Students are awarded a Diploma of Higher Education (DipHE) Computing on successful completion of the second stage of the course (240 SCQF credits).

Transcription

1 COURSE SPECIFICATION: Core Award Data Bachelor of Science with Honours [BSc (Hons)] Cyber Security AWARDING INSTITUTION The Robert Gordon University INSTITUTION OF DELIVERY The Robert Gordon University COURSE ACCREDITED BY None. COURSE ACCREDITATION / RECOGNITION None. AWARDS Stage 1 Students are awarded a Certificate of Higher Education (CertHE) Computing on successful completion of the first stage of the course (120 SCQF credits). Stage 2 Students are awarded a Diploma of Higher Education (DipHE) Computing on successful completion of the second stage of the course (240 SCQF credits). Stage 3 Students are awarded a BSc Cyber Security (BSc) on successful completion of the third stage of the course (360 SCQF credits). Stage 4 Students are awarded a BSc (Hons) Cyber Security (with appropriate Honours classification) on successful completion of the fourth stage of the course (480 SCQF credits). AWARD TYPE Undergraduate MODES OF STUDY Full-time DURATION OF COURSE Full time: Four years (or five years if the student has undertaken an optional one year industrial placement between stages 2 and 3, or between stages 3 and 4 of the course). Exit awards at the end of each stage. LANGUAGE OF STUDY English LANGUAGE OF ASSESSMENT English Bachelor of Science with Honours [BSc (Hons)] Cyber Security 1

2 UCAS CODE I100 JACS CODE G400 RELEVANT QAA SUBJECT GROUP Computing DATE OF PRODUCTION / REVISION 03 July 2016 INTRODUCTION TO THE COURSE The development of large-scale networked information technology has had a profound effect on all aspects of society, changing the way people communicate, learn, work, and spend their leisure time. It has also provided a host of new opportunities for businesses and industry, as well as being an essential part of government and media organisations, and educational institutions. However, along with the benefits of this technology has come an ever-increasing need to manage, protect and secure these critical information resources and the network infrastructure that underpins them. The UK's National Security Strategy identifies cyber attack as one of the four highest-priority risks faced by the country and Cyber Security, that is the protection of systems, networks and data in cyberspace, is now a vital part of most business activity. This is something that will only grow in importance as more devices become connected to each other in the so-called "Internet of Things". Effective control and use of these secure digital technologies is the key to industrial and commercial success and there is a constant and growing demand for graduates who have the ability to build robust, effective software systems, assess the security of computer networks, and protect them using a range of technologies and management processes. This four-year undergraduate degree course will provide students with expertise knowledge in all aspects of cyber security and a comprehensive practical understanding of the latest developments in secure computing, including cryptography and information security, secure web and database systems, digital forensics, ethical hacking and penetration testing. Students will learn how to apply their knowledge and skills to the solution of real-world problems, analysing and evaluating security threats and deploying countermeasures to stop intrusion. EDUCATIONAL AIMS OF THE COURSE Overall Aim of the Course Graduates of the BSc Cyber Security degree course will have: a systematic understanding of key aspects of computer science with special emphasis on cyber security, including the acquisition of coherent and detailed knowledge, some of which is at, or informed by, the forefront of the field of information security; an understanding of the threats posed to modern information infrastructures and the ability to deploy appropriate countermeasures to defend against such threats; the ability to advise organisations on how to set up secure systems, including an appreciation of the uncertainty, ambiguity and trade-offs inherent in the process. the ability to use established analytical and investigative techniques within the computing discipline to devise methods of testing an information system's security, the ability to recognise the legal, social, ethical and professional issues involved in cyber security and be guided by the adoption of appropriate industry standards and professional practices; The skills base of this course generally resides within the body of knowledge defined by the QAA Computing benchmark statement, the ACM Computer Science curriculum and the Cyber Security Principles and Learning Outcomes for Computer Science and IT-Related Degrees published by (ISC)2. As well as the technical focus, the courses all contain content that prepares students in social, ethical, legal and professional aspects of a cooperative human environment such as the workplace. Aims of Each Stage of the Course Stage 1 (Certificate of Higher Education) To demonstrate a knowledge and understanding of the fundamental technical concepts of software development, problem solving and modelling techniques, and computing information systems. To demonstrate an understanding of the business environment and the roles of information systems in organisations, and fundamental principles of network design using appropriate tools and techniques. To demonstrate skills, knowledge and understanding that promote continued personal and professional development through investigative, modelling and problem solving activities that use a combination of written and computational work, both on an individual and group basis. Stage 2 (Diploma of Higher Education) To demonstrate skills, knowledge and understanding of advanced software design and development processes. To demonstrate knowledge and understanding of the need for continued professional development and collaborative skills in the context of a real-world project. To demonstrate knowledge and understanding of professional skills, and legal, ethical and social issues involved in the application of technology to real-world problems. To demonstrate an understanding of the theoretical and practical aspects of databases and network design and their security threats and vulnerabilities. To develop dynamic client and server-side web applications and evaluate their security threats and vulnerabilities. Stage 3 (BSc in Cyber Security) To evaluate the methods of computer network management and to analyse security threats to database systems. To cooperate in an effective manner with colleagues and assume an active role in the planning and control of computer security applications, both as an individual and as an effective member of a small project team. To develop and evaluate computer systems that manage information effectively using an appropriate range of processes and techniques. To utilise a range of tools and techniques to protect information systems with due regard to utility and usability. Bachelor of Science with Honours [BSc (Hons)] Cyber Security 2

