Sample Lessons

From "Intro to the Challenge of Cybersecurity"

These are selected materials from the “Intro to the Challenge of Cybersecurity Course.”  The goal of the course is to introduce students to the foundational concepts, principles, and tools of cybersecurity.

  • Level of instruction: Introductory high school
  • Learning setting: In-class/hybrid
  • Lab environment: Internet access, Computers/Chromebooks, Projection device (additional resources needed are noted in the “Resources Required” tab)

The illustration above was inspired by the artwork of Ketrina Yim for “Teaching Security” (https://teachingsecurity.org/)

Unit 4 - Lesson 7

"Data – Networks"

Data in transit is also a target for adversaries. The adversary can misuse this data at every level of the protocol stack that implements the network over which the data is transiting. Protections must be in place to prevent adversaries from creating malicious traffic and exploiting systems using this malicious traffic. This lesson will explore common network vulnerabilities and provide hands-on experiences in advanced port scanning, network enumeration, and email tracking.

Students should have a basic understanding of how software and hardware work together to achieve an overall objective. Students should also have a basic understanding of how devices use layers to communicate across the Internet. Students should also understand that data must be protected in processing, transmitting, and storage. We recommend covering Unit 3 – Lesson 2 before beginning this lesson.

180 minutes (4 class periods)

–U4.L7.1:  Students will identify network vulnerabilities on all the OSI layers of internetworking. 

–U4.L7.2:  Students will explain how an adversary can exploit a security-related vulnerability on one or multiple OSI layers.

Students need accounts on the US CyberRange

Unit 4 - Lesson 8

"Data – Cyber Physical Systems"

Cyber-Physical Systems (CPS) allow people to act in the physical space by using cyberspace to decide and often automate the best possible action. Smart grids, industrial control systems (heating, cooling, factory automation), critical infrastructure (hospitals, financial sector, transportation, water systems) and Internet-of-Things or IoT (smart televisions, digital assistants, smart appliances) are examples of CPS. Because an adversary can cause harm both in the physical world and in cyberspace, it is important to understand the vulnerabilities, attacks, and consequences of insecure controls and policies for cyber-physical systems. This lesson will explore common vulnerabilities in cyber-physical systems and provide hands-on experiences in exploring IoT vulnerabilities.

Students should have a basic understanding of how software and hardware work together to achieve an overall objective. Students should also have a basic understanding of how devices use layers to communicate across the Internet. Students should also understand that data must be protected in processing, transmitting, and storage. We recommend covering Unit 1 – Lesson 8 and Unit 3 – Lessons 1 &2 before beginning this lesson.

135 minutes (3 class periods)

U4.L8.1:  Students will identify some common cyber-physical systems vulnerabilities. 

–U4.L8.2:  Students will describe the consequences of unintentional gaps or malicious attacks on cyber-physical systems that could have a severe impact on human lives and the environment.

Post-It Notes

Unit 8 - Lesson 1 - Day 1

"Social Values"

Day 1 of Cybersecurity Diplomacy in Action has two foci.  First is a short discussion on social values as a warm up.  Students complete a Social Values worksheet to get them thinking about a variety of social goals.  From there the lesson narrows in on the social values that are most focused on security and introduces the National Security Council as the first building block toward the National Security Council Simulation on Day 10.

Unit 8 - Lesson 1 - Days 5-7

"The Cryptowars Timeline"

Days 5-7 focus on the issue at hand, i.e., The Cryptowars.  Students will learn about the history of The Cryptowars in order to appreciate the ongoing conflict and tensions in terms of interests and social goals/values from the beginning of the Cold War to today, where the most recent battle in The Cryptowars is focused on end to end encryption. End to end encryption is the topic of the upcoming simulation.