About This Webinar
Prepare to teach AP Cybersecurity with confidence. This concise 45-minute long webinar introduces the new CodeHS AP Cybersecurity course aligned to College Board’s Career Kickstart program. You’ll also learn about our highly recommended AP Cybersecurity PD Teaching Cohort and Cyber Range, an environment for hands-on practice designed to support successful implementation.
Explore the new AP Cybersecurity course from CodeHS. This webinar covers the standards-aligned curriculum, interactive lab simulations, and the sandboxed Cyber Range environment. Learn how our PD cohorts and free resources support teachers for the 2026-27 school year.
Full Transcript
Read the complete transcript of this webinar
Okay, welcome everyone to our bringing AP Cybersecurity to your school session here at CodeHS. We are super excited and already loving all the wide range of folks we have from all across the country here. Even someone who said they were teaching abroad, love to hear more about that. But yeah, we are excited to talk with you all today about what CodeHS is going to be bringing to you for supporting AP Cybersecurity for 2026-2027, this first full year of it being available for all teachers.
And so we are on top of that to introduce ourselves, the presenters we'll have today. We'll have Jennifer Campbell, our senior curriculum developer, one of the key architects of building the course, starting things off with y'all. We'll have Evelyn Hunter, the VP of Education, actually at the very end who will be going over our Cyber Range. And then me, Sean Marski, I'm a professional development specialist.
And yeah, my name is Sean Marski, professional development specialist, and I will be talking to you a little bit about our PD offerings that we'll be having for AP Cyber specifically. Our agenda today, I'll be introducing us all to CodeHS, especially for those of you who haven't been using us before. If you want to follow along with the slides, we have the link there. You can feel free to hop into that. We'll then dive deep into some of the curriculum we have so far and our overall plan with Jennifer. Then, like I said, I'll be talking through our AP Cyber PD cohort and PD offerings.
And then Evelyn will wrap us up with a look at the Cyber Range we're getting built out for this as well. And we'll then touch on some additional resources and wrap things up. Just a quick note, anyone using AI note-takers and your attendance here: you do require live attendance to get any certificate or PDRs if you're looking for that. And just make sure that they're muted and disabled from chat if you can help that.
But I've loved already so far everyone checking in with the chat. Feel free to share information about yourselves, where you're joining us from, what you're currently teaching. We will be taking feedback there. Otherwise, if you do have questions throughout the panel, feel free to use that Q&A feature. This will allow us to answer questions and allow other people to see those questions as well. And then anything we think is important, we'll flag and have a little moment at the very end to address those questions as well.
Anyone who doesn't currently have a CodeHS account, feel free to go to codehs.com/signup. And you can get set up with an account and we can get you verified later on as well. You can also check out this certificate of completion. Anyone who attends this, you can use this to get your certificate of completion for the time we're spending here today.
But yeah, high level, just to touch on anyone who's not familiar with us at CodeHS, we're a comprehensive platform for teaching computer science for elementary all the way through high school. We are an entirely web-based computer science curriculum; everything's available online for your students, including an IDE where they actually can work through the problems and products that we'll be using. We also offer online and offline, in-person and virtual professional development. And we have all sorts of professional tools for you to use as well if you get a Pro license.
But all of our curriculum is available for free online for any teachers. But if you have our full software suite, you'll have instant feedback and submission, all sorts of grading tools and tracking tools, and a fully web-based platform. No downloads or plugins or ads or anything like that. So if you're ever interested in that, you can always request more info to get a little more detail. And we'll be doing webinars around back to school particularly to get you introduced to the platform overall.
But what we're here to talk about today is AP Cybersecurity, right? And so, we just want you to be aware, and the things we're going to be talking about today are everything you need to teach Cybersecurity. So from all the research that we've been looking and working on and building for this course, we've identified that it's going to be a complex, intensive college-level course for a whole range of Cybersecurity topics starting all the way from your basic digital literacy through networks, securing spaces, the computers themselves, and applications.
And so our offerings are, as I mentioned, our free curriculum. We will have this AP course available for all teachers, fully standards-aligned. From our curriculum team that is professionals who have been building stuff for years, it is fully aligned with that. We will have expert PD with content on classroom pedagogy. I'll be talking about a cohort offering we have where you can actually sign up and join along with a group of teachers, but you'll also have access to actual teaching courses as well. And then we're building out a full Cyber Range environment for student exploration, which is what Evelyn will be talking about.
And with that said, I'm going to hand things over to Jennifer and she can guide us through the AP Cyber course as it is standing.
Hey everyone, I'm Jennifer Campbell. I am part of the team that is developing this course and I'm excited to give you a little bit of a sneak peek. So first off, we are building the course to align with the College Board document. So we are going to build five units, and we may not match it exactly because they list it by topics and our courses list things by lessons. So, some of these topics may take four or five lessons to teach. So, it's not going to match up exactly to this, but it will be in the same order. And just so you know, it doesn't have to be in the same order. You can choose to teach it, but for help of structure, which I know a lot of teachers were looking for, it just makes sense to put it in the same order as the College Board.