3 To design and develop security solutions for a range of digital technologies. Stage 4 (BSc (Hons) in Cyber Security) To carry out practical research and design activities that supports the development and maintenance of secure information systems, taking into account the users, the tasks and the work context. To select an appropriate range of tools and technologies, and plan, organise and implement a computing project with due regard to resource constraints, human factors, client requirements and professional standards. To evaluate and select appropriate policies and technologies that will allow timely identification of information security threats and allow effective recovery from cyber attack. To apply a knowledge of secure information systems, threats and the exploitation of vulnerabilities, to assess the security of computer networks and mitigate risk. LEARNING OUTCOMES Introduction The modules common to the Undergraduate Computing Programme provide fundamental IT and Computing skills, professional skills, teamwork and individual project work. The core is designed to provide a solid foundation upon which the course can build in order to achieve its aims and objectives. In order to assist understanding of the overall learning process, the following information presents a breakdown of the principle skills and abilities that the students are required to develop over the duration of the course. Within the context of the BSc (Hons) Cyber Security the general cognate areas of computing and information technology include, but are not restricted to, a set of skills, principles and theoretical body of knowledge related to the subject discipline of information security. The Undergraduate Computing Programme level aims, which are consistent with the University Mission Statement, are to: Produce versatile and resourceful practitioners fostering innovation, enterprise and enthusiasm for excellence in computing. Provide students with the knowledge and skills to equip them for a career in computing and cyber security. Produce practitioners/graduates who can make an effective and professional contribution to the work of interdisciplinary groups engaged in computing projects. Develop students' competence in requirements gathering, analysis and design, using these skills to develop security systems that meet the clients' and end users' requirements Develop students' competence in developing robust and usable software. Assist students in developing study and interpersonal skills required for both independent, autonomous practice and team working. Develop critical, analytical problem-based learning skills and the transferable skills to prepare the student for graduate employment and continuing professional development. Provide students with an appropriate level of knowledge, understanding and skills in the technology underpinning cyber security. Provide students with an awareness of the roles and responsibilities of a professional working within the computing profession. Provide students with the competence to undertake computing and cyber security-based projects on an individual basis with minimal supervision or further training. The knowledge, subject-specific, practical, and transferable skills, acquired by students during the course, provide expertise in the design, implementation and evaluation of software, with particular focus on systems involving the use of computer networks and security. Learning equips students with both professional skill in the development and management of computer systems and information, and the academic expertise needed to pursue further study. Overall Learning Outcomes The purpose of the BSc Cyber Security degree is to provide students with graduate level expertise in the development and management of secure computer information systems and an appropriate knowledge of the supporting computing technologies. In addition, students will combine the skills and knowledge of the systems and software developer with those relating to information security and network management. Graduates will be able to apply such knowledge and technological skills to the requirements of modern organisations and individual users, and provide appropriate solutions to their problems. Specifically, practitioners/graduates of the course will possess the following knowledge and skills: Use and deployment of current computer applications: how to undertake the structuring of data and information, problem identification, design development, testing and evaluation of software and computer information systems, use of software tools and packages to develop IT solutions to business problems. Develop robust and secure applications and systems that utilise and integrate a range of software technologies and platforms. A command of the human factors affecting the security of digital information systems, the judgement and decision making capabilities required to select and evaluate appropriate security technologies and develop effective and usable information systems solutions to user's problems, and their specification and implementation where necessary. The following learning outcomes describe the characteristics of the students i.e. what a student is expected to know and be able to do if they have taken full advantage of the opportunities for learning provided by the course. Characteristic 1: Knowledge and Understanding The principles and application of the concepts involved in the specification, design, implementation, testing and maintenance of secure software systems. The principles and application of the concepts involved in the application of computer and network security practices. The role of digital information systems within an organisation, the promotion of judgement and decision-making capabilities in evaluating risk associated with solutions to the cyber security problems of organisations and individual users, and their specification and implementation where necessary. The issues involved in the management and security of digital information and computer technology in an organisation, and the development of secure industrial information systems. Characteristic 2: Practice: Applied Knowledge, Skills and Understanding Analyse the requirements of users and organisations, to