Skip to menu Skip to content Skip to footer
Course profile

Information Security Essentials (CYBR7002)

Study period
Sem 1 2025
Location
St Lucia
Attendance mode
In Person

Course overview

Study period
Semester 1, 2025 (24/02/2025 - 21/06/2025)
Study level
Postgraduate Coursework
Location
St Lucia
Attendance mode
In Person
Units
2
Administrative campus
St Lucia
Coordinating unit
Elec Engineering & Comp Science School

This is an introductory course covering key concepts and best practices in information security, and their application to the protection of organisation assets and business needs. It is designed for students from a broad range of backgrounds. It will include, but not be limited to topics such as; governance of information assets and ICT assets, develop understanding of business impact analysis of the confidentiality, integrity and availability of information assets and ICT assets, risk management using preventative, detective and responsive controls to manage risk, access control of information and information processing facilities, authentication protocols such as; shared secrets, cryptographic hash functions and challenge-response protocols. Topic coverage may also include; using biometrics for authentication, introduction to applied cryptography in information security, network and wireless network security, physical security of information assets, HR security, securing the human, phishing and social engineering, payment card industry security, cloud computing security, industrial control systems and cooperative and automated vehicles.

Topics that will be covered include risk management, access control, authentication, authorisation, symmetric and asymmetric cryptography, network security and application-layer security, for example blockchain security and image forensics. Current industry standards will be referenced, including the ISO/IEC 27000 series on Information Security,ᅠthe Payment Card Industry Data Security Standard (PCI DSS), and the NIST Special Publications 800-53 & 800-82. Students will gain a basic knowledge of current real world Information Security practices and procedures.

Course Changes in Response to Previous Student Feedback:

Based on valuable feedback from previous students, several improvements have been made to the assessment. The attack-defence group activities have been streamlined, and their weight has been reduced to better align with their intended purpose as a preparatory exercise for the final report.

Course requirements

Incompatible

You can't enrol in this course if you've already completed the following:

COMS3000 or CYBR3000 or COMS7003

Course contact

Course coordinator

Dr Priyanka Singh

Course staff

Lecturer

Dr Naipeng Dong
Dr Priyanka Singh

Timetable

The timetable for this course is available on the UQ Public Timetable.

Additional timetable information

The Week 9 presentation on April 30, 2025, will extend beyond the scheduled lecture time and take place throughout the entire day to ensure fairness for all participants.

Aims and outcomes

The aim of the course is to provide an introduction to essential knowledge and skills in the field of Information Security. Concepts such as Access Control, Authentication, Integrity and Confidentiality will be discussed and students will gain an understanding of the basic cryptographic primitives and protocols that are required to implement these security goals. Students will develop the skills to perform practical Threat, Vulnerability and Risk Analysis, understand Information Security standards and be able to assess Information Security risks based on third-party attestations of standards compliance in on-premise, remote, cloud or edge-computing environments.

Learning outcomes

After successfully completing this course you should be able to:

LO1.

describe and apply the concepts of Information Security, such as Confidentiality, Integrity, Authentication and Non-Repudiation, and their relevance in various contexts.

LO2.

analyse and critically evaluate a range of access control and authentication mechanisms, including passwords, biometrics, PKI and multifactor authentication for various Australian and international application scenarios.

LO3.

critically evaluate and apply cryptographic techniques, mechanisms and protocols.

LO4.

independently locate, interpret and critically judge academic and other literature in the field of Information Security, and then apply outcomes to plan, evaluate, develop and reflect critically on justifications in academic reports.

LO5.

compute the information theoretic entropy of random variables, passwords, etc.

LO6.

analyse and critically report on the security of information systems.

LO7.

understand the development of international information security standards by multi-cultural interdisciplinary teams and the importance and application of these international standards to support both domestic and international cross-jurisdictional information security requirements throughout the world.

LO8.

development of group skills in attack-defence activities.

Assessment

Assessment summary

Category Assessment task Weight Due date
Quiz In-class Quiz Series
15%

Week 3, Fri

Week 4, Fri

Week 5, Fri

Week 6, Fri

Week 7, Fri

Week 10, Fri

Week 12, Fri

Week 13, Fri

Must be submitted during the practical class

Presentation Presentation
  • Team or group-based
  • In-person
15%

30/04/2025

Whole day

Paper/ Report/ Annotation Report
  • Online
30%

23/05/2025 2:00 pm

Examination Final exam
  • Hurdle
  • Identity Verified
  • In-person
40%

End of Semester Exam Period

7/06/2025 - 21/06/2025

A hurdle is an assessment requirement that must be satisfied in order to receive a specific grade for the course. Check the assessment details for more information about hurdle requirements.

