will then compile your analysis into a report for your CEO. In your report you will need to explain your findings, show the evidence you have gathered, and provide visualisation of relevant data. You will then detail two recommendations based on your analysis to improve cyber security in your organisation.

Task Length:
1,200-1,500 words
Due Date:
Week 12
Weight:
40 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Apply inquiry skills to plan an investigation
LO1
2
Perform analysis of relevant cyber security data
LO3
3
Create impactful visualisations to enhance analytics
LO3
4
Communicate findings to support a data driven argument
LO2
 
 
 
How your final result is determined
To pass this unit, you need to demonstrate your attainment of each of the Intended Learning Outcomes, achieve a final unit grade of 50% or greater, and pass any hurdle tasks.
 
Submission of assignments
Where practicable, assignments should be submitted to an assignment submission folder in MYLO. You must submit assignments by the due date or receive a penalty (unless an extension of time has been approved by the Unit Coordinator). Students submitting any assignment in hard copy, or because of a practicum finalisation, must attach a student cover sheet and signed declaration for the submission to be accepted for marking.
 
Requests for extensions
If you are unable to submit an assessment task by the due date, you should apply for an extension.
 
A request for an extension should first be discussed with your Unit Coordinator or teaching support team where possible. A request for an extension must be submitted by the assessment due date, except where you can provide evidence it was not possible to do so. Typically, an application for an extension will be supported by documentary evidence: however, where it is not possible for you to provide evidence please contact your Unit Coordinator.
 
The Unit Coordinator must notify you of the outcome of an extension request within 3 working days of receiving the request.
Late penalties
Assignments submitted after the deadline will receive a late penalty of 5% of the original available mark for each calendar day (or part day) that the assignment is late. Late submissions will not be accepted more than 10 calendar days after the due date, or after assignments have been returned to other students on a scheduled date, whichever occurs first. Further information on Late Penalties can be found on the Assessments and Results Procedure.
 
Review of results and appeals
You are entitled to ask for a review of the marking and grading of your assessment task if there is an irregularity in the marking standards or an error in the process for determining the outcome of an assessment. Details on how to request a review of a mark for an assignment are outlined in the Review and Appeal of Academic Decisions Procedure.
 
 
 
Required Resources
Required reading materials
 
 
Recommended reading materials
 
 
Other required resources
Splunk
Wireshark
Excel