design, implement, evaluate and manage secure information systems. Use appropriate tools to evaluate the security of information systems in terms of general quality attributes and possible trade-offs presented within a given problem and context. Deploy effectively the tools used for the construction and documentation of secure computer applications, with particular emphasis on understanding the whole process involved in the effective deployment of software to solve practical problems. Work as an effective member of a project team, managing the interface between computing, the organisation and the end-users, recognising the different roles within a team and different ways of organising teams. Select an appropriate range of tools and technologies and plan, organise and implement a cyber security project with due regard to human factors, user and organisational requirements. Carry out practical research assisting organisations to deploy effective information security technologies. Bachelor of Science with Honours [BSc (Hons)] Cyber Security 3

4 Effectively communicate complex ideas and technical issues using verbal, visual and written techniques and media appropriate to the target audience. Characteristic 3: Generic Cognitive Skills Analyse, evaluate, and interpret complex information and use such knowledge and understanding in the modelling, design and implementation of software solutions to individual user and organisational problems. Recognise and analyse criteria and specifications appropriate to specific problems, and plan strategies for their solution. Analyse and evaluate the extent to which an information system meets the criteria defined for its current level of security and predicted future requirements. Select and deploy appropriate theory, practices and tools for the specification, design, implementation and evaluation of digital information systems. Research and assess the use of new technologies and develop imaginative and practical solutions to a diverse range of problems. Research, gather and collate data from a range of sources, establish relevant connections, and apply to a given context to inform the generation of design proposals. Plan and manage work appropriately, and to work to deadlines. Develop an understanding of personal learning needs and methods. Characteristic 4: Communication, ICT and Numeracy Skills Use effective means of communication to express complex ideas about cyber security through appropriate media, based on considerations of context. Make effective use of specialist ICT facilities concerned with the management of data and information, develop appropriate skills for this purpose, and adjust features to suit purpose. Demonstrate knowledge and understanding through investigative, modelling and problem solving activities. Present, formally and informally, information about specialised cyber security topics to informed audiences. Communicate with peers, senior colleagues and specialists on a professional level. Select, interpret, use and evaluate a wide range of numerical and graphical data to set and achieve cyber security goals, and to use this information as evidence when presenting arguments for security decisions. Characteristic 5: Autonomy, Accountability and Working with Others Adopt a broad-ranging and flexible approach to study, identifying learning needs, pursuing activities designed to meet these needs in increasingly autonomous ways. Recognise the need for lifelong learning and undertake appropriate continuing professional development, taking control of the learning process including organisational skills, time and workload management. Work effectively both independently and as a member of a team, showing a willingness to learn from others. Maintain professional standards and quality control as applied to the specification, production, implementation and maintenance of business software and information systems. Be innovative, foster creativity and drive, and manage the process of change. These characteristics can be identified within each stage of the course: Stage 1: SCQF 7 Characteristic 1: Knowledge and Understanding: Student should be able to: 1. Demonstrate a basic knowledge and understanding of the basic context of computer science, and its relationship to other subject areas such as mathematics, science and engineering. 2. Demonstrate familiarity with the basic facts and principles of computing and supporting topics via demonstrations of skills gained, the ability to answer questions and to describe and employ basic tools and techniques. The student is introduced to the basic skills and knowledge required for operating in a computer environment via study and practice. The student should understand, at an appropriate, elementary level, programming and the development of software, computer hardware and network design, and show an understanding of the business environment and roles played by information systems in organisations. 3. Demonstrate a working understanding of basic facts and principles in computing and information security via reports, solutions to standard problems, and projects on fundamentals an appropriate use of conventions via the topics outlined above. Characteristic 2: Practice: Applied Knowledge, Skills and Understanding 1. Study the subject in a systematic, directed way with the aid of appropriate tutor guidance within classroom and laboratory. 2. Apply the knowledge, skills and understanding of computer science, web development and computer networks in practical contexts. 3. Use some of the basic and routine professional skills, techniques, and practices associated with computing. 4. Practise these skills in both routine and non-routine contexts. Characteristic 3: General Cognitive Skills 1. (Application): Apply the basic principles and procedures found in computer science and networks to standard, simple situations. 2. (Analysis): Demonstrate the ability to analyse situations and problems, based on the set of classifications presented by tutors. 3. (Synthesis): Systematically relate to a limited number of facts/ideas/elements in an imitative manner. Bachelor of Science with Honours [BSc (Hons)] Cyber Security 4