Assessment details

In-class Quiz Series

Mode
Written
Category
Quiz
Weight
15%
Due date

Week 3, Fri

Week 4, Fri

Week 5, Fri

Week 6, Fri

Week 7, Fri

Week 10, Fri

Week 12, Fri

Week 13, Fri

Must be submitted during the practical class

Other conditions
Time limited.

See the conditions definitions

Learning outcomes
L01, L02, L03, L05, L07

Task description

For each Quiz, students are given 5 minutes to answer 1-2 questions, based on learned course material, and submit their answers. The quizzes are held during practical sessions and must be submitted during class time. Students can bring your own devices to class or submit a paper copy.

These are multiple choices and short answers, some with calculations, as individual work, to test the students' ability to apply the knowledge they have gained from the course material in new scenarios.

There are 8 quizzes in total. Top 5 will be counted. Each Quiz counts 3%. In total 15%.

This assessment task is to be completed in-person. The use of generative Artificial Intelligence (AI) and Machine Translation (MT) tools will not be permitted. Any attempted use of Generative AI may constitute student misconduct under the Student Code of Conduct.

Submission guidelines

Answer the questions in Blackboard test or submit a paper copy (Details see Learn.UQ at https://learn.uq.edu.au/).

Deferral or extension

You cannot defer or apply for an extension for this assessment.

No extensions available. To accommodate unforeseen circumstances such as illness, the quiz score will be based on the best 5 out of 8 submissions.

Late submission

You will receive a mark of 0 if this assessment is submitted late.

Presentation

  • Team or group-based
  • In-person
Mode
Oral
Category
Presentation
Weight
15%
Due date

30/04/2025

Whole day

Learning outcomes
L01, L02, L03, L04, L05, L06, L07, L08

Task description

Students are required to research and critically evaluate security risks and their counter measures and present in a group a summary and discussion of the selected attacking or defending scenario in the form of a presentation. This assessment tests students ability to compile a paper in a group that demonstrates the ability to locate high quality sources of relevant information, understand complex concepts, critically analyse and integrate information from a wide range of sources, evaluate opinions, make decisions and reflect critically on the justifications for decisions; and to synthesize a clear and concise paper of the appropriate level and style.

Presentation is a fixed date in Week 9 (Wednesday). The assessment will be recorded. See Blackboard site for detailed schedule.

This assessment task is to be completed in-person. The use of generative Artificial Intelligence (AI) and Machine Translation (MT) tools will not be permitted. Any attempted use of Generative AI may constitute student misconduct under the Student Code of Conduct.

The course coordinator reserves the right to vary group marks for each group member in the event of varied contributions to the team effort.

Submission guidelines

Reports and slides are submitted online (see blackboard for details)

Deferral or extension

You cannot defer or apply for an extension for this assessment.

This course uses team-based assessment where oral sessions/demo sessions are scheduled with multiple markers and is time limited.

If teams encounter extraordinary difficulties in meeting a deadline, they should contact the course coordinator in advance of the due date. 

All team submissions received after the due date will either; (1) receive a zero mark (or failing grade), or (2) if an earlier version of the team’s work was submitted then this will instead be graded. 

Late submission

You will receive a mark of 0 if this assessment is submitted late.

Report

  • Online
Mode
Written
Category
Paper/ Report/ Annotation
Weight
30%
Due date

23/05/2025 2:00 pm

Learning outcomes
L01, L02, L03, L04, L05, L06, L07

Task description

In this assignment, students are required to compile a report that demonstrates their ability to formulate and investigate problems, to critically analyse and integrate information from a wide range of sources, recognising the roles and expertise of associated disciplines, to evaluate opinions, make decisions and to reflect critically on the justifications for decisions, to generate ideas and adapt innovatively to create solutions, with an appreciation of the link between theory and practice, to innovate and improve current practices; and the ability synthesize a clear and concise research report of the appropriate level and style.

This assessment task evaluates students' abilities, skills and knowledge without the aid of generative Artificial Intelligence (AI) or Machine Translation (MT). Students are advised that the use of AI technologies to develop responses is strictly prohibited and may constitute student misconduct under the Student Code of Conduct.

