Hairston_Williams Planning & Pacing Guide

This introductory course is designed to provide fundamental knowledge in the field of cybersecurity. The course begins with defining cybersecurity and its importance at the individual, corporate, government, and international levels. Next, the course discusses the CIA triad and gives a basic introduction to computer hardware, which are knowledge units needed for the rest of the course. After providing this foundational introduction to the field, the course explores how cybersecurity is integrated into the fabric of human life by examining its impact on nations, laws, economics, and personal data. The course then becomes more technical in nature, introducing students to the principles of software design, physical security controls, cryptography, authentication and identity management, software vulnerabilities, the OSI model, network standards and protocols, the Internet, and hardware and software integration. The course ends by teaching security testing and assessment, securing cyber physical systems, and design trade-offs. Ethics, thinking like an adversary, careers, and historic components are interwoven throughout the course. At the completion of the course, students will have the foundational knowledge to prepare them for study in the fields of cybersecurity computer engineering, computer science, information systems, or related areas.

Download the full PPG, or download individual units from the Course Units table below.

Instructional Setting & Course Overview

This course is designed specifically for students who are Deaf and hard-of-hearing. It will be implemented in schools for the Deaf, where the average class size is fewer than 10 students. It will be an elective course, taught by a trained teacher.

  • This course is intended for 9th grade, Deaf and hard-of-hearing students.
  • The percentage of students receiving free or reduced-price lunches will vary school to school.
  • As the curriculum is for students who are Deaf and hard-of-hearing, many will consider English as a second language. Their primary language is ASL.
  • The percentage of college-bound students is unknown, as it varies from institution to institution.

The course will require an estimated 180 hours. It is designed to be taught with traditional scheduling; however, it may be adapted for other bell schedules.

As this is an introductory course, no prerequisites are required.

A Windows computer lab is suggested. Additional resources are listed in the materials section of each unit (linked below).

Major projects include:

  • Designing a computer
  • Setting up virtual machines
  • Securing various operations systems in virtual machine environments
  • Designing a secure network environment
  • Securing a cyber physical system

Course Units

Ethics Establishing Trust Ubiquitous Connectivity Data Security System Security Adversarial Thinking Risk Implications

Unit 1 – What is Cybersecurity?

5 Hours

Students will explore the concept of cybersecurity. They will differentiate between threats, vulnerabilities, and attacks. They will also discuss information assets and discuss risk to those assets. Ethics and careers are also discussed in this unit.

Unit 2 – CIA Triad

8 Hours

Building on the definition of cybersecurity, this unit explores the CIA triad. This unit also covers ethics, the consequences of a cyber-attack, and historic examples of such attacks.

Unit 3 – What is Hardware and How Do Computers Work?

7 Hours

This unit defines a computer and its fundamental components. Students will also understand the function of the components and how they connect together.

 

Unit 4 – Cyber is Global

7 Hours

In order for student to understand the global implications of cybersecurity, this unit has students compare and contrast the state of cybersecurity across the globe, paying attention to how attitudes differ among societies, age, etc.

Unit 5 – Cyber Law

6 Hours

Starting with the difference between criminal and civil law, students will explore cybersecurity related legislation and polices on a federal and state level. Students will learn how computers are used in crime, the role of acceptable use policies, and the concept of ethical hacking.

Unit 6 – Data Security Concerns

6 Hours

Data security concerns, including non-technical and technical controls, are taught in this unit. Cyber warfare is used to demonstrate data security concerns. Origin integrity is discussed, along with how cybersecurity impacts a person's quality of life.

Unit 7 –Principles of Software Design (Overview)

5 Hours

This unit provides a quick introduction to the principles of software design. These concepts are explored in detail in later units.

Unit 8 – Cybersecurity Business Economics

7 Hours

The need for baked-in versus bolted-on security is stressed in this unit. Here, students explore the reasons individuals and businesses under invest in cybersecurity, research the consequences of this choice, and learn about vulnerabilities tied to a global attack chain. Strategies for resiliency are also discussed.

Unit 9 – Physical Controls

5 Hours

Before digging deeper into technical controls in later units, this unit focuses on physical controls. Building on the idea of defense in depth covered in earlier chapters, this unit encourages students to build their own cyber fortress through limited entry points, redundant systems, and surveillance.

Unit 10 – Cryptography

9 Hours

Starting with hands-on historic symmetric ciphers, this unit demonstrates the impact of cryptography on warfare. It then explains the different modern algorithms, progressing to hashing functions, public key encryption, and digital certificates.

Unit 11 – Authentication & Identity Management

7 Hours

User credentialing is an important part of cybersecurity. Students will master this concept through studying the numerous options of user authentication, including something you have, know, do, or are. Students will also consider the strengths and weaknesses of each type and discuss the benefits of multi factor authentication. The unit ends with a study on social engineