institution’s letter of support · web view2021. 7. 26. · if the master’s has a large...
TRANSCRIPT
Issue 2.122 July 2021
Certification of Postgraduate Master’s Degrees in Cyber Security
Application Template
Certification of Master’s Degrees Incorporating Cyber Security
This document provides an application template for an HEI to have its Master’s degree in Cyber Security considered for certification. It is an HEI’s sole responsibility to ensure that its application is compliant and provides the information required.
Every application must be submitted on a separate template.
Applications that do not use the template will not be considered for assessment.
Please feel free to delete this page from your completed application.
© Crown Copyright 2021, The National Cyber Security Centre
Page 1 of 83
Issue 2.122 July 2021
Instructions on how to use the template1. Text in purple describes what is required in each section of the application.
The places in the template where applicants have to insert text, tables and figures are denoted by ‘<<< … >>>’
Please do not delete the text in purple. It does not contribute to an application’s page count.
2. Text, table entries and figures in brown are provided to help guide applicants on what may be an appropriate response to some sections of the application and are provided by way of example only. They should be deleted from the completed application.
3. Text in red describes the criteria for a section as well as providing a scoring framework for assessors.
Please do not delete the text in red. It does not contribute to an application’s page count.
4. A black font colour should be used for applications with a minimum font size of 10pt. However, it is recognised that to help fit some tables into the space available the text in some tables can be made smaller than 10pt. but no smaller than 8pt.
5. To help assessors with their assessment of applications, all applications should have a table of contents and make use of headers, footers and hyperlinks.
6. CVs, Table 4.4, module descriptions, assessment materials, external examiners’ reports (full certifications only), and response to external examiners (full certifications only) should be included in the word template as Appendices A to E.
Document HistoryIssue Date Comment
Issue 1.0 21 July 2020 First issue of application template for Master’s incorporating Cyber Security.
Issue 2.0 23 June 2021 Second issue.Issue 2.1 22 July 2021 Minor updates to second issue. Table 3.1, update to text regarding
single credit and hours of notional learning. Section 3.3, additional text added to include Master’s delivered by distance learning. Section 4.1.1, additional criterion (ii) introduced. Appendix B, removal of verification and formal methods Indicative Material from KA 0.
Please feel free to delete this page from your completed application.
Page 2 of 83
Issue 2.122 July 2021
Key Changes from Issue 1.0 of Template dated 21 July 2020Section Change
Overall applications must now be submitted using the template
Throughout document text in purple describes what is required in each section of the application the places in the template where applicants have to provide text are denoted by ‘<<<
APPLICANTS … >>>’
Throughout document text in brown is to help guide applicants on what may be an appropriate response to some sections of the application and is provided by way of example only
Throughout document text in red describes the criteria and provides a scoring framework for assessors assessors make comments directly into the template
Section 2.3.1 new section requiring applicants to map the cyber security team members’ knowledge and expertise to CyBOK
Section 2.4 new section requiring applicants to describe the team’s operating model
Section 2.7 section on review and update process has been updated
Section 2.8 section on facilities has been updated
Sections 3 and 4 the original Section 3 has been split into two: new Section 3 covering high level description of the Master’s; new Section 4 covering the taught component of the Master’s degree
Section 3 is now more table based with applicants required to complete entries in tables
Section 4.3 clarification that it is not a requirement that every CyBOK KA has credits allocated to it; rather, across the CyBOK KAs as a whole there must be between 20 and 60 taught credits
Section 4.4.1 Table 4.4 (previously 3.4) showing detailed coverage of KAs to be placed in Appendix B clarification about associated assessments
Section 4.4.2 new section requiring applicants to provide a summary table of the credit allocation across the KAs
Section 5.1 requires description of assessment types being used on taught modules
Section 5.4 new table (Table 5.1) to be completed covering rigour of assessments
Section 5.6 new section covering the process for setting assessments
Section 5.7 new section covering the process for marking assessments
Section 5.8 new section covering plagiarism
Please feel free to delete this page from your completed application.
Page 3 of 83
Issue 2.122 July 2021
Key Changes from Issue 1.0 of Template dated 21 July 2020 (continued)Section Change
Section 5.10 section dealing with external examiners’ reports has been updated
Section 6 renamed ‘Research Dissertations’ rather than ‘Original Research Dissertations’
Section 6.1 new section covering the timeline for research dissertations
Section 6.2 new section covering the governance of the research dissertation process
Section 6.4 new section covering allocation of students to supervisors
Section 6.5 new section covering legal and ethical issues in dissertations
Section 6.7 new section covering plagiarism
Section 7 minor updates
Appendix A staff CVs (as previous issue)
Appendix B Table 4.4, credit allocation across the CyBOK Knowledge Areas Table 4.4 minor updates to: AAA, Law and Regulation, Privacy and Online Rights, Risk
Management and Governance, Secure Software Lifecycle, Security Operations and Incident Management
Table 4.4 major update to Network Security Table 4.4 new KAs: Formal Methods for Security, Applied Cryptography
Appendix C module descriptions
Appendix D assessment materials
Appendix E external examiners’ reports
Please feel free to delete this page from your completed application.
Page 4 of 83
Issue 2.122 July 2021
University of X
Application for Provisional/Full1 Certification of a Master’s Degree Incorporating Cyber Security
1 Please delete ‘full’ or ‘provisional’ as appropriate.
Page 5 of 83
Issue 2.122 July 2021
Table of contents1. Institution’s Letter of Support............................................................................................................................................10
1.1 Signed letter of support for both full and provisional applications...........................................................................10
1.2 For provisional applications......................................................................................................................................10
1.3 Assessment criteria...................................................................................................................................................10
2. Description of the Applicant..............................................................................................................................................11
2.1 Organisational structure............................................................................................................................................11
2.1.1 Assessment criteria...............................................................................................................................................11
2.2 Team structure..........................................................................................................................................................11
2.2.1 Assessment criteria...............................................................................................................................................13
2.3 Team’s ability to deliver the non-cyber part of the Master’s....................................................................................13
2.3.1 Assessment criterion.............................................................................................................................................13
2.4 Team knowledge and expertise in cyber security......................................................................................................13
2.4.1 Mapping of team to CyBOK...................................................................................................................................13
2.4.2 Staff CVs................................................................................................................................................................15
2.4.3 Assessment criteria...............................................................................................................................................15
2.5 Team operation.........................................................................................................................................................15
2.5.1 Assessment criteria...............................................................................................................................................16
2.6 Recent investments...................................................................................................................................................16
2.6.1 Assessment criteria...............................................................................................................................................16
2.7 External linkages.......................................................................................................................................................17
2.7.1 Assessment criteria...............................................................................................................................................17
2.8 Review and update process.......................................................................................................................................17
2.8.1 Assessment criteria...............................................................................................................................................18
2.9 Facilities.................................................................................................................................................................... 18
2.9.1 Assessment criterion.............................................................................................................................................18
2.10 Overall assessment of section 2................................................................................................................................18
3. High Level Description of the Master’s Degree Incorporating Cyber Security....................................................................19
3.1 Key characteristics of the Master’s...........................................................................................................................19
3.1.1 Assessment criteria...............................................................................................................................................19
3.2 Full and provisional certification applications...........................................................................................................20
3.2.1 Full applications....................................................................................................................................................20
3.2.2 Provisional applications........................................................................................................................................20
3.2.3 Assessment criterion.............................................................................................................................................20
3.3 Delivery of the degree...............................................................................................................................................20
3.3.1 Assessment criteria...............................................................................................................................................21
Page of
TABLE OF CONTENTS
Issue 2.122 July 2021
3.4 Aims of the Master’s degree.....................................................................................................................................21
3.4.1 Assessment criteria...............................................................................................................................................21
3.5 Overall assessment of section 3................................................................................................................................21
4. The Taught Component of the Master’s Degree Incorporating Cyber Security.................................................................22
4.1 Compulsory and optional taught modules on the Master’s overall..........................................................................22
4.1.1 Assessment criteria...............................................................................................................................................22
4.2 Compulsory and optional taught cyber security modules.........................................................................................23
4.2.1 Assessment criterion.............................................................................................................................................23
4.3 Number of taught credits that can be mapped to CyBOK Knowledge Areas (KAs)....................................................23
4.3.1 Compulsory modules............................................................................................................................................23
4.3.2 Optional modules..................................................................................................................................................24
4.3.3 Pathways...............................................................................................................................................................24
4.3.4 Assessment criteria...............................................................................................................................................25
4.4 Detailed coverage of KA Topics.................................................................................................................................25
4.4.1 Completion of Table 4.4 in Appendix B.................................................................................................................25
4.4.2 Summary table of credit allocation across the KAs...............................................................................................27
4.4.3 Visual representation of credit allocation across the KAs.....................................................................................27
4.4.4 Assessment criteria...............................................................................................................................................29
4.5 Justification of KA coverage......................................................................................................................................29
4.5.1 Assessment criteria...............................................................................................................................................29
4.6 Module descriptions..................................................................................................................................................29
4.6.1 Assessment criterion.............................................................................................................................................30
4.7 Professional knowledge and skills.............................................................................................................................30
4.7.1 Assessment criterion.............................................................................................................................................30
4.8 Overall assessment of section 4................................................................................................................................30
5. Assessment Materials........................................................................................................................................................31
5.1 Overall approach to assessment...............................................................................................................................31
5.1.1 Assessment criteria...............................................................................................................................................31
5.2 Marking scheme........................................................................................................................................................31
5.2.1 Assessment criterion.............................................................................................................................................31
5.3 Overall grade for the Master’s..................................................................................................................................31
5.3.1 Assessment criterion.............................................................................................................................................32
5.4 Rigour of assessment – cyber security modules only................................................................................................32
5.4.1 Assessment criteria...............................................................................................................................................34
5.5 Justification of 40% pass mark..................................................................................................................................34
5.5.1 Assessment criterion.............................................................................................................................................34
Page of
TABLE OF CONTENTS
Issue 2.122 July 2021
5.6 Setting assessments..................................................................................................................................................34
5.6.1 Assessment criteria...............................................................................................................................................34
5.7 Marking assessments................................................................................................................................................35
5.7.1 Assessment criteria...............................................................................................................................................35
5.8 Detecting and dealing with plagiarism......................................................................................................................35
5.8.1 Assessment criterion.............................................................................................................................................35
5.9 Examination papers – cyber security modules only..................................................................................................35
