Cloud Security

Unit Outline (Higher Education)

Level of Unit in Course

AQF Level(s) of Course

Level of Unit in Course

Introductory

Intermediate

Effective Term:

2025/05

Institute / School :

Institute of Innovation, Science & Sustainability

Unit Title:

Cloud Security

Unit ID:

ITECH2508

Credit Points:

15.00

Prerequisite(s):

(ITECH1504)

Co-requisite(s):

Nil

Exclusion(s):

(ITECH3100 and ITECH3300)

ASCED:

020103

Other Change:

Brief description of the Unit

Cloud computing is an essential technology in contemporary computing. Its wide use in industry and organisations exemplifies the need to appreciate and understand the security threats in this area. This unit covers the security and privacy aspects of cloud computing, where students will not only gain knowledge to manage and secure mobile devices, data, applications, and infrastructure but also obtain practice in cloud operation and virtual machine management. Students will explore the unique security challenges cloud computing environments pose and learn how to mitigate risks through effective security measures. Through theoretical lectures, hands-on labs, and case studies, students will gain the knowledge and skills necessary to design, implement, and manage secure cloud infrastructures with the help of the cloud infrastructure provided by AWS. The unit aligns with the AWS Cloud Security Foundation Certification requirements.

Grade Scheme:

Graded (HD, D, C, P, MF, F, XF)

Work Experience Indicator:

No work experience

Placement Component: No

Supplementary Assessment:Yes

Where supplementary assessment is available a student must have failed overall in the Unit but gained a final mark of 45 per cent or above, has completed all major assessment tasks (including all sub-components where a task has multiple parts) as specified in the Unit Description and is not eligible for any other form of supplementary assessment

Course Level:

Learning Outcomes:

Knowledge:

K1.	Articulate the need for cloud infrastructure, data and application security.

K2.	Discuss the mobile cloud computing models and the associated security issues.

K3.	Analyse key elements associated with cloud computing security and privacy.

K4.	Discuss and reflect on cloud security industry standards, policies and compliance.

Skills:

S1.	Critically evaluate various types of security threats in mobile cloud computing.

S2.	Distinguish different levels of security needs for cloud computing.

S3.	Compose security and privacy governance policies for the cloud applications used in different organisations.

Application of knowledge and skills:

A1.	Apply the knowledge and skills acquired in this unit to manage cloud computing security threats and privacy in different organisations.

A2.	Validate security policies and standards through compliance inspection.

Unit Content:

Topics may include:
1. Introduction to Cloud Computing and Security
2. Identity and Access Management
3. Cloud Network Security
4. Cloud Infrastructure Security
5. Cloud Data Security and Privacy
6. Cloud Application Security
7. Mobile Cloud Computing Models and their Security Issues
8. Cloud Threat Management and Incident Response
9. Cloud Security Industry Standards, Policies and Compliance
10. Securing access to cloud resources and infrastructure
11. Cloud Logging and Monitoring

Graduate Attributes:

Federation University recognises that students require key transferable employability skills to prepare them for their future workplace and society. FEDTASKS (Transferable Attributes Skills and Knowledge) provide a targeted focus on five key transferable Attributes, Skills, and Knowledge that are be embedded within curriculum, developed gradually towards successful measures and interlinked with cross-discipline and Co-operative Learning opportunities. One or more FEDTASK, transferable Attributes, Skills or Knowledge must be evident in the specified learning outcomes and assessment for each FedUni Unit, and all must be directly assessed in each Course.

FED TASK and descriptor		Development and acquisition of FEDTASKS in the Unit
FED TASK and descriptor		Learning outcomes (KSA)	Assessment task (AT#)
FEDTASK 1 Interpersonal	Students will demonstrate the ability to effectively communicate, inter-act and work with others both individually and in groups. Students will be required to display skills in-person and/or online in: • Using effective verbal and non-verbal communication • Listening for meaning and influencing via active listening • Showing empathy for others • Negotiating and demonstrating conflict resolution skills • Working respectfully in cross-cultural and diverse teams.	Not applicable	Not applicable
FEDTASK 2 Leadership	Students will demonstrate the ability to apply professional skills and behaviours in leading others. Students will be required to display skills in: • Creating a collegial environment • Showing self -awareness and the ability to self-reflect • Inspiring and convincing others • Making informed decisions • Displaying initiative	S3	AT1, AT2
FEDTASK 3 Critical Thinking and Creativity	Students will demonstrate an ability to work in complexity and ambiguity using the imagination to create new ideas. Students will be required to display skills in: • Reflecting critically • Evaluating ideas, concepts and information • Considering alternative perspectives to refine ideas • Challenging conventional thinking to clarify concepts • Forming creative solutions in problem solving.	K2, K5, S1, S2, A1, A2	AT1, AT2
FEDTASK 4 Digital Literacy	Students will demonstrate the ability to work fluently across a range of tools, platforms and applications to achieve a range of tasks. Students will be required to display skills in: • Finding, evaluating, managing, curating, organising and sharing digital information • Collating, managing, accessing and using digital data securely • Receiving and responding to messages in a range of digital media • Contributing actively to digital teams and working groups • Participating in and benefiting from digital learning opportunities.	A2	AT1, AT2
FEDTASK 5 Sustainable and Ethical Mindset	Students will demonstrate the ability to consider and assess the consequences and impact of ideas and actions in enacting ethical and sustainable decisions. Students will be required to display skills in: • Making informed judgments that consider the impact of devising solutions in global economic environmental and societal contexts • Committing to social responsibility as a professional and a citizen • Evaluating ethical, socially responsible and/or sustainable challenges and generating and articulating responses • Embracing lifelong, life-wide and life-deep learning to be open to diverse others • Implementing required actions to foster sustainability in their professional and personal life.	S2, S3, A2	AT1, AT2