So, that's what we're doing. So, we're going to have five units. Since there are only five units, they will be larger than if you've used a CodeHS course in the past; lots of times we have like 10 units or something like that. So these will be fairly big units.
All right, so for unit one, our four topics we found to be a bit introductory. Everything we see in here, a lot of the times the students will see again later on and go into more depth. So we are teaching social engineering, suspicious website loggings, best practices for public networks, and then some AI lessons. So there is a lot of AI in this course: AI-based cybersecurity attacks and how to leverage AI in cyber defense. So I pulled up a few items just to show you kind of what we're building and the different types of items that we have.
So this one, this one's really fun. In this one, we have the students build a password dictionary. So, they look at a fictional online profile. Here is something, all of this information that you could probably find online. Hopefully not the mother's maiden name, but sometimes you can. And then what you do here is you build a password dictionary. What could this person's password be? So, maybe it's Alex 1985. And you put that in the dictionary. Maybe it's Whiskers 1985 and you add that to the dictionary.
So students take a little while and they add to the dictionary, maybe 15-20 words, see what they can get, and then they start the dictionary attack. It'll go through each word that they put in the dictionary. So you're just giving the students something that's interactive, engaging, and they can almost learn while doing. So, they can see all of this information over here and see what would be the bad choices for a password.
We also have a lot of items where they are not only taught the material, but they do get to try it out in simulations or something that they can actually do. Like this one, I really thought was pretty cool. This is a multi-factor authentication simulator. So we do add whenever we're doing something like this, we try to add like, "This is a simulation. Definitely don't use your real password or credentials or anything like that." So we're just going to put in something and then you choose, let's say, text message. So, it's going to send the code and students may or may not already know what this is. But it's just a fun way to kind of see it without having to go on their phone and do it. So, they can do all three methods and it works in this little popup.
We also have some offline assignments that are not just attached to lesson plans; they are actually in the course. So pro teachers, free teachers, everyone gets it. And this helps to not only get the students off the screen for a bit, but it also gets them to see it in a different way so that they're not just always using digital resources. So let's pull things from their brain. So, this one is a human in the loop. So, this one has to do with the AI aspect of unit one. So students will look at an AI recommendation and then answer questions about it and then like, "Do you approve or deny this recommendation?" So this specific assignment is just teaching that AI can help, but there still needs to be a human to approve or deny and make the final decisions.
We also have, just again, like we want students to be doing and not just reading. So, in this one, they get to read some of these sentences and decide if it's a flag. You can drag it to the box that it matches and they get instant feedback. So, it's a really good way to kind of self-check. So, we have a lot of self-checks built into our content pages.
This is one more from unit one that I'll share and then we'll get into unit two which we are currently building. I thought this was a great one too. In this one they're talking about what is safe to post and what is not safe to post. So you don't want to give up too much information. So like post A would be like, "Finally off to Bali for two weeks. See you later." Well now we know that no one is at your house. So that one is not good. And then this one is saying like, "Once you get back maybe post," and you get to choose and then go to the next question. So again, just a way to teach while doing. So again here, this is what our first unit looks like.
It is out in a preview. I will give you the link later to join the preview. So all of these you'll be able to view and leave feedback. We would love to hear your feedback. And then as we continue to build units, we will throw them in the preview course. And I will give you that link after I go over the next few slides.
So unit two, we are currently in the process of unit two. And if you have looked into the College Board document, unit one is a lot shorter than the rest of them. So unit one is a quicker introductory module. And even though this only has four topics, it is quite a long unit and that just is how they all go from unit 2 on. So in this case, we're going back to social engineering, but we're looking at it through a different lens or we're going into more depth. So the topics in this one are cyber foundations, physical vulnerabilities and attacks, and a lot of physical spaces and physical attacks. And I really think it's coming out really great. We are going to share it soon.
We're almost done with unit two. And like I said, once we finish things, we will put them in the preview course for you to take a look at and share some feedback. And since unit 2 is a little bit bigger, we are doing a few projects. So we have two types of projects. One is what I call a "through project." So it's a project that you do across a span of lessons and you keep coming back to it. So you might learn something, apply it, learn something more, apply it to the same scenario, same project, and keep going. So like what you see on the screen here would be like the first lesson and we have this CodeCraft through project, and then you might go to the next lesson, learn some more and then come back to CodeCraft, and then we've got a third lesson, learn some more and then finish up your code with a full penetration report. We also have just some cumulative projects.
So like this project where students are not just applying a little at a time. They're basically taking what they've learned in the last 10 lessons and pulling it all together in one project so they can see how it all works together. We have both of those in the course. So let me show you a little bit. The CodeCraft project is just a fake website that we have created that students can kind of go through and they are taking the role of a penetration tester. So they're looking through and seeing what could be vulnerabilities. Isabella lists her email here; it's the only one that lists her email. So Isabella might be flooded with some phishing emails because it's out here in the public. And students just go and look into the different pages and see what are the vulnerabilities and what could be exploited.
