"The Challenge of Cybersecurity - Cyber 1"

Course Goals: The overarching goal of this course is to introduce students to the foundational concepts, principles, and tools of cybersecurity. The course is centered on the Cybersecurity Curriculum Guidelines and is thus situated in eight big ideas: ethics, establishing trust, ubiquitous connectivity, data security, system security, adversarial thinking, risk, and implications.

After this course, students should understand that cybersecurity has broad implications and ethical reflection and judgment are required. Students should also understand the fundamental cybersecurity principles necessary to determine security requirements and mechanisms. Historical events and their cybersecurity implications; relevant laws and policies governing data; and economic concerns and risk management trade-offs involved in making cybersecurity decisions from various stakeholder perspectives are all included in this course. Students will challenge assumptions and practice thinking about opposing forces as they analyze threats, vulnerabilities, and attacks. Students will evaluate the tools used to connect cyber-physical systems and practice using the encryption techniques needed to secure data across networks.

The illustration above was inspired by the artwork of Ketrina Yim for “Teaching Security” (https://teachingsecurity.org/)

The overarching goal of this course is to introduce students to the foundational concepts, principles, and tools of cybersecurity.

Modular Design of Course

The modular design of this course was intended to provide flexibile implementation to educators. Modules can be used independently or in whatever sequence that suits your needs.

Module Downloads and Other Educator Resources are available here:

Teach Cyber Modules are only available to Registered Educators. There is no charge to register.

Modules 1-5 have been updated and are now provided as PDF files. The module download contains a module overview, teaching guide for each lesson, instructional slides, activity guides, answer keys or activity exemplars.  (September, 2023)

Course Modules

Only Registered Users can download

 https://teachcyber.org/downloads-for-registered-users/

"What is Cybersecurity?" – 11 Days

This module opens the topic of cybersecurity by examining some early hacks of telecommunication systems and the Internet. It begins with an exploration of early hacks and then transitions into what cyberspace is and engages students in the notion of cyberspace being a complex system. Next, it delves into what it means for the Internet to be an open architecture and explores how the openness of the Internet is both virtue and vice. The example of cloud storage is used to illustrate complexity. The unit brings sharp focus on why cybersecurity is needed and for whom cybersecurity is needed. Next, it offers the foundational model of CIA in a manner that both introduces these concepts and affords exploration of what they are and why they matter. It then explores how cybersecurity impacts the quality of people’s lives through an examination of digital participation worldwide and the rise of IoT. The module ends with engaging students in the messy work of considering ethical obligations involved in cybersecurity and how complex systems are not easy to predict or model.

Ethics, Establishing Trust, Risk, Implications

What is Cybersecurity?

Lesson Title Learning Objectives Day(s)

1

Cyberspace and Cybersecurity

Students will:

Describe the Internet in terms of its “open” design and its global reach.

Explain the characteristics of the Internet that make it a complex, global system.

Describe the relationship between the Internet, the World Wide Web, and Cyberspace.

Describe data protection challenges.

1-4

2

CIA Triad

Students will:

Explain how cloud computing has impacted cybersecurity.

Explain how confidentiality, integrity, and availability provide a model for securing information.

Identify examples of loss of C, I, A in some identified hacking events.

Describe trade-offs between confidentiality and integrity with availability of information.

5-7

3

Impact on Society

Students will:

Describe expected benefits and potential harms of IoT devices.

Explain how privacy and security are impacted by the convenience and usability of technology.

Explain the role of a professional code of ethics in cybersecurity.

8-10

Assessment

11

Only Registered Users can download.

"Risk, Adversity, and Trust" – 17 Days

This module picks up with the question of the value of information. Students identify what information assets need to be protected, and how they need to be protected. It then introduces the idea of threat sources, and students identify the vulnerabilities in conjunction with the impacts (i.e., disclosure, deception, disruption, destruction, and/or usurpation). The focus shifts to countering threats, vulnerabilities, and attacks with security services or controls. Security controls are introduced in two ways. First a few controls are introduced, e.g., authentication, cryptography, access control, firewalls, intrusion detection. Here, students are engaged in learning about the control and its role in prevention, detection, and response. It then considers these same controls but this time through the lens of establishing trust. In order to do that, the unit addresses the question of “what is trust”? It is pointed out that while trust cannot be quantified precisely, trust is essential in everyday life and cyberspace. After exploring attacks, vulnerabilities, threats, control measures, and trust, students will develop an understanding of cyber risk.

