module specification

This module is based on Cisco Cybersecurity Essentials and CCNA Cybersecurity Operations (Cyber Ops) curriculum delivered through Cisco Networking Academy at the University.
The CCNA Cybersecurity Operations curriculum provides a first step in acquiring the knowledge and skills needed to work as a Security Analyst within a Cybersecurity Operation Centre (SOC)  and can be a valuable part of beginning a career in the exciting and growing field of cybersecurity operations. It explores the characteristics of and tactics used by cyber criminals and procedures used by cybersecurity professionals to combat cybercrime.
This individual module helps prepare students for entry-level cybersecurity career opportunities and is aligned to the Understanding Cisco Cybersecurity Fundamentals (SECFND) and Implementing Cisco Cybersecurity Operations (SECOPS) industry exams leading to the Cisco full CCNA Cybersecurity Operations certification.
This module is a hands-on, career-oriented e-learning solution offering a blended curriculum with both online and classroom learning with an emphasis on practical experience to help students develop specialised Cybersecurity analyst skills, along with critical thinking and complex problem solving skills. To pass this module with good grades, students are expected to have CCNA-level networking concepts knowledge and skills by completing CT4004, along with basic PC and Internet navigation skills
In addition, this module provides practical, relevant and skills aligned closely with the specific tasks expected of SOC professionals through various features including rich multimedia content, including interactive activities, videos, games, and quizzes, addresses a variety of learning styles and help stimulate learning and increase knowledge retention. The virtual environments simulate real-world cybersecurity threat scenarios and create opportunities for ethical hacking, security monitoring, analysis and resolution and hands-on labs help students develop critical thinking and complex problem solving skills. The innovative assessments provide immediate feedback to support the evaluation of knowledge and acquired skills. Technical concepts are explained using language that works well for learners at all levels and embedded interactive activities break up reading of the content and help reinforce understanding. In addition, CyberOps Skills Challenge networked game allows students to use CyberOps skills and knowledge to compete with classmates.

Both CT4004 and CT4005 completed

• Cybersecurity – A World of Wizards, Heros and Criminals LO1
• The Cybersecurity Sorcery Cube LO1
• Cybersecurity Threats, Vulnerabilities, and Attacks LO1
• The art of protecting secret and ensuring integrity LO2,3
• The Realm of Five Nines LO6
• Cybersecurity and the Security Operations Centre LO1
• Principles of Network Security LO2
• A deeper look at Network Attacks LO2
• Protecting the Network LO2
• Cryptography and the Public Key Infrastructure LO3
• Endpoint Security and Analysis LO4
• Security Monitoring LO5
• Intrusion Data Analysis LO6
• Incident Response and Handling LO7

Module is delivered once a weekly in three hours session. Usually one hour lecture is followed by two hours of laboratory work. This module is based on CCNA Cybersecurity Essentials and CCNA Cybersecurity Operations (Cyber Ops) curriculum. Industry approved up to date learning material is available to students on www.Netacad.com and via WebLearn links. Students keep a logbook and record the summary of their practical work for reflective learning. On-line chapter tests are incorporated for self-paced continuous assessment and reflective learning.

On successful completion of this module students will be able to:
LO1. Demonstrate the understanding of the Cybersecurity world, criminals, professionals and how Cybersecurity threats affect individuals, business, countries and explain the role of the Cybersecurity Operations Analyst in the enterprise and how to prepare for a career in Cybersecurity Operations.
LO2. Articulate various types of threats, network attacks, approaches to network security defence and use of network monitoring tools to identify attacks against network protocols and services.
LO3: Contextualise the principles of confidentiality, integrity, and availability as they relate to data states and cybersecurity countermeasures and the impacts of cryptography on network security monitoring.
LO4: Investigate endpoint vulnerabilities, attacks, classify endpoint vulnerability assessment information and tools to generate a malware analysis report.
LO5: Systematically evaluate network security alerts and explain the types of log files used in security monitoring.
LO6: Analyse network intrusion data to identify compromised hosts, vulnerabilities and apply incident response models to manage network security incidents.
LO7: Work effectively and responsibly in a small team to demonstrate how network security incidents are handled by Computer Security Incident Response Teams (CSIRTs), how to apply incident response models to security incidents and how to use set of logs to isolate threat actors and recommend an incident response plan.

The module is assessed by formative and summative assessments as detailed below:

Formative Diagnostic test (LO1)
This exam will be conducted by week 4. The purpose of this formative diagnostic test is check students’ understanding of very basic network security concepts and to provide an early feedback mechanism for maximising student’s engagement with the module.

Theory Exam (LO1-LO6)
Theory  Exam is an unseen summative component, which covers theoretical aspects of the entire syllabus. Students are prepared for final exam through online Multiple-Choice Multiple-Answers end of chapter tests over the year for continuous assessment and spot formative feedback.

Practical Exam (LO3 to LO7)
Students’ practical knowledge and hands-on skills to identify and manage security issues and vulnerabilities are assessed through this key summative component.

Group Experiments (LO5 to LO7)
The purpose of this formative group activity is to assess student’s ability to work in a team acting like a “Cybersecurity Analyst” for various vulnerability scenarios, analysing and evaluating typical scenarios through a set of lab activities. Students are expected to gather basic information using various tools, Learn about the Exploit, Determine the source of the Malware and Analyse details of the Exploit and produce professional documentation in form of report/logbook. Group assessment involves peer evaluation and feedback.

The marks with constructive feedback will be returned to students inline with University’s guidelines on assessments and feedback.

Core Text:
All course material for Cybersecurity Essential and CCNA Cybersecurity Operations are available on-line for registered students on http://www.netacad.com with usernames and password

Other Texts:
• Charles J. Brooks et al (2018), Cybersecurity Essentials, Sybex, ISBN-13: 978-1119362395
• Cisco Networking Academy (2018), CCNA Cybersecurity Operations Companion Guide, Cisco Press, ISBN-13: 978-1587134395
• Cisco Networking Academy (2018), CCNA Cybersecurity Operations Lab Manual, Cisco Press, ISBN-13: 978-1587134388

Website:
• University Library website: https://student.londonmet.ac.uk/library/
• Subject guides and research support: https://student.londonmet.ac.uk/library/subject
• National Cyber Security Centre: https://www.cyberessentials.ncsc.gov.uk/
• Cisco Networking Academy: https://www.netacad.com/

Electronic Databases:
• IEEE Xplore / IET Digital Library (IEL):
https://ieeexplore.ieee.org/Xplore/home.jsp
• Wiley Online Library:
https://0-www-onlinelibrary-wiley-com.emu.londonmet.ac.uk/

Social Media Sources
YouTube: https://www.youtube.com/

Other
Lynda: http://www.lynda.com/