Digital Forensics COMP6445/COMP6845 24T2

Notices

  • Casual Job Opportunities with UNW IT

    Posted by Rahat Masood Wednesday 21 August 2024, 07:25:38 PM.

    Hi Everyone,

    I receive a request to announce following job opportunities with UNSW IT. If it is of interest to you, please forward me your CV.

    There are H2 casual employment opportunities for 2024.

    We will be recruiting 4 casuals. The 4 projects for this phase are listed below. Would you be able to socialise with your students in case anyone is interested?

    The engagement will be 2 days a week (Tuesday and Thursday) working from the UNSW Library Building Level 13, for 8 weeks. The role is level 5.

    Project 1: SIEM log source review and documentation

    This project will focus on documenting the Security Information and Event Management (SIEM) log sources in a structured format. The initiative requires the collection and analysis of security log source information to document data fields, formats, types, and descriptors to improve response, understanding, and correlation of log data.

    <u>The deliverables expected from this project include: - </u>

    • Comprehensive reference document listing the log sources and data fields captured by the SIEM.
    • Documented report of findings including data inconsistencies, parsing errors, missing fields, and other issues.

    Project 2: Business unit wise reporting automation (power BI+ pdf creation + scheduling +email notification) of mandatory training compliance + phishing sims results.

    The project aims to automate the reporting of mandatory training compliance and phishing simulation results for different business units using Power BI. By integrating Power BI's data visualization capabilities, the project will generate detailed reports that provide insights into compliance levels and phishing test performance for different business units at UNSW. These reports will be automatically converted into PDF format and scheduled for regular distribution to relevant stakeholders. Additionally, the project includes an email notification system that alerts stakeholders about report availability, ensuring that business units remain informed and can take proactive measures to improve training outcomes and security awareness.

    <u>The deliverables expected from this project include:</u>

    • Automated Power BI Dashboards: Develop interactive Power BI dashboards that visualize training compliance and phishing simulation results for each business unit.
    • Scheduled PDF Report Generation : Implement a system to automatically generate PDF versions of the Power BI dashboards at regular intervals.
    • Email Notification System : Create an automated email notification system that sends alerts to stakeholders when new reports are generated.
    • Integration and Data Workflow : Establish a robust data integration workflow that collects and processes data from various sources, such as LMS eLearning (UCYBER) completion rates and phishing simulation tools (ProofPoint).
    • User Training and Documentation : Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilise the reports and dashboards.

    Project 3: Cyber Security Services’ Analytics Reporting and automation (power BI with real time data).

    Gather requirements from IT Business Partner team on the Cyber Security Service Reports, extract the data into the Power BI dashboard and automate the reporting by converting to PDF and scheduling to stakeholders via email(this pattern is already build and available for reference). The project will generate detailed dashboards that provide insights into cyber security service requests raised by Faculties and Schools at UNSW. These dashboards will have the capability to be converted into PDFs for distribution to relevant stakeholders via email.

    <u>The deliverables expected from this project include:</u>

    • Automated Power BI Dashboards: Develop interactive Power BI dashboards to visualize cyber security service requests status faculty/school.
    • Scheduled PDF Report Generation : Implement a system to automatically generate PDF versions of the Power BI dashboards on an as needed basis.
    • Email Notification System : Create an automated email notification system that sends the PDF reports to stakeholders.
    • Integration and Data Workflow : Establish a robust data integration workflow that collects and processes data from MyCyberHub.
    • User Training and Documentation : Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilise the reports and dashboards.

    Certainly! Here is a project description and deliverables outline for "Project 4" based on the format provided:

    Project 4: Development and Automation of Security Metrics Reporting (Power BI with Real-Time Data)

    Project Overview:

    The aim of this project is to identify and develop new security metrics that provide insights into the organization’s security posture. These metrics will be integrated into Power BI dashboards for real-time data visualization and automated reporting. The project will enhance the visibility of security operations and facilitate informed decision-making by stakeholders. The dashboards will be capable of being converted into PDFs for easy distribution via email.

