Unit Outline
KIT325
Advanced Cybersecurity and eForensics
Semester 2, 2025
Bilal Amin
School of Information and Communication Technology
College of Sciences and Engineering
CRICOS Provider Code: 00586B
Unit Coordinator
Bilal Amin
Email: Bilal.Amin@utas.edu.au
 
What is the Unit About?
Unit Description
This unit focuses on the advanced concepts and implementations of cybersecurity solutions applied in organisational settings. The unit discusses cybersecurity frameworks and incident response processes from the applied perspective of security measures. Moreover, this unit provides a capstone-like experience through a project in which students apply their skills by developing a cybersecurity solution for a known cybersecurity threat. The project involves planning, analysis, design, implementation, and testing of the solution within an agreed time frame. The eForensics aspect of this unit introduces the fundamentals of the digital forensic process, applied tools, and techniques. Students develop their digital forensics skills by participating in a series of hands-on exercises where they apply eForensic tools for evidence acquisition, analysis, and reporting.
Intended Learning Outcomes
As per the Assessment and Results Policy 1.3, your results will reflect your achievement against specified learning outcomes.
On completion of this unit, you will be able to:
1
Analyse modern-day digital security and safety measures required to design an effective cybersecurity solution
2
Design and implement a cybersecurity solution using preventive measures by applying ICT tools, techniques, and professional standards.
3
Explain the role of digital forensics in cyber security.
4
Justify the application of eForensic tools in digital forensics scenarios.
5
Evaluate eForensic artefacts by applying principles and techniques of digital forensics.
Requisites
REQUISITE TYPE
REQUISITES
Pre-requisite
KIT215
Alterations as a result of student feedback
eForensic Tools are updated. Added additional workshop and tutorial
 
 
Teaching arrangements
ATTENDANCE MODE
TEACHING TYPE
LEARNING ACTIVITY
CONTACT HOURS
FREQUENCY
On Campus
Lecture (On Campus)
A real-time (i.e. synchronous) interactive activity involving the whole class whose primary purpose is the presentation and structuring of information/ideas/skills to facilitate student learning. All students are expected to attend.
2
Once only (3 times)
Workshop
A structured real-time (i.e. synchronous) activity that involves a mix of presentation of new information/ideas/skills and guided activities related to that information/ideas/skills. All students are expected to attend.
2
Once only (5 times)
Tutorial
A structured real-time (i.e. synchronous) activity in a small-group setting where the primary purpose is the clarification, exploration or reinforcement of subject content presented or accessed at another time or place (e.g. lecture, preparatory work). It is reliant on student-teacher and student-student interaction and dialogue for achievement of its learning outcomes. The students enrolled in the tutorial are expected to attend.
2
Once only (5 times)
Independent Learning
Involving reading, listening to audio, watching video, and/or completing exercises and/or quizzes, self-study is individual work undertaken when the student chooses (i.e. asynchronous), most likely through engagement with MyLO. The content is examinable, and may need to be completed prior to attending classes and/or attempting assessment tasks.
2
Weekly
Attendance / engagement expectations
If your unit is offered On campus, it is expected that you will attend all on-campus and onsite learning activities. This is to support your own learning and the development of a learning community within the unit. If you are unable to attend regularly, please discuss the situation with your course coordinator and/or our UConnect support team.

If your unit is offered Online or includes online activities, it is expected you will engage in all those activities as indicated in the Unit Outline or MyLO, including any self-directed learning.

If you miss a learning activity for a legitimate reason (e.g., illness, carer responsibilities) teaching staff will attempt to provide alternative activities (e.g., make up readings) where it is possible.
 
 
 
 
How will I be Assessed?
 
