Overview

Indicative content includes:

• Security concepts (e.g. CIA (confidentiality, integrity, availability), AAA (authentication, authorization, and accounting), assets, vulnerabilities, threats, countermeasures)
• Business impact of security breaches (e.g. loss of business, damage to reputation, denial of service, data loss or damage, legal action)
• Physical security (e.g. physical access control, audit trails / access logs, restricted areas, visitor control, design & location of server and equipment rooms, electrical supplies, HVAC, water, fire detection / suppression)
• Software and network security (e.g. encryption, firewalls, VPNs, intrusion detection, malware detection, user access levels, passwords, software updates, backups)
• Personnel considerations (e.g. Policies & procedures, hiring, disciplinary, termination, separation of duties, contractors, security, acceptable use, training / awareness / communication)
• Legislation & Compliance (e.g. Data protection, computer misuse, freedom of information, copyright, data storage location)

Assessment Strategy

-threshold -Equivalent to 40%. Uses key areas of theory or knowledge to meet the Learning Outcomes of the module. Is able to formulate an appropriate solution to accurately solve tasks and questions. Can identify individual aspects, but lacks an awareness of links between them and the wider contexts. Outputs can be understood, but lack structure and/or coherence.

-good -Equivalent to the range 60%-69%. Is able to analyse a task or problem to decide which aspects of theory and knowledge to apply. Solutions are of a workable quality, demonstrating understanding of underlying principles. Major themes can be linked appropriately but may not be able to extend this to individual aspects. Outputs are readily understood, with an appropriate structure but may lack sophistication.

-excellent -Equivalent to the range 70%+. Assemble critically evaluated, relevent areas of knowledge and theory to constuct professional-level solutions to tasks and questions presented. Is able to cross-link themes and aspects to draw considered conclusions. Presents outputs in a cohesive, accurate, and efficient manner.

Learning Outcomes

• Analyse potential network security threats faced by small to medium enterprises (SMEs)

• Implement common network security measures

• Recommend suitable counter measures to network security threats faced by SMEs

• Use a range of software tools to investigate network security issues