5.9.1 Provisional application..........................................................................................................................................36
5.9.2 Full application......................................................................................................................................................36
5.10 External examiners’ reports – full application only...................................................................................................36
5.10.1 Assessment criteria...........................................................................................................................................37
5.11 Overall assessment of section 5................................................................................................................................37
6. Research Dissertations.......................................................................................................................................................38
6.1 Timeline.................................................................................................................................................................... 38
6.1.1 Assessment criterion.............................................................................................................................................38
6.2 Governance of the research dissertation process.....................................................................................................38
6.2.1 Assessment criterion.............................................................................................................................................39
6.3 Guidance to students................................................................................................................................................39
6.3.1 Assessment criterion.............................................................................................................................................39
6.4 Identification of dissertation topics...........................................................................................................................39
6.4.1 Assessment criteria...............................................................................................................................................40
6.5 Allocation of students to supervisors........................................................................................................................40
6.5.1 Assessment criterion.............................................................................................................................................40
6.6 Legal and ethical issues.............................................................................................................................................40
6.6.1 Assessment criterion.............................................................................................................................................40
6.7 Monitoring of students’ progress..............................................................................................................................40
6.7.1 Assessment criterion.............................................................................................................................................40
6.8 Detecting and dealing with plagiarism......................................................................................................................41
6.8.1 Assessment criterion.............................................................................................................................................41
6.9 Research dissertations contributing fewer than 40 credits.......................................................................................41
6.9.1 Assessment criterion.............................................................................................................................................41
6.10 Assessment of dissertations......................................................................................................................................41
6.10.1 Assessment criterion........................................................................................................................................42
6.11 For full certification only...........................................................................................................................................42
6.11.1 List of dissertation topics..................................................................................................................................42
6.12 Overall assessment of section 6................................................................................................................................43
Page of
TABLE OF CONTENTS
Issue 2.122 July 2021
7. Student Feedback on the Master’s – Applications for Full Certification Only....................................................................44
7.1 Student satisfaction...................................................................................................................................................44
7.1.1 Assessment criteria...............................................................................................................................................44
7.2 Overall assessment of section 7................................................................................................................................44
8. Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)....................................................................45
8.1 CV for Dr E. F.............................................................................................................................................................45
8.1.1 Personal statement of experience and expertise in cyber security.......................................................................45
8.1.2 Academic background...........................................................................................................................................45
8.1.3 Professional employment.....................................................................................................................................45
8.1.4 Contribution to cyber security at the University of X............................................................................................45
8.1.5 Esteem indicators.................................................................................................................................................45
8.1.6 Cyber security knowledge and expertise indicators..............................................................................................45
8.1.7 Any other information..........................................................................................................................................45
8.2 CV for I. J...................................................................................................................................................................46
8.2.1 Personal statement of experience and expertise in cyber security.......................................................................46
8.2.2 Academic background...........................................................................................................................................46
8.2.3 Professional employment.....................................................................................................................................46
8.2.4 Contribution to cyber security at the University of X............................................................................................46
8.2.5 Esteem indicators.................................................................................................................................................46
8.2.6 Cyber security knowledge and expertise indicators..............................................................................................46
8.2.7 Any other information..........................................................................................................................................46
9. Appendix B: Table 4.4 – Credit Allocation Across the CyBOK Knowledge Areas (Appendix to Section 4 of Application). . .47
10. Appendix C: Module Descriptions (Appendix to Section 4 of Application).........................................................................80
10.1 Cyber Security Foundations module.........................................................................................................................80
10.2 Cryptography module...............................................................................................................................................80
10.3 Network Security module..........................................................................................................................................80
10.4 Malware module.......................................................................................................................................................80
10.5 Forensics module......................................................................................................................................................80
11. Appendix D: Assessment materials (Appendix to section 5 of application).......................................................................81
11.1 Cyber Security Foundations assessments..................................................................................................................81
11.2 Cryptography assessments........................................................................................................................................81
11.3 Network Security assessments..................................................................................................................................81
11.4 Malware assessments...............................................................................................................................................81
11.5 Forensics assessments..............................................................................................................................................81
12. Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application).............................................................82
12.1 External examiners’ reports......................................................................................................................................82
Page of
TABLE OF CONTENTS
Issue 2.122 July 2021
12.2 HEI’s response to external examiners’ reports..........................................................................................................82
Page of
TABLE OF CONTENTS
Issue 2.122 July 2021
1. Institution’s Letter of SupportUp to two sides of A4, excluding explanatory text and assessment criteria.
1.1 Signed letter of support for both full and provisional applicationsPlease provide a signed and dated letter from the Vice Chancellor (or equivalent) showing support for the HEI’s application to have a Master’s degree incorporating cyber security considered for certification by the NCSC.
The letter of support is not graded but must be present. Its purpose is to show that the senior management of the HEI is fully supportive of the application.
Please note that a letter from the Head of Department submitting the application is not acceptable.
The letter should be viewed as an opportunity for the HEI’s senior management to:
demonstrate commitment to the Master’s degree and the cyber security part specifically highlight recent HEI investment in the area of the degree and cyber security, along with any future planned
investment describe the importance of the area of the degree and cyber security in the HEI’s future strategy, etc. outline how Covid-19 is impacting the HEI generally and the Master’s degree specifically along with the steps being
taken by the HEI to deal with the issues being raised
1.2 For provisional applicationsFor those Master’s degrees that have not yet started, it is important that the HEI confirms the start date for the Master’s degree and that the degree will start by (up to and including) October 2023.
For those Master’s degrees that meet the requirements for full certification to be applied for, but the HEI has only chosen to submit a provisional application, it is important that the HEI confirms both that choice and its reasons for doing so.
<<< APPLICANTS INSERT VC’s LETTER DIRECTLY BELOW >>>
1.3 Assessment criteriai. A letter of support from the Vice Chancellor or equivalent must be provided.
ii. If applicable, the Master’s will start by (up to and including) October 2023.iii. If applicable, a provisional application has been justified where a full application could have been made.
For Assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable
i. ☐ ☐ ☐ii. ☐ ☐ ☐ ☐iii. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>
Page 11 of 83
INSTITUTION’S LETTER OF SUPPORT
Issue 2.122 July 2021
2. Description of the ApplicantUp to seven sides of A4, excluding explanatory text, assessment criteria, mapping of team to CyBOK and CVs.
2.1 Organisational structurePlease state the name of the lead group(s) / department(s) responsible for delivering the Master’s degree. Provide an organisational diagram (Figure 2.1) that shows where the lead(s) are situated within the overall structure of the HEI.
<<< APPLICANTS INSERT TEXT AND DIAGRAM DIRECTLY BELOW >>>
The text and figure in brown below are by way of example only.
The Cyber Security Group and the AI Group are responsible for delivering the Master’s. The Groups are led by Dr E. F. and Dr G. H. and are situated within the Department of Computing which is part of the Faculty of Science, Engineering and Mathematics.
Figure 2.1: HEI organisational structure.
2.1.1 Assessment criteriai. The lead group(s) / department(s) responsible for the Master’s appear(s) to be appropriate.
ii. The organisational structure must make it clear where the lead for the Master’s resides within the HEI.
For assessors onlyCriteria Achieved Not Achieved Unclear
i. ☐ ☐ ☐ii. ☐ ☐ ☐Comments (if applicable). <insert text here>
2.2 Team structurePlease complete Table 2.1 that gives the names, roles and responsibilities of the members of staff responsible for delivering the degree content, setting and marking examinations, supervising dissertations, etc. The relevant expertise column should highlight how staff members have the knowledge and experience to successfully carry out their responsibilities. For cyber
Page 12 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
security staff, it is highly recommended to provide hyperlinks to their CVs shown in Appendix A so that assessors can quickly cross check the information in Table 2.1 with the information provided in the CVs.
Where there is a core team delivering the Master’s, it may be helpful to separate the core team from ‘associate’ members of the team.
Where a significant activity (e.g., delivery of a module) is undertaken by a third party, which is not directly employed by the HEI, the contractual relationship with the party should be made clear.
<<< APPLICANTS COMPLETE TABLE 2.1 BELOW AND SUPPLY ADDITIONAL TEXT IF APPLICABLE >>>
The text in brown is by way of example only.Name of Staff
MemberRole Responsibilities Relevant Expertise
CV for Dr E. F. Senior Lecturer delivers modules on Cyber Security Foundations and Research Methods
supervises research projects
broad knowledge of cyber security as evidenced by publication record
Dr G. H.Error: Reference source not found
Reader and Master’s Course Director
ensures overall coherence and quality of Master’s
delivers Introduction to AI module oversees research projects
keynote presenter at recent deep learning conferences
successfully managed and delivered academic programmes over past 10 years
CV for I. J. Lecturer delivers Network Security module supervises research projects
works with government and industry on network security
has successfully supervised 10 cyber security Master’s projects over the past 5 years
Other staff members
…. …. ….
K. L.Error: Reference source not found
External consultant with 3-year contract October 2020 – September 2023
delivers Robotics module supervises research projects in robotics
runs successful industrial robotics company
provides advice on robotics to government and industry
to date, has successfully supervised 6 Master’s robotics projects drawing on real-world problems
Table 2.1: The team responsible for delivering the Master’s.
All team members listed in Table 2.1 are part of the ‘core team’ for delivery of the Master’s. As noted in Table 2.1, K. L. is employed under a (second) three-year contract with the HEI to deliver the Robotics module, to set and mark robotics assessments, and supervise students undertaking research projects in robotics.
Page 13 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
2.2.1 Assessment criteriaiii. Team roles and responsibilities must be appropriate and clear.iv. If applicable, the separation between the core team and associate team must be clear.v. If applicable, the contractual relationship with third parties must be clear and appropriate.
For assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable
iii. ☐ ☐ ☐iv. ☐ ☐ ☐ ☐v. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
2.3 Team’s ability to deliver the non-cyber part of the Master’sPlease describe and justify why the team has the breadth and depth of knowledge and expertise necessary to deliver the non-cyber part of the Master’s to a high standard. As a minimum, this should include:
the team’s track record in research in the field the team’s track record in education in the field esteem indicators for key personnel in the non-cyber part of the team
<<< APPLICANTS INSERT TEXT BELOW >>>
2.3.1 Assessment criterionvi. The team delivering the non-cyber part of the Master’s should demonstrate that it has the appropriate breadth and
depth of knowledge and expertise.
For assessors onlyCriterion Achieved Not Achieved Unclear
vi. ☐ ☐ ☐Comments (if applicable). <insert text here>
2.4 Team knowledge and expertise in cyber security
2.4.1 Mapping of team to CyBOKFor cyber security staff, please complete Table 2.2 that shows their expertise mapped to CyBOK. Use colour coding to indicate an individual’s level of knowledge and expertise2. Use ‘T’ to indicate that an individual teaches a module that includes a significant amount of a particular Knowledge Area. Use ‘S’ to indicate that an individual is able to supervise projects in this Knowledge Area. Please ensure that the name of every member of staff is hyperlinked to their CV.
<<< APPLICANTS COMPLETE TABLE 2.2 BELOW >>>
2 The colours used in Table 2.2 are based on palette 2 from https://medium.com/cafe-pixo/inclusive-color-palettes-for-the-web-bbfe8cf2410e. However, applicants can use any suitable colour-blind friendly palette they think appropriate.
Page 14 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
The entries in the table are by way of example only.
StaffKnowledge Areas
INT RMG HF POR LR MAL ADV FOR SOIM CRY OS DSS FMS AAA SS WM SSL NS HWS ACRY CPS PL
Error: Reference source not found
T
CV for I. J. Error: Reference source not found
S S S T S S
Error: Reference source not found…
…
Key Description#BDD9BF No Knowledge
#929084 Basic Awareness
#FFCF57 Good Knowledge. For example, able to teach material from this KA and supervise Master’s students.
