| Effective Term: | 2025/05 |
| Institute / School : | Institute of Innovation, Science & Sustainability |
| Unit Title: | Incident Management & Digital Forensics |
| Unit ID: | ITECH3505 |
| Credit Points: | 15.00 |
| Prerequisite(s): | (ITECH2507) |
| Co-requisite(s): | Nil |
| Exclusion(s): | Nil |
| ASCED: | 029901 |
| Other Change: | |
| Brief description of the Unit |
This advanced unit delves into the critical fields of incident management and digital forensics. It explores the best practices for incident response, from preparation and detection to containment, eradication, recovery, and post-incident review of enterprise security policies and practices. Moreover, learn digital forensics techniques for collecting, preserving, analyzing, and presenting digital evidence. Through hands-on virtual labs, gain practical experience with industry-leading tools and methodologies, preparing students to effectively manage and investigate security incidents. This unit focuses on incident handling procedures and forensic analysis, essential for a comprehensive cybersecurity skillset. |
| Grade Scheme: | Graded (HD, D, C, P, MF, F, XF) |
| Work Experience Indicator: |
| No work experience |
| Placement Component: | |
| Supplementary Assessment:Yes |
| Where supplementary assessment is available a student must have failed overall in the Unit but gained a final mark of 45 per cent or above, has completed all major assessment tasks (including all sub-components where a task has multiple parts) as specified in the Unit Description and is not eligible for any other form of supplementary assessment |
| Course Level: |
| Level of Unit in Course | AQF Level(s) of Course | | 5 | 6 | 7 | 8 | 9 | 10 | | Introductory | | | | | | | | Intermediate | | | | | | | | Advanced | | |  | | | |
|
| Learning Outcomes: |
| Knowledge: |
| K1. | Analyze various incident response frameworks and methodologies, evaluating their suitability for different security incident scenarios. |
|
| K2. | Critically evaluate digital forensics principles and methodologies, including chain of custody, evidence collection, analysis, and presentation. |
|
| K3. | Evaluate the legal and ethical considerations surrounding digital forensics investigations, including admissibility of evidence. |
|
| Skills: |
| S1. | Develop a comprehensive incident response plan, outlining roles, responsibilities, and procedures for handling security incidents. |
|
| Application of knowledge and skills: |
| A1. | Conduct a simulated security incident investigation, applying incident response procedures and digital forensics techniques to recover and analyze evidence. |
|
| Unit Content: |
Topics may include:
1. Introduction to Incident Management, Incident Response Frameworks & Methodologies
2. Detection & Analysis of Security Incidents (Logs, Network Traffic, Endpoint Data)
3. Containment & Eradication Strategies for Security Incidents
4. Incident Recovery & Post-Incident Review
5. Introduction to Digital Forensics Principles & Methodologies
6. Digital Evidence Acquisition & Preservation Techniques
7. Dgital Forensics Analysis Techniques (File Systems, Disk Forensics, Memory Forensics)
8. Network Forensics & Analysis Techniques
9. Digital Forensics Reporting & Presentation of Evidence
10. Legal & Ethical Considerations in Digital Forensics Investigations
11. Emerging Trends in Incident Management & Digital Forensics |
| Graduate Attributes: |
| Federation University recognises that students require key transferable employability skills to prepare them for their future workplace and society. FEDTASKS (Transferable Attributes Skills and Knowledge) provide a targeted focus on five key transferable Attributes, Skills, and Knowledge that are be embedded within curriculum, developed gradually towards successful measures and interlinked with cross-discipline and Co-operative Learning opportunities. One or more FEDTASK, transferable Attributes, Skills or Knowledge must be evident in the specified learning outcomes and assessment for each FedUni Unit, and all must be directly assessed in each Course.