And then we even have them do some fake simulations with active reconnaissance. So in this case we have a simulation for a terminal and what students are doing is learning about some of these terminal commands and testing it out right here. So, they might look at this and they'll see a bunch of different IP addresses. And in this one, they see that they might have an extra open port that's not great. One of them is using Windows 8, which is outdated. So, they'll look at these and they'll see those vulnerabilities. They'll see those things that probably would be the weakest computer. So, they look into all of these employee computers and they decide which one is the weakest, which one might a criminal attack first.
I wanted to share this one just because we do have content pages. There is a lot to learn. If you guys have looked at the College Board, it is like 400 standards, but they're not really standards; they're like 400 facts, and some of them are like paragraphs long. There's a lot to learn. So we do have to present that to the students as engagingly as we can. So we have lots of chunking. So we will take something that might be a long topic to learn but we'll give them something to click on and read a little bit, then click on and read a little bit more. We add some fun things here and as much as possible just try to chunk the information that they have to learn.
Okay, so here's another simulation. So this is again the CodeCraft project. But we have a simulation where they look through some network logs and they're going to flag the ones that are suspect. And then again, they get instant feedback. But they'll end up learning while they're doing. So, this is almost like a discovery activity. They're going to look through here and be like, "Ah, 2,000 megabytes. That one's going to be probably suspect," and flag that one and see which other ones they flag. Maybe there's some that are at 2:00 in the morning, so that one might be one to flag. So these discovery activities have students kind of learn it and then find out if they were right and what they can learn past that, and then you can change your answer until you get them all right. So this is content teaching and then self-checking.
Here's just another example of a self-check. So again, this is the physical security which I think is going to be really fun to teach in the classroom. I know I would have a blast trying to teach physical security in a classroom. And again, it's just a drag down and you pick the right answer, but they do get instant feedback. And then of course we have the quizzes that you guys are all used to where you'll see the answers. But a lot of times we want the students to self-check themselves and then they can take the quiz or the assignment that's going to go to the teachers. I think I've got one more.
Oh yeah, I really like this one too. So talking about physical security again, just trying to be innovative in how we learn it. In this case, they have a minute to kind of click on things that are not great, like a post-it with the login information. Not wonderful. We've got an unlocked laptop, right? We've got server credentials on the whiteboard. And just stuff like that. And then it will give you this feedback and then move on. So, we use a lot of these as kind of a hook. It's a motivation. It's also letting you as the teacher know what they know already—prior knowledge. Because there's got to be a lot of that in cybersecurity where some students just know some stuff and then others can't copy and paste. So you have that big variety. This helps the teachers, I think, as well.
I believe that's it on that. Okay. So here's the preview section. Sean, if you could just help me share that link. So, when you click into that link, you just hit "Join Section." I'll give you like 10 seconds to do that, but then I don't want you to miss what I'm about to show you now anyway. Or just hold on to that link and come back to it. Because not only will you get access to unit one in this preview section, but we do want some feedback. We are not releasing this course for a few months, so we have a lot of time to take in your feedback and apply it, which we would love. We would love to hear what you're thinking.
So, there's two ways that you can give feedback. When you're in that preview section, the first module gives you all these instructions. It has instructions on just how to use the course preview. It has a general feedback survey. This is just a survey that you fill out if you have general feedback, like what would you like to see coming up? What would you like more of?
And then for those that have used CodeHS, you might know about the feedback star. It really helps us as developers know exactly what item you're talking about if you were just wanting to give feedback about one specific item. So if you're in this password protection item and you see a typo or you see like, "Hey, it'd be great if you added this," or if a link isn't working, what you can do is you can click on this star up here and it will give you a modal and you just tell me what that is and that attaches your feedback to the item. It makes it very easy for us to apply it. Now, the thing is a little caveat with the star is we have to give you that access. Once you sign into the preview course, you might not have the star right away, but you will have it in a few days.
Were there any questions that I missed before I send it over to you, Sean?
We've hit a lot of the questions as we go, but if we want to talk through about this being an AP course, if there's any recommended prerequisites?
Okay. So I have researched a lot on this course and it is listed as introductory. So there isn't a prerequisite for this. I do think, in my personal opinion, it's helpful if students have taken a CS course or a cybersecurity course, but they don't have to. But it is an AP course, so just the level of rigor is harder. So just keep that in mind. But there's nothing they have to come with; it's just if they don't know anything, there's just more that they have to learn.
There was another one that just came in. Will any programming languages be required? No, no programming is required for the College Board. We have some in the regular cybersecurity course, but in this course they don't need to know any programming. So the terminal activities are actually engagement and enrichment. Anytime we have them actually using the commands, they need to know some of the commands, especially in unit 5, but they don't actually have to use them. And maybe College Board did that so that students don't mess up their computers or their school computers. So they do have to know what the commands do, but anytime we put it in a simulation or the Cyber Range, that's enrichment and that's going to just help them retain the knowledge.