5 4. (Evaluation): Start to form their own value judgements based on criteria provided. 5. (Problem-solving): Apply the basic tools/methods of computer science and networks to simple, standard problems. Characteristic 4: Communication, ICT and Numeracy Skills 1. Communicate aspects of computer science in a clear and concise way, in writing and orally, in relatively informal and limited-length pieces of work. Students should also be able to communicate appropriately the basic design and documentation of programs. 2. Demonstrate basic numeracy, mathematics and the ability to manipulate data at a level appropriate to this stage of the degree. Students should also develop an understanding of basic concepts in logic and computation. 3. Demonstrate practical skills in computer science using basic ICT applications as well as those skills necessary for efficient use of computer networks. Characteristic 5: Autonomy, Accountability and Working with Others 1. Learn in an increasingly effective and purposeful way, showing the beginnings of development as an autonomous learner, and exercise some initiative and independence in carrying out defined activities at a professional level of practice. 2. Interact effectively with tutors and fellow students via software and web development tasks, problem-solving tutorials and the production of appropriate documentation, and accept supervision in less familiar areas of work. 3. Exercise some managerial or supervisory responsibility for the work of others within a defined and supervised structure while managing limited resources within defined areas of work. 4. Take the lead in implementing agreed plans in familiar or defined contexts, while taking account of own and others' roles and responsibilities when carrying out and evaluating tasks. 5. Work, under guidance, with others to acquire an understanding of current professional practice. Stage 2: SCQF 8 Characteristic 1: Knowledge and Understanding 1. Demonstrate an understanding of the important central areas of this stage of the degree, specifically, software development, the design and operation of database systems, dynamic web development, collaborative and professional skills and network management and design. 2. Show a growing appreciation of the scope of the field of study so enabling students to map knowledge into a coherent picture of the discipline. 3. Demonstrate an appreciation of the significance of central and peripheral areas of subject, suggesting opportunities to explore and extend the boundaries of the discipline. Characteristic 2: Practice: Applied Knowledge, Skills and Understanding 1. Apply knowledge, skills and understanding in using a range of professional skills, techniques, and practices associated with the computing topics studied, some of which are at an advanced or complex level. 2. Carry out routine lines of enquiry, development or investigation into professional level problems and issues. 3. Adapt routine practices within accepted standards. Characteristic 3: General Cognitive Skills 1. (Application): Apply standard principles and procedures to somewhat more demanding situations. 2. (Analysis): Demonstrate increasing ability to apply classifications and critically analyse relatively simple situations. 3. (Synthesis): Demonstrate an appreciation of the need for relating and marshalling a range of facts/ideas/elements in an argued case. 4. (Evaluation): Identify a range of valid alternative solutions, and begin to discriminate and evaluate in a reasoned, systematic and increasingly independent way, particularly within the context of group work. 5. (Problem-Solving): Apply given tools/methods accurately and carefully to more demanding problems Bachelor of Science with Honours [BSc (Hons)] Cyber Security 5

6 appropriate to this stage. Characteristic 4: Communication, ICT and Numeracy Skills 1. Develop communication skills in more formal academic and professional styles, and in more extended pieces of work. Some presentation work may be introduced through the optional placement process. 2. Apply a selection of more advanced numerical, modelling and design skills, relevant to specialised areas of software development, dynamic web programming, database systems and network management. 3. Demonstrate, use and access a broad selection of more advanced computing and IT skills in a wide range of contexts in all topics, but particularly in the development of solutions to computer security problems. Characteristic 5: Autonomy, Accountability and Working with Others 1. Exercise autonomy and initiative in some activities at a professional level within the range of exercises set by tutors. 2. Interact effectively within a learning- or subject-specific group, demonstrating basic negotiating, role-ownership, leadership and group-support skills. 3. Take the lead on planning work activities in familiar or defined contexts. 4. Manage resources and exercise responsibility for the work of others within a group, within a defined structure. 5. Practise in ways that show awareness of own and others' roles, responsibilities and contributions when carrying out and evaluating tasks. 6. Work, under guidance, with others to acquire an understanding of current legal, ethical and professional issues, and manage these issues in accordance with current professional and/or ethical codes of practices. Stage 3: SCQF 9 Characteristic 1: Knowledge and Understanding 1. Demonstrate a knowledge and understanding of the important central areas of this stage of the degree; specifically network management, operating systems, web and database security, computing law and ethics, cryptography and computer security. 2. Demonstrate a critical understanding of a range of the principles, main theories, concepts and terminology of information security. 3. Show confident familiarity with the broad areas of the knowledge and subject bases of computer science and information systems, including key specialist areas. 4. Demonstrate some understanding of the limits of the broad area of study, together with an ability to relate the different areas to one another in a systematic and logical manner. Characteristic 2: Practice: Applied Knowledge, Skills and Understanding 1. Apply knowledge, skills and understanding in using a range of the principal professional skills, techniques, practices and/or materials associated with cyber security. 2. Demonstrate an applied knowledge of some specialised or advanced skills, techniques, practices and/or materials in the implementation of cyber security solutions. 3. Practise routine methods of enquiry and research. 4. Work in a range of professional contexts that include a degree of unpredictability. Characteristic 3: General Cognitive Skills 1. (Application): Demonstrate the ability to select and use principles and procedures appropriate to the situation or problem in hand. 2. (Analysis): Recognise familiar ideas or principles in new contexts or situations and analyse systematically and effectively. 3. (Synthesis): Show a basic ability to relate and marshal facts, ideas and elements in an argued case and relate security ideas to a wider range of situations. 4. (Evaluation): Identify a range of valid alternative solutions, begin to discriminate and evaluate in a reasoned, systematic and increasingly independent way. Bachelor of Science with Honours [BSc (Hons)] Cyber Security 6