Submission guidelines

An electronic copy of your assignment is required to be submitted via Blackboard (Learn.UQ at https://learn.uq.edu.au/).
Submit early - updates can be submitted up until the deadline - it is your responsibility to ensure your assignment is successfully submitted BEFORE the deadline.
No hard copy is required for this assignment.

Deferral or extension

You may be able to apply for an extension.

The maximum extension allowed is 21 days. Extensions are given in multiples of 24 hours.

Feedback will be given to students in a timeframe of 21-28 days, where the earlier time frame applies if there are no extensions.

Late submission

A penalty of 10% of the maximum possible mark will be deducted per 24 hours from time submission is due for up to 7 days. After 7 days, you will receive a mark of 0.

Final exam

  • Hurdle
  • Identity Verified
  • In-person
Mode
Written
Category
Examination
Weight
40%
Due date

End of Semester Exam Period

7/06/2025 - 21/06/2025

Learning outcomes
L01, L02, L03, L04, L05, L06, L07

Task description

The exam will be an on-campus paper-based exam. This exam will be a closed book and will contain a combination of multiple choices and short answers, some with calculations. It is individual work; to test the students' ability to apply the knowledge they have gained from the course material in new scenarios.

This assessment task evaluates students' abilities, skills and knowledge without the aid of generative Artificial Intelligence (AI) or Machine Translation (MT). Students are advised that the use of AI technologies to develop responses is strictly prohibited and may constitute student misconduct under the Student Code of Conduct.

Hurdle requirements

You must achieve at least 40% in the task to pass the course.

Exam details

Planning time 10 minutes
Duration 120 minutes
Calculator options

Any calculator permitted

Open/closed book Open Book examination
Exam platform Paper based
Invigilation

Invigilated in person

Submission guidelines

Deferral or extension

You may be able to defer this exam.

Course grading

Full criteria for each grade is available in the Assessment Procedure.

Grade Cut off Percent Description
1 (Low Fail) 0 - 19

Absence of evidence of achievement of course learning outcomes.

Course grade description: Fails to demonstrate most or all of the basic requirements of the course.

2 (Fail) 20 - 46

Minimal evidence of achievement of course learning outcomes.

Course grade description: Demonstrates clear deficiencies in understanding and applying fundamental concepts; communicates information or ideas in ways that are frequently incomplete or confusing and give little attention to the conventions of the discipline.

3 (Marginal Fail) 47 - 49

Demonstrated evidence of developing achievement of course learning outcomes

Course grade description: Demonstrates superficial or partial or faulty understanding of the fundamental concepts of the field of study and limited ability to apply these concepts; presents undeveloped or inappropriate or unsupported arguments; communicates information or ideas with lack of clarity and inconsistent adherence to the conventions of the discipline.

4 (Pass) 50 - 64

Demonstrated evidence of functional achievement of course learning outcomes.

Course grade description: Demonstrates adequate understanding and application of the fundamental concepts of the field of study; develops routine arguments or decisions and provides acceptable justification; communicates information and ideas adequately in terms of the conventions of the discipline.

5 (Credit) 65 - 74

Demonstrated evidence of proficient achievement of course learning outcomes.

Course grade description: Demonstrates substantial understanding of fundamental concepts of the field of study and ability to apply these concepts in a variety of contexts; develops or adapts convincing arguments and provides coherent justification; communicates information and ideas clearly and fluently in terms of the conventions of the discipline.

6 (Distinction) 75 - 84

Demonstrated evidence of advanced achievement of course learning outcomes.

Course grade description: As for 5, with frequent evidence of originality in defining and analysing issues or problems and in creating solutions; uses a level, style and means of communication appropriate to the discipline and the audience.

7 (High Distinction) 85 - 100

Demonstrated evidence of exceptional achievement of course learning outcomes.

Course grade description: As for 6, with consistent evidence of substantial originality and insight in identifying, generating and communicating competing arguments, perspectives or problem solving approaches; critically evaluates problems, their solutions and implications.

Additional course grading information

If the final total percentage for all assessment, calculated at the end of the semester, results in a fractional component, then any fractional component is rounded up to the next whole integer before calculating the final grade. This only applies to the final result and not to individual pieces of assessment, where any fractional results are included, as is, in the calculation of the final percentage.

Supplementary assessment

Supplementary assessment is available for this course.

Additional assessment information

Having Troubles?

If you are having difficulties with any aspect of the course material, you should seek help and speak to the course teaching staff. If external circumstances are affecting your ability to work on the course, you should seek help as soon as possible. The University and UQ Union have organisations and staff who are able to help; for example, UQ Student Services are able to help with study and exam skills, tertiary learning skills, writing skills, financial assistance, personal issues, and disability services (among other things).