I do see some questions about Security+. We are going to align to certifications, but it doesn't align exactly because with CompTIA Security+, they also have the network and security ones that kind of come before that. But the course itself, the College Board course, it's not the same as the CompTIA certification. The CompTIA certification has a lot of specifics. The AP Cybersecurity is way more conceptual. Could it lead to it if you wanted to add stuff to it? I definitely think so and we'll align it.
And the College Board is offering their own version of a career certificate called Career Kickstart. And then someone asked about grade level recommendations. I think it really depends on the strength of the student, but in my opinion, I would think that this would be a junior/senior type thing. Could a younger student do it? Potentially. But it's just big; there's a lot to learn. If you've taught AP CSP, I would say that that is less difficult than this course.
And as far as using online environments, our Cyber Range will be part of that, but you obviously will be able to use other programs as well to actually explore like Linux and things. But let me take back over here and we will quickly talk through our PD options and primarily our AP Cyber PD cohort. CodeHS has this concept called a teaching cohort where it's a way for teachers like yourselves to learn from a team of experts like us and understand both the specific curriculum that you're going to be teaching as well as touching on a lot of classroom pedagogy. So it will be in a classroom environment with peers.
We're going to have live sessions for this AP Cyber cohort. If you sign up for it, we will be meeting starting with the first live session in the end of July which is like kickoff. All the others though, they'll be up to 90 minutes covering specific lessons, going over teaching strategies, and basically working with myself or a PD specialist as well as fellow teachers in that nice interactive environment. You can actually check out the slides here or the syllabus where you'll be able to see the rough plan right now of what this is going to be covering.
Our general idea with these is you'll be enrolled as a student in a course that will be laid out much like this one where you'll be able to explore the content. We'll have assigned curriculum for you to go through. In addition to the content itself and the meetings, you'll even have access to send me a message or send our PD specialist a message to get feedback. And we get back with you within a day. If you're having trouble with something, we're there to help.
You're going to be able to go through and help you plan your first year with this expert guidance. We'll look at some hands-on practice with a lot of the cybersecurity exercises. And we're going to go through a lot of useful tools and examples for engaging with your students both in the class and beyond. Like I said, you'll have those five live sessions with an expert, most likely me for all of them. You'll get to have that asynchronous chat. You can also, if you sign up for the cohorts, have one-on-one sessions to work through any specific problems. Most importantly, you have a built-in community of other teachers who are going through that same thing. We'll get you set up and successful for the new year and this new brand-new big scary curriculum.
All right. So next up, we're going to hand it over to Evelyn, who's going to show off our Cyber Range.
All right. Thanks, Sean and Jennifer. So I'm really excited to show everybody our newest offering for AP Cybersecurity: the CodeHS Cyber Range. The CodeHS Cyber Range is a new interactive lab environment that supports our AP Cybersecurity course. It's a full sandboxed Linux environment on a server where students can safely practice hands-on application of course concepts. In the AP Cybersecurity course, students are learning topics like network administration and security. You don't want students practicing these things on their own devices even if they could. And so this is really just a safe sandboxed environment where you can encourage students to try things out, test things, break things without the consequences of impacting your network security or your devices.
The Cyber Range offers these secure interactive simulations that allow students to apply what they've learned in the course. And then these challenges cover topics like Linux basics, cryptography, web and network security, forensics, and binaries.
For each challenge, students have their own sandbox server, a Linux terminal, and Docker containers. Each challenge is "capture the flag" style, which means that there's just a hidden flag phrase somewhere in the challenge. This is one of the Linux basics challenges. I'll start by reading the readme file, and it gives me a little bit of information. I'm supposed to find the flag. I can see that there's a text file and it is locked. I don't have permission, but I see from the instructions that I can use the chmod command to change the permissions. And now if I try to read that file again, I get the flag. I can copy it and complete the challenge.
Let's take a look at a different challenge. This one is asking us to query the local DNS server to find a hidden flag. I can start with the readme file. It's going to give me a few lookup commands and tips. It gives me some information and basically, I need to run through a list of these different servers to find the flag. So now if I go and I query this secret domain, I can find in here that there is a flag hidden.
And then this is the final challenge we'll look at. In this challenge, students are asked to practice reverse engineering. So they're taking a compiled executable with no source code and then they're expected to inspect it and figure out what it does and find the correct input phrase. Again, you can start with the readme text file. It gives me a couple of hints and strategies. And so I can go ahead and use this to read the assembly code. This one is a multiple-phase challenge. It is definitely one of the harder ones and pretty similar to something you might see in a university computer science course. So you can see that there's a real range in terms of level of difficulty, topics, and rigor here.
This is a student dashboard. You can see that students are earning points by completing challenges and earning badges. And then here you can just browse all of the challenges. You can search by topic and difficulty level. The idea is really to give students these hands-on practice opportunities. And the challenges are mapped to the AP Cybersecurity framework so you can easily see what challenges should accompany the course content paired with the lessons.
