Unit Reference Number

T/618/6097

Unit Title

Cyber Security

Unit Level

3

Number of Credits

10

Total Qualification Time (TQT)

100

Guided Learning Hours (GLH)

40

Mandatory / Optional

Mandatory

Sector Subject Area (SSA)

14.1 Foundations for learning and life

Unit Grading Structure

Pass / Fail

Learning Outcomes – The learner will:

Assessment Criteria – The learner can:

Indicative contents

1. Understand cyber security.

1.1 Describe the concepts of cyber security.

1.2 Explain the importance of cyber security for businesses.

1.3 Describe the consequences and implications of inadequate cyber security for businesses .

• Concepts of cyber security:

security, identity, confidentiality, integrity, availability, threat, vulnerability, risk, hazard.

• Importance of cyber security:

cost of breaches, sophisticated hackers, widely available hacking tools, tighter regulations (GDPR)

• Consequences and implications:

unauthorised access to distribution of or loss of, sensitive data, personally identifiable information (PII), protected health information (PHI),

personal information, intellectual property, industry information systems.

2. Understand core terminology and key aspects of cyber security.

2.1 Define core terminology used in cyber security.

2.2 Compare typical behaviours of good actors and bad actors.

2.3 Discuss key sectors that are most vulnerable to a cyber-attack.

• Core terminology: malicious software, distributed denial of service (DDoS), cloud , software, domain , exploit, breach, firewall, encryption, Virtual Private Network (VPN), IP address, malware, virus, social engineering Bring Your Own Device (BYOD,

Penetration testing (pen testing):process of attempting to gain access to resources without knowledge of usernames, passwords and other normal means of access.

• white-box penetration test is to simulate a malicious insider who has knowledge of and possibly basic credentials for the target system.
• black-box penetration test is to simulate an external hacking or cyber warfare attack. 1.1 Describe the concepts of cyber security.
• Good and bad actors:
  • bad – ex employee, black hat, script kiddies, hacktivist, organised crime hackers,
  • good – white hat, certified penetration tester.
• Key sectors:

manufacturing, finance, government and defence

agencies/departments, educational institutions, utilities, maritime, IT, healthcare, retailers,

3. Understand cyber threat intelligence.

3.1  Identify key concepts of cyber threat intelligence

3.2  Explain the following terms in relation to cyber security:

• threats
• exploits
• vulnerabilities
• Cyber threat intelligence - information an organisation uses to understand the threats that have, will, or are currently targeting the organisation ie sources: open source intelligence, social media intelligence, human Intelligence, technical intelligence or deep and

• risks

3.3 Identify improvements to secure a network against cyber attacks.

dark web intelligence

• Terminologies:
• Threats  - an agent that may want to or definitely can result in harm to the target organisation ie employee sabotage and theft, including of physical equipment or data, and damage such as fire, flood, power loss, terrorism or other disaster o unauthorised access by employees and other users to secure areas and administration functions, including security levels and protocols o weak cyber security measures and unsafe practices, including security of computer equipment and storage devices, security vetting of visitors, visiting untrustworthy websites, accidental loss or disclosure of data, including poor staff training and monitoring, malicious software (malware), including spyware, adware, ransomware; viruses, including worms, rootkits and trojans o hacking, including commercial, government, individuals, sabotage, including commercial, government, terrorism, individuals o social-engineering techniques used to obtain secure information by deception. 1.1 Describe the concepts of cyber security.
• Exploits - code that takes advantage of a software vulnerability or security flaw.
  • A remote exploit works over a network and exploits the security vulnerability without any prior access to the vulnerable system.
  • A local exploit requires prior access to the vulnerable system and usually increases the privileges of the person running the exploit past those granted by the system administrator.

Exploits against client applications also exist, usually

consisting of modified servers that send an exploit if accessed with a client application.

• Vulnerability – Weaknesses or gaps in a security program that can be exploited by threats to gain unauthorised access to an asset ie could include but not limited to network, including firewall ports and external storage devices o organisational, including file permissions or privileges, password policy, software, including from an untrustworthy source, downloaded software, illegal copies, SQL injection and new zero-day exploits, operating system, including unsupported versions, updates not installed on mobile devices, reliant on Original Equipment Manufacturers (OEMs) to update system software, physical including theft of equipment, Universal Serial Bus (USB) storage devices with sensitive data, collection of passwords and other information by social-engineering methods o process of how people use the system, including leaks and sharing security details, security implications of cloud computing and of the Internet of Things (IoT) devices
• Risks is where threat and vulnerability may overlap ie could include but are not limited to social engineering ( art of manipulating people so they give up confidential information) phishing, blagging (pretexting), phishing, pharming, shouldering (or shoulder surfing), ransomware , Denial of Service (DoS)/Distributed Denial of

Service (DDoS), virus.

• Secure Network:

biometric measures (particularly for mobile devices), password systems, CAPTCHA (or similar), using email confirmations to confirm a user’s identity, automatic software updates. 1.1 Describe the concepts of cyber security.