Establishing Trust, System Security, Adversarial Thinking, Risk

There are websites in this lesson that should be tested in advance to ensure access.

Risk, Adversity & Trust

Lesson Title Learning Objectives Day(s)

1

Information Assets

Students will:

Explain how information assets are classified based upon level of sensitivity.

Prioritize information assets according to their need to be kept confidential, unchanged, and/or available, and their criticality/sensitivity.

1

2

Attacks, Vulnerabilities, and Threats

Students will:

Differentiate among threats, vulnerabilities, and attacks

Identify the impact of software vulnerabilities on confidentiality, integrity, and availability.

Describe adversaries in terms of their resources, capabilities, and motivations.

Identify threats that do not have malicious intent.

2-5

3

Social Engineering

 

Students will:

Differentiate among threats, vulnerabilities, and attacks.

Describe how deception is used to compromise security procedures.

Identify how the resources and capabilities of adversaries impact attacks.

6-7

4

Controls and Responses

Students will:

Distinguish between identification, authentication, and authorization.

Describe how cryptographic hashing functions can ensure confidentiality and integrity.

Explain how protection involves prevention, detection, response, and recovery.

Describe how complexity can affect the vulnerability of a system.

8-12

5

Trust

Students will:

Describe how the human factor can negate trust in cybersecurity systems and procedures.

Explain why cybersecurity is a hard problem.

13-14

6

Risk

Students will: Describe the risk assessment process and purpose.

15-16

Assessment

17

Only Registered Users can download.

"The Elements of Cyberspace" – 21 Days

This module provides an introduction to computer hardware, software, and operating systems. Students explore how hardware and software work together to achieve an overall objective. Students learn how devices communicate across the Internet and explore open source versus proprietary protocols. After these basic building blocks of cyberspace are defined, it introduces basic concepts of networks and networking. It includes introductory labs to introduce students to basic Linux commands and networking concepts. Finally, students examine the growth in society’s use of and reliance on computers and networks ranging from health, commerce, national defense, to entertainment and leisure.

Ubiquitous Connectivity, System Security

The lab activities in this unit require a Kali Linux Virtual Machine exercise environment in the US Cyber Range. There are websites in the lesson that should be tested in advance to ensure access.

Elements of Cyberspace

Lesson Title Lesson Learning Objectives Day(s)

1

Hardware, Software, and Humans

Students will:

Convey that computer hardware refers to the physical parts of a computer and related devices. 

Define software as a set of instructions that execute on hardware and are designed to achieve some objective on a physical device.

Identify how hardware and software work together to achieve an overall objective.

Explore an operating system called Linux.

Explain that an embedded system is one that has embedded software that is built directly into the physical device.

1-8

2

Introduction to Networks

Students will:

Explain how devices use layers to communicate across the Internet and describe the purpose of the layers. 

Explain how network standards and protocols allow different types of devices to communicate.

Compare proprietary and open source development of code and algorithms. 

Explore how to capture and analyze packets sent over the Internet.

9-13

3

Network Fundamentals

Students will:

Explain how devices use layers to communicate across the Internet and describe the purpose of the layers.

Explain how network standards and protocols allow different types of devices to communicate.

Compare proprietary and open source development of code and algorithms.

Explore how to capture and analyze packets sent over the Internet.

14-18

4

Ubiquitous Connectivity

Students will:

Examine the growth in society’s use and reliance on computers and networks in healthcare, commerce, national defense, entertainment and leisure.

Identify security concerns due to vulnerabilities in those systems.

19-20

Assessment

21

Only Registered Users can Download.

"Data, Software, Hardware, and Network Security" – 25 Days

This module builds on the previous module. Students delve deep into the technical aspects of cybersecurity, including data states and data controls, as well as vulnerabilities and exploits in software, hardware, networks, cyber-physical systems, and human use of data. It emphasizes that the Data Security knowledge area focuses on the protection of data at rest, during processing, and in transit; and introduces the concept that protecting data requires both policy controls (such as laws and regulations), technical security services (such as cryptography, authentication, access control, and secure communication protocols), and physical controls. The desired result is for students to have a general understanding of cybersecurity – a complex set of systems, networks, and human interaction that needs to be protected. Here students show the affinities that work in different aspects of security: secure software development, hardware security, network security administration, cyber-physical security administration, security training/usability design for humans.

