Advanced Cybersecurity

This lesson introduces students to the Advanced Cybersecurity course, with the goal of getting students invested in and excited about the content. Students will explore the wide variety of pathways in the cybersecurity field and will learn about the role cryptography plays in keeping networks and data secure.

In this lesson, students will learn about the basics of symmetric encryption. Students will explore the advantages and disadvantages of various ciphers and consider how using multiple ciphers impacts the decryption process. Students will also learn about the DES (Data Encryption Standard) and the AES (Advanced Encryption Standard).

In this lesson, students will review the Caesar cipher and history of cryptography until the present day to bridge to the current topic of advanced cryptography. They will examine a high-level view of “hard” vs. “easy” problems. Symmetric vs. asymmetric encryption and public-key encryption will be emphasized.

In this lesson, students will learn and use hashing functions. They will look at what hashing is, requirements of a good hashing algorithm, how hashing is used, what the ideal hash function does, collisions in hashing, and how hackers try to crack a hashing algorithm.

In this lesson, students look at hash function development by delving into modulo math. Modulo math is very important in advanced cryptography since it’s a one-way function where the output hides the input very well. This makes it useful in creating hashing functions.

In this lesson, students learn how asymmetric encryption uses public and private keys to encrypt data and they learn how the RSA algorithm addresses the security issue of key authentication. Students also explore different examples of asymmetric encryption algorithms and evaluate them to determine what aspects make an algorithm strong.

In this lesson, students will learn about SSL certificates: what they are, where they come from, how they work, and why they are essential to internet security.

In this lesson, students review content with a 15 question Unit Quiz.

In this project, students will learn about steganography and how it is used to encrypt data. Students will develop their own encryption algorithm to hide a message in an image by manipulating the hexadecimal color codes of an image.

In this lesson, students will build upon their foundational knowledge of networks to learn about advanced network devices. Students will delve into devices that enable communication and data sharing, such as servers and load balancers, as well as devices that increase network security, such as firewalls, IDP, IPD, and UTM. In sum, students will understand how complex networks use a variety of devices, each playing an important role in the functionality and security of the network.

In this lesson, students will learn about the importance of physical security as well as environmental controls. Students will understand that the security and functionality of a network goes beyond simply having the necessary devices - it includes proper security and maintenance of the devices.

In this lesson, students will learn about the many protocols and standards that are used to send and receive information across a network. Students will learn how networks use specific ports and protocols, each with a specific purpose, such as sending and receiving emails. Students will also learn about wireless networking standards and how frequency and channels relate to speed of data transmission.

In this lesson, students will build on their knowledge of networks and consider how to ensure the perimeter of a network is secure. Students will learn about different devices that can be used to secure a company’s intranet from the internet as well as ways to enable remote access to the intranet.

In this lesson, students will extend their understanding of securing a network to include securing mobile devices. Students will learn about best practices for mobile device security as well as how BYOD (bring your own device) policies have impacted a company’s network security.

At this point, students have a strong understanding of how different devices can be used to configure a secure network. In this lesson, students will learn how access controls and the AAA protocol (authentication, authorization, and accounting) can be used to ensure only authorized personnel access a network.

In this lesson, students review content with a 20 question Unit Quiz.

In this lesson, students explore what it means to be a cybersecurity professional. Students learn about a wide variety of cybersecurity careers, what each job entails, and what skills sets are needed to be successful. Students learn about the importance of communication and practice responding to a customer support call.

In this lesson, students continue to develop their customer service skills by writing a knowledge base article. Students will research a common network issue and create an article that effectively details the steps to resolve it. Students will also go through a peer review process as a way to practice giving and receiving feedback.

In this lesson, students learn about the planning and recording process of making an instructional video. Students will create their own video by first planning the topic and audience as well as writing a script and storyboard. Students will then learn how to record and edit their video.

This lesson is an introduction to network attacks. Students review how data is transmitted over the internet and learn how attacks occur by exploiting vulnerabilities in open ports.

In this lesson, students learn about the different types of malware as well as how to detect, prevent, and remove malware. Students learn how anti-malware software works and explore various tools different operating systems have to detect and prevent malware.

In this lesson, students learn about social engineering and how it is used in cyber attacks. Students also learn what DoS and DDoS attacks are and how they use internet protocols to overwhelm a network.

In this lesson, students learn about additional common cyber attacks, such as zero day attacks, botnet attacks, rainbow table attacks and man-in-the-middle attacks. Students will explore famous cyber attacks (3ve, Mirai, and Stuxnet) and reflect on what we can learn from past attacks to strengthen present network security.

In this lesson, students will learn about and discuss cross-site scripting (XSS), which is another major OWASP (Open Web Application Security Project) cybersecurity risk.

In this lesson, students learn about how to increase the security of a network by keeping individual, physical devices secure. Students learn about best practices for ensuring only authorized users log into a device as well as consider how user permissions and data loss prevention (DLP) can ensure sensitive data remains secure.

In this portion of the project, students will come up with a fictitious company and feel the impact of reacting to a security breach without any pre-developed policy in place. Students will then learn about some of the common policies companies put in place and set forth on the task of developing strong policies for their company.

Incident response plans are essential to ensure that companies are prepared to effectively respond to any breach in security. In this portion of the project, students will develop a set of policies regarding strong passwords and employee training. They will test their policies against a series of employee negligence scenarios and reflect on what would need to be added to strengthen their policy.

In this portion of the project, students will create an abbreviated Incident Response plan. They will respond to a cyber attack using their IR plan and reflect on how they were able to handle this attack as well as how to strengthen their policy.

Data can be one of a company’s most valuable resources, not to mention most regulated. Developing a strong plan for keeping data secure is essential, especially as more and more companies turn to the cloud to keep track of the massive amounts of data that are being collected every day. In this portion of the project, students will review an example privacy policy and then complete their own abbreviated policy. They will test their data policies against a data breach and reflect on what would need to be added to strengthen their policy.

Change management is the approach to preparing and supporting individuals and/or teams to successfully adopt organizational change. When implementing changes within a company, it is essential to consider how you will present the change to employees and support them in adopting and implementing the change. In this portion of the project, students will synthesize the changes that need to be made to strengthen their policies. They will develop a change management plan to implement new policies effectively.

In this lesson, students are introduced to the concept of risk assessment, and students learn about the role of vulnerability scans in detecting weaknesses. Students also learn about honeypots and packet sniffing and explore how these tools can be used to detect vulnerabilities and improve the security of a network.

In this lesson, students will identify, assess, and prioritize risks based on their potential impacts. Students will utilize prior knowledge to connect to the concept of prioritizing risks. They will learn new types of vulnerabilities such as input and error handling.

In this lesson, students continue to deepen their understanding of risk assessment. Students learn how to prioritize and respond to different threats by calculating risk, both quantitatively and qualitatively.

In this lesson, students learn about penetration testing and how pen tests extend vulnerability scans by attempting to exploit weaknesses in addition to finding them. Students have the opportunity to engage in a pen test simulation as well as learn about the next evolution of pen testing, chaos engineering.

In this project, students will design and create a board game or a card game that will help players to identify randomized security vulnerabilities and their appropriate defenses.