Cyber Security

Understand Cyber Security, the types of threats resulting in cyber attacks, and defense mechanisms available.

Course Code: VIT103
Fee Code: S3
Duration (approx) Duration (approx) 100 hours
Qualification Statement of Attainment
Get started!

Digital literacy is essential in today's world. Learn about the traces we leave online, how to improve your digital privacy, and potential threats.

This course introduces the concept of Cyber Security, explains various types of threats available resulting in cyber attacks, and develops your understanding of the defence mechanisms available.

Lesson Structure

There are 11 lessons in this course:

  1. Introduction to Cyber Security and cyber attacks/defences
    • Importance of cybersecurity
    • Threats - passive attacks, active attacks
    • Common types of attacks - injection, phishing, denial of Service, malware, spoofing, man in the middle, network attacks
    • Layered approach to defense
    • Physical security
    • Software and Operating System Security, Network security
  2. Vulnerability Assessment
    • Assessing vulnerabilities
    • Security posture
    • Performing vulnerability assessment - 5 steps
    • Identifying and classifying assets
    • Threats and risk assessment
    • Baseline reporting
    • Penetration testing - techniques, penetration testing versus vulnerability assessment
  3. Securing the facilities and networks
    • Securing a data centre
    • Securing the network
    • Hardware level
    • Software PC, Device level
  4. Securing your online digital footprint
    • Digital footprints
    • Social media
    • Web browsing
    • Devices used
    • Managing digital footprint
    • Protecting user reputation
    • Sharing personal information
    • Preserving freedoms
    • Preventing financial; losses
    • Privacy risks
    • Developing better online habits
    • Investigating default settings
    • Using privacy enhancing tools
  5. Internet Security and Digital Certificates
    • Digital certificates
    • Digital signatures
    • Digital rights management and Information rights management
    • Electronic books and magazines
    • Generating a digital certificate
    • Exchanging and verifying a digital certificate
    • Web browsing
    • TLS and SSL
    • Security issues
    • Secure web browsing using https
  6. Wireless Network Vulnerabilities, Attacks and Security
    • Types of wireless data networks
    • NFC and Bluetooth network attacks
    • Wireless LAN attacks
    • Network blurred edges
    • Wireless data replay attacks
    • Wireless DOS attacks
    • Rogue access point
    • Attacks on home LANs - war driving, war chalking
    • Wireless security vulnerability and solutions
    • IEEE wireless security vulnerabilities
  7. Firewalls, IDS and IPS
    • Types of firewall protection
    • Packet filtering firewalls
    • Application/proxy firewalls
    • Hybrid firewalls
    • Firewall limitations
    • Formats and firewalls
    • UTM appliance
    • Intrusion detection systems
    • Network intrusion systems
    • Host based intrusion detection systems]
    • Intrusion prevention systems
    • Common detection methodologies
    • Anomaly based IDPS
    • Signature based IDPS
  8. Cryptography
    • Definition, terminology and characteristics
    • Common cipher attacks
    • Ciphertext only attacks
    • Known plaintext attack
    • Dictionary attack
    • Bruit force attack
    • Power analysis attack
    • Fault analysis attack
    • Cryptographical algorithms
    • Symmetric encryption
    • MAC function
    • Asymmetric encryption
    • Slipcovering keys
    • Hash algorithms
  9. Access Control and Authentication
    • What is access control
    • Definition, terminology
    • Access control models - RBAC, RAC, HBAC
    • Implementation - group policies, ACL, DACL, SACL
    • Authentication and authorisation
    • Securing and protecting passwords
    • Multi factor authentication
  10. Cyber attack Disaster Recovery strategies
    • Five stage response
    • Recovery planning
    • Backup procedures
    • cloud storage
    • Monitoring and logging events
    • Containment of attack
    • Assessing damage
    • Recovery procedures - system images SEO, restore data corruption
    • Authorities tracking attackers
    • Data ands security policies
  11. Ongoing Security Management
    • Managing security events - events monitoring
    • Centralised versus Distributed data collection
    • Being organised
    • Understanding the workplace
    • Security and decision making
    • Division of responsibilities
    • Time management
    • Networking
    • Attitude
    • Products and services
    • The law

Each lesson culminates in an assignment which is submitted to the school, marked by the school's tutors and returned to you with any relevant suggestions, comments, and if necessary, extra reading.