For more detailed assessment information please see MyLO.
Assessment schedule
ASSESSMENT TASK #
ASSESSMENT TASK NAME
DATE DUE
WEIGHT
LINKS TO INTENDED LEARNING OUTCOMES
Assessment Task 1:
Cybersecurity incident analysis
Week 6
20 %
LO1, LO2, LO3, LO4
Assessment Task 2:
Cybersecurity planning, digital forensics, and Vulnerability Assessment quiz
Refer to Assessment Description
15 %
LO1, LO2, LO3, LO5
Assessment Task 3:
Cybersecurity Project
Refer to Assessment Description
30 %
LO1, LO2
Assessment Task 4:
eForensics Assignment
Refer to Assessment Description
35 %
LO4, LO5
 
Assessment details
Assessment Task 1: Cybersecurity incident analysis
Task Description:
Students will collaborate in groups to investigate significant cybersecurity incidents that have occurred over the past decade. Adhering to the “Anatomy of a cyber-attack” template provided in Week #2’s workshop, each group will create a 15-minute presentation. This presentation will encompass the incident’s background, timeline, impact, and preventive measures. Additionally, based on the chosen incident, the group will recommend a set of digital forensic tools suitable for incident investigation. This assignment aims to equip students with knowledge of contemporary cybersecurity measures and facilitate their understanding of their motivations and limitations in developing an effective incident response plan.

This assessment comprises both group and individual components.

The research topics will be announced in Week #2 on MyLO. Student groups will select a topic that interests them and conduct research on the corresponding cybersecurity incident. The assessment is due in Week #6.
Task Length:
15-20 slides, depending on the incident under discussion
Due Date:
Week 6
Weight:
20 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Analyse a high impact cybersecurity incident and present the research using the required template
LO1, LO2
2
Evaluate the technical and non-technical factors of the incident
LO1, LO3
3
Recommend and justify appropriate countermeasures to defend against similar cybersecurity threats.
LO1
4
Recommend a set of digital forensic tools that can be applied for the investigation of similar threats.
LO4
 
Assessment Task 2: Cybersecurity planning, digital forensics, and Vulnerability Assessment quiz
Task Description:
This individual assessment includes three in-semester quizzes. Each quiz is worth 5% of your grade and consists of 20 multiple-choice questions. They must be completed in one attempt and within a 30-minute timeframe. Students have one week to complete each quiz.

The first quiz, covering cybersecurity planning, is due in Week 3. The second quiz, which delves into the principles and processes of digital forensics, its scope during incident response, and its application, is due in Week 5. The third quiz, which focuses on vulnerability analysis, is due in Week 13.
Task Length:
30 min.
Due Date:
Refer to Assessment Description
Weight:
15 %
 
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Answer questions correctly on the cybersecurity planning and modern-day cybersecurity topics based on provided information and discussions during the sessions
LO1
2
Answer questions correctly on principles of digital forensics and its scope within cybersecurity based on provided information and discussions during the sessions
LO3, LO5
3
Answer questions correctly on vulnerability analysis in the light of preventive measures based on provided information and discussions during the sessions
LO2
 
Assessment Task 3: Cybersecurity Project
Task Description:
Students will collaborate in groups to design and develop an ICT solution that addresses a specific cybersecurity threat prevalent in modern-day organisations. The project involves planning and designing the solution, implementing it, and evaluating its effectiveness.

During the planning and design phase, students will create a comprehensive scope of work, define high-level requirements, design artefacts, and outline testing scenarios.

In the development phase, students will adhere to the project plan, implement the solution, and execute test cases. Upon submission, students will provide a post-implementation critique that addresses both technical and non-technical aspects of the project.

Technical aspects include a critical analysis of the implementation, its limitations, and test outcomes. Non-technical aspects encompass social, legal, and economic factors related to the solution. This assignment will allow students to work as a team, develop an ICT solution to a recognised cybersecurity threat, and follow an industry-like development plan.

The assessment comprises both group and individual tasks.