So, you're probably wondering how to get started with the Cyber Range. This is an add-on purchase for the AP Cybersecurity course. The curriculum is free, but this would be a required purchase to access the Cyber Range. You can still teach the course without the Cyber Range—you can use a different range—you'll just be missing the interactive activities that this range provides. So if you are interested in the Cyber Range as an add-on purchase, you can fill out our Cyber Range request form and our team will get in touch with more information.
Thank you.
And so we are on top of that to introduce ourselves, the presenters we'll have today. We'll have Jennifer Campbell, our senior curriculum developer, one of the key architects of building the course, starting things off with y'all. We'll have Evelyn Hunter, the VP of Education, actually at the very end who will be going over our Cyber Range. And then me, Sean Marski, I'm a professional development specialist.
And yeah, my name is Sean Marski, professional development specialist, and I will be talking to you a little bit about our PD offerings that we'll be having for AP Cyber specifically. Our agenda today, I'll be introducing us all to CodeHS, especially for those of you who haven't been using us before. If you want to follow along with the slides, we have the link there. You can feel free to hop into that. We'll then dive deep into some of the curriculum we have so far and our overall plan with Jennifer. Then, like I said, I'll be talking through our AP Cyber PD cohort and PD offerings.
And then Evelyn will wrap us up with a look at the Cyber Range we're getting built out for this as well. And we'll then touch on some additional resources and wrap things up. Just a quick note, anyone using AI note-takers and your attendance here: you do require live attendance to get any certificate or PDRs if you're looking for that. And just make sure that they're muted and disabled from chat if you can help that.
But I've loved already so far everyone checking in with the chat. Feel free to share information about yourselves, where you're joining us from, what you're currently teaching. We will be taking feedback there. Otherwise, if you do have questions throughout the panel, feel free to use that Q&A feature. This will allow us to answer questions and allow other people to see those questions as well. And then anything we think is important, we'll flag and have a little moment at the very end to address those questions as well.
Anyone who doesn't currently have a CodeHS account, feel free to go to codehs.com/signup. And you can get set up with an account and we can get you verified later on as well. You can also check out this certificate of completion. Anyone who attends this, you can use this to get your certificate of completion for the time we're spending here today.
But yeah, high level, just to touch on anyone who's not familiar with us at CodeHS, we're a comprehensive platform for teaching computer science for elementary all the way through high school. We are an entirely web-based computer science curriculum; everything's available online for your students, including an IDE where they actually can work through the problems and products that we'll be using. We also offer online and offline, in-person and virtual professional development. And we have all sorts of professional tools for you to use as well if you get a Pro license.
But all of our curriculum is available for free online for any teachers. But if you have our full software suite, you'll have instant feedback and submission, all sorts of grading tools and tracking tools, and a fully web-based platform. No downloads or plugins or ads or anything like that. So if you're ever interested in that, you can always request more info to get a little more detail. And we'll be doing webinars around back to school particularly to get you introduced to the platform overall.
But what we're here to talk about today is AP Cybersecurity, right? And so, we just want you to be aware, and the things we're going to be talking about today are everything you need to teach Cybersecurity. So from all the research that we've been looking and working on and building for this course, we've identified that it's going to be a complex, intensive college-level course for a whole range of Cybersecurity topics starting all the way from your basic digital literacy through networks, securing spaces, the computers themselves, and applications.
And so our offerings are, as I mentioned, our free curriculum. We will have this AP course available for all teachers, fully standards-aligned. From our curriculum team that is professionals who have been building stuff for years, it is fully aligned with that. We will have expert PD with content on classroom pedagogy. I'll be talking about a cohort offering we have where you can actually sign up and join along with a group of teachers, but you'll also have access to actual teaching courses as well. And then we're building out a full Cyber Range environment for student exploration, which is what Evelyn will be talking about.
And with that said, I'm going to hand things over to Jennifer and she can guide us through the AP Cyber course as it is standing.
Hey everyone, I'm Jennifer Campbell. I am part of the team that is developing this course and I'm excited to give you a little bit of a sneak peek. So first off, we are building the course to align with the College Board document. So we are going to build five units, and we may not match it exactly because they list it by topics and our courses list things by lessons. So, some of these topics may take four or five lessons to teach. So, it's not going to match up exactly to this, but it will be in the same order. And just so you know, it doesn't have to be in the same order. You can choose to teach it, but for help of structure, which I know a lot of teachers were looking for, it just makes sense to put it in the same order as the College Board.
So, that's what we're doing. So, we're going to have five units. Since there are only five units, they will be larger than if you've used a CodeHS course in the past; lots of times we have like 10 units or something like that. So these will be fairly big units.
All right, so for unit one, our four topics we found to be a bit introductory. Everything we see in here, a lot of the times the students will see again later on and go into more depth. So we are teaching social engineering, suspicious website loggings, best practices for public networks, and then some AI lessons. So there is a lot of AI in this course: AI-based cybersecurity attacks and how to leverage AI in cyber defense. So I pulled up a few items just to show you kind of what we're building and the different types of items that we have.
