Unit Outline
ZAT219
Defensive Cyber Security and Procedures
Semester 2, 2024
Lachlan Hardy
University College
College of Business and Economics
CRICOS Provider Code: 00586B
Unit Coordinator
Lachlan Hardy
Email: Lachlan.Hardy@utas.edu.au
What is the Unit About?
Unit Description
 
In this unit, you will learn about the procedural nature of cyber security and the tools defined by the Open Web Application Security Project (OWASP). You will analyse the effectiveness of threat and vulnerability mitigation through use of contemporary cyber security frameworks. You will be exposed to mitigation strategies, operational controls and countermeasures needed to address various threats and vulnerabilities. Upon completion of this unit you will be able to apply your cyber security knowledge with the relevant tools and techniques to support and make improvements to business operations. In conjunction with the discipline theory, this unit builds on concepts of learning through practice in Year 1 of study by introducing you to more complex learning experiences. You will be introduced to: • discipline-based skills and knowledge in dynamic practice situations. This will include authentic and purposeful, industry-related experiences • concepts of managing effective relationships and communicating with others • the development and use of adaptive leadership skills and how these skills relate to innovative and entrepreneurial practice • the nature of responsible, accountable, and reflective workplace skills, and creative and critical thinking relevant to para-professional practice You will exercise self-awareness, initiative, and judgement to manage yourself and professional relationships effectively. The application of tacit knowledge and capabilities will be reflected in a Practice Manual.
Intended Learning Outcomes
As per the Assessment and Results Policy 1.3, your results will reflect your achievement against specified learning outcomes.
On completion of this unit, you will be able to:
1
Analyse cyber security tools techniques and assets to identify and characterise threats and vulnerabilities in dynamic situations.
2
Apply cyber security tools, techniques and methodologies to design and implement mitigation strategies and countermeasures.
3
Evaluate and reflect on the effectiveness of penetration testing, mitigation strategies and countermeasures to generate professional recommendations.
Alterations as a result of student feedback
To be determined.
 
 
 
Teaching arrangements
ATTENDANCE MODE
TEACHING TYPE
LEARNING ACTIVITY
CONTACT HOURS
FREQUENCY
Online
Tutorial (Online)
Online Class 2-hr tutorial, weekly, commencing in Week 1, excluding weeks 4 and 9.
2
Weekly
Attendance / engagement expectations
If your unit is offered On campus, it is expected that you will attend all on-campus and onsite learning activities. This is to support your own learning and the development of a learning community within the unit. If you are unable to attend regularly, please discuss the situation with your course coordinator and/or our UConnect support team.

If your unit is offered Online or includes online activities, it is expected you will engage in all those activities as indicated in the Unit Outline or MyLO, including any self-directed learning.

If you miss a learning activity for a legitimate reason (e.g., illness, carer responsibilities) teaching staff will attempt to provide alternative activities (e.g., make up readings) where it is possible.
 
 
 
 
How will I be Assessed?
 
For more detailed assessment information please see MyLO.
Assessment schedule
ASSESSMENT TASK #
ASSESSMENT TASK NAME
DATE DUE
WEIGHT
LINKS TO INTENDED LEARNING OUTCOMES
Assessment Task 1:
Malware Analysis and Defence Report
Week 4
25 %
LO1, LO2, LO3
Assessment Task 2:
Defensive Incident Response Plan
Week 9
40 %
LO1, LO2, LO3
Assessment Task 3:
Forensic Analysis Report
Week 14
35 %
LO1, LO2, LO3
 
Assessment details
Assessment Task 1: Malware Analysis and Defence Report
Task Description:
You will research and find three types of malware and compile a report listing their technical details for;
- what they are,
- how they work, and
- what the attack characteristics are.
You will then use this information and propose the key methods of defending against your chosen malware.
Task Length:
800 - 1000 words
Due Date:
Week 4
Weight:
25 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Use appropriate tools and resources to identify relevant information about malware
LO1
2
Communicate and propose applied mitigation strategies in concise formats
LO1, LO2, LO3
3
Use appropriate industry format to communicate technical and non-technical concepts
LO1, LO3
 
Assessment Task 2: Defensive Incident Response Plan
Task Description:
You will be given a cyber incident case study. Your role as a defensive cyber security practitioner is to develop an incident response plan following the major processes, describing each step in your plan, and providing analytical responses and recommendations.
Your plan will be based on the practical industry process needed to document what has occurred, what went wrong, what the vulnerabilities were, and what can be done in the future to fix those vulnerabilities.
Task Length:
1500 words
Due Date:
Week 9
Weight:
40 %
 
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Evaluate the case study for relevant technical and non-technical information
LO1, LO3
2
Design appropriate countermeasures and mitigations for the case study situation
LO2, LO3
3
Communicate discipline knowledge and goals in a professional manner
LO1, LO2, LO3
 
Assessment Task 3: Forensic Analysis Report
Task Description:
This assessment task will require you to conduct a forensic analysis of an object (provided), where you will have to document your process, tools, and findings. You will be required to present information and ideas appropriate to a forensic standard.
Your report will contain the following sections:
• Summary
• Objectives
• Evidence Analysed
• Investigation Steps
• Findings
• Conclusion, and
• Exhibits
Task Length:
Maximum 2000 words
Due Date:
Week 14
Weight:
35 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Use forensic testing tools and techniques to communicate cybersecurity threats
LO2, LO3
2
Apply tools, techniques and methodologies to follow forensic standards for business
LO1, LO2, LO3
3
Analyse cyber security ideas, terms and concepts
LO3
 
 
 
How your final result is determined
To pass this unit, you need to demonstrate your attainment of each of the Intended Learning Outcomes, achieve a final unit grade of 50% or greater, and pass any hurdle tasks.
Submission of assignments
Where practicable, assignments should be submitted to an assignment submission folder in MYLO. You must submit assignments by the due date or receive a penalty (unless an extension of time has been approved by the Unit Coordinator). Students submitting any assignment in hard copy, or because of a practicum finalisation, must attach a student cover sheet and signed declaration for the submission to be accepted for marking.
Academic integrity
Academic integrity is about acting responsibly, honestly, ethically, and collegially when using, producing, and communicating information with other students and staff members.

In written work, you must correctly reference the work of others to maintain academic integrity. To find out the referencing style for this unit, see the assessment information in the MyLO site, or contact your teaching staff. For more detail about Academic Integrity, see Important Guidelines & Support.
Requests for extensions
If you are unable to submit an assessment task by the due date, you should apply for an extension.
 
A request for an extension should first be discussed with your Unit Coordinator or teaching support team where possible. A request for an extension must be submitted by the assessment due date, except where you can provide evidence it was not possible to do so. Typically, an application for an extension will be supported by documentary evidence: however, where it is not possible for you to provide evidence please contact your Unit Coordinator.
 
The Unit Coordinator must notify you of the outcome of an extension request within 3 working days of receiving the request.
Late penalties
Assignments submitted after the deadline will receive a late penalty of 5% of the original available mark for each calendar day (or part day) that the assignment is late. Late submissions will not be accepted more than 10 calendar days after the due date, or after assignments have been returned to other students on a scheduled date, whichever occurs first. Further information on Late Penalties can be found on the Assessments and Results Procedure.
Review of results and appeals
You are entitled to ask for a review of the marking and grading of your assessment task if there is an irregularity in the marking standards or an error in the process for determining the outcome of an assessment. Details on how to request a review of a mark for an assignment are outlined in the Review and Appeal of Academic Decisions Procedure.