Ubiquitous Connectivity, Data Security, System Security, Adversarial Thinking, Risk

Students need accounts on the US Cyber Range.

Data, Software, Hardware & Network Security

Lesson Title Learning Objectives Day(s)

1

Data - About

Students will:

Analyze existing data security concerns and assess methods to overcome those concerns.

Perform Open Source Intelligence (OSINT) using publicly available resources.

Distinguish between the use of data to help individuals and the misuse of data to harm individuals.

1-2

2

Data - Principles

Students will:

Analyze existing data security concerns and assess methods to overcome those concerns.

Describe how the principles of confidentiality, integrity, and availability apply to address security concerns and protect data.

3

3

Data - States

Students will:

Analyze existing data security concerns and assess methods to overcome those concerns by focusing on data at rest, processing, and in transit.

Describe the requirements for protecting data at rest (storage), transit (networks), and processing.

4

4

Data - Controls

Students will:

Describe the purpose of common cybersecurity laws at the federal and state level (e.g. HIPAA, CFAA, CCPA, GDPR).

Describe the purpose of common cybersecurity policies (e.g. Acceptable Use, Data Encryption, Minimum Password Requirements Policies).

Describe the rules and methods for the physical protection of data.

5

5

Data - Software

Students will:

Describe common security-related software vulnerabilities.

Explain how an adversary can exploit a security-related vulnerability.

Describe the process of discovering security-related vulnerabilities and determining the severity of a vulnerability.

6-11

Assessment (Part 1)

12

6

Data - Hardware

Students will:

Identify some common hardware-related vulnerabilities.

Describe the requirements for tamper-resistance and fail-safety in hardware.

Identify hardware security issues related to an adversary physically gaining access to a device.

13-15

7

Data - Networks

Students will:

Identify network vulnerabilities on all the OSI layers of internetworking.

Explain how an adversary can exploit a security-related vulnerability on one or multiple OSI layers.

16-19

8

Data - Cyber Physical Systems

Students will:

Identify some common cyber-physical systems vulnerabilities.

Describe the consequences of unintentional gaps or malicious attacks on cyber-physical systems that could have a severe impact on human lives and the environment.

20-22

9

Data - Humans

Students will:

Describe how social behaviors and human factors impact the cybersecurity of a system design.

Explain how social engineering works. 

23-24

Assessment (Part 2)

25

Only Registered Users can download.

"Countermeasures Against Cyberattacks" – 27 Days

This module further develops understanding of data security controls and includes authentication, identification, authorization, and access controls. These tools are examined from the perspective of their function in terms of preventing disclosure, deception, disruption, destruction, or usurpation. From here this unit introduces important terms and concepts in cryptography, and then covers how symmetric and asymmetric cryptosystems work. It returns to policy controls and students will analyze laws to discern what type of data are being protected, for whom, and under what circumstances. The module also covers physical policies as part of a comprehensive defense-in-depth protection strategy.

From there, it moves on to discuss network security controls with topics like protocols that build in security, firewalls, intrusion detection, and intrusion prevention systems. It discusses important topics such as input validation, state analysis of software, dynamic analysis of software, the role of patching in software security, and the challenge of zero-day vulnerabilities. Regarding hardware security controls, the module presents how physical controls are used to secure hardware. By the end, students will also begin to think about the “bigger picture” of systems to develop a strong understanding of how (and which) controls are used in securing a system from attacks.

Ubiquitous Connectivity, Data Security, System Security, Adversarial Thinking

Students are expected to understand basic principles of how data can be attacked (covered throughout Unit 4). A basic knowledge of Linux is also assumed from Unit 3. Some familiarity with vocabulary in Units 1 and 2 can be helpful, though is not necessarily required.

Students need accounts on the US Cyber Range.

Countermeasures Against Cyberattacks

Lesson Title Learning Objectives Day(s)

1

Data Controls

Students will:

Describe authentication, authorization, identification, and access control and be able to articulate differences between them.

Identify various factors of authentication and identify pros and cons.

Implement Role Based Access Control on a Linux system.

Describe how Mandatory Access Control and Discretionary Access Control each specify a process for securing resources.

Explain that failure to protect data can be due to faulty authentication, faculty authorization, and/or faulty access control.

1-3

2

Symmetric Cryptography

Students will:

Explain how cryptography is used in data security.

