Unit Outline
ZAT127
Defensive Cyber Security Procedures
Semester 2, 2025
Lachlan Hardy
University College
University College
CRICOS Provider Code: 00586B
Unit Coordinator
Lachlan Hardy
Email: Lachlan.Hardy@utas.edu.au
What is the Unit About?
Unit Description
 
In this unit, you will learn about the procedural nature of cyber security. You will analyse the effectiveness of threat and vulnerability mitigation through use of contemporary cyber security frameworks. You will be explore mitigation strategies, operational controls, and countermeasures needed to address various threats and vulnerabilities from both technical and organisational perspectives. Upon completion of this unit, you will be able to apply your cyber security knowledge to communicate, support, and design improvements to business and personal cyber security posture (i.e. cyber security strength and readiness).
Intended Learning Outcomes
As per the Assessment and Results Policy 1.3, your results will reflect your achievement against specified learning outcomes.
On completion of this unit, you will be able to:
1
Analyse cybersecurity data and information to identify and characterise threats and vulnerabilities
2
Apply cybersecurity knowledge and methodologies to design and communicate mitigation strategies and countermeasures
3
Apply frameworks and procedures for enhancing organisational cybersecurity efficacy and defensive posture
Requisites
REQUISITE TYPE
REQUISITES
Anti-requisite (mutual excl)
ZAT219
Alterations as a result of student feedback
To be determined
 
 
Teaching arrangements
ATTENDANCE MODE
TEACHING TYPE
LEARNING ACTIVITY
CONTACT HOURS
FREQUENCY
Online
Tutorial (Online)
Online Class 2-hr tutorial, weekly, commencing in Week 1.
2
Weekly
Attendance / engagement expectations
If your unit is offered On campus, it is expected that you will attend all on-campus and onsite learning activities. This is to support your own learning and the development of a learning community within the unit. If you are unable to attend regularly, please discuss the situation with your course coordinator and/or our UConnect support team.

If your unit is offered Online or includes online activities, it is expected you will engage in all those activities as indicated in the Unit Outline or MyLO, including any self-directed learning.

If you miss a learning activity for a legitimate reason (e.g., illness, carer responsibilities) teaching staff will attempt to provide alternative activities (e.g., make up readings) where it is possible.
 
 
 
 
How will I be Assessed?
 
For more detailed assessment information please see MyLO.
Assessment schedule
ASSESSMENT TASK #
ASSESSMENT TASK NAME
DATE DUE
WEIGHT
LINKS TO INTENDED LEARNING OUTCOMES
Assessment Task 1:
AT1: Threat Characterisation Report
Week 4
30 %
LO1, LO2, LO3
Assessment Task 2:
AT2 Compare and Contrast Defensive Frameworks
Week 9
30 %
LO1, LO2, LO3
Assessment Task 3:
AT3 Incident Response Plan
Week 13
40 %
LO1, LO2, LO3
 
Assessment details
Assessment Task 1: AT1: Threat Characterisation Report
Task Description:
You will use provided cyber security scenarios to characterise how threats might apply within organisational contexts, the damages threats may cause, and the impact threats may have on business as usual. You will be required to write a professional report that communicates this information to the organisation, aligning with industry best practice and professional formatting standards.
Task Length:
800 words
Due Date:
Week 4
Weight:
30 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
1. Use evidence from credible industry sources to communicate cyber threat information.
LO2
2
Analyse scenarios for relevant information pertaining the cyber threats and impacts
LO1
3
3. Communicate threats and impacts to organisations using industry best practice language and formatting.
LO3
 
Assessment Task 2: AT2 Compare and Contrast Defensive Frameworks
Task Description:
Using the defensive frameworks you are provided within the unit you will compare and contrast frameworks and their elements against specified organisations and scenarios to explain the context of their application and the limitations of frameworks within complex contexts.
Task Length:
1200 words
Due Date:
Week 9
Weight:
30 %
 
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Compare defensive frameworks based on evidence and industry approaches.
LO3
2
Contrast defensive frameworks, identifying limitations and contextual benefits.
LO3
3
Describe the application of defensive frameworks in industry settings.
LO2
4
Communicate limitations and benefits of frameworks based on industry-based threats and scenarios
LO1
 
Assessment Task 3: AT3 Incident Response Plan
Task Description:
You will be provided with a case study that outlines a real-world cyber security incident. Your role as a defensive cyber security practitioner is to develop an incident response plan, in the format of a decision tree, which identifies and presents the critical tasks and decisions required to respond to the incident. You will be required to describe each step in your plan and provide analytical responses and recommendations to known and predicted impacts of the incident.
Task Length:
Maximum 1500 words
Due Date:
Week 13
Weight:
40 %
 
CRITERION #
CRITERION
MEASURES INTENDED
LEARNING OUTCOME(S)
1
Analyse scenarios to identify relevant information required for successful incident response.
LO1
2
Create an incident plan that considers known and predicted decisions and tasks necessary to minimise the impact of an incident.
LO2
3
Create detailed incident response steps which contribute to the lessening of harm and the continuation of business as usual.
LO3
4
Use appropriate formatting and language to communicate incident response steps that are self-contained and comprehensive.
LO2
 
 
 
How your final result is determined
To pass this unit, you need to demonstrate your attainment of each of the Intended Learning Outcomes, achieve a final unit grade of 50% or greater, and pass any hurdle tasks.
Academic progress review
The results for this unit may be included in a review of your academic progress. For information about progress reviews and what they mean for all students, see Academic Progress Review in the Student Portal.
Submission of assignments
Where practicable, assignments should be submitted to an assignment submission folder in MYLO. You must submit assignments by the due date or receive a penalty (unless an extension of time has been approved by the Unit Coordinator). Students submitting any assignment in hard copy, or because of a practicum finalisation, must attach a student cover sheet and signed declaration for the submission to be accepted for marking.
Academic integrity
Academic integrity is about acting responsibly, honestly, ethically, and collegially when using, producing, and communicating information with other students and staff members.

In written work, you must correctly reference the work of others to maintain academic integrity. To find out the referencing style for this unit, see the assessment information in the MyLO site, or contact your teaching staff. For more detail about Academic Integrity, see Important Guidelines & Support.
Requests for extensions
If you are unable to submit an assessment task by the due date, you should apply for an extension.
 
A request for an extension should first be discussed with your Unit Coordinator or teaching support team where possible. A request for an extension must be submitted by the assessment due date, except where you can provide evidence it was not possible to do so. Typically, an application for an extension will be supported by documentary evidence: however, where it is not possible for you to provide evidence please contact your Unit Coordinator.
 
The Unit Coordinator must notify you of the outcome of an extension request within 3 working days of receiving the request.
Late penalties
Assignments submitted after the deadline will receive a late penalty of 5% of the original available mark for each calendar day (or part day) that the assignment is late. Late submissions will not be accepted more than 10 calendar days after the due date, or after assignments have been returned to other students on a scheduled date, whichever occurs first. Further information on Late Penalties can be found on the Assessments and Results Procedure.
 
Review of results and appeals
You are entitled to ask for a review of the marking and grading of your assessment task if there is an irregularity in the marking standards or an error in the process for determining the outcome of an assessment. Details on how to request a review of a mark for an assignment are outlined in the Review and Appeal of Academic Decisions Procedure.