SECURITY OPERATION ANALYSIS

SHE Level 3
SCQF Credit Points 20.00
ECTS Credit Points 10.00
Module Code M3G426870
Module Leader Kenneth Ovens
School School of Computing, Engineering and Built Environment
Subject Cyber Security and Networks
Trimester
  • B (January start)

Pre-Requisite Knowledge

Fundamentals of computer systems and networking. Familiarity with Windows OS and Linux command line, or PowerShell and Bash functions.

Summary of Content

This module provides students with the knowledge and skills needed to evaluate the complex threat environment facing today's organisations. The module will enable students to perform the functions needed to secure networks and services in a security operations centre (SOC) environment.

Syllabus

Threats and Attacks, Network Monitoring and Tools, Understanding Defence, Access Control, Endpoint Protection, Endpoint Vulnerability Assessment, Network Security Data, Evaluating Alerts, Working with Network Security Data, SIEM: Web Console Overview and Customisation, Analyst Tasks and Actions, Security, Threat Intelligence, Threat Lifecycle Management

Learning Outcomes

On successful completion of this module, students should be able to:1. Categorise the roles of the Cybersecurity Operations Analyst in the enterprise.2. Apply various methods to prevent malicious access to computer networks, hosts, and data and utilise monitoring tools to evaluate attacks against network protocols and services.3. Use network monitoring tools to identify compromised hosts and vulnerabilities.4. Analyse network intrusion data to identify operational incidents.5. Prioritise critical events related to security and compliance using Security Information and Event Management (SIEM) solutions, such as Splunk, ELK and LogRhythm.

Teaching / Learning Strategy

Work Based Education aims to maximise the direct and digitally mediated contact time with students by practicing teaching and learning strategies that use authentic work based scenarios and encourage action learning, enquiry based learning, problem based learning and peer learning. All these approaches aim to directly involve the students in the process of learning and to encourage sharing of learning between students. The module team will determine the level and accuracy of knowledge acquisition at key points in the delivery, inputting when necessary either directly or with the support of external experts who will add to the authenticity, the credibility and application of the education and learning in the workplace. The Learning and Teaching Strategy is informed by the University's Strategy for Learning. The course material will be introduced through online presentations as well as guided reading material made available on GCULearn. These are supported by practical exercises, and there will be seminars on campus which will allow students to discuss key concepts and issues with peers and tutors. Students will be expected to undertake a significant level of independent study within the workplace, including practical activities, and links will be provided to appropriate external material such as articles, podcasts and videos to supplement the module content. Students will be encouraged to reflect upon the theoretical learning within the workplace and the application of newly learned concepts to the work environment, and this will form part of the module assessment. Students will receive feedback on their performance throughout the module through undertaking the practical assignments and tutorial exercises and participating in the seminars.

Indicative Reading

Cisco CyberOps Associate CBROPS 200-201 Official Cert Guide by Omar Santos Publisher: Cisco Press Release Date: December 2020 Link: <https://learning.oreilly.com/library/view/cisco-cyberops-associate/9780136807964/> Learning Elastic Stack 7.0 - Second Edition by Pranav Shukla, Sharath Kumar M N Publisher: Packt Publishing Release Date: May 2019 Link: <https://learning.oreilly.com/library/view/learning-elastic-stack/9781789954395/>

Transferrable Skills

C1 - Logical thinking and problem solving. C2 - Critical analysis. C3 - Demonstrate effective information management, retrieval and research skills for independent enquiry and learning. C4 - Evaluate alternative solutions to problems in an appropriate subject domain. D1 - Communication skills (electronic, written, oral and listening) necessary to make effective presentation of a technical nature (information, ideas, problems and their solutions) to a range of audiences. E2 - Creativity, innovation and independent thinking. E6 - Ability to prioritise tasks and time management (organising and planning work).

Module Structure

Activity Total Hours
Seminars (FT) 24.00
Assessment (FT) 20.00
Independent Learning (FT) 156.00

Assessment Methods

Component Duration Weighting Threshold Description
Course Work 01 n/a 50.00 35% Practical based assessment.
Exam (Dept) 01 n/a 50.00 35% Class Test.