7 5. (Problem-Solving): Begin to self-direct, identify key elements of problems, and choose appropriate methods to construct their solution, with only general guidance, in all topics. Characteristic 4: Communication, ICT and Numeracy Skills 1. Engage effectively in a variety of roles, to produce clear, well-structured reports and presentations on relevant aspects of cyber security. 2. Apply a selection of specialist numerical, modelling and design skills, relevant to the development and implementation of secure information systems, and the management and design of networks. 3. Access and successfully use a broad selection of specialist computing and ICT skills in a wide range of contexts, in all topics. Characteristic 5: Autonomy, Accountability and Working with Others 1. Adopt a broad-ranging and flexible approach to study, identifying learning needs and pursuing activities designed to meet these needs in increasingly autonomous ways. 2. Assume an appropriate role in the design and management of secure information systems development projects. 3. Plan, and be responsible for, the installation and maintenance of secure software systems. 4. Use negotiation and collaboration skills to manage the interface between computing, information security and other functional areas of an organisation, and the users of its computer systems. 5. Deal with legal, ethical and professional issues in accordance with current codes of best practice, seeking guidance where appropriate. Stage 4: SCQF 10 Characteristic 1: Knowledge and Understanding 1. Demonstrate an understanding of the context of, and relationship between, the principal areas, features, boundaries, terminology and conventions of specialist areas of the course. These include Digital Forensics and Analysis, the management of Secure Networks, Ethical Hacking and Penetration Testing and the Honours Individual Project. 2. Demonstrate confident familiarity and critical understanding of the defining concepts and features of secure Information Systems, including further areas of special relevance or interest and show a detailed understanding of the ways in which the subject is developed, including a range of established techniques of enquiry or research methodologies. 3. Demonstrate appropriate high-level expertise in relevant mathematical modelling or cyber security design and implementation skills, and apply specialist analysis within the Project, while learning technical skills appropriate to the specific task. 4. Demonstrate a detailed knowledge and understanding in one or more cyber security specialisms, some of which is informed by, or at the forefront of the subject. 5. Demonstrate a clear understanding of their subject's boundaries, of the limits of its application, and of the range of methods of study and types of judgment employed. Characteristic 2: Practice: Applied Knowledge, Skills and Understanding 1. Apply knowledge, skills and understanding in using a wide range of the principal professional skills, techniques, and practices associated with cyber security. 2. Demonstrate practical skills in the use of techniques and materials that are specialised, advanced and at the forefront of the subject of information security. 3. Apply a practical knowledge of cyber security to execute a defined project of research, development or investigation in the Honours Project module. 4. Practise in a range of professional level contexts that include a greater degree of unpredictability and specialism in information security. Characteristic 3: General Cognitive Skills 1. (Application): Carry out confident and accurate selection and application of principles and procedures to the Bachelor of Science with Honours [BSc (Hons)] Cyber Security 7

8 solution of a range of professional situations and problems, working autonomously, particularly within the Honours Project module. 2. (Analysis): Identify and classify principles and ideas in new contexts and situations, and analyse them systematically, effectively and critically, particularly within the Honours Project module. 3. (Synthesis): Bring together facts, ideas and elements in support of a well-structured argument, design novel solutions and evolve new concepts, working autonomously, particularly within the Honours Project module. 4. (Evaluation): Integrate theory with professional and vocational practice, autonomously evaluate theory, process, solutions and outcomes critically and effectively, particularly within the Project. 5. (Problem-Solving): Identify and define complex problems in an increasingly independent, confident and flexible way and apply knowledge and skills appropriate to their solution, at the threshold of professional competence in all topics, but, particularly within the Honours Project module. Characteristic 4: Communication, ICT and Numeracy Skills 1. Demonstrate, use and access a broad selection of specialist computing, network management and information security skills, in all topics, but particularly within the Honours Project module. 2. Make effective use of specialist computing and ICT facilities concerned with the management of data and information, and develop appropriate skills for this purpose. 3. Use effective means of communication to express complex ideas to colleagues through appropriate media, based on considerations of context. 4. Engage effectively in independent roles, debate in a professional manner, and produce detailed critiques and coherent project reports. Students should be able to give confident oral and formal presentations to informed audiences in a wide range of contexts, particularly within the Honours Project module. Characteristic 5: Autonomy, Accountability and Working with Others 1. Demonstrate skills, knowledge and understanding through autonomous investigative, modelling and problem-solving activities, and manage the process relating to the development, maintenance and review of secure information systems. 2. Maintain standards and quality control as applied to the specification, production, implementation and maintenance of secure information systems, in accordance with current professional and ethical codes of practices. 3. Manage own learning, with minimal guidance, using a wide range of resources appropriate to the profession, seeking and making effective use of feedback. At this level within all topics, but particularly within the Project. 