Cyber Security Technical Professional Integrated Degree Course Overview

<Introduction to the course> Cyber Security Technical Professional (integrated degree)

<plan for this morning> The team You What we will achieve Schedule Content Format Who are we? Blockrelease UWE Assignments Facilities Resources Reading lists Sign on Types Format Submission Regulation

<the team> Len Shand (course leader) Emma Littlefair Andrew Cracknell Ian Johnson (UWE) Liz Scott Cyber Software Systems Training Co-ordinator Link tutor Year 1 Year 1 Year 1 OS Networking Year 2 Embedded Liaison Year 3 leader Exam boards Programming Cyber threats Year 2 Cryptography OS security Information security On site reviews Progress tracking Management

<safeguarding> The college has a strict safeguarding policy You can discuss any safeguarding issue with a member of the apprenticeship team or alternatively contact safeguarding@gloscol.ac.uk The safeguarding team can be identified by a pink lanyard

<the course> Foundation knowledge Year 1 OS and architecture 30 credits Exam/report Programming 30 credits Exam/portfolio Networking 30 credits Presentation/report Cyber threats 30 credits Presentation/report Competence: Individual examples Skills and behaviours: competent, enquiring, workplace integration Cyber security knowledge Embedded systems security 30 credits Presentation & workbook Year 2 Information management 30 credits Presentation/report OS security 30 credits Demonstration & portfolio Cryptography 30 credits Demonstration & portfolio Competence: Synthesised examples Skills and behaviours: teamwork, analysis, problem solving Professional application of knowledge Risk Incident management 20 credits Presentation & workbook Year 3 Project and dissertation 30 credits Presentation/report Security assurance 30 credits Exam/workbook management 30 credits Demonstration & portfolio Competence: Complex projects Skills and behaviours: novel solutions, complex interactions, effective relationships Year 4 End point assessment: portfolio of autonomous projects, practical, interview (10 credits)

<block release weeks> Module Sep Oct Nov Dec Jan Feb Mar Apr May Jun Jul Aug 1 OS 2 1 2 Network 1 1 1 3 S/W 1 1 1 4 Threats 1 2 Actual dates are on the wiki

<block release typical day> Time Duration (hours) Activity Morning 0.25 Recap/quiz 1 Presentation 1.25 Research tasks 0.5 Discussion Afternoon 1 Presentation 1.5 Practical 0.5 Discussion

<module design> Foundation material delivered in presentations Additional material obtained via research tasks Discussions to review task results and establish key points Practical tasks to apply knowledge gained Recap/quiz sessions to test recall Each week will be intensive Active participation will be required in order to succeed in the assignments

<block release OS & Architecture example> Week 1 Day Monday Topic Module introduction Number systems Tuesday Digital logic Representation of data Computer architecture Memory systems and storage architecture I/O systems Wednesday Thursday Friday 2 Monday Tuesday Wednesday Thursday Microprocessor organisation Assembler language RISC simulator and assembler programs Operating system principles Multiprogramming and process Memory management Friday 3 Monday Assignment 1 exam I/O systems File systems Concurrency, synchronisation, scheduling and dispatch Virtualisation Virtualisation in practice Issue assignment 2 Tuesday Wednesday Thursday Friday

<assignment schedule> Assignment 2 submission Assignment 1 submission Assignment 2 Assignment 1 Assignment 1 is set at the end of the second week of the module block release Assignment 1 is submitted (or taken if it is an exam) on the first day of the third week of the module block release Assignment 2 is set at the end of the third week of the module block release Assignment 2 is submitted on the first day of the first week of the next module block release (or within 2 weeks of the end of the last week of the year) Feedback will be given with 2 weeks of the submission date

<assignment types> Examination Report on practical work Presentation Portfolio of coursework Research report Demonstration Oral examination supported by notebooks Component A of a module assessment is undertaken under controlled conditions e.g. an examination or presentation

<assignment regulations> Pass mark is 40% Higher marks are used in the final year to calculate the degree classification Work must be submitted on time (by 14:00 on the deadline day) Work submitted up to 24 hours late will be capped at 40%* Work submitted more than 24 hours later will be treated as a non- submission (unless there is a serious, documented reason, in which case a 5-day extension may be permitted) * A resit is the opportunity to be assessed for a second time in an attempt, having failed to reach the required pass standard at the first sit. A retake is the opportunity to take a module again, having failed to reach the required pass standard at the previous first sit and resit. This allows a further sit and a resit. * These regulations are suspended under UWE Covid force majeure. Students may claim a 5-day extension without documentation. Work missing the 24-hour deadline will be a non-submission. https://www2.uwe.ac.uk/services/Marketing/students/Student%20advice/Regulations-documents/2019-20/Academic-Regulations-2019- 2020-Volume-1-UG-PG.pdf