Use symmetric ciphers to engage in the process of encryption and decryption.

Explain the process of moving between ciphertext and plaintext.

Describe the difference between transposition ciphers and substitution ciphers.

Explain the challenges to symmetric cryptosystems.

4-7

3

Asymmetric Cryptography

Students will:

Explain how asymmetric (public key) encryption works.

Explain the difference between symmetric and asymmetric encryption and the need for public key cryptography.

Explain the use of key exchange/agreement protocols in cryptography.

Identify commonly used algorithms for asymmetric encryption.

Demonstrate how public key encryption works using software such as Kryptos.

Explain the use of hash functions in securing information.

Describe the basic requirements for a cryptographic hash function.

Identify commonly used algorithms for hashing.

Demonstrate how hashing works using online tools.

Explain the mechanisms used for digital signatures.

Explain the role of digital certificates and certificate authorities in secure communications.

Demonstrate how digital signatures work using software such as Kryptos.

8-12 (additional days will be needed if using cyber range labs)

Assessment (Part 1)

13

4

Policy Controls

Students will:

Describe the security controls needed for implementation of a policy.

Identify violations of a security policy.

14-15

5

Physical Controls

Students will:

Identify physical controls that are used to secure data.

Describe how common physical controls are implemented as part of defense-in-depth physical security policy.

16-17

6

Network Controls

Students will:

Distinguish between the purposes of network security devices and technologies for layered network protection.

Configure and test firewalls and Intrusion Detection/Protection Systems (IDS/IPS).

18-20

7

Software and Hardware Controls

Students will:

Describe the process of designing, developing, and validating that software remains secure through its lifecycle.

Perform Operating System (OS) hardening and implement common controls in software applications.

21-24

8

Impact of Failure – Responsiveness to Change

Students will:

Illustrate how many controls come together to form a complex system with various weak points.

Explain that security requires a system to be responsive to change and is only as strong as the weakest link.

25-26

Assessment (Part 2)

27

Only Registered Users can download.

"Security is Not Free" – 8 Days

Module 6 looks at how economics shapes the cybersecurity decisions of designers (hardware, software, network technology and service providers), businesses and entities that rely on cyberspace for some-most-all of their operation (manufacturing, energy, food and agriculture, emergency services, financial services, transportation, etc.), and consumers (the end user who is the cyberspace citizen). Students will identify the key stakeholders and understand their motivations and interests in cybersecurity decisions. The consequences of competing interests, the costs of malicious cyber attacks, and the impact to the economy when cybersecurity is not prioritized will also be explored.

Security is Not Free

Download Lesson Title Learning Objectives Day(s)

1

Who are the Stakeholders?

Students will:

Identify the key stakeholders and describe their motivations in cybersecurity decisions. 

Describe the costs associated with data breaches.

Describe the factors affecting the cybersecurity decisions made by businesses.

Describe the factors affecting the cybersecurity decisions made by the designers of technology.

Describe the factors affecting the cybersecurity decisions made by consumers.

1-4

2

Who bears the cost?

Students will:

Identify the cost of an Internet shutdown as a measure of the economic cost of disruption to connectivity.

Identify factors contributing to the under investment in cybersecurity.

5-7

Assessment

8

Only Registered Users can download.

"Threats, Vulnerabilities, and Attacks: A Closer Look" – 15 Days

The module begins with threat modeling, which is challenging and uncertain. It picks up on attacks covered earlier and identifies the threat source. The module goes further by teaching students how to think about the threat source in terms of resources, capabilities, motivations and aversion to risk. It then pivots to the attack kill chain and students explore a few historic threat sources using the kill chain. The exploits will be looked at carefully to realize how features that were designed to help administrators and users can be the same tools that enable exploitation of targets for nefarious goals. This is a perfect time to reemphasize the role of ethics and the fact that the same policy approach that allows something to happen that might be “good,” also affords the fissure that allows the “bad.” Now that we are deeper into the anatomy of attacks, the module changes perspective from that of the offender, to that of the defender and looks carefully at how to conduct vulnerability assessment (aka penetration testing). In digging deeper into threats, attacks and vulnerabilities, students are doing risk assessment, so controls are revisited. Not every vulnerability can/should be remediated. There is no such thing as perfect security. Therefore, decisions need to be made regarding what needs to be remediated, why, how, etc.