#A997DF Expert. For example, publishes research in the field and/or advises government, industry, academia on the KA.
Table 2.2: Expertise of cyber security members of the team mapped to CyBOK.
Page 15 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
2.4.2 Staff CVsFor every cyber security member of staff named in Table 2.1, please provide a tailored CV (up to 2 sides of A4 in length). This should contain:
a personal statement of experience and expertise in cyber security using the CyBOK KAs as a framework details of academic background details of cyber-security related employment contribution to cyber security at the HEI cyber-security related and other esteem indicators – e.g., editorships, invited talks, membership of national and
international advisory groups cyber-security knowledge and expertise indicators, such as recent publications, work with industry/government,
research activities any other information that might be relevant in demonstrating cyber security expertise
CVs should go in an appendix to section 2.
<<< APPLICANTS INSERT TEXT AND LINK TO CVs DIRECTLY BELOW >>>
By way of example only. Please see Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)
2.4.3 Assessment criteriavii. The CVs must show that cyber security staff members have the relevant expertise to carry out their roles and
responsibilities shown in Table 2.1.viii. The levels of knowledge and expertise shown in Table 2.2 must be consistent with the CVs.
ix. Table 2.2 should be consistent with the table and histogram(s) of credit allocation across the KAs shown in sections 4.4.2 and 4.4.3 and must show that the team as a whole has the expertise to deliver the cyber security element of the degree.
For assessors onlyCriteria Achieved Not Achieved Unclear
vii. ☐ ☐ ☐viii. ☐ ☐ ☐ix. ☐ ☐ ☐Comments (if applicable). <insert text here>
2.5 Team operationPlease describe the operating model adopted by the team for the successful delivery of the Master’s. As a minimum, this should include:
team meetings: for example, the chair, regularity, standing agenda items, tracking actions, etc. team communication allocation of workload across staff members progress monitoring of teaching and research dissertations planning assessments and liaising with external examiners planning marking of dissertations and liaising with external examiners dealing with issues raised by students dealing with urgent and important events that affect the delivery of the Master’s such as Covid-19, staff sickness or
staff departures
<<< APPLICANTS INSERT TEXT DIRECTLY BELOW >>>
Page 16 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
2.5.1 Assessment criteriax. It must be clear that the team operates effectively as a cohesive unit.
xi. It must be clear that the team has a process in place to deal with urgent and important events.
For assessors onlyCriteria Achieved Not Achieved Unclear
x. ☐ ☐ ☐xi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
2.6 Recent investmentsPlease complete Table 2.3 that shows recent investments from the HEI, government, industry etc. in the groups running the Master’s degree programme. Please highlight the benefits to the academic team delivering the Master’s as well as students undertaking the Master’s.
<<< APPLICANTS COMPLETE TABLE 2.3 BELOW >>>
The text in brown is by way of example only.Value of
InvestmentSource of
InvestmentFinancial Year Nature of Investment Benefit to Academic
TeamBenefit to Master’s
Programme
£50K HEI 2019 - 2020 Refurbishment of Cyber Security Group’s forensics laboratory including equipment and software.
Improved facilities for research and teaching.
Master’s students use the upgraded forensics laboratory.
£100K Manufacturer X 2018 – 20192019 - 2020
GPUs to the AI group. GPUs used for research and teaching.
Master’s students use GPUs for their research projects.
£200K HEI 2018 – 2019 New PCs, laptops and peripherals to Department of Computing.
Master’s students have access to more modern devices.
£20K HEI 2017 - 2018 Members of staff in Cyber Security Group able to gain professional cyber security qualifications (e.g., pen tester, risk analyst, etc.).
Improved knowledge and expertise of staff members.
Master’s students benefit from being taught by staff with recognised industry qualifications.
Table 2.3: Recent investments.
2.6.1 Assessment criteriaxii. It must be clear that the academic team responsible for the Master’s has benefitted from recent investments.
xiii. It must be clear that the Master’s programme has also benefitted from investments.
For assessors onlyCriteria Achieved Not Achieved Unclear
xii. ☐ ☐ ☐xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
Page 17 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
2.7 External linkagesPlease complete Table 2.4 that shows external linkages benefitting the academic team and the Master’s programme. For example, visiting lecturers with specialist knowledge from other academic departments, government or industry; projects suggested, and monitored, by industry; etc.
<<< APPLICANTS COMPLETE TABLE 2.4 BELOW >>>
The text in brown is by way of example only.Nature of External Linkage Benefit to Academic Team Benefit to Master’s Programme
External Advisory Board. Meets twice yearly, membership from industry, government and academia. Membership has strong cyber security representation.
Provides advice on cyber security issues affecting external organisations, employment opportunities for graduates, and curriculum development.
Helps ensure Master’s is kept up to date and relevant.
Company X provides series of invited lectures on forensics and suggests topics for research dissertations
Opportunity to network with external companies and gain insight into issues of concern to industry.
Master’s students provided with a set of interesting and relevant topics for their dissertations.
Company Y has donated equipment for joint projects
Opportunity to carry out collaborative research with industry.
Master’s students can make use of equipment in their research.
Membership of the CISSE UK network3. CISSE UK provides external speakers, course materials and cyber security challenges for students
Opportunity for academic staff to meet with colleagues in other universities and to develop ‘best practice’ educational materials.
Master’s students engage in cyber security challenges with students from other universities.
Table 2.4: External linkages.
2.7.1 Assessment criteriaxiv. It must be clear that the team has a range of external linkages that adds value to the academic team.xv. It must be clear that the team has a range of external linkages that adds value to the Master’s.
For assessors onlyCriteria Achieved Not Achieved Unclear
xiv. ☐ ☐ ☐xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
2.8 Review and update processPlease describe the process used to review and renew the course content to keep it up to date. As a minimum, this should include:
how often are changes to the Master’s considered who is involved in the decision-making process what inputs are considered: e.g., input from academic staff, student feedback, industrial advisory group input,
industrial trends, government strategy, etc what criteria are used to evaluate potential changes who is responsible for signing off changes
<<< APPLICANTS INSERT TEXT BELOW >>>
3 https://cisseuk.org
Page 18 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
2.8.1 Assessment criteriaxvi. There must be a clear and appropriate process for reviewing and updating the Master’s programme.xvii. The frequency of reviewing and updating must be appropriate to ensure that the Master’s is kept up to date and
relevant.
For assessors onlyCriteria Achieved Not Achieved Unclear
xvi. ☐ ☐ ☐xvii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
2.9 FacilitiesPlease describe the facilities available to students undertaking the Master’s degree. For each facility, please include a brief justification that it is of sufficient quality and quantity to meet the needs of Master’s students. As a minimum please include:
computer laboratories dedicated equipment and software library on-line journal subscriptions for research dissertations
<<< APPLICANTS INSERT TEXT BELOW >>>
2.9.1 Assessment criterionxviii. Students undertaking the Master’s should have access to a sufficient number of well-equipped modern computer
laboratories with easy access to information on the latest developments in cyber security and the non-cyber part of the degree.
For assessors onlyCriterion Achieved Not Achieved Unclear
xviii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
2.10 Overall assessment of section 2For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
Page 19 of 83
DESCRIPTION OF THE APPLICANT
Issue 2.122 July 2021
3. High Level Description of the Master’s Degree Incorporating Cyber SecurityUp to ten sides of A4, excluding explanatory text and assessment criteria.
3.1 Key characteristics of the Master’sPlease complete Table 3.1.
<<< APPLICANTS COMPLETE TABLE 3.1 BELOW >>>
The text in brown is by way of example only.Confirm that degree meets the characteristics of a Category 2, Specialised or Advanced Study Master’s4
Yes ☒ No ☐
Confirm that the degree is not categorised as a Master’s by Research or Integrated Master’s5
Yes ☒ No ☐
Confirm that one credit is equal to 10 hours of notional learning6 by a student
Yes ☒ No ☐
Name of degree Master’s in AI and Cyber Security
Degree awarded MSc
Total number of credits required for Master’s. If different from 180, please provide brief justification.
180
Number of taught credits. If different from 120, please provide brief justification.
120
Number of credits for research dissertation. If more than 80, please justify that there are a sufficient number of credits to cover the taught content.
60
Provisional or Full certification being applied for.
Provisional ☒ Full ☐
Table 3.1: High level characteristics of the Master’s.
3.1.1 Assessment criteriai. Confirmation that the Master’s is classified as a Category 2 Master’s.
ii. Confirmation that the Master’s is not an Integrated Master’s or Master’s by Research.iii. One credit must equate to a nominal 10 hours of work by a student.iv. Where the total number of credits is different from 180 this must be justified.v. Where the number of taught credits is different from 120 this must be justified.
vi. If the number of credits associated with the research dissertation is more than 80 then the applicant will need to justify that there are still a sufficient number of credits in the taught modules of the degree to cover both the cyber and non-cyber parts of the degree in sufficient breadth and depth.
vii. It must be clear whether full or provisional certification is being applied for.For assessors only
4 https://www.qaa.ac.uk/docs/qaa/quality-code/master's-degree-characteristics-statement8019abbe03dc611ba4caff140043ed24.pdf?sfvrsn=86c5ca81_12, page 55 Master’s by Research (MRes) and Integrated Master’s are both out of scope for this certification.6 https://www.qaa.ac.uk/docs/qaa/quality-code/higher-education-credit-framework-for-england.pdf
Page 20 of 83
HIGH LEVEL DESCRIPTION OF THE MASTER’S DEGREE
Issue 2.122 July 2021
Criteria Achieved Not Achieved Unclear Not Applicablei. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐iv. ☐ ☐ ☐ ☐v. ☐ ☐ ☐ ☐vi. ☐ ☐ ☐ ☐vii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
3.2 Full and provisional certification applicationsPlease complete either section 3.2.1 or section 3.2.2.
3.2.1 Full applications<<< APPLICANTS COMPLETE TABLE 3.2a BELOW >>>
Confirm that the degree had a cohort of students successfully complete the degree in academic year 2020 – 2021.
Yes ☐ No ☐
Confirm that the Master’s is running in academic year 2021 – 2022. Yes ☐ No ☐
Table 3.2a: Full certification application.
3.2.1.1 Assessment criterionviii. The degree must have had a cohort of students successfully complete the degree in academic year 2020 – 2021 and
it must be currently running in academic year 2021 – 2022.
For assessors onlyCriterion Achieved Not Achieved Unclear
viii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
3.2.2 Provisional applications<<< APPLICANTS COMPLETE TABLE 3.2b BELOW >>>
If applicable, confirm that if the Master’s degree has not yet started it will start by (up to and including) October 2023.
Yes ☐ No: ☐ Not applicable ☐
Table 3.2b: Provisional certification application.
3.2.3 Assessment criterionix. Master’s degrees that have not yet started must start by (up to and including) October 2023.
For assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable
ix. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
3.3 Delivery of the degreePlease state the UK campus(es) responsible for delivering the Master’s, including those Master’s degrees delivered by distance learning.
Please describe the use of online learning, particularly in relation to Covid-19.