So this one, this one's really fun. In this one, we have the students build a password dictionary. So, they look at a fictional online profile. Here is something, all of this information that you could probably find online. Hopefully not the mother's maiden name, but sometimes you can. And then what you do here is you build a password dictionary. What could this person's password be? So, maybe it's Alex 1985. And you put that in the dictionary. Maybe it's Whiskers 1985 and you add that to the dictionary.
So students take a little while and they add to the dictionary, maybe 15-20 words, see what they can get, and then they start the dictionary attack. It'll go through each word that they put in the dictionary. So you're just giving the students something that's interactive, engaging, and they can almost learn while doing. So, they can see all of this information over here and see what would be the bad choices for a password.
We also have a lot of items where they are not only taught the material, but they do get to try it out in simulations or something that they can actually do. Like this one, I really thought was pretty cool. This is a multi-factor authentication simulator. So we do add whenever we're doing something like this, we try to add like, "This is a simulation. Definitely don't use your real password or credentials or anything like that." So we're just going to put in something and then you choose, let's say, text message. So, it's going to send the code and students may or may not already know what this is. But it's just a fun way to kind of see it without having to go on their phone and do it. So, they can do all three methods and it works in this little popup.
We also have some offline assignments that are not just attached to lesson plans; they are actually in the course. So pro teachers, free teachers, everyone gets it. And this helps to not only get the students off the screen for a bit, but it also gets them to see it in a different way so that they're not just always using digital resources. So let's pull things from their brain. So, this one is a human in the loop. So, this one has to do with the AI aspect of unit one. So students will look at an AI recommendation and then answer questions about it and then like, "Do you approve or deny this recommendation?" So this specific assignment is just teaching that AI can help, but there still needs to be a human to approve or deny and make the final decisions.
We also have, just again, like we want students to be doing and not just reading. So, in this one, they get to read some of these sentences and decide if it's a flag. You can drag it to the box that it matches and they get instant feedback. So, it's a really good way to kind of self-check. So, we have a lot of self-checks built into our content pages.
This is one more from unit one that I'll share and then we'll get into unit two which we are currently building. I thought this was a great one too. In this one they're talking about what is safe to post and what is not safe to post. So you don't want to give up too much information. So like post A would be like, "Finally off to Bali for two weeks. See you later." Well now we know that no one is at your house. So that one is not good. And then this one is saying like, "Once you get back maybe post," and you get to choose and then go to the next question. So again, just a way to teach while doing. So again here, this is what our first unit looks like.
It is out in a preview. I will give you the link later to join the preview. So all of these you'll be able to view and leave feedback. We would love to hear your feedback. And then as we continue to build units, we will throw them in the preview course. And I will give you that link after I go over the next few slides.
So unit two, we are currently in the process of unit two. And if you have looked into the College Board document, unit one is a lot shorter than the rest of them. So unit one is a quicker introductory module. And even though this only has four topics, it is quite a long unit and that just is how they all go from unit 2 on. So in this case, we're going back to social engineering, but we're looking at it through a different lens or we're going into more depth. So the topics in this one are cyber foundations, physical vulnerabilities and attacks, and a lot of physical spaces and physical attacks. And I really think it's coming out really great. We are going to share it soon.
We're almost done with unit two. And like I said, once we finish things, we will put them in the preview course for you to take a look at and share some feedback. And since unit 2 is a little bit bigger, we are doing a few projects. So we have two types of projects. One is what I call a "through project." So it's a project that you do across a span of lessons and you keep coming back to it. So you might learn something, apply it, learn something more, apply it to the same scenario, same project, and keep going. So like what you see on the screen here would be like the first lesson and we have this CodeCraft through project, and then you might go to the next lesson, learn some more and then come back to CodeCraft, and then we've got a third lesson, learn some more and then finish up your code with a full penetration report. We also have just some cumulative projects.
So like this project where students are not just applying a little at a time. They're basically taking what they've learned in the last 10 lessons and pulling it all together in one project so they can see how it all works together. We have both of those in the course. So let me show you a little bit. The CodeCraft project is just a fake website that we have created that students can kind of go through and they are taking the role of a penetration tester. So they're looking through and seeing what could be vulnerabilities. Isabella lists her email here; it's the only one that lists her email. So Isabella might be flooded with some phishing emails because it's out here in the public. And students just go and look into the different pages and see what are the vulnerabilities and what could be exploited.
And then we even have them do some fake simulations with active reconnaissance. So in this case we have a simulation for a terminal and what students are doing is learning about some of these terminal commands and testing it out right here. So, they might look at this and they'll see a bunch of different IP addresses. And in this one, they see that they might have an extra open port that's not great. One of them is using Windows 8, which is outdated. So, they'll look at these and they'll see those vulnerabilities. They'll see those things that probably would be the weakest computer. So, they look into all of these employee computers and they decide which one is the weakest, which one might a criminal attack first.