Aims

  • Define cyber security.
  • Explain the goals and importance of cyber security.
  • Understand important terminology relating to cyber security and list some attacks and defence mechanisms.
  • Explain how to perform a vulnerability assessment.
  • Understand the tools and techniques available.
  • Compare and contrast vulnerability scanning and penetration testing.
  • Explain how to secure physical data storage, data centre security, data warehouse and networks.
  • Understand the effects of leaving a wide online digital footprint.
  • Understand the options available for users to manage their online digital footprint.
  • Understand what a firewall, an Intrusion Detection System (IDS), and an Intrusion Prevention System (IPS) represent in the world of cyber security.
  • Explain the importance and functions of firewalls, IDS and IPS systems, and the benefits and protection they offer in protecting computers as well as computer networks.
  • Understand the concept of cryptography and the importance of encrypting and decrypting data.
  • Explain components of cryptographic protocols and common standards used in encryption and decryption.
  • Understand the importance of digital signatures and digital certificates in securing web traffic.
  • List the various types of wireless data communications networks and understand types of vulnerabilities and attacks against each of them.
  • Explain wireless network security standards available to protect wireless networks.
  • Define Access Control and become familiar with its terminology.
  • Understand the importance of implementing access control models.
  • Define authentication and understand the importance of creating and securing strong passwords and implementing double-factor or multi-factor authentication.
  • Explain how to recover from a cyber-attack and best procedures for setting up redundancy and quick recovery methods prior and after attack has occurred and minimizing impacts to systems and networks involved.

What You Will Do

  • Research layered defence concepts and in particular the idea of defence in depth.
  • Research and explain your choice of cyber-attack.
  • Report on good vulnerability scanners currently available in the market.
  • Research 4 privacy enhancing tools online, such as VPNs, password managers, and other encryption software.
  • Research the latest firewall solutions in the market.
  • Research the latest NIDS and HIDS solutions in the market.

Learn to Assess, then Minimise Vulnerabilities

Cybersecurity starts with understanding potential vulnerabilities, then assessing vulnerabilitiy in a particular situation, then finally taking actions to eliminate or prevent those vulnerabilities.

When organizations are trying to secure their assets, knowledge equates to power. As businesses constantly increase their dependence on information technology -- including placing/migrating data to the cloud, IoT (internet of things) devices, mobile devices, social platforms, and others – their exposure to cyber risks continues to rise significantly. However, just like an annual health check, a vulnerability management program can help organizations identify weaknesses in their cyber systems before these turn into problems. 

Security Posture

This is the technical term for an overall security plan. It is everything from initial planning to implementation. An organisation's security posture usually includes:

  • Technical policies
  • Non-technical policies
  • Procedures
  • Controls

Performing a Vulnerability Assessment

The majority of all cyberattacks are designed to exploit known weaknesses and vulnerabilities. And with thousands and thousands of new vulnerabilities discovered every year, it is important for organizations to exercise constant vigilance to evaluate IT security posture and discover weaknesses, as well as to respond appropriately. A robust vulnerability assessment program is the key to responding to this more dangerous threat environment. This is because a vulnerability assessment is a formal process that identifies and quantifies the security weaknesses including the application software, hardware and networks. 

A vulnerability assessment for an organization should produce a clear report containing a list of the components that require attention in the organization’s environment – and where on the list of priorities these components lie. Systems administrators in organizations’ IT departments are constantly updating, patching and applying software patches to their critical systems, however managing software updates and patches is quite a challenging task for IT departments because patches are known to occasionally cause disruption to other software and in some instances, systems requiring patches cannot be taken offline. For this reason, a good vulnerability assessment will provide the organization with a list of prioritized vulnerabilities sorted by system or software (or others) and can be used by the organization’s IT department and used as a to-do list to improve the organization’s security posture. 

It is important for any organization, even if it is not a high priority target, to devise a plan of defence against today’s advanced cyberattacks whereby attackers program the attacks to actively search for vulnerabilities in systems and networks and automatically start their attack process as soon as these are found. It is also important to know that scanning for vulnerability assessments is one thing, and analysing/prioritizing vulnerabilities by including them in an overall “risk management program” is another. 

A typical vulnerability assessment often involves the 5 steps below:

  1. Identifying which assets need to be protected;
  2. Evaluating threats against those assets;
  3. Undertaking vulnerability appraisal to understand how susceptible the current protection method is;
  4. Assessing risks (using the likelihood and impact of any potential weakness exploitation);
  5. Mitigating risks.
 