Page 21 of 83
HIGH LEVEL DESCRIPTION OF THE MASTER’S DEGREE
Issue 2.122 July 2021
If applicable, please state whether the degree is offered on a part-time basis and provide a description of how the degree is structured to accommodate part-time students.
<<< APPLICANTS INSERT TEXT BELOW >>>
3.3.1 Assessment criteriaxi. It must be clear which UK campus(es) is/are responsible for delivering the Master’s.x. It should be clear that on-line learning is being used effectively, in particular for dealing with Covid-19.
xi. If offered as a part-time Master’s, part-time students should cover the same breadth and depth of content as one-year, full time students.
For assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable
x. ☐ ☐ ☐xi. ☐ ☐ ☐xii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
3.4 Aims of the Master’s degreePlease provide a description of the overall aims of the degree, in particular how the cyber-security element complements, and is relevant to, the other subject area(s) of the degree.
Please describe how the Master’s is of value to students, employers and the academic community.
<<< APPLICANTS INSERT TEXT BELOW >>>
3.4.1 Assessment criteriaxii. The overall aims of the degree must be clearly articulated and coherent and the cyber-security element must
complement, and be relevant to, the other subject area(s) of the Master’s.xiii. The Master’s must be of value to students, employers, and the academic community.
For assessors onlyCriteria Achieved Not Achieved Unclear
xiii. ☐ ☐ ☐xiv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
3.5 Overall assessment of section 3For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
Page 22 of 83
HIGH LEVEL DESCRIPTION OF THE MASTER’S DEGREE
Issue 2.122 July 2021
4. The Taught Component of the Master’s Degree Incorporating Cyber SecurityUp to fifteen sides of A4, excluding explanatory text, assessment criteria, Table 4.4 and module descriptions.
4.1 Compulsory and optional taught modules on the Master’s overallPlease complete Table 4.1a and Table 4.1b showing the number of credits associated with compulsory and optional taught modules (if applicable).
Please do not include credits belonging to the research project and dissertation in the tables.
To help assessors, please use short meaningful names (e.g., NetSec) rather than course codes (e.g., XYZ123) for module names.
<<< APPLICANTS COMPLETE TABLES 4.1a and 4.1b BELOW >>>
The text in brown is by way of example only.Name of compulsory module Member(s) of staff delivering module Number of credits
CySecFoundations L. M. 15
Crypt N. O. 15
NetSec P. Q. 15
IntroAI R. S. 15
ProbReason T. U. 15
MachLearn V. W. 15
ResMethods X. Y. 15
Total number of compulsory credits
105
Table 4.1a: Compulsory taught modules.
The text in brown is by way of example only.Name of optional module Member(s) of staff delivering module Number of credits
Malware A. B. 15
Forensics C. D. 15
NatLangProc E. F. 15
Robotics G. H. 15
ProjMgt I. J. 15
Total number of optional credits required to be taken
15
Table 4.1b: Optional taught modules.
4.1.1 Assessment criteriai. The overall structure of the taught component of the degree must be clear: namely, the set of taught modules,
which modules are compulsory and which are optional, and the number of credits awarded for each module.ii. Cyber security must not be the sole focus of the degree – i.e., the cyber-security component must be partnered with
a complementary subject or subjects.iii. The members of staff delivering the taught modules must be clearly identified and listed in section 2.
For assessors onlyCriteria Achieved Not Achieved Unclear
Page 23 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
i. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.2 Compulsory and optional taught cyber security modulesPlease complete Table 4.2a and Table 4.2b showing the structure of the taught cyber security component of the degree.
<<< APPLICANTS COMPLETE TABLES 4.2a and 4.2b BELOW >>>
The text in brown is by way of example only.Name of compulsory cyber
security moduleMember(s) of staff delivering module Number of credits
below L. M. 15
below N. O. 15
below P. Q. 15
Total number of compulsory cyber security credits
45
Table 4.2a: Compulsory taught cyber security modules.
The text in brown is by way of example only.Name of optional cyber security
moduleMember(s) of staff delivering module Number of credits
below A. B. 15
below C. D. 15
Total number of optional cyber security credits that could be taken
15
Table 4.2b: Optional taught cyber security modules.
4.2.1 Assessment criterioniv. Overall, there must be no more than 60 taught credits in cyber security that students could take.
For assessors onlyCriterion Achieved Not Achieved Unclear
iv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.3 Number of taught credits that can be mapped to CyBOK Knowledge Areas (KAs)Notes:
1. Please note that it is not a requirement that every CyBOK KA has credits allocated to it.2. Across the CyBOK KAs as a whole there must be a minimum number (20) of taught cyber security credits and no
more than a maximum number (60) of taught cyber security credits.
4.3.1 Compulsory modules. Please complete Table 4.3a that shows for each compulsory taught module:
to which CyBOK KA(s) the module can be mapped – if it does not map to a KA please state NONE the number of credits in the module the number of credits in the module that can be considered to be addressing the KA(s)
Page 24 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
Please ensure that hyperlinks to the module descriptions are provided.
<<< APPLICANTS COMPLETE TABLE 4.3a BELOW >>>
The text in brown is by way of example only.Name of compulsory
moduleCyBOK KA(s) addressed Number of credits in
moduleEstimated number of
credits in module addressing KA(s)
below CyBOK Introduction, Risk Mgt and Governance, Legal, Adversarial Behaviours
15 15
below Cryptography, Applied Cryptography
15 15
below Network Security 15 15
Total number of compulsory module credits addressing KAs
45
Table 4.3a: Compulsory taught modules in cyber security addressing the KAs.
4.3.2 Optional modulesIf applicable, please complete Table 4.2b that shows the same information as Table 4.2a for each optional taught module.
Please ensure that hyperlinks to the module descriptions are provided.
<<< APPLICANTS COMPLETE TABLE 4.3b BELOW IF APPLICABLE >>>
The text in brown is by way of example only.Name of optional module CyBOK KA(s) addressed Number of credits in
moduleEstimated number of
credits in module addressing KA(s)
below Malware 15 15
below Forensics 15 15
Table 4.3b: Optional taught modules in cyber security addressing the KAs.
4.3.3 PathwaysIf applicable, please complete Table 4.3c that identifies the cyber security pathways that students could take through the degree. For each pathway, please provide an estimate of the total number of credits addressing the KAs.
<<< APPLICANTS COMPLETE TABLE 4.3c BELOW IF APPLICABLE >>>
The text in brown is by way of example only.Pathway Optional cyber security modules
included in pathwayEstimated total number of credits in pathway
addressing KAs (including compulsory and optional cyber security module credits)
Pathway 1 None 45
Pathway 2 Malware 60
Pathway 3 Forensics 60
Page 25 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
Table 4.3c: Pathways that students could take through the cyber security taught component of the Master’s that meet the requirement for a minimum of 20 taught credits and a maximum of 60 taught credits that can be mapped to KAs 0 to 21.
If the Master’s has a large number of flexible pathways, provide a description of which pathways through the Master’s meet the requirement for at least 20 taught credits and a maximum of 60 taught credits that can be mapped to the KAs.
<<< APPLICANTS INSERT TEXT HERE IF APPLICABLE >>>
4.3.4 Assessment criteriav. The credit allocation to the CyBOK KAs shown in Tables 4.3a, b must be appropriate and consistent with the module
descriptions.vi. The completed Tables 4.3a, b, c must show that there is at least one set of cyber security modules that students can
choose that meet the requirement for a minimum of 20 and a maximum of 60 credits that can be mapped to KAs 0 to 21.
vii. If applicable, if a Master’s has several possible pathways that students could choose that meet the 20 to 60 credit requirement then these pathways must be clearly identified.
viii. If applicable, if a Master’s has a large number of possible pathways from which students can choose then the pathways that meet the 20 to 60 credit requirement must be clearly identified.
For assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable
v. ☐ ☐ ☐vi. ☐ ☐ ☐vii. ☐ ☐ ☐ ☐viii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.4 Detailed coverage of KA Topics
4.4.1 Completion of Table 4.4 in Appendix BFor each pathway through the taught component of the degree, please complete below following the example rows provided.
<<< APPLICANTS COMPLETE TABLE 4.4 IN APPENDIX B >>>
Notes:
1. Please use KA 0 to record those modules that are of an underpinning or foundational nature and provide a short narrative noting that this has been done.
2. It is recognised that the number of credits assigned to a KA Topic is an estimate only. Overall, however, the credit allocation across the KAs should be a fair, reasonable and justifiable representation.
3. As noted at the beginning of section 4.3, it is not a requirement that every CyBOK KA has credits allocated to it. Rather, across the CyBOK KAs as a whole there must be a minimum number (20) and maximum number (60) of taught credits.
4. Applications should not be recording fewer than 0.5 credits in a KA.
5. The purpose of Table 4.4 is for applicants to demonstrate how the KA Topics are covered and assessed. To adequately cover a KA Topic, it needs to be clear that a good breadth and depth of the Indicative Material is covered though it should be noted that not all the Indicative Material would be required to be explicitly covered. Moreover, additional Indicative Material rows can be added to Table 4.4 when it is felt that the Indicative Material does not
Page 26 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
adequately represent coverage of the KA Topic in the Master’s degree. Applications must clearly signpost when this has been done and provide a brief justification.
6. Where there are a large number of (flexible) pathways please complete Table 4.4 for a few representative pathways only along with an explanatory narrative.
7. Where a KA Topic and its Indicative Material are covered in good breadth and depth it would be expected that there should be an associated assessment. However, it is recognised that this will not be applicable in all cases especially where the number of credits allocated to a KA Topic is relatively low.
Page 27 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
4.4.2 Summary table of credit allocation across the KAsPlease complete Table 4.5 for each pathway.
<<< APPLICANTS PLEASE COMPLETE TABLE 4.4 BELOW >>>
Path-ways
Total no. of taught cyber sec. credits in pathway
Number of Credits Across Knowledge Areas Total no. of credits across
the KAs
INT RMG HF POR LR MAL ADV FOR SOIM CRY OS DSS FMS AAA SS WM SSL NS HWS ACRY CPS PL
#1
#2 S
…
…
#n
Table 4.5: Summary of credit allocation across the KAs
4.4.3 Visual representation of credit allocation across the KAsFor each pathway, please provide a visual representation (Figure 4.1) of the credit allocation across the KAs for the taught component of the degree – please see the example in Figure 4.1. Where there are a large number of (flexible) pathways please provide Figure 4.1 for a few representative pathways only along with an explanatory narrative.
<<< APPLICANTS INSERT FIGURE 4.1 BELOW >>>
Page 28 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
Figure 4.1: An example for illustrative purposes only of credit allocation across the KAs for a Master’s in Advanced Computing and Cyber Security. Please delete this figure from your application.