4. Interact effectively within groups in all topics, and, where appropriate, develop interaction and negotiating skills with customers and other stakeholders. DISTINCTIVE FEATURES OF COURSE The BSc (Hons) Cyber Security has a strong practical focus on the design, maintenance and protection of secure information systems, and the computer technologies that support them. A central theme of the course is the analysis of user and organisational security requirements and the development, maintenance and protection of secure and robust enterprise systems. The course distinguishes itself from other undergraduate degrees in a number of ways: A focus on software development. Since cyber security professionals need to be able to understand and maintain a variety of hardware systems and software components, the course will provide students with the necessary knowledge and practical skills to develop a deep and thorough understanding of the software development and the software development lifecycle, together with its relationship to the operation of different components in a networked environment. Network security professionals who graduate from this course will therefore have the ability to develop secure software applications, maintain the security of enterprise networks, monitor information systems for security vulnerabilities, assure against cyber security threats, and, where necessary, develop robust and effective procedures to recover lost or damaged information. Professional Accreditation. Another distinctive feature of the course is that it allows students to acquire Industry standard qualifications as part of their study within the curricular module structure. The student will be able to acquire industry qualifications in networking, such as CCNA 1 4, CCNA Security, Certified Wireless Network Analyst (CWNA), and Wireshark Certified Network Analyst (WCNA). In addition, the student will gain Certified Ethical Hacker (CEH) and CREST Penetration Analyst. These will enhance the employability of graduates and their career prospects. Industrial Placement. The optional industrial placement provides the students with the opportunity to gain the invaluable experience of working in a business environment with computer and network security professionals, dealing with real users, clients and their problems. Students successfully completing an industrial placement are awarded an additional 15 credit Industrial Placement module (CM2105), and its assessment is based around a review of the student's work related skills by the industrial supervisor and visiting tutor. The course adopts a practical approach to developing students' professional skills, often using group work and project teams to foster such personal development skills as leadership, management, teamwork and communication that enhance the students' employability. Bachelor of Science with Honours [BSc (Hons)] Cyber Security 8

9 The course is taught by a team of full-time staff who have extensive industrial and commercial experience in applying security measures to information systems in business applications. The course enables the students to benefit from their experience and involvement in the leading edge of the development and application of computer technologies to business problems. WHAT THE COURSE INVOLVES The course involves a broad range of teaching techniques, including lectures, tutorials, computer laboratories, industrial placement and a substantial project in the Honours year. Lectures are supported by a range of equipment including video, and computer projection facilities where appropriate. Ample opportunity exists for questions, interaction and discussion. The tutorial format may vary according to the subject - for example staff may support students engaged in problem solving, or there may be group exercises where each group is encouraged to allocate tasks and responsibilities. Generally tutorials are used to support the lecture, clarify the materials and experiment with the techniques and skills required. The nature of the cyber security computing and IT elements of the course requires that students gain practical experience in the computer laboratory, and most modules involve lab work on a PC. The School of Computing Science and Digital Media has 9 laboratories housing a total of 335 PCs and 24 Macs, equipped with the latest versions of open source and commercial software for the exclusive use of Computing students. The School has a fully functional Cyber Security Lab which houses specialised kit dedicated to the teaching of Network Security modules. In the Cyber Security lab, each student has access to a CCNA/P equivalent of equipment, i.e. 3 network switches and 3 network routers called a Pod. Two pods are housed in a 14U rack under a desk between two students. Each rack provides 12 patch ports for a mix of Ethernet connectivity and console connectors per pod, of which, 6 are used to connect to local devices and consoles and the other 6 are patched on to two centralised main racks. These main racks contain a subset of network security equipment, where Firewall, router, Net Taps and Wireless Access Points can be shared. The second rack holds a switch with a fibre connection. This is wired back to the University firewall (bypassing the ability to scan any internal services) with access to the general Internet to allow controlled access to Penetration tools that require internet access to work. This is limited to specific MAC addresses so only one VM is allowed access out while still maintaining security of the main RGU network. Students log on to this PC normally to access university resources as in any other IT lab. The only difference in the configuration is the addition of 3 Virtual Machines on the PC that are accessed through VMware Workstation. Each PC is enhanced with 3 extra network cards that take up the remaining slots in an HP Small Form Factor machine. The Cisco lab is a shared resource between the School of Engineering and the School of Computer Science and Digital media. Although the School of Engineering owns and utilises the room, it is operated and managed by the School of Computing Science and Digital Media. It houses 24 PCs all linked back to three racks of Cisco equipment to represent three separate locations (Red, Green and Blue) so three Local Area cables, plus a console cable per PC connect back to these racks. The ability to work as an effective member of a project team is an essential skill for anyone working in the computing and IT industry, and group working is a major feature of the course in Stages 1 and 2. In later stages, elements of group work will be incorporated into subject-specific modules as appropriate. Where appropriate, modules use technologies such as computer-mediated formative assessment to bring interactivity and immediacy to the teaching and learning process. In each semester, students are expected