SECURITY OPERATION ANALYSIS

SHE Level 3
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code M3G426849
Module Leader Kenneth Ovens
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • B (January start)

Pre-Requisite Knowledge

Fundamentals of computer systems and networking. Familiarity with Windows OS and Linux command line, or PowerShell and Bash functions.

Summary of Content

This module provides students with the knowledge and skills needed to evaluate the complex threat environment facing today's organisations. The module will enable students to perform the functions needed to secure networks and services in a security operations centre (SOC) environment.

Syllabus

Threats and Attacks, Network Monitoring and Tools, Understanding Defence, Access Control, Endpoint Protection, Endpoint Vulnerability Assessment, Network Security Data, Evaluating Alerts, Working with Network Security Data, SIEM: Web Console Overview and Customisation, Analyst Tasks and Actions, Security, Threat Intelligence, Threat Lifecycle Management

Learning Outcomes

On successful completion of this module, students should be able to:1. Categorise the roles of the Cybersecurity Operations Analyst in the enterprise.2. Apply various methods to prevent malicious access to computer networks, hosts, and data and utilise monitoring tools to evaluate attacks against network protocols and services.3. Use network monitoring tools to identify compromised hosts and vulnerabilities.4. Analyse network intrusion data to identify operational incidents.5. Prioritise critical events related to security and compliance using Security Information and Event Management (SIEM) solutions, such as Splunk, ELK and LogRhythm.

Teaching / Learning Strategy

This module will be taught by means of workshops and practical exercises. Students are directed to study appropriate texts and articles both paper based and web based to consolidate their knowledge of the topics covered. Rich multimedia content, including interactive activities, videos, games, and quizzes, addresses a variety of learning styles and help stimulate learning and increase knowledge retention. GCULearn will also be used to provide access to a range of relevant learning resources and materials to enhance the teaching strategy. In addition, students will be encouraged to access NetLab, an innovative hands-on online lab learning environment providing access to live systems and network devices. Regular and frequent assessments provide immediate feedback to support the evaluation of knowledge and acquired skills.

Indicative Reading

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide by Omar Santos Publisher: Cisco Press Release Date: December 2020 Link: <https://learning.oreilly.com/library/view/cisco-cyberops-associate/9780136807964/> Learning Elastic Stack 7.0 - Second Edition by Pranav Shukla, Sharath Kumar M N Publisher: Packt Publishing Release Date: May 2019 Link: <https://learning.oreilly.com/library/view/learning-elastic-stack/9781789954395/>

Transferrable Skills

C1 - Logical thinking and problem solving. C2 - Critical analysis. C3 - Demonstrate effective information management, retrieval and research skills for independent enquiry and learning. C4 - Evaluate alternative solutions to problems in an appropriate subject domain. D1 - Communication skills (electronic, written, oral and listening) necessary to make effective presentation of a technical nature (information, ideas, problems and their solutions) to a range of audiences. E2 - Creativity, innovation and independent thinking. E6 - Ability to prioritise tasks and time management (organising and planning work).

Module Structure

Activity Total Hours
Independent Learning (FT) 120.00
Practicals (FT) 24.00
Seminars (FT) 36.00
Assessment (FT) 20.00

Assessment Methods

Component Duration Weighting Threshold Description
Course Work 01 n/a 50.00 35% Practical based assessment.
Exam (Dept) 01 n/a 50.00 35% Class Test.