Page 29 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
4.4.4 Assessment criteriaix. Table 4.4 must show which KA Topics are covered in the Master’s.x. In Table 4.4 where a KA Topic and its Indicative Material are covered in good breadth and depth it would be
expected that there should be an associated assessment. However, it is recognised that this will not be applicable in all cases especially where the number of credits allocated to a KA Topic is relatively low. The assessments identified should be consistent with the information on assessments shown in section 5 of the application.
xi. Each Pathway in Table 4.5 must show that there are between 20 and 60 taught cyber security credits that can be mapped to KAs 0 to 21.
xii. Each Pathway in Table 4.5 must show that at least 90% of the taught cyber security credits must be able to be mapped to KAs 0 to 21. For example, the situation where there were 60 taught cyber security credits overall but only 30 of these could be mapped to KAs 0 to 21 would not achieve the criterion.
xiii. A visual representation must be provided that clearly shows the distribution of credits across the KAs for the Master’s degree.
For assessors onlyCriteria Achieved Not Achieved Unclear
ix. ☐ ☐ ☐x. ☐ ☐ ☐xi. ☐ ☐ ☐xii. ☐ ☐ ☐xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.5 Justification of KA coveragePlease describe how the overall distribution of credits is consistent with the aims of the degree described in section 3.4.
Please describe and justify how the distribution of credits: provides a coherent body of work for students ensures that students are gaining knowledge about key areas of cyber security that are also relevant to the other
area(s) of study in the Master’s
<<< APPLICANTS INSERT TEXT BELOW >>>
4.5.1 Assessment criteriaxiv. The distribution of credits in the taught component of the Master’s must be consistent with the overall aims of a
Master’s degree incorporating cyber security.xv. The overall distribution of credits across the KAs must be appropriate and coherent, ensuring that students are
gaining knowledge about key areas of cyber security that are also relevant to the other area(s) of study in the Master’s.
For assessors onlyCriteria Achieved Not Achieved Unclear
xiv. ☐ ☐ ☐xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.6 Module descriptionsIn an appendix to this section (Appendix C), please include a module description for each module that addresses a KA Topic in Table 4.4.
Page 30 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
At the beginning of each module description, please provide a table that lists the KA Topics that the module covers along with a brief justification for why this is the case.
The module descriptions should provide good evidence of the KA Topics and Indicative Material coverage claimed in Table 4.4.
<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX C BELOW >>>
By way of example only, please see: Appendix C: Module Descriptions (Appendix to Section 4 of Application)
4.6.1 Assessment criterionxvi. The module descriptions must be consistent with the KA Topic coverage shown in Table 4.4.
For assessors onlyCriterion Achieved Not Achieved Unclear
xvi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.7 Professional knowledge and skillsPlease describe how areas in professional knowledge and skills shown below are addressed in the Master’s degree. It is not a requirement to have a separate dedicated module covering professional knowledge and skills.
Professional Knowledge and Skills
Written and oral communication
Working in teams
Legal and ethical issues for the cyber security professional
Understanding intellectual property
<<< APPLICANTS INSERT TEXT BELOW >>>
4.7.1 Assessment criterionxvii. Professional knowledge and skills should be addressed in the Master’s degree.
For assessors onlyCriterion Achieved Not Achieved Unclear
xvii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
4.8 Overall assessment of section 4For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
Page 31 of 83
TAUGHT COMPONENT OF THE MASTER’S DEGREE
Issue 2.122 July 2021
5. Assessment MaterialsUp to seven sides of A4, excluding explanatory text, assessment criteria and copies of assessments.
5.1 Overall approach to assessmentPlease describe the overall approach to assessment of the taught modules on the Master’s degree. This should include:
the range of assessment types used – e.g., traditional examinations, online examinations, coursework, practicals, literature reviews, multiple choice questions, group work, presentations, etc.
a justification of why these assessment types are appropriate a description of the process involved in deciding the assessment types to use for individual taught modules
<<< APPLICANTS INSERT TEXT BELOW >>>
5.1.1 Assessment criteriai. The range of assessment types used is clear and appropriate – it would be desirable to see a mix of assessment
types being used across the taught modules.ii. There is a clear and appropriate process for deciding which assessment types to use for individual taught modules.
For assessors onlyCriteria Achieved Not Achieved Unclear
i. ☐ ☐ ☐ii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.2 Marking schemeIf available, please provide an overall marking scheme that shows what a student must demonstrate to be awarded a particular mark on a taught module.
<<< APPLICANTS INSERT MARKING SCHEME BELOW >>>
5.2.1 Assessment criterioniii. If available, the marking scheme must clear, appropriate and consistent.
For assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable
iii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.3 Overall grade for the Master’sPlease describe how the overall mark for the Master’s is determined from the marks for the taught modules and the mark for the research dissertation.
Please describe the how the overall grade (e.g., pass, merit, distinction) for the Master’s is determined.
Please describe the process for compensation, if applicable.
<<< APPLICANTS INSERT TEXT BELOW >>>
Page 32 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
5.3.1 Assessment criterioniv. The process to determine the overall grade awarded for the Master’s from the individual modules and research
dissertation must be clear and appropriate.
For assessors onlyCriterion Achieved Not Achieved Unclear
iv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.4 Rigour of assessment – cyber security modules onlyPlease complete Table 5.1 for each assessed taught cyber security module.
Please include hyperlinks to the assessments in Appendix D.
If the average ratio of bookwork to critical analysis / application across all the taught cyber security modules is greater than 60:40, please provide a clear justification for this value.
<<< APPLICANTS COMPLETE TABLE 5.1 BELOW >>>
Page 33 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
The text in brown is by way of example only.Module Pass mark Assessment types and relative
weightingsEstimate for % of bookwork
in assessmentsEstimate for % of critical analysis / application
in assessmentsJustification for assessment types and ratio of bookwork to critical analysis
below (C) 50% CWK-1 (50%), CWK-2 (50%) 40 60 Both courseworks present students with novel real-world scenarios in which they have to apply knowledge, understanding and critical analysis.
below (C)
below (C) 50% CWK (30%), Practical (30%), Exam (40%)
30 70 The coursework presents students with a real-world scenario for which they have to develop a secure network solution. The practical tests a student’s ability to construct and test networks. The exam tests both knowledge and application.
below (O)
below (O)
Average ratio of bookwork to critical analysis / application across all the taught cyber security modules: <<< APPLICANTS INSERT VALUE BELOW >>>
Table 5.1: The assessments used for compulsory and optional taught cyber security modules.
Page 34 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
5.4.1 Assessment criteriav. For each taught cyber security module, the assessment types and their relative weightings must be clear and
appropriate.vi. For each taught cyber security module, the ratio of bookwork to critical analysis / application must be clear and
justified.vii. Where the overall, average ratio of bookwork to critical analysis / application for cyber security assessments is
greater than 60:40 this must be clearly justified.
For assessors onlyCriteria Achieved Not Achieved Unclear Not Applicable
v. ☐ ☐ ☐vi. ☐ ☐ ☐vii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.5 Justification of 40% pass markWhere the pass mark for taught modules, dissertation and/or the degree overall is set at, or close to, 40% please provide a justification that students achieving this pass mark have achieved and demonstrated sufficient knowledge and understanding at Master’s level.
<<< APPLICANTS INSERT TEXT BELOW IF APPLICABLE >>>
By way of example, it may be appropriate here to refer to the marking scheme that shows what a student has to be able to demonstrate in order to achieve a pass mark of 40%.
5.5.1 Assessment criterionviii. Where the pass mark for taught modules, dissertation and/or the degree overall is set at, or close to, 40% it should
be clear that students attaining this pass mark will have sufficiently demonstrated their knowledge, understanding and application at Master’s level.
For assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable
viii. ☐ ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.6 Setting assessmentsPlease describe the process for setting assessments. As a minimum, this should include:
who is responsible for setting the assessments and marking criteria for a taught module who is responsible for verifying the suitability of the assessments and marking criteria for a taught module who oversees assessment setting across all taught modules to ensure consistency how and when are the external examiners engaged to ensure appropriate standards are maintained for Master’s
assessments
<<< APPLICANTS INSERT TEXT BELOW >>>
5.6.1 Assessment criteriaix. The process for setting, verifying and overseeing assessments must be clear and appropriate.x. The process for engaging with the external examiners regarding assessment setting must be clear and appropriate.
For assessors onlyPage 35 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
Criteria Achieved Not Achieved Unclearix. ☐ ☐ ☐x. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.7 Marking assessmentsPlease describe the process for marking assessments. As a minimum, this should include:
who is responsible for marking the assessments for a taught module which assessments have both first and second markers who oversees marking across all assessments and modules to ensure consistency how and when are the external examiners engaged to ensure appropriate standards are maintained for the marking
of Master’s assessments
<<< APPLICANTS INSERT TEXT BELOW >>>
5.7.1 Assessment criteriaxi. The process for marking assessments must be clear and appropriate.
xii. The process for engaging with the external examiners regarding assessment marking must be clear and appropriate.
For assessors onlyCriteria Achieved Not Achieved Unclear
xi. ☐ ☐ ☐xii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.8 Detecting and dealing with plagiarism7
Please describe the processes and procedures that are in place to detect and deal with plagiarism on the taught component of the Master’s, particularly for coursework and on-line examinations.
<<< APPLICANTS INSERT TEXT BELOW >>>
5.8.1 Assessment criterionxiii. There must be a robust and effective system in place to detect and deal with plagiarism by students on the taught
component of the Master’s degree.
For assessors onlyCriterion Achieved Not Achieved Unclear
xiii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.9 Examination papers – cyber security modules onlyPlease complete either section 5.9.1 or section 5.9.2.
5.9.1 Provisional applicationFor each of the cyber security modules listed in Table 5.1 please provide a copy of examination paper(s) that students have sat or specimen paper(s) of the examinations they will sit. For assessed coursework, please provide copies of all assignments (to be) provided to students. For each assessed coursework also provide a specific, tailored, marking scheme, or a narrative
7 A useful discussion of plagiarism and the forms of plagiarism can be found at: https://www.ox.ac.uk/students/academic/guidance/skills/plagiarism#:~:text=Plagiarism%20is%20presenting%20someone%20else's,is%20covered%20under%20this%20definition
Page 36 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
explaining what the marker would expect a student to provide in a good response. This information should be placed in an Appendix D: Assessment materials (Appendix to section 5 of application)ppendix (Appendix D) to section 5 of the application.
<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX D BELOW >>>
By way of example only, please see Appendix D: Assessment materials (Appendix to section 5 of application)
5.9.1.1 Assessment criterionxiv. The assessments must rigorously test students’ understanding and critical analysis of the KA Topics being studied.
For assessors onlyCriterion Achieved Not Achieved Unclear
xiv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.9.2 Full applicationFor academic year 2021 – 2022, for each of the cyber security modules listed in Table 5.1, please provide a copy of the examination paper(s) that students sat. For assessed coursework, provide copies of all assignments provided to students. For each assessed coursework also provide a specific, tailored, marking scheme, or a narrative explaining what the marker would expect a student to provide in a good response. This information should be placed in an Appendix D: Assessment materials (Appendix to section 5 of application)ppendix (Appendix D) to section 5 of the application.
<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX D BELOW >>>
By way of example only, please see: Appendix D: Assessment materials (Appendix to section 5 of application)
5.9.2.1 Assessment criterionxv. The assessments must rigorously test students’ understanding and critical analysis of the KA Topics being studied.