to spend up to 4 hours per week per 15 credit module in lectures/ tutorials/ laboratories. The initial size of entry is expected to be 20 students but since stages 1 and 2 of the course are taught in conjunction with the BSc Computer Science, the cohort will study alongside these students in all first and second year modules. This will allow maximum flexibility for students from Computer Science to transfer over to Cyber Security if so desired, and also allow Cyber Security students to transfer to Computer Science if they wish. Care will be taken to ensure that the students in each cohort, but especially those on the Cyber Security degree, to develop a sense of cohort identity. This will be done through contact with personal tutors and extra-curricular module-specific activities which promote the subject of cyber security within the overall computing programme. It is anticipated that the intake will be maintained at a figure of 20 students per year. The optional summer Industrial Placement is a useful supplement to the other teaching and learning experiences. The interaction with the staff of the company, the required tasks and the general environment provide an experience that is difficult to achieve by other means. Students are supported on the Placement by a course tutor drawn from the School and an industrial supervisor from the company. The School tutor supports and monitors the assessment process to ensure that the placement student is aware of the submission requirements. In the final year of the course, the student will undertake an individual Honours project. This is an extended piece of work, completed under the supervision of a staff tutor. The student agrees a specification for a task, which would be the investigation and implementation of a solution to a cyber security problem. This may, for example, be the analysis and design of a secure information system or the development of an exploit that will take advantage of a previously known or discovered vulnerability. They are then assessed on the project management aspects of the project as well as the design, implementation and testing of the security solution, and the communication of this information to academic tutors, presented in a finished dissertation. PLACEMENT / PROFESSIONAL EXPERIENCE Students may elect to undertake a short summer placement in the summer break between Stages 2 and 3 or between Stages 3 and 4. In addition or as an alternative to this, students may undertake a year long placement between Stage 2 and Stage 3, or between Stage 3 and Stage 4. The year long industrial placement year normally comprises of weeks of continuous, full time supervised work experience. Students and employers are provided with Guidance Notes relating to the requirements of the placement. The Faculty of Design and Technology has a Placement Office which seeks out opportunities both for short and full year placements. Students undertaking an industrial placement are enrolled on an Industrial Placement module (CM2105 Placement), and its assessment is based around a review of the student's work related skills. The Placement Office maintains a pool of placement opportunities and establishes contact with new companies and organisations as necessary and will normally assist students by informing them of suitable placement opportunities. The student will be expected to provide a copy of his/her CV to the Placement Office and to attend for interview with potential placement employers as and when required. The assessment consists of two reviews, each made up of mutually agreed individual assessment. An academic tutor, appointed from the staff of the School, who makes one or more visits to the company premises during the placement period, monitors this process.. The 15 credits awarded for this module are in addition to the 120 credits achievable from taught modules. Successful completion is not required for progression to Stage 3. The 15 credits for placement may not be used to compensate for any credits from the taught modules. The optional paid placement provides an opportunity to sample working life, be it in commerce or industry, and apply knowledge and skills learned in the classroom to the challenges of the workplace. Students who have gained supervised work experience as part of their course have a definite advantage in the jobs market when it comes to applying for graduate positions. The assessment is based around a review of the student's work related skills, conducted by the industrial supervisor, and presented to the academic tutor. The process is monitored by the academic tutor appointed from the staff of the School, who would make one or more visits to the company premises, depending upon the duration of the placement period to ensure student welfare and monitor student progress. Students may arrange their own placements, but the Course Leader and Placement Office must approve the job specification and supervisory arrangements prior to commencement. While the student is on placement, he or she is a salaried employee and will be responsible to a designated member of the placement company (i.e. the industrial placement supervisor) for the discharge of his or her day-to-day duties. The overall final assessment for a short summer placement experience is based around a review of the student's work related skills, conducted by the industrial supervisor. Students who have completed the placement as part of their course have a definite advantage when it comes to applying for graduate positions. With the combination of training, experience and a successful degree, students are often offered subsequent employment by the companies which provided their placement. OPPORTUNITIES FOR FURTHER STUDY An Honours degree achieved with at least an upper second class (Class 2.1) Classification will normally provide access to postgraduate and Bachelor of Science with Honours [BSc (Hons)] Cyber Security 9