 

Since 1999 ACS has been a recognised member of IARC (International Approval and Registration Centre). A non-profit quality management organisation servicing education.

ACS Distance Education holds an Educational Membership with the ATA.

Member of Study Gold Coast Education Network.

ACS Global Partner - Affiliated with colleges in seven countries around the world.

Warwickshire College in the UK midlands is an affiliate of ACS Distance Education

Warnborough College in Ireland and England are affiliated with ACS Distance Education

UK Register of Learning Providers, UK PRN10000112


How can I start this course?

You can enrol at anytime and start the course when you are ready. Enrolments are accepted all year - students can commence study at any time. All study is self paced and ACS does not set assignment deadlines.

Please note that if a student is being assisted by someone else (e.g. an employer or government subsidy), the body offering the assistance may set deadlines. Students in such situations are advised to check with their sponsor prior to enrolling. The nominal duration of a course is approximately how long a course takes to complete. A course with a nominal duration of 100 hours is expected to take roughly 100 hours of study time to complete. However, this will vary from student to student. Short courses (eg. 100 hrs duration) should be completed within 12 months of enrolment. Certificates, Advanced Certificates and Awards (eg. over 500 hours duration) would normally be completed within 3 -5 years of enrolment. Additional fees may apply if a student requires an extended period to complete.
If a student cannot submit their assignments for 6 months to ACS, they should advise the school to avoid cancellation of their student
registration. Recommencement fees may apply.

Simply click on the ENROL OPTIONS button at the top of this screen and follow the prompts.

You can see the course price at the top of this page. Click 'enrolment options' to see any payment options available.

You can pay by Credit Card, PayPal, Afterpay or bank transfer.

Yes! We have payment plans for most courses. Click 'enrolment options' to see the available payment plans.
We also have Afterpay that will allow you to pay for your course or payment plans in four instalments (if you are in Australia).


What do I need to know before I enrol?

There are no entry requirements that you need to meet to enrol in our courses, our courses are for everyone.
If you are under 18, we need written permission from your parent/ guardian for your enrolment to continue, we can arrange that after you have enrolled.

You don’t need to purchase any additional resources to complete our courses.

We aim to teach you the essentials without you having to purchase any specific computer program.
We recommend that you have access to a word processing program, such as Microsoft Word or Google Docs, so that you can easily complete and submit your assignments.

You sure can. We are here to help you learn whatever your abilities.

Yes, if you are enrolling in a Certificate or Advanced Certificate, you might be eligible for credits if you have evidence of your previous studies or relevant experience. More information is here.

We recommend that you are able to browse websites, send emails and conduct online research. You will need to be able to type and submit your assignments.
If you have limited computer skills, we can make special arrangements for you.

This is possible, it depends on the institution. We recommend that if you would like to use our courses that you contact the institution first. Our Course Handbook is a good resource for this.

Our courses are written in English and we only have English speaking academic staff. If you can read and complete your assignments in English, our courses are ideal for you.

Our courses are designed to build knowledge, hands on skills and industry connections to help prepare you to work in the area, running your own business, professional development or as a base for further study.

This course has been designed to cover the fundamentals of the topic. It will take around 100 hours to complete, which includes your course reading, assignment work, research, practical tasks, watching videos and anything else that is contained in the course. Our short courses are a great way to do some professional development or to learn a new skill.

It’s up to you. The study hours listed in the course are a rough guide, however if you were to study a short course (100 hours) at 10 hours per week, you could finish the course in 10 weeks (just an example). Our courses are self-paced, so you can work through the courses in your own time. We recommend that you wait for your tutor to mark and return your assignment before your start your next one, so you get the benefits of their feedback.

The course consists of course notes, videos, set tasks for your practical work, online quizzes, an assignment for each lesson (that you receive feedback from your tutor from) and ends in an exam (which is optional, if would like to receive the formal award at the end), using our custom built Learning Management System - Login.Training.

Our courses are designed for adults to gain professional development and skills to further their careers and start businesses.

Our custom online learning portal allows you to conduct your learning online. There may be practical tasks that you can do offline. You have the option of downloading your course notes or print them to read later.

There is also the option to pay an additional fee for printed course notes and or USB (availability limited to location and deliverability).