For assessors onlyCriterion Achieved Not Achieved Unclear
xv. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.10 External examiners’ reports – full application onlyPlease describe the process for engagement with the external examiners. As a minimum, this should include:
the points during the academic year at which engagement with the external examiners happens reviewing of assessment materials by the external examiners reviewing of assessment marks by the external examiners and moderation of results reviewing of research dissertations by the external examiners and moderation of results
Please describe the technical background and experience of the external examiners.
For academic year 2020 – 2021, please provide a copy of the external examiners’ reports8 - these should be placed in Appendix E.
For academic year 2020 – 2021, please provide a copy of the HEI’s response to the external examiners’ reports and any follow-up actions that have been undertaken in response to the reports. These should be placed in Appendix E.
8 Where the external examiners’ reports for 2020-21 are not available by the submission deadline, please provide the most recent reports and the HEI’s response. Please state when the 2020 21 reports and response will be available and submit them as soon as they are available.
Page 37 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
<<< APPLICANTS INSERT TEXT AND LINK TO APPENDIX E BELOW >>>
By way of example only, please see: Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application)
5.10.1 Assessment criteriaxvi. The process for engaging with the external examiners should be clear and appropriate.
xvii. The external examiners should have the appropriate technical background.xviii. The external examiners’ reports must provide a positive picture for both the Master’s degree overall and the cyber
security part.xix. The progress to any follow-on actions suggested by the external examiners should be made clear.
For assessors onlyCriterion Achieved Not Achieved Unclear
xvi. ☐ ☐ ☐xvii. ☐ ☐ ☐xviii. ☐ ☐ ☐xix. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
5.11 Overall assessment of section 5For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
Page 38 of 83
ASSESSMENT MATERIALS
Issue 2.122 July 2021
6. Research DissertationsUp to seven sides of A4, excluding explanatory text, assessment criteria and list of dissertation topics.
6.1 TimelinePlease complete Table 6.1 that shows the key events and decision points during the academic year leading to the submission and marking of research dissertations. Please adapt Table 6.1 as appropriate if your HEI does not use a semester model.
<<< APPLICANTS COMPLETE TABLE 6.1 BELOW >>>
Text in brown is by way of example only.Semester Activities
01 October to 31 January November – Research Methods module starts December – staff present / make available their ideas for research projects January – external companies present their ideas for research projects January – students encouraged to have informal discussions with staff regarding
research projects
01 February to 31 May February – students submit an outline of their proposed research as part of a paper for the Research Methods module
March – staff assess Research Methods papers and supervisors are allocated to students April – students submit a project plan for their research dissertations to their supervisors April / May – students receive feedback on project plans from supervisors
01 June to 30 September June – students start work on their projects June to September – students meet regularly with supervisors to report progress End-September – students submit their dissertations
October onwards vivas held marking of dissertations by supervisors and second markers moderation of dissertation marks across all dissertations
Table 6.1: Research dissertation timeline.
6.1.1 Assessment criterioni. The activities involved in the identification of potential research topics as well as the initiation, production and
marking of research dissertations must be clearly laid out, appropriate and timely.
For assessors onlyCriterion Achieved Not Achieved Unclear
i. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.2 Governance of the research dissertation processPlease describe the governance of the research dissertation process. As a minimum, this should include:
who has overall responsibility for ensuring the process is properly coordinated and carried out which members of staff are involved in the research dissertation process what happens in the case that a student proposes a research topic for which there is no suitable supervisor what happens in the case that two or more students apply to carry out the same research topic with the same
supervisor what happens in the case that a student is unable to find a suitable area of research for their dissertation what happens in the case that a student is failing to make satisfactory progress in their research how is the situation resolved when first and second markers differ significantly in their marks awarded
Page 39 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
<<< APPLICANTS INSERT TEXT BELOW >>>
6.2.1 Assessment criterionii. There must be a robust governance process in place for research dissertations.
For assessors onlyCriterion Achieved Not Achieved Unclear
ii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.3 Guidance to studentsPlease describe the guidance the HEI provides, or will provide, to Master’s students before they embark on their dissertations, for example:
research methods what makes a good dissertation topic how to formulate a research question the structure of dissertations best practice for undertaking a research dissertation carrying out literature reviews presentations from members of staff / external companies on possible research topics, etc.
Although including extracts from a student handbook (within the overall page limits) is acceptable, please do not include a student handbook with the application.
<<< APPLICANTS INSERT TEXT BELOW >>>
6.3.1 Assessment criterioniii. Students receive suitable background guidance on undertaking research dissertations.
For assessors onlyCriterion Achieved Not Achieved Unclear
iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.4 Identification of dissertation topicsPlease describe the process whereby students choose their dissertation topics, for example:
is it up to students to come up with topic ideas do members of staff identify possible topics does the HEI have links with industry partners who might suggest topics once a student has a potential topic, what do they have to do to get it formally approved how it is ensured that for those dissertations including cyber security the cyber security component will be within
the scope of the CyBOK KAs
<<< APPLICANTS INSERT TEXT BELOW >>>
6.4.1 Assessment criteriaiv. There must be a clear and appropriate process that supports students to identify research topics for their
dissertations.
Page 40 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
v. There must be a clear and appropriate process to ensure that for those dissertations including cyber security the cyber security element will be within the scope of the CyBOK KAs.
For assessors onlyCriteria Achieved Not Achieved Unclear
iv. ☐ ☐ ☐v. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.5 Allocation of students to supervisorsPlease describe the process whereby students are allocated to suitably knowledgeable supervisors.
<<< APPLICANTS INSERT TEXT BELOW >>>
6.5.1 Assessment criterionvi. There must be a clear and appropriate process for allocation of students to suitably knowledgeable supervisors.
For assessors onlyCriterion Achieved Not Achieved Unclear
vi. ☐ ☒ ☐Comments (if applicable). <assessors insert text here>
6.6 Legal and ethical issuesPlease describe how it is ensured that before a student embarks on their dissertation any legal and ethical issues have been considered and addressed and the student has been given approval to proceed.
<<< APPLICANTS INSERT TEXT BELOW >>>
6.6.1 Assessment criterionvii. There must be a clear and appropriate process in place to ensure that students have properly considered and
addressed any legal and ethical issues that may arise in their dissertations and have been given approval to proceed.
For assessors onlyCriterion Achieved Not Achieved Unclear
vii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.7 Monitoring of students’ progressPlease describe the process for monitoring the progress of students on their dissertations. Please describe what action is taken when a student is not making satisfactory progress.
<<< APPLICANTS INSERT TEXT BELOW >>>
6.7.1 Assessment criterionviii. There needs to be a well-defined and suitable process for monitoring the progress of students to ensure that
students are making appropriate progress and where this is not happening suitable corrective action is taken.
For assessors only
Page 41 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
Criterion Achieved Not Achieved Unclearviii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.8 Detecting and dealing with plagiarism9
Please describe the processes and procedures that are in place to detect and deal with plagiarism for the research dissertation. In the case where there is no viva as part of the assessment process, please describe how it is guaranteed that a dissertation is a student’s own work.
<<< APPLICANTS INSERT TEXT BELOW >>>
6.8.1 Assessment criterionix. There must be a robust and effective system in place to detect and deal with plagiarism by students undertaking
their research dissertations.
For assessors onlyCriterion Achieved Not Achieved Unclear
ix. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.9 Research dissertations contributing fewer than 40 creditsFor Master’s degrees in which the research dissertation accounts for fewer than 40 credits, please describe how students are able to gain sufficient understanding and experience of undertaking a research project.
<<< APPLICANTS INSERT TEXT BELOW IF APPLICABLE>>>
6.9.1 Assessment criterionx. For Master’s degrees in which the research dissertation accounts for fewer than 40 credits, it should be clear that
students are still able to gain sufficient understanding and experience of undertaking a research project.
For Assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable
x. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>
6.10 Assessment of dissertationsPlease describe the process for assessing dissertations. As a minimum, this should include:
the role of first and second markers the process when the first and second markers differ significantly on the marks they award the marks awarded to the dissertation, the viva and any other component of the dissertation process
In addition, please provide a specific, tailored marking scheme for dissertations clearly showing how grades are determined and what would be necessary for each of a distinction, merit or pass10. Please indicate whether this or other similar guidance is provided to students.
<<< APPLICANTS INSERT TEXT AND MARKING SCHEME BELOW >>>
9 A useful discussion of plagiarism and the forms of plagiarism can be found at: https://www.ox.ac.uk/students/academic/guidance/skills/plagiarism#:~:text=Plagiarism%20is%20presenting%20someone%20else's,is%20covered%20under%20this%20definition10 Where the classifications of distinction / merit / pass are not used, please refer to the grades that are used by the HEI.
Page 42 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
6.10.1 Assessment criterionxi. There needs to be a well-defined and rigorous process for the assessment of dissertations.
For assessors onlyCriterion Achieved Not Achieved Unclear
xi. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
6.11 For full certification only
6.11.1 List of dissertation topicsFor each of academic years 2020 – 2021 and 2019 – 2020 (if any), provide a list of Master’s dissertations undertaken by students – please complete Tables 6.2a, b.
Where a dissertation has a significant element of cyber security, please identify which KA(s) the dissertation applies to and provide a succinct summary of the contribution that the dissertation has made to cyber security and/or to the application of cyber security.
Where there were more than 20 students undertaking dissertations in an academic year, provide information for a representative sample of 20 dissertations only.
<<< APPLICANTS COMPLETE TABLES 6.2a AND 6.2b BELOW >>>
Dissertation title Synopsis of dissertation CyBOK KA(s) addressed (if applicable)
External involvement (if applicable)
…
…
…
…
Table 6.2a: List of dissertations for 2020 – 2021.
Dissertation title Synopsis of dissertation CyBOK KA(s) addressed (if applicable)
External involvement (if applicable)
…
…
…
…
Table 6.2b: List of dissertations for 2019 – 2020 (if any).
Page 43 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
6.11.1.1 Assessment criteriaxii. The list of dissertation topics must show that where dissertations have a cyber-security component the topics are
within the scope of the CyBOK Knowledge Areas.
xiii. From the list of dissertation topics where dissertations have a cyber-security component it must be clear that the dissertation has made an appropriate contribution to cyber security and/or the application of cyber security
For assessors onlyCriterion Achieved Not Achieved Unclear Not Applicable
xii. ☐ ☐ ☐ ☐xiii. ☐ ☐ ☐ ☐Comments (if applicable). <insert text here>
6.12 Overall assessment of section 6For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
Page 44 of 83
RESEARCH DISSERTATIONS
Issue 2.122 July 2021
7. Student Feedback on the Master’s – Applications for Full Certification OnlyUp to three sides of A4, excluding explanatory text and assessment criteria.
7.1 Student satisfactionPlease describe how the HEI encourages Master’s students to participate in the feedback process.
Please provide the results of student satisfaction from activities such as:
PTES11
collated feedback from students on the Master’s modules collated feedback from staff-student liaison committees results
Please describe any actions taken by the HEI as a result of student feedback.