Complaints and criticisms should be directed in the first instance to the course coordinator. If you are not satisfied with the outcome, you may bring the matter to the attention of the School of EECS Director of Teaching and Learning.

Learning resources

You'll need the following resources to successfully complete the course. We've indicated below if you need a personal copy of the reading materials or your own item.

Library resources

Find the required and recommended resources for this course on the UQ Library website.

Other course materials

Recommended

Item Description Further Requirement
Mark Stamp. Information Security: Principles and Practice, Wiley book
Michael Brewer, Information security, DISC/British Standards Institution book
Bruce Schneier, Applied Cryptography: Protocols, Algorithms, and Source Code in C, Wiley book
William Stallings, Cryptograhy and Network Security: principles and practice, Prentice Hall book
C. Kaufman et al., Network Security: Private Communication in a Public World, Prentice Hall book
Bruce Schneier, Secret and Lies, Wiley book
Ross Anderson, Security Engineering, Wiley book
Albert Menezes et al., The Handbook of applied Cryptography book
Matt Bishop, Computer Security, Prentice Hall book

Additional learning resources information

All relevant learning material such as additional reading, lecture slides, tutorials etc. will be available via Blackboard.

Learning activities

The learning activities for this course are outlined below. Learn more about the learning outcomes that apply to this course.

Filter activity type by

Please select
Clear filters
Learning period Activity type Topic
Week 1
Lecture

Introduction to the course

Introduction to the Course Staff, Course Content, Assessments, Admin Issues, how to succeed in the course etc.

Learning outcomes: L01, L02, L03, L04, L05, L06, L07, L08

Practical

Introduction to the assessments and the Attack-Defence Scenario

Learning outcomes: L01, L02, L03, L04, L06, L07, L08

Week 2
Lecture

Information Security; Risk Management; Access Control

Learning outcomes: L01, L02

Week 3
Lecture

Password; Cryptographic Hashes

Learning outcomes: L01, L03, L05

Practical

Practice on Information Security; Risk Management; Access Control

Learning outcomes: L01, L02

Week 4
Lecture

Password; Salt; Historical Cryptography

Learning outcomes: L01, L03, L05

Practical

Work in team practicing risk identification

Week 5
Lecture

Modern Cryptography; Symmetric Cryptography

Learning outcomes: L03

Practical

Practice on Password; Cryptographic Hashes

Learning outcomes: L01, L03, L05

Week 6
Lecture

Asymmetric Cryptography; Digital Signature; Public Key Infrastructure

Learning outcomes: L02, L03

Practical

Practice on Historical Cryptography; Modern Cryptography; Symmetric Cryptography

Learning outcomes: L03

Week 7
Lecture

Authentication Protocols; Transport Layer Security

Learning outcomes: L03

Practical

Work in team practice on slides and presentation

Learning outcomes: L01, L02, L03, L04, L05, L06, L07, L08

Week 8
Lecture

Advanced Topics: Quantum Computing & Post-quantum Cryptography, Image Forensics

Learning outcomes: L01, L02, L03, L07

Week 9
Seminar

Presentation

Learning outcomes: L01, L02, L03, L04, L05, L06, L07, L08

Practical

Practice on Asymmetric Encryption; Digital Signature; Public Key Infrastructure

Learning outcomes: L02, L03

Week 10
Lecture

Biometrics; Authorisation

Learning outcomes: L02

Practical

Practice on Bioinformatics; Authorisation

Learning outcomes: L02

Week 11
Lecture

Guest Lecture

Learning outcomes: L01, L02, L07

Practical

Presentation Feedback and Final Report Help

Learning outcomes: L01, L02, L03, L04, L05, L06, L07, L08

Week 12
Lecture

Trust; Zero Trust; Blockchain

Learning outcomes: L01, L02, L03, L07

Practical

Practice on Trust; Zero Trust; Blockchain

Learning outcomes: L01, L02, L03, L07

Week 13
Lecture

Information Theory

Learning outcomes: L05

Practical

Practice on Information Theory

Learning outcomes: L05

Policies and procedures

University policies and procedures apply to all aspects of student life. As a UQ student, you must comply with University-wide and program-specific requirements, including the:

Learn more about UQ policies on my.UQ and the Policy and Procedure Library.

School guidelines

Your school has additional guidelines you'll need to follow for this course: