ITE512 Incident Response (8)


In this subject students will investigate the current threats to systems and networks, along with effective countermeasures. Students will also be prepared for the GIAC Certified Incident Handler (GCIH) industry certification exam.

+ Subject Availability Modes and Location

Session 1
DistanceWagga Wagga Campus
Continuing students should consult the SAL for current offering details: ITE512
Where differences exist between the Handbook and the SAL, the SAL should be taken as containing the correct subject offering details.

Subject information

Duration Grading System School:
One sessionHD/FLSchool of Computing and Mathematics

Enrolment restrictions

Only available to students enrolled in: Master of Information Systems Security
Master of Management (Information Technology)

Learning Outcomes

Upon successful completion of this subject, students should:
  • be able to describe how a system or network is analysed for security vulnerabilities;
  • be able to justify current industry best practice in preparing for a security incident;
  • be able to analyse security events to determine if there has been a security incident;
  • be able to analyse an incident and reflect on the causes and future implications;
  • be able to plan and manage the incident recovery process for a sample organisation;
  • be able to justify an appropriate response to a security attack.


The subject will cover the following topics:
  • Computer attack methods
  • Computer attack vectors
  • Defence methods
  • Computer scanning
  • Platform and device-specific attacks and defences
  • Application-level attacks and defences
  • Incident handling processes
  • Legal issues
  • Recovery and restoration issues


The information contained in the 2016 CSU Handbook was accurate at the date of publication: 06 September 2016. The University reserves the right to vary the information at any time without notice.