Ethics, Adversarial Thinking, Risk

Although not necessarily completely dependent, students should have a firm understanding of the broad array of types of attacks that occur and the controls that can prevent them that students learn throughout Unit 4 and Unit 5. An assumption is also made that students have an understanding of attacks, vulnerabilities, threats, controls/responses, and risk from Unit 2 Lessons 2, 3, and 5. Lessons 2, 3, and 7 of this unit rely upon the assumption that students completed Lesson 8 of Unit 5, although modifications can be made by the teacher to adjust if that has not been completed.

Students need accounts on the US Cyber Range.

Threats, Vulnerabilities, and Attacks: A Closer Look

Download Lesson Title Learning Objectives Day(s)

1

Where Were the Threats?

U7.L1.1: Students will create a threat model and evaluate the trade-offs associated with defending against different threat sources.

U7.L1.2: Students will explain that threats originate from both internal and external sources, both intentionally and unintentionally.

U7.L1.3: Students will explain that bad actors in cyberspace are characterized by their resources, capabilities/techniques, motivations, and aversion to risk.

1

2

Threat Modeling

U7.L2.1: Students will create a threat model and evaluate the trade-offs associated with defending against different threat sources.

U7.L2.2: Students will explain that threats originate from both internal and external sources, both intentionally and unintentionally.

U7.L2.3: Students will explain that bad actors in cyberspace are characterized by their resources, capabilities/techniques, motivations, and aversion to risk.

2-3

3

The Cyber Kill Chain

U7.L3.1: Students will analyze how the cyber kill chain is essential to adversarial thinking.

U7.L3.2: Students will explain the seven stages of the cyber kill chain.

4-5

4

Marcus Hutchins: Hero, Zero, or Something Else?

U7.L4.1: Students will investigate the complexity of ethical and moral dilemmas and how the line is not always clearly drawn in practice.

U7.L4.2: Students will explain that intentions of design do not always reflect how a system is ultimately used.

6

5

Discord: Software and Unintended Consequences

U7.L5.1: Students will explain how software development leads to unintended consequences and that designing with security in mind is important in addressing those results.

7

6

Penetration Testing

U7.L6.1: Students will be able to conduct standard security penetration testing and assessments.

8-12

7

The Continuous Cycle of Security

U7.L7.1: Students will investigate how new attacks can impact threat models and explore the cyclic nature of cybersecurity.

U7.L7.2: Students will explain that risk assessment involves evaluating trade-offs compared to the threats and vulnerabilities that come together to form risk.

U7.L7.3: Students will explain that not all mitigations can be implemented and that some risk is necessary for an organization to function effectively.

13-14

Assessment

15

Only Registered Users can download.

"States, Statelessness, Sovereignty and Cybersecurity" – 15 Days

This module explores how cybersecurity is both a deeply technical and a deeply political space.  It begins with a focus on end to end encryption and The Cryptowars. Students learn about the National Security Council and explore competing social values and ideologies that are forces in The Cryptowars.  Building on this foundation, students then dive into a deeper understanding of the values and tensions by participating in a simulation where they play different roles in the National Security Council tasked with making a recommendation to the President of the United States.  A goal of the simulation is to reveal how cybersecurity practices are highly complex and variable causing tensions between what ethical duties are, to whom the ethical concern should be considered, and whose interests should be invested in protecting. The simulation engages students in analyzing the relationship between ethics and laws, and reflecting on their own personal values and beliefs.  The module ends with a lesson on Cyber as an Instrument of Power where students extend the ideas explored in the simulation to an international stage.

States, Statelessness, Sovereignty and Cybersecurity

Download Lesson Title Learning Objectives Day(s)

1

Cybersecurity Diplomacy in Action

Students will:

Describe how political ideologies, economic structures, social organizations, and cultural perceptions impact cybersecurity.

Explain how values and ethics affect political structures, laws, and policy decisions as it relates to cybersecurity.

Explore the tensions that exist between transparency, autonomy, resilience and security.

Analyze how privacy concerns vary greatly in regards to societies, age, and socio-economic status.

Discuss how even when a cybersecurity practice is legal, it may not be ethical.

Analyze online and offline behaviors in societies, i.e., themselves, peers, families, communities, and countries, and deduce the values that govern these behaviors.

1-12

2

Cyber as an Instrument of Power

Students will:

Investigate contemporary complex and co-adaptive relationships  between cyberspace, cybersecurity, cyberwarfare.

13-15