I wanted to share this one just because we do have content pages. There is a lot to learn. If you guys have looked at the College Board, it is like 400 standards, but they're not really standards; they're like 400 facts, and some of them are like paragraphs long. There's a lot to learn. So we do have to present that to the students as engagingly as we can. So we have lots of chunking. So we will take something that might be a long topic to learn but we'll give them something to click on and read a little bit, then click on and read a little bit more. We add some fun things here and as much as possible just try to chunk the information that they have to learn.
Okay, so here's another simulation. So this is again the CodeCraft project. But we have a simulation where they look through some network logs and they're going to flag the ones that are suspect. And then again, they get instant feedback. But they'll end up learning while they're doing. So, this is almost like a discovery activity. They're going to look through here and be like, "Ah, 2,000 megabytes. That one's going to be probably suspect," and flag that one and see which other ones they flag. Maybe there's some that are at 2:00 in the morning, so that one might be one to flag. So these discovery activities have students kind of learn it and then find out if they were right and what they can learn past that, and then you can change your answer until you get them all right. So this is content teaching and then self-checking.
Here's just another example of a self-check. So again, this is the physical security which I think is going to be really fun to teach in the classroom. I know I would have a blast trying to teach physical security in a classroom. And again, it's just a drag down and you pick the right answer, but they do get instant feedback. And then of course we have the quizzes that you guys are all used to where you'll see the answers. But a lot of times we want the students to self-check themselves and then they can take the quiz or the assignment that's going to go to the teachers. I think I've got one more.
Oh yeah, I really like this one too. So talking about physical security again, just trying to be innovative in how we learn it. In this case, they have a minute to kind of click on things that are not great, like a post-it with the login information. Not wonderful. We've got an unlocked laptop, right? We've got server credentials on the whiteboard. And just stuff like that. And then it will give you this feedback and then move on. So, we use a lot of these as kind of a hook. It's a motivation. It's also letting you as the teacher know what they know already—prior knowledge. Because there's got to be a lot of that in cybersecurity where some students just know some stuff and then others can't copy and paste. So you have that big variety. This helps the teachers, I think, as well.
I believe that's it on that. Okay. So here's the preview section. Sean, if you could just help me share that link. So, when you click into that link, you just hit "Join Section." I'll give you like 10 seconds to do that, but then I don't want you to miss what I'm about to show you now anyway. Or just hold on to that link and come back to it. Because not only will you get access to unit one in this preview section, but we do want some feedback. We are not releasing this course for a few months, so we have a lot of time to take in your feedback and apply it, which we would love. We would love to hear what you're thinking.
So, there's two ways that you can give feedback. When you're in that preview section, the first module gives you all these instructions. It has instructions on just how to use the course preview. It has a general feedback survey. This is just a survey that you fill out if you have general feedback, like what would you like to see coming up? What would you like more of?
And then for those that have used CodeHS, you might know about the feedback star. It really helps us as developers know exactly what item you're talking about if you were just wanting to give feedback about one specific item. So if you're in this password protection item and you see a typo or you see like, "Hey, it'd be great if you added this," or if a link isn't working, what you can do is you can click on this star up here and it will give you a modal and you just tell me what that is and that attaches your feedback to the item. It makes it very easy for us to apply it. Now, the thing is a little caveat with the star is we have to give you that access. Once you sign into the preview course, you might not have the star right away, but you will have it in a few days.
Were there any questions that I missed before I send it over to you, Sean?
We've hit a lot of the questions as we go, but if we want to talk through about this being an AP course, if there's any recommended prerequisites?
Okay. So I have researched a lot on this course and it is listed as introductory. So there isn't a prerequisite for this. I do think, in my personal opinion, it's helpful if students have taken a CS course or a cybersecurity course, but they don't have to. But it is an AP course, so just the level of rigor is harder. So just keep that in mind. But there's nothing they have to come with; it's just if they don't know anything, there's just more that they have to learn.
There was another one that just came in. Will any programming languages be required? No, no programming is required for the College Board. We have some in the regular cybersecurity course, but in this course they don't need to know any programming. So the terminal activities are actually engagement and enrichment. Anytime we have them actually using the commands, they need to know some of the commands, especially in unit 5, but they don't actually have to use them. And maybe College Board did that so that students don't mess up their computers or their school computers. So they do have to know what the commands do, but anytime we put it in a simulation or the Cyber Range, that's enrichment and that's going to just help them retain the knowledge.
I do see some questions about Security+. We are going to align to certifications, but it doesn't align exactly because with CompTIA Security+, they also have the network and security ones that kind of come before that. But the course itself, the College Board course, it's not the same as the CompTIA certification. The CompTIA certification has a lot of specifics. The AP Cybersecurity is way more conceptual. Could it lead to it if you wanted to add stuff to it? I definitely think so and we'll align it.