|
| FED TASK and descriptor | Development and acquisition of FEDTASKS in the Unit | Learning outcomes
(KSA) | Assessment task
(AT#) | FEDTASK 1
Interpersonal | Students will demonstrate the ability to effectively communicate, inter-act and work with others both individually and in groups. Students will be required to display skills in-person and/or online in: • Using effective verbal and non-verbal communication • Listening for meaning and influencing via active listening • Showing empathy for others • Negotiating and demonstrating conflict resolution skills • Working respectfully in cross-cultural and diverse teams. | S1-S2, A1 | AT2, AT4 | FEDTASK 2
Leadership | Students will demonstrate the ability to apply professional skills and behaviours in leading others. Students will be required to display skills in: • Creating a collegial environment • Showing self -awareness and the ability to self-reflect • Inspiring and convincing others • Making informed decisions • Displaying initiative | A1 | AT4 | FEDTASK 3
Critical Thinking and Creativity | Students will demonstrate an ability to work in complexity and ambiguity using the imagination to create new ideas. Students will be required to display skills in: • Reflecting critically • Evaluating ideas, concepts and information • Considering alternative perspectives to refine ideas • Challenging conventional thinking to clarify concepts • Forming creative solutions in problem solving. | K1-K3, S1-S2, A1 | AT1-AT4 | FEDTASK 4
Digital Literacy | Students will demonstrate the ability to work fluently across a range of tools, platforms and applications to achieve a range of tasks. Students will be required to display skills in: • Finding, evaluating, managing, curating, organising and sharing digital information • Collating, managing, accessing and using digital data securely • Receiving and responding to messages in a range of digital media • Contributing actively to digital teams and working groups • Participating in and benefiting from digital learning opportunities. | S1-S2, A1 | AT2, AT4 | FEDTASK 5
Sustainable and Ethical Mindset | Students will demonstrate the ability to consider and assess the consequences and impact of ideas and actions in enacting ethical and sustainable decisions. Students will be required to display skills in: • Making informed judgments that consider the impact of devising solutions in global economic environmental and societal contexts • Committing to social responsibility as a professional and a citizen • Evaluating ethical, socially responsible and/or sustainable challenges and generating and articulating responses • Embracing lifelong, life-wide and life-deep learning to be open to diverse others • Implementing required actions to foster sustainability in their professional and personal life. | A1 | AT4 |
|
| | Learning Outcomes Assessed | Assessment Tasks | Assessment Type | Weighting | | 1. | K1-K3 | Weekly Quizzes: Short quizzes will assess students' understanding of key concepts. | Quiz | 10%-30% | | 2. | S1-S2 | Lab Reports: Lab reports will document hands-on exercises and analysis. | Lab Reports | 15%-35% | | 3. | A1 | Project proposal: Students are required to submit an initial project proposal. | Project proposal | 15%-35% | | 4. | A1 | Final Project: Students will conduct a simulated security incident investigation, apply incident response procedures and digital forensics techniques, and write a report documenting the process. | Final Project | 20%-40% |
|
Professional Standards / Competencies: |
| | Standard / Competency | | 1. | Australian Computer Society - Core Body of Knowledge: 2023 accreditation |
|
| Attribute | Assessed | Level | | Core ICT Knowledge | |
ICT Fundamentals
| | |
Computational thinking: situation analysis and modelling using a range of methods and patterns to frame it so a computer system could operate effectively within it
| | Yes | Advanced | | |
Design thinking: methods and tools that are used for handling abstraction could vary a great deal with the branch of ICT, from circuit diagrams to data modelling tools to business process modelling
| | Yes | Advanced | |
Cyber Security
| | |
Nature of Cyber Security: forms of attack, prevention, detection, mitigation and repair
| | Yes | Advanced | | |
Information assets to be secured (hardware, networks, software, data) and the different means of securing them, cryptography
| | Yes | Advanced | | |
Cyber Security risk assessment, policy, management and testing, forensics
| | Yes | Advanced | | Professionalism as it applied in ICT | | Professional ICT Ethics | | |
Methods of ethical reasoning, analysis and reflection, ethics canvas
| | Yes | Introductory | |
Impacts of ICT
| | |
Impacts of ICT on society (cyber warfare; surveillance, privacy and civil liberties, cybercrime and hacking, digital divide, technology reliance, intellectual property and legal issues)
| | Yes | Introductory |
| | 2. | Skills Framework for the Information Age (SFIA): Version 8 |
|
| Attribute | Assessed | Level | | Strategy and architecture | | Security and privacy | | | SCTY Information security (Levels 3 - 7) Defining and operating a framework of security controls and security management strategies. | | Yes | 3 | | | INAS Information assurance (Levels 3 - 7) Protecting against and managing risks related to the use, storage and transmission of data and information systems. | | Yes | 3 | | Delivery and operation | | Service management | | | USUP Incident management (Levels 2 - 5) Coordinating responses to incident reports, minimising negative impacts and restoring service as quickly as possible. | | Yes | 5 | | Security services | | | DGFS Digital forensics (Levels 3 - 6) Recovering and investigating material found in digital devices. | | Yes | 3 |
|
|