Yes, if you don’t have access to the internet, you can receive the course as paper notes or on a USB stick for an additional fee. We can also make alternative arrangements for you to send your assignments to us.

We offer printed notes for an additional fee. Also, you can request your course notes on a USB stick for an additional fee.

Yes, your tutor is here to help you. Simply post any questions you have in your login.training portal or contact the office and we can pass on a message to your tutor.

We are more learning focussed, rather than assessment focussed. You have online quizzes to test your learning, written assignments and can complete an exam at the end of the course (if you want to receive your certificate). You will not receive a pass/ fail on your course work. If you need to add more details on your assignment, we will ask you to resubmit and direct you where you need to focus. If you need help, you can ask your tutor for advice in the student room.

Each module (short course) is completed with one exam.

Exams are optional, however you must sit an exam if you would like to receive a formal award. You will need to find someone who can supervise that you are sitting the exams under exams conditions. There is an additional cost of $55 (AUS) $50 (O/S) for each exam.
More information is here

There are practical components built into the course that have been designed to be achieved by anyone, anywhere. If you are unable to complete a task for any reason, you can ask your tutor for an alternative.

When you complete the course work and the exam and you will be able receive your course certificate- a Statement of Attainment. Otherwise, you can receive a Letter of Completion.

You can bundle the short courses to create your own customised learning bundle, Certificates or Advanced Certificates. More information is on this page.

Yes, our courses are built to be applicable for people living anywhere in any situation. We provide the fundamentals, and each student can apply their own unique flair for their own interests, region and circumstances with the one-on-one guidance of a tutor. There is also a bit of student directed research involved.

Employers value candidates with industry skills, knowledge, practical skills and formal learning. Our courses arm you with all of these things to help prepare you for a job or start your own business. The longer you study the more you will learn.

ACS has an arrangement with OAMPS (formerly AMP) who can arrange Professional Indemnity from Australian and New Zealand graduates across all disciplines. Ph: 1800 222 012 or email acs@oamps.com.au.


Who are ACS Distance Education?

ACS Distance Education have been educating people for over 40 years.

We are established and safe- we have been in education for over 40 years.
We are focused on developing innovative courses that are relevant to you now and what you will need to know in the future.
We are focused on helping you learn and make the most of your experience.
You can enrol at any time, you can work on your course when it suits you and at your own pace.
We are connected to many industry bodies and our staff participate in continuous improvement and learning activities to ensure that we are ahead of what learning is needed for the future.

Our courses are not accredited by the Australian Government. However many of our courses are recognised and held in high regard by many industry bodies.

Our courses are written by our staff, who all have many years experience and have qualifications in their speciality area. We have lots of academic staff who write and update our courses regularly.


How do I enrol my staff/ sponsored students?

Yes, you can do a request for a bulk enrolment and request an invoice on our Invoice Request Form

We can prepare an invoice, quote or proforma invoice. Simply complete your details on our Invoice Request form

We can arrange bulk discounts for your course enrolment, please get in touch with us to discuss your needs.

Yes, we have many students who are in locked facilities, such as prisons or hospitals. We can cater by also offering paper notes at an additional cost.


What if I have any more questions or need more information?

We can assist you to find the right course for your needs. Get in touch with us via email (admin@acs.edu.au) call on +61 7 5562 1088 or complete our course advice form.


What if I change my mind?

Please get in touch with studentservices@acs.edu.au if you would like to be removed from our mail list.

If you would like ACS Distance Education to delete your information at any time (whether you are a customer or a prospective customer), please contact our privacy officer and we will process this ( admin@acs.edu.au ).




Course Contributors

The following academics were involved in the development and/or updating of this course.

Dr Julia Mayo-Ramsay

PhD, LLM, AppSc, Grad Dip Agriculture

Andrew Williams

B.Sc(Hons)

Josiane Joubran

CSC consultant with IBM, Software QA Engineer, Course Writer and Tutor. Josiane is an I.T professional with extensive experience with computer hardware and engineering in Lebanon and Australia. Josiane has a B.Eng., Grad.Dip.I.T., Master Info.Tech., MCP,

Need Help?

Take advantage of our personalised, expert course counselling service to ensure you're making the best course choices for your situation.


I agree for ACS Distance Education to contact me and store my information until I revoke my approval. For more info, view our privacy policy.