10 An Honours degree achieved with at least an upper second class (Class 2.1) Classification will normally provide access to postgraduate and doctoral programmes in UK higher education institutions. EXTERNAL AND INTERNAL INDICATORS OF QUALITY AND STANDARDS QAA (Quality Assessment Agency for Higher Education) published Computing Benchmarks (2000, 2007 and 2015) outlining the standards expected for the award of Honours Degrees in Computing. QAA Benchmark Statements are used during the design of modules, courses and the Undergraduate Computing Programme. The structure and content of the course has been constructed following the QAA's Computing benchmarks and the QAA's principles of course design (both the current benchmarks and those described in the 2015 Benchmark Statements were consulted). The course design has been strongly influenced by three key computing concepts: computational thinking, the process of analysing and developing computer systems, and the balance between theory and practice. The content of the course has been selected to provide a balanced coverage of the three broad categories of abilities and skills identified in the QAA Computing Benchmarks: computing-related cognitive abilities, computing-related practical abilities and additional transferable skills. These have been formulated as learning outcomes within the current Scottish Credit and Qualifications Framework (SCQF). As well as QAA guidelines, the report by the UK Council of Professors and Heads of Computing and the International Information System Security Certification Consortium, Inc., (ISC)², entitled "Cybersecurity Principles andnd Learning Outcomes for Computer Science and IT-Related Degrees", provides a significant input into curricular design, course content and standards. This can be accessed at SCQF credit values have been used as a guide during the design of modules while the structure and content of the course has also been designed with the British Computer Society's (BCS) requirements for Practical/Engineering Applications in mind, and embedded in the core structure are modules and topics which provide students with computing skills and knowledge in Underlying Theory, Design and Methodology, Tools and Techniques and Project Management and Group work. The structure and content of the course has also been designed with the British Computer Society's (BCS) requirements for Practical/Engineering Applications in mind, and embedded in the core structure are modules and topics which provide students with computing skills and knowledge in Underlying Theory, Design and Methodology, Tools and Techniques and Project Management and Group work. Standards are primarily established through QAA (Quality Assurance Agency) Benchmarks and the requirements imposed by the British Computer Society (BCS) in order to gain professional course recognition. The achievement of appropriate standards is demonstrated through the University's course validation procedures and professional institution accreditation visits. The QAA qualification descriptors and Subject Benchmark Statements provide a reference framework that has guided the evolution of the School's degree programme, and the extent of the subject discipline, as defined by QAA, is broadly matched by the provision that now exists within the School's undergraduate programme. The School has Chartered IT Professional accreditation for its BSc Computer Science and BSc Computer Application Software Development degrees from the BCS and it is expected that accreditation would be sought for the BSc Cyber Security degree. The quality assurance procedure for this includes a regular cycle of accredtation visits by a panel of subject experts appointed by the BCS who evaluate the courses according to strict quality control standards. A number of internal processes and procedures are used by the School to ensure that standards are maintained and enhanced. Stakeholders' views on standards are routinely obtained from the Staff/Student Liaison Committee, Undergraduate Programme Management Team, Student Experience questionnaires, Industrial Board, industrial visits to placement students, staff involvement in professional body activities and staff participation in accreditation events outside the School and at other HE institutions. In addition to this, best practice in teaching and learning within the university is monitored through the university quality enhancement and quality assurance processes. These include the regular five-yearly cycle of Institution-Led Subject Reviews, as well as participation in the university quality assurance committee structures, such as the Faculty Quality Enhancement Sub-Committee and the university Teaching, Learning and Assessment Sub-Committee. Finally, it should be mentioned that the lecturers within the School have an ongoing interest in pedagogical research and a commitment to expanding the scholarship of computing science education. Academic staff help to organise, and participate in, national and international conferences and have been awarded funding from the Higher Education Academy, the Scottish Informatics and Computer Science Alliance, and the Scottish Enhancement Themes to pursue work in computer science education, as well as more general work on student transitions. The School also participates in university conferences on teaching and learning. ACADEMIC REGULATIONS This course is governed by the provisions of the University's Academic Regulations, which are available at In particular: Regulation A1: Courses Regulation A2: Admission Regulation A3: Section 1: Student Appeals (Awards and Progression) Procedure Regulation A3: Section 2: Student Misconduct Procedure Regulation A4: Assessment and Recommendations of Assessment Boards Entry Requirements Applicants must satisfy the University's general admission requirements for undergraduate and postgraduate courses as contained in Academic Regulation A2: Admission, including proficiency to a minimum standard in the English language. Specific entry requirements for this course are detailed below. SQA Higher: BBCC/BBB and two further passes (normally to include Maths and English) at Standard Grade. GCE A Level: BB/CCC (or equivalent e.g BD) and three further passes (normally to include Maths and English) at GCSE level. ILC Higher: BBC1C1/B2B2B2 and two further passes (normally to include Maths and English) at Ordinary Level. Equivalent qualifications, e.g SQA, BTEC, S/NVQs, overseas qualifications and access programmes will be considered on an individual basis. Applications from mature students with non-standard qualifications or work experience are welcomed. Prospective applicants for the course are not normally interviewed. Course Specific Academic Regulations Honours Classification is based solely on the student's performance in Stage 4 of the course. CM4018 Individual Honours Project cannot be condoned [refer Academic Regulation A4, paragraph 11]. Students are required to purchase a key fob, to access the School of Computing labs, at a cost of Additionally, the purchase of core texts is recommended and these will be indicated by academic staff. SOURCES OF FURTHER INFORMATION Further information about the undergraduate programme in the School of Computing Science and Digital Media can be found at the School website: Information about Placement opportunities and the School's links with industry can be accessed at Bachelor of Science with Honours [BSc (Hons)] Cyber Security 10