And the College Board is offering their own version of a career certificate called Career Kickstart. And then someone asked about grade level recommendations. I think it really depends on the strength of the student, but in my opinion, I would think that this would be a junior/senior type thing. Could a younger student do it? Potentially. But it's just big; there's a lot to learn. If you've taught AP CSP, I would say that that is less difficult than this course.
And as far as using online environments, our Cyber Range will be part of that, but you obviously will be able to use other programs as well to actually explore like Linux and things. But let me take back over here and we will quickly talk through our PD options and primarily our AP Cyber PD cohort. CodeHS has this concept called a teaching cohort where it's a way for teachers like yourselves to learn from a team of experts like us and understand both the specific curriculum that you're going to be teaching as well as touching on a lot of classroom pedagogy. So it will be in a classroom environment with peers.
We're going to have live sessions for this AP Cyber cohort. If you sign up for it, we will be meeting starting with the first live session in the end of July which is like kickoff. All the others though, they'll be up to 90 minutes covering specific lessons, going over teaching strategies, and basically working with myself or a PD specialist as well as fellow teachers in that nice interactive environment. You can actually check out the slides here or the syllabus where you'll be able to see the rough plan right now of what this is going to be covering.
Our general idea with these is you'll be enrolled as a student in a course that will be laid out much like this one where you'll be able to explore the content. We'll have assigned curriculum for you to go through. In addition to the content itself and the meetings, you'll even have access to send me a message or send our PD specialist a message to get feedback. And we get back with you within a day. If you're having trouble with something, we're there to help.
You're going to be able to go through and help you plan your first year with this expert guidance. We'll look at some hands-on practice with a lot of the cybersecurity exercises. And we're going to go through a lot of useful tools and examples for engaging with your students both in the class and beyond. Like I said, you'll have those five live sessions with an expert, most likely me for all of them. You'll get to have that asynchronous chat. You can also, if you sign up for the cohorts, have one-on-one sessions to work through any specific problems. Most importantly, you have a built-in community of other teachers who are going through that same thing. We'll get you set up and successful for the new year and this new brand-new big scary curriculum.
All right. So next up, we're going to hand it over to Evelyn, who's going to show off our Cyber Range.
All right. Thanks, Sean and Jennifer. So I'm really excited to show everybody our newest offering for AP Cybersecurity: the CodeHS Cyber Range. The CodeHS Cyber Range is a new interactive lab environment that supports our AP Cybersecurity course. It's a full sandboxed Linux environment on a server where students can safely practice hands-on application of course concepts. In the AP Cybersecurity course, students are learning topics like network administration and security. You don't want students practicing these things on their own devices even if they could. And so this is really just a safe sandboxed environment where you can encourage students to try things out, test things, break things without the consequences of impacting your network security or your devices.
The Cyber Range offers these secure interactive simulations that allow students to apply what they've learned in the course. And then these challenges cover topics like Linux basics, cryptography, web and network security, forensics, and binaries.
For each challenge, students have their own sandbox server, a Linux terminal, and Docker containers. Each challenge is "capture the flag" style, which means that there's just a hidden flag phrase somewhere in the challenge. This is one of the Linux basics challenges. I'll start by reading the readme file, and it gives me a little bit of information. I'm supposed to find the flag. I can see that there's a text file and it is locked. I don't have permission, but I see from the instructions that I can use the chmod command to change the permissions. And now if I try to read that file again, I get the flag. I can copy it and complete the challenge.
Let's take a look at a different challenge. This one is asking us to query the local DNS server to find a hidden flag. I can start with the readme file. It's going to give me a few lookup commands and tips. It gives me some information and basically, I need to run through a list of these different servers to find the flag. So now if I go and I query this secret domain, I can find in here that there is a flag hidden.
And then this is the final challenge we'll look at. In this challenge, students are asked to practice reverse engineering. So they're taking a compiled executable with no source code and then they're expected to inspect it and figure out what it does and find the correct input phrase. Again, you can start with the readme text file. It gives me a couple of hints and strategies. And so I can go ahead and use this to read the assembly code. This one is a multiple-phase challenge. It is definitely one of the harder ones and pretty similar to something you might see in a university computer science course. So you can see that there's a real range in terms of level of difficulty, topics, and rigor here.
This is a student dashboard. You can see that students are earning points by completing challenges and earning badges. And then here you can just browse all of the challenges. You can search by topic and difficulty level. The idea is really to give students these hands-on practice opportunities. And the challenges are mapped to the AP Cybersecurity framework so you can easily see what challenges should accompany the course content paired with the lessons.
So, you're probably wondering how to get started with the Cyber Range. This is an add-on purchase for the AP Cybersecurity course. The curriculum is free, but this would be a required purchase to access the Cyber Range. You can still teach the course without the Cyber Range—you can use a different range—you'll just be missing the interactive activities that this range provides. So if you are interested in the Cyber Range as an add-on purchase, you can fill out our Cyber Range request form and our team will get in touch with more information.
Thank you.