Project topics will be posted on MyLO during Week #3. The project design, worth 10%, is due in Week #8. The solution and critique, worth 15%, are due after Week #13. Throughout the semester, each team must attend two mandatory consultation meetings. The first meeting will occur during the design phase (Week #3 to Week #7), and the second during the solution phase (Week #9 to Week #13). During these sessions, progress will be evaluated, and feedback will be provided. These consultation meetings, combined, will account for 5%.
Task Length:
An ICT solution with approximately 3 high-level use-cases, depending on the topic of the project.
Due Date:
Refer to Assessment Description
Weight:
30 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Evaluate known measures and solutions to the cybersecurity threat
LO1
2
Incorporate the latest ICT practices and standards during the project design and solution phases
LO2
3
Develop a solution as per the project plan and design document.
LO2
4
Report the analysis of the test results, critique the solution's technical and non-technical aspects.
LO1, LO2
5
Complete a project plan document with scope of work and high-level requirements
LO2
 
Assessment Task 4: eForensics Assignment
Task Description:
In this assessment, students will apply their digital forensics skills by using a set of digital forensic tools cohesively. The assignment aims to allow students to apply digital forensics principles and techniques to various eForensic artefacts, such as files, registry keys, logs, images, messages, and timestamps.

The assignment is divided into five parts. The first four parts, each worth 5%, are to be completed in Weeks #5, #7, #8, and #10 tutorials, respectively. The fifth part is a comprehensive digital forensics investigation test. This part is to be completed during the Week #11 tutorial within a 2-hour timeframe.
Task Length:
~6 hrs. 2 hrs per module covering evidence acquisition, analysis, and reporting
Due Date:
Refer to Assessment Description
Weight:
35 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Acquire eForensic artefacts with forensic integrity intact
LO4, LO5
2
Investigation and evaluation of the key eForensic artefacts
LO5
3
Report key eForensics artefacts post-investigation
LO4, LO5
 
 
 
How your final result is determined
To pass this unit, you need to demonstrate your attainment of each of the Intended Learning Outcomes, achieve a final unit grade of 50% or greater, and pass any hurdle tasks.
Academic progress review
The results for this unit may be included in a review of your academic progress. For information about progress reviews and what they mean for all students, see Academic Progress Review in the Student Portal.
Submission of assignments
Where practicable, assignments should be submitted to an assignment submission folder in MYLO. You must submit assignments by the due date or receive a penalty (unless an extension of time has been approved by the Unit Coordinator). Students submitting any assignment in hard copy, or because of a practicum finalisation, must attach a student cover sheet and signed declaration for the submission to be accepted for marking.
Academic integrity
Academic integrity is about acting responsibly, honestly, ethically, and collegially when using, producing, and communicating information with other students and staff members.

In written work, you must correctly reference the work of others to maintain academic integrity. To find out the referencing style for this unit, see the assessment information in the MyLO site, or contact your teaching staff. For more detail about Academic Integrity, see Important Guidelines & Support.
Requests for extensions
If you are unable to submit an assessment task by the due date, you should apply for an extension.
 
A request for an extension should first be discussed with your Unit Coordinator or teaching support team where possible. A request for an extension must be submitted by the assessment due date, except where you can provide evidence it was not possible to do so. Typically, an application for an extension will be supported by documentary evidence: however, where it is not possible for you to provide evidence please contact your Unit Coordinator.
 
The Unit Coordinator must notify you of the outcome of an extension request within 3 working days of receiving the request.
Late penalties
Assignments submitted after the deadline will receive a late penalty of 5% of the original available mark for each calendar day (or part day) that the assignment is late. Late submissions will not be accepted more than 10 calendar days after the due date, or after assignments have been returned to other students on a scheduled date, whichever occurs first. Further information on Late Penalties can be found on the Assessments and Results Procedure.
 
Review of results and appeals
You are entitled to ask for a review of the marking and grading of your assessment task if there is an irregularity in the marking standards or an error in the process for determining the outcome of an assessment. Details on how to request a review of a mark for an assignment are outlined in the Review and Appeal of Academic Decisions Procedure.
 
 
 
Required Resources
Required reading materials
Material provided on MyLO
 
Recommended reading materials
Material provided on MyLO
 
Other required resources