<<< APPLICANTS INSERT TEXT BELOW >>>
7.1.1 Assessment criteriai. The HEI should encourage students to provide feedback on the Master’s.
ii. The results of student satisfaction surveys should paint a largely positive picture of students’ learning experience on the Master’s.
iii. The HEI should be able to demonstrate progress on any key issues raised by such surveys.
For Assessors onlyCriteria Achieved Not Achieved Unclear
i. ☐ ☐ ☐ii. ☐ ☐ ☐iii. ☐ ☐ ☐Comments (if applicable). <assessors insert text here>
7.2 Overall assessment of section 7For assessors only
Overall Grade Overall Comments
<assessors insert grade here> <if applicable, assessors insert text here>
11 https://www.advance-he.ac.uk/reports-publications-and-resources/postgraduate-taught-experience-survey-ptes
Page 45 of 83
STUDENT NUMBERS AND GRADES ACHIEVED
Issue 2.122 July 2021
8. Appendix A: Cyber Security Staff CVs (Appendix to Section 2 of Application)Up to two sides of A4 per CV
Please follow the structure below for each CV. For each CV, it is important to get across the person’s knowledge, experience and skills in cyber security.
Return to above
By way of example only:
8.1 CV for Dr E. F.
8.1.1 Personal statement of experience and expertise in cyber securityProvide a succinct summary of the person’s experience and expertise in cyber security using the CyBOK KAs12 as a framework.
8.1.2 Academic backgroundInclude here items such as qualifications obtained, subjects, year, institution, a few key publications.
8.1.3 Professional employmentDescribe professional positions of employment, highlighting those relevant to cyber security.
8.1.4 Contribution to cyber security at the University of XDescribe what the person does at the HEI that is relevant to cyber security.
8.1.5 Esteem indicatorsFor example, editorships, invited talks, membership of national and international advisory groups. Highlight those relevant to cyber security.
8.1.6 Cyber security knowledge and expertise indicatorsFor example, recent publications, work with industry/government, research activities.
8.1.7 Any other informationInclude any other information that might be relevant in demonstrating the person’s cyber security expertise.
Return to above
12 https://www/cybok.org.
Page 46 of 83
APPENDIX A: STAFF CVs
Issue 2.122 July 2021
8.2 CV for I. J.
8.2.1 Personal statement of experience and expertise in cyber securityProvide a succinct summary of the person’s experience and expertise in cyber security using the CyBOK KAs as a framework.
8.2.2 Academic backgroundInclude here items such as qualifications obtained, subjects, year, institution, a few key publications.
8.2.3 Professional employmentDescribe professional positions of employment, highlighting those relevant to cyber security.
8.2.4 Contribution to cyber security at the University of XDescribe what the person does at the HEI that is relevant to cyber security.
8.2.5 Esteem indicatorsFor example, editorships, invited talks, membership of national and international advisory groups. Highlight those relevant to cyber security.
8.2.6 Cyber security knowledge and expertise indicatorsFor example, recent publications, work with industry/government, research activities.
8.2.7 Any other informationInclude any other information that might be relevant in demonstrating the person’s cyber security expertise.
Return to above
Page 47 of 83
APPENDIX A: STAFF CVs
Issue 2.122 July 2021
9. Appendix B: Table 4.4 – Credit Allocation Across the CyBOK Knowledge Areas (Appendix to Section 4 of Application)Please complete Table 4.4 below.
The example for the Risk Management and Governance KA is provided here for guidance only.
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security.
Exam
ple
Onl
y
Broad Category Knowledge Area Topics Indicative Material Modules providing significant coverage
Modules providing partial
coverage
Assessment Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
1. Risk Management and Governance
Risk Definitions
risk assessment CySecFoundationsCySecFoundations-CWK Error: Reference source not found
2risk management CySecFoundations
levels of perceived risk CySecFoundations
Risk Governance
governance models CySecFoundations
1
risk perception factors CySecFoundations
human factors and risk communication
security culture
enacting security policy
An example for illustrative purposes only of how the first two topics in Risk Management and Governance are covered by modules in the Master’s degree.
Page 48 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Exam
ple
Onl
y
Broad Category Knowledge Area Topics Indicative Material Modules providing significant coverage
Modules providing partial
coverage
Assessment Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
1. Risk Management and Governance
Risk Assessment and Management Principles
component versus systems perspectives
CySecFoundations-CWK
2elements of risk CySecFoundations
risk assessment and management methods
CySecFoundations
security metrics
Business Continuity: Incident Response and Recovery Planning
ISO/IEC 27035
1
NCSC guidance CySecFoundations
other guidance CySecFoundations
An example for illustrative purposes only of how the third and fourth topics in Risk Management and Governance are covered by modules in the Master’s degree.Please note that in this example an additional row of Indicative Material has been added to reflect other guidance for Business Continuity and Planning that is partially covered in the CySecFoundations module.
Page 49 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
<<<. APPLICANTS COMPLETE TABLE 4.4 BELOW WHICH CONTINUES OVER A NUMBER OF PAGES >>>
Table 4.4Broad
CategoryKnowledge
AreaTopics Indicative Material Modules providing
significant coverageModules providing partial
coverageAssessments Approximate
number of credits
NA0. CyBOK Introduction
Foundational Concepts
objectives of cyber security
definition of cyber security
failures and incidents
risk management
Principles
Saltzer and Schroeder principles
NIST principles
latent design conditions
Precautionary Principle
Cross-cutting Themes
security economics
security architecture and lifecycle
Page 50 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
1. Risk Management and Governance
Risk Definitionsrisk assessment
risk management
levels of perceived risk
Risk Governance
governance models
risk perception factors
human factors and risk communication
security culture
enacting security policy
Risk Assessment and Management Principles
component versus systems perspectives
elements of risk
risk assessment and management methods
risk assessment and management in cyber-physical systemsrisk assessment and management in cyber physical systemsvulnerability management
security metrics
Business Continuity: Incident Response and Recovery Planning
ISO/IEC 27035
NCSC guidance
Page 51 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
2. Human Factors
Usable Security assessment criteria
mental models of security
Fitting the Task to the Human
human capabilities and limitations
short-term memory
long-term memory
human biases
needs of specific groups
goals and tasks
interaction context
device capabilities and limitations
Human Error
latent usability failures in systems-of-systems
thinking fast and slow
shadow security
security hygiene
Awareness and Education
terms
new approaches
mental models of cyber risks and defences
Positive Security fear uncertainty and doubt
people are not the weakest link
Stakeholder Engagement
employees
software developers
Page 52 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
3. Privacy and Online Rights
Confidentiality data confidentiality
metadata confidentiality
Controlprivacy settings configuration
privacy policy negotiation
privacy policy interpretability
Transparency feedback-based transparency
audit-based transparency
Privacy Technologies and Democratic Values
privacy technologies as support to democratic political systemscensorship resistance and freedom of speech
Privacy Engineeringgoals
strategies
privacy evaluation
Page 53 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
4. Law and Regulation
Introductory Principles of Legal Research
nature of law and legal analysis
applying law to cyberspace and information technologiescriminal law
civil law
liability and courts
evidence and proof
holistic approaches to legal risk analysis
Jurisdictionprescriptive jurisdiction
enforcement jurisdiction
data sovereignty
Privacy Laws in General and Electronic Interception
international norms
interception by a state
interception by persons other than state
enforcement of privacy laws
Data Protection
subject matter and regulatory focus
core regulatory principles
investigation and prevention of crime
personal data breach notification
enforcement and penalties
Computer Crime
crimes against information systems
de minimis exceptions to crimes against information systemsthe enforcement of, and penalties for, crimes against information systemswarranted state activity
research and development activities conducted by non-state personsself-help disfavoured: software locks and hack-back
Page 54 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
4. Law and Regulation
Contract
on-line contracts
encouraging security standards via contract
warranties and their exclusion
limitations of liability and exclusions of liability
breach of contract and remedies
effects of contract on non-contracting parties
conflict of law - contracts
Intellectual Property
understanding intellectual property
catalogue of intellectual property rights
enforcement – remedies
reverse engineering
international treatment and conflict of law
Internet Intermediaries
shields from liability
take-down protection
Dematerialisation of Documents and Electronic Trust Services
admission into evidence of electronic documentsrequirements of form and the threat of unenforceabilityelectronic signatures and identity trust services conflict of law – electronic signatures and trust services
Page 55 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
A. Human, Organisational and Regulatory Aspects
4. Law and Regulation
Other Regulatory Matters
industry-specific regulations
restrictions on exporting security technologies
matters classified as secret by a state
Public International Law
attributing action to a state under international lawstate cyber operations in general
cyber espionage in peacetime
cross-border criminal investigation
the law of armed conflict
Ethicsobligations owed to a client
codes of conduct
vulnerability testing
Page 56 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
B. Attacks and Defences
5. Malware and Attack Technologies
Malware Taxonomydimensions
kinds
potentially unwanted programs
Malicious Activities by Malware
attack on confidentiality, integrity, availability
cyber kill chain
underground eco-system
Malware Analysis
analysis techniques
analysis environments
anti-analysis and evasion techniques
identifying the analysis environment
Malware Detectionidentifying the presence of malware
evasion and countermeasures
attack detection
Malware Response disrupting malware operations
attribution
Page 57 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
B. Attacks and Defences
6. Adversarial Behaviours
Characterisation of Adversaries
cyber-enabled crime vs cyber-dependent crimeinterpersonal crimes
cyber-enabled organised crime
cyber-dependent organised crime
hacktivists
state actors
Elements of a Malicious Operation
affiliate programmes
infection vectors
infrastructure
specialised services
human services
payment methods
Models
attack trees
kill chains
environmental criminology
flow of capital
attribution
Page 58 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
B. Attacks and Defences
7. Forensics
Definitions and Conceptual Models
forensic science
cyber domain
digital (forensic) trace
legal concerns and the Daubert Standard
definitions
conceptual models
Operating System Analysis
storage forensics
data acquisition
filesystem analysis
block device analysis
data recovery and file content carving
Main Memory Forensics
process information
file information
network connections
artifacts and fragments
challenges of live forensics
Application Forensics
case study: e.g., web browsers
Cloud Forensicsservices
forensics challenges
SaaS forensics
Artifact Analysis
cryptographic hashing
block-level analysis
approximate analysis
cloud-native artifacts
Broad Knowledge Topics Indicative Material Modules providing Modules providing partial Assessments Approximate
Page 59 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Category Area significant coverage coverage number of credits
B. Attacks and Defences
8. Security Operations and Incident Management
Fundamental Concepts
workflows and vocabulary
architectural principles
Monitor: Data Sources
network traffic
network aggregates: netflow
network infrastructure information
application logs: web server logs and files
system and kernel logs
Syslog
Analyse: Analysis Methods
misuse detection
anomaly detection
machine learning
testing and validating intrusion detection systemsthe base-rate fallacy
contribution of SIEM to analysis and detection
Plan: Security Information and Event Management
data collection
alert correlation
security operations and benchmarking
Execute: Mitigation and Countermeasures
intrusion prevention systems
SIEM platforms and countermeasures
SOAR: impact and risk assessment
site reliability engineering
Knowledge: Intelligence and Analysis
cyber security knowledge management
honeypots and honeynets
cyber-threat intelligence
situational awareness
Human Factors: Incident Management
prepare: incident management planning