	Learning Outcomes Assessed	Assessment Tasks	Assessment Type	Weighting
1.	K1 - K5, S1 - S3, A1 - A2	The tasks will develop skills in the analysis and practical application of content introduced.	Lab(s)/Tutorial(s)	30% - 50%
2.	K1 - K5, S1 - S3, A1 - A2	Self directed initiatives aimed at producing an artifact that demonstrates skill acquisition.	Assignment(s)/Presentation(s)	30% - 50%
3.	K1 - K5, S1 - S3, A2	Participate in lectures and labs/tutorials, read and summarise theoretical and practical aspects of the unit.	Examination(s)/Test(s)	20% - 30%

Adopted Reference Style:

IEEE

Professional Standards / Competencies:

Standard / Competency

Australian Computer Society - Core Body of Knowledge: 2023 accreditation

Attribute			Assessed	Level
Core ICT Knowledge
	ICT Infrastructure
		ICT hardware components and organisation: the creation, communication and processing of digital signals using sensors and activators, processors and storage	Yes	Intermediate
		Network and internetwork concepts and protocols, wireless and mobile computing, cloud and distributed systems	Yes	Advanced
		Systems software and operating systems managing the architecture	Yes	Advanced
	Application Systems
		Analysis of human activity systems, ontological modelling, specifying organisational and external context of computing systems, impact and user experience analysis	Yes	Intermediate
		Application context where specifically linked to ICT: Domain attributes (e-health, e-business, transport and logistics, agriculture, e-government, etc), language and cultural factors, users work practices and organisational contexts	Yes	Intermediate
	Cyber Security
		Nature of Cyber Security: forms of attack, prevention, detection, mitigation and repair	Yes	Advanced
		Information assets to be secured (hardware, networks, software, data) and the different means of securing them, cryptography	Yes	Intermediate
		Human security roles and behaviours, rights and obligations (privacy)	Yes	Intermediate
		Cyber Security risk assessment, policy, management and testing, forensics	Yes	Advanced
	ICT Management and Governance
		Fundamental governance principles (strategy development, establishment and monitoring systems for management and policy)	Yes	Advanced
Professionalism as it applied in ICT
	The Professional ICT Practitioner
		Domestic and international law as it applies to ICT	Yes	Intermediate
		The professional society (the ACS), certification to practise, legal liabilities and indemnity	Yes	Intermediate
		Continuing professional development, career upskilling, networking	Yes	Intermediate

Skills Framework for the Information Age (SFIA): Version 8

Attribute			Assessed	Level
Strategy and architecture
	Security and privacy
		SCTY Information security (Levels 3 - 7) Defining and operating a framework of security controls and security management strategies.	Yes	2
		PEDP Personal data protection (Levels 5 - 6) Implementing and operating a framework of controls and management strategies to promote compliance with personal data legislation.	Yes	3
		VURE Vulnerability research (Levels 3 - 6) Conducting applied research to discover, evaluate and mitigate new or unknown security vulnerabilities and weaknesses.	Yes	3
	Governance, risk and compliance
		GOVN Governance (Levels 6 - 7) Defining and operating a framework for making decisions, managing stakeholder relationships, and identifying legitimate authority.	Yes	3
		BURM Risk management (Levels 3 - 7) Planning and implementing organisation-wide processes and procedures for the management of risk to the success or integrity of the enterprise.	Yes	3
		AUDT Audit (Levels 3 - 7) Delivering independent, risk-based assessments of the effectiveness of processes, the controls, and the compliance environment of an organisation.	Yes	3
Delivery and operation
	Technology management
		ITOP IT infrastructure (Levels 1 - 5) Deploying, configuring and operating IT Infrastructure.	Yes	2