    Project Deliverables:

    • New Security Metrics Identification: Collaborate with the IT Security and Risk Management teams to identify and define new security metrics that align with organizational goals and objectives.
    • Automated Power BI Dashboards: Develop interactive Power BI dashboards to visualize the new security metrics, providing insights into various aspects of the organization’s security posture.
    • Scheduled PDF Report Generation: Implement a system to automatically generate PDF versions of the Power BI dashboards on a scheduled basis to ensure timely delivery of insights.
    • Email Notification System: Create an automated email notification system that sends the PDF reports to relevant stakeholders, ensuring they receive the latest security metrics and insights.
    • Integration and Data Workflow: Establish a robust data integration workflow that collects and processes data from relevant sources, such as security tools and databases, ensuring real-time data availability.
    • User Training and Documentation: Provide training sessions and comprehensive documentation for users and administrators on how to access, interpret, and utilize the new security metrics and dashboards.

  • [Important] Exam Information

    Posted by Rahat Masood Monday 12 August 2024, 01:25:57 PM.

    Hi Everyone,

    I hope you are all set for the online exam on Thursday 15th August. Exam will start at 12:00 PM and finishes at 3:00 PM. You can find final exam questions at Moodle. COMP6445 students should check the section "COMP6445 - Final Exam" and COMP6845 students should check the section "COMP6845 - Final Exam" for the 4 types of questions.

    It is important that you complete the correct question set of the course you are enrolled in, since the short answer and long answer questions will be different between the two courses.

    https://moodle.telt.unsw.edu.au/course/view.php?id=84379

    Exam Structure:

    There will be 4 types of questions in COMP6445 and COMP6845 exam.
    1. Multiple Choice Questions
    2. CTF Challenges
    3. Short Q/As
    4. Long Q/As

    There will be 20 minutes to complete the multiple choice section starting at 12pm (and thus 2h40min for the other three sections). The exam is written as a 2 hour exam to run in a 3 hour window. The 4 sections are approximately each worth 1/4 of the total marks (but not exactly).

    CTF Challenges:

    The CTF Challenges will require a Linux Machine/VM with the only non built-in commands being a hash cracking tool. This means that autopsy, volatility, illeap and alleap will not be required. All responses to CTF Challenges will be submitted on Moodle, and there is no external site being used for submissions. File sizes for these challenges will be small, the maximum being around 40mB.

    Exam Live Page:

    I have also configured an Exam Live page that will be accessible 5 min before the exam starts for any non private questions that occur during the exam.

    For any queries or questions during the exam, please use this WebCMS "Exam Live" page. You can also access this page from the side bar menu of WebCMS. It is at the top.

    https://webcms3.cse.unsw.edu.au/COMP6445/24T2/resources/102665

    We will start monitoring this page from 12pm till 3pm.

    We have also created EXAM FAQ page for any general questions that you might have.

    https://webcms3.cse.unsw.edu.au/COMP6445/24T2/resources/102467

    NOTE: Please avoid using any other sort of communication with each other during the exam. Please do not use slack or any other medium. If you have any personal questions, please email at cs6445@cse.unse.edu.au

    If you have any questions please reach out, all these details have also been added to the WebCMS FAQ page.

    Wishing you all best of luck for the exam!.

    Regards,
    COMP6445/6845 Teaching Team.

  • [Reminder] Mock Trial Tomorrow at 6pm

    Posted by Rahat Masood Sunday 04 August 2024, 05:09:21 PM.

    Hi Everyone,

    I hope you all are having a great weekend. This is just to remind you that we will be having a Mock Trial tomorrow from 6:00PM to 8:30 PM (approx.). The Mock Trial location is Moot Court Room at School of Law Building.

    Please try to attend this trial as it will be very useful to see how forensics professionals work in court and also witness some of the great work done by your peers in reports.

    Regards,

    Rahat.

    • view all notices

Upcoming Due Dates

There is nothing due!

Back to top

COMP6445/COMP6845 24T2 (Digital Forensics) is powered by WebCMS3
CRICOS Provider No. 00098G