<appeals> Appeals against assessment can only be made after an examination board has formally issued results Note: all marks prior to an exam board are provisional Reasons for appeal marks that have been recorded wrongly assessments not conducted or calculated in the way described in the module specification or guide lack of agreed reasonable adjustments extra time for exams, use of a PC for exams, teaching materials in advance or permission to record lectures a rejected application for personal circumstances which you feel has not been considered properly (see UWE website for acceptable reasons) This is a UWE process https://www.uwe.ac.uk/study/academic-information/academic-appeals/about-the- academic-appeals-process

<complaints> Reasons for complaints: failure by the college to meet obligations as outlined in public information such as course handbooks misleading or incorrect information in prospectuses or promotional material and other information the college provides concerns about the delivery of a programme, teaching or administration poor quality facilities, learning resources or services provided by the college complaints involving other organisations or contractors providing a service on behalf of the college or University Process: Stage 1: Raise with module or course leader Stage 2: If still dissatisfied, raise with Head of School Stage 3: If still dissatisfied, raise with college executive

<resources> You are full students of UWE Induction Access to all library and campus resources Sign on to UWE systems Access to reading lists and online texts Access to the UWE Blackboard VLE for assessments, marks and results Registration UWE ISIS will issue an email and password to each of you giving details of how to register online by going to MyUWE ISIS will use your gloscol email address There is a Registration tab on MyUWE and then you follow the instructions You will need to upload a photograph for your UWE ID card There is a question about payment, which doesn't have an option for levy etc. You should stop at this point and submit, making sure you scroll to the bottom to click on the Ts &Cs box Once registered you will have access to internal UWE systems

<cpmpetencies> You have to develop 24 competencies in the workplace Design, build, configure, optimise, test and troubleshoot simple and complex networks. Apply statistical techniques to large data sets. Identify vulnerabilities in big data architectures and deployment. Build test and debug a digital system to a specification. Configure an Operating System in accordance with security policy. Identify threats and features. Write, test, debug programs in high- and low- level languages and scripts. Design, implement and analyse algorithms. Construct software to interact with the real world and analyse for security exploits. Analyse malware & identify its mechanisms. Apply secure programming principles and design patterns to address security issues. Apply system engineering and software development methodologies and models. Discover, identify and analyse threats, attack techniques, vulnerabilities and mitigations. Assess culture & individual responsibilities. Undertake ethical system reconnaissance and intelligence analysis. Undertake risk modelling, analysis and trades. Undertake risk assessment to an external standard. Apply a management system and develop an information security management plan. Configure and use security technology components and key management. Design & evaluate a system to a security case. Architect, analyse & justify a secure system. Develop an assurance strategy. Security monitoring, analysis and intrusion detection. Recognise anomalies & behaviours. Manage intrusion response, including with 3rd parties. Organise testing & investigation work in accordance with legal & ethical requirements. Develop & apply information security policy to implement legal or regulatory requirements.

<competencies> For years 1 -3 you will: have an initial on-site meeting with an assessor, your manager and yourself to establish a personal development plan the plan will show how and when you will develop the competencies every month an assessor will visit to review and record progress Every three months the training coordinator will conduct a formal review of progress with your manager and yourself During year three you should be given significant responsibility to demonstrate combining competencies into leading significant projects

<end point assessment> In the first 6 months of year 4 : You produce a portfolio of evidence from 5-6 real work projects which have been completed during the apprenticeship. The portfolio will inform the technical discussion For the end point assessment in month 7 (EPA) there will be: A practical test four exercises to assess your skills, knowledge and behaviour. This takes place in a controlled environment over 48 hours. An employer reference confirming you have met the standards A transcript showing completion and achievement of all the degree modules Certificates showing passes at Level 2 English and Maths (If not already achieved). A technical discussion - to elicit sufficient evidence against the knowledge, skills and behaviours to inform whether the minimum standard has been achieved. This lasts 2 hours.

<the end> You will have achieved: An Honours Degree 3.5 years of practical workplace experience in cyber security These desirable and demonstrable skills: Teamwork Communication, argument, negotiation and explanation Effective research Analytical and critical thinking Creative problem solving Discipline, meeting deadlines, working under pressure Accountability and responsibility