handle: actual incident response
follow up: post incident activities
Page 60 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Page 61 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
C. System Security
9. Cryptography
Schemes
AES
RSA
DES
PKCS
DSA
Kerberos
TLS
Symmetric Cryptography
symmetric primitives
symmetric encryption and authentication
Public-Key Cryptography
public-key encryption
public-key signatures
Cryptographic Security Models
basic security definitions
hard problems
setup assumptions
simulation of cryptographic operations
universal composability
Information-Theoretically Secure Constructions
one-time pad
secret sharing
Standard Protocols authentication protocols
key agreement protocols
Advanced Protocols
oblivious transfer
zero knowledge
Sigma protocols
secure multi-party computation
Public-Key Schemes group signatures
Page 62 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
with Special Properties
ring signatures
blind signatures
identity-based encryption
linearly homomorphic encryption
fully homomorphic encryption
Page 63 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
C. System Security
10. Operating Systems and Virtualisation
Attacker Model attack surface
threats to security for modern OSs
Role of Operating Systems
mediation
design choices
virtual machines
IOT
security domains
isolation
OS Security Principles
security models
newer principles
Saltzer and Schroeder’s principles
Primitives for Isolation and Mediation
protection rings
low-end devices and IOT
Multics
trusted computer system evaluation criteria
memory protection and address spaces
capabilities
physical access and secure deletion
authentication and identification
modern hardware extensions for memory protection
OS Hardening
information hardening
control-flow restrictions
partitioning
code and data integrity checks
anomaly detection
formal verification
Related Areas databases
Page 64 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Embracing Security PaX Team
GRSecurity
Page 65 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
C. System Security
11. Distributed Systems Security
Classes of Distributed Systems
decentralised point-to-point interactions across distributed entities without a centralised coordination servicecoordinated clustering across distributed resources and services
Classes of Vulnerabilities and Threats
access/admission control and ID management
data transportation
resource management and coordination servicesdata security
Decentralised P2P Models
principles
unstructured P2P protocols
structured P2P protocols
hybrid P2P protocols
hierarchical P2P protocols
Attacking P2P Systems
functional elements
attack types
attacks and their mitigation
Coordinated Resource Clustering
systems coordination styles
reliable and secure group communications
coordination principles
replication management and coordination schema
Coordination Classes and Attackability
classes of disruptions
resource coordination class
services coordination class
Page 66 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
C. System Security
12. Formal Methods for Security
Motivation
inadequacy of traditional development methodstowards more scientific development methods
limitations
Foundations, Methods and Tools
properties of systems and their execution
logics and specification languages
property checking
Hardwarehardware verification
side channels
API attacks on security hardware
Cryptographic Protocols
symbolic methods
stochastic methods
computational methods
Software and Large Scale Systems
information flow control
cryptographic libraries
low-level code
operating systems
web-based applications
full-stack verification
Configuration policy analysis
specification-based synthesis
Page 67 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessments Approximate number of
credits
C. System Security
13. Authentication, Authorisation and Accountability
Authorisationaccess control
enforcing access control
theory
Access Control in Distributed Systems
core concepts
origin-based policies
federated access control
cryptography and access control
Authentication
identity management
user authentication
authentication in distributed systems
facets of authentication
Accountabilitytechnical aspects
privacy and accountability
distributed logs
Page 68 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
D. Software and Platform Security
14. Software Security
Categories of Vulnerabilities
CVEs and CWEs
memory management vulnerabilities
structured output generation vulnerabilities
race condition vulnerabilities
API vulnerabilities
side channel vulnerabilities
Prevention of Vulnerabilities
API design
coding practices
erroneous execution
language design and type systems
structured output generations mitigations
race condition mitigations
information flow
Mitigating Exploitation
runtime detection of attacks
automated software diversity
limiting privileges
Detection of Vulnerabilities
static detection
dynamic detection
soundness
completeness
Page 69 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
D. Software and Platform Security
15. Web and Mobile Security
Fundamental Concepts and Approaches
appification
webification
application stores
sandboxing
permission dialog based access control
web PKI and HTTPS
authentication
cookies
passwords and alternatives
frequent software updates
Client-Side Vulnerabilities and Mitigations
phishing
clickjacking
client-side storage
physical attacks
Server-Side Vulnerabilities and Mitigations
injection vulnerabilities
server-side misconfiguration and vulnerable components
Page 70 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
D. Software and Platform Security
16. Secure Software Lifecycle
Motivations for Secure Software Lifecycle
breaches are costly
vulnerabilities can be exploited without being noticedpatching can introduce vulnerabilities
customers don’t apply patches
trusted computing
Prescriptive Processes
SAFECode
Microsoft SDL
Touchpoints
Adaptations of Secure Software Lifecycle
agile and DevOps
mobile
cloud computing
IOT
road vehicles
ecommerce
Assess the Secure Software Lifecycle
SAMM
BSIMM
common criteria
Page 71 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
17. Network Security
Security Goals and Attacker Models
security goals in networked systems
attacker models
Networking Applications
local area networks (LANs)
connected networks and the Internet
bus networks
wireless networks
fully distributed networks: DHTs and unstructured P2P networkssoftware-defined networking and network function virtualisation
Network Protocols and Their Security
security at the application layer
security at the transport layer
security at the Internet layer
security on link layer
Network Security Tools
firewalling
intrusion detection and prevention systems
network security monitoring
SDN and NFV security
network access control
zero trust networking
DOS countermeasures
Other Network Security Topics
cloud and data centre security
delay tolerant networks and ad-hoc sensors networksnetwork covert channels
payment networks
physical layer security
networking infrastructure security
Page 72 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
cross-border regulations
Page 73 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
18. Hardware Security
Hardware Design Cycle
hardware design process
root of trust
threat model
Measuring Hardware Security
FIPS 140-2
common criteria and EMVCo
SESIP
Secure Platformshardware security module (HSM)
secure element and smartcard
trusted platform module (TPM)
Hardware Support for Software Security
IBM 4578 secure coprocessor
ARM Trustzone
protected module architectures
lightweight solutions
objectives
virtual machines
trusted execution environment
Hardware Design for Cryptographic Algorithms
cryptographic algorithms at RTL level
design process
Side Channel Attacks and Fault Attacks
attacks
countermeasures
Entropy Generating Building Blocks
physically unclonable functions (PUFs)
random number generation
Hardware Design Process
time
design and fabrication of silicon integrated circuits
Page 74 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
trojan circuits
circuit level techniques
board level security
Page 75 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
19. Applied Cryptography
The Cryptographic Triumvirate
cell left deliberately blank
Algorithms, Schemes and Protocols
hash functions
block ciphers
stream ciphers
message authentication code (MAC) schemes
authenticated encryption (AE) schemes
public key encryption schemes and key encapsulation mechanismsDiffie-Hellman key exchange
digital signatures
cryptographic diversity
the adversary
the role of formal security definitions and proofskey sizes
development of standardised cryptography
post-quantum cryptography
quantum key distribution
from schemes to protocols
Cryptographic Implementation
cryptographic libraries
API design for cryptographic libraries
implementation challenges
defences
random bit generation
Page 76 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
19. Applied Cryptography
Key Management
the key lifecycle
key derivation
password based key derivation
key generation
key storage
key transportation
refreshing keys and forward security
managing public keys and public key infrastructure
Consuming Cryptography
the challenges of consuming cryptography
addressing the challenges
making cryptography invisible
Applied Cryptography in Action
transport layer security
secure messaging
contact tracing à la DP-3T
Future of applied cryptography
cell left deliberately blanks
Page 77 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
20. Cyber Physical Systems Security
Cyber-Physical Systems
characteristics
protection against natural events and accidentssecurity and privacy concerns
Cross Cutting Security
preventing attacks
detecting attacks
mitigating attacks
Cyber-Physical Systems Domains
industrial control systems
electric power grids
transportation systems and autonomous vehiclesrobotics and advanced manufacturing
medical devices
IOT
Policy and Political Aspects
incentives and regulation
cyber conflict
industry practices and standards
Page 78 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Broad Category
Knowledge Area
Topics Indicative Material Modules providing significant coverage
Modules providing partial coverage
Assessment Approximate number of
credits
E. Infrastructure Security
21. Physical Layer and Telecommunications Security
Schemes for Confidentiality, Integrity and Access Control
key establishment based on channel reciprocityMIMO-supported approaches
secrecy capacity
friendly jamming
protecting data integrity
LPI and covert communication
Jamming and Jamming-Resilient Communications
classification of jammers
countermeasures
coordinated spread spectrum techniques
uncoordinated spread spectrum techniques
signal annihilation and overshadowing
Identification
device under identification
identification signals
device fingerprints
attacks on physical layer identification
Distance Bounding and Secure Positioning
distance bounding protocols
distance measurement techniques
physical layer attacks on secure distance measurementsecure positioning
Compromising Emanations and Sensor Spoofing
compromising emanations
sensor compromise
Physical Layer Security of Selected Communications Technologies
NFC
air traffic communications networks
cellular networks
GNSS security and spoofing attacks
Page 79 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security
Page 80 of 83
APPENDIX B: TABLE 4.4
Issue 2.122 July 2021
10. Appendix C: Module Descriptions (Appendix to Section 4 of Application)Please include a table at the beginning of each module description that shows which KA Topics the module covers along with brief justifications for why this is the case.
The module descriptions should provide good evidence of the KA Topics and Indicative Material coverage claimed in Table 4.3.
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security.
By way of example only:
10.1 Cyber Security Foundations module
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .
10.2 Cryptography module
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .
10.3 Network Security module
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .
10.4 Malware module
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .
10.5 Forensics module
Return to The Taught Component of the Master’s Degree Incorporating Cyber Security .
Page 81 of 83
APPENDIX C: MODULE DESCRIPTIONS
Issue 2.122 July 2021
11. Appendix D: Assessment materials (Appendix to section 5 of application)Please include assessment materials for the taught modules on the Master’s structured as in the examples below. This will help assessors navigate the materials supplied.
Return to Assessment Materials .
By way of example only:
11.1 Cyber Security Foundations assessments
Return to Assessment Materials .
11.2 Cryptography assessments
Return to Assessment Materials .
11.3 Network Security assessments
Return to Assessment Materials .
11.4 Malware assessments
Return to Assessment Materials .
11.5 Forensics assessments
Return to Assessment Materials .
Page 82 of 83
APPENDIX D: ASSESSMENT MATERIALS
Issue 2.122 July 2021
12. Appendix E: External Examiners’ Reports (Appendix to Section 5 of Application)Please provide copies of the external examiners’ reports and the HEI’s response in the two sections below.
Return to Assessment Materials .
12.1 External examiners’ reports
Return to Assessment Materials .
12.2 HEI’s response to external examiners’ reports
Return to Assessment Materials .
Page 83 of 83
APPENDIX F: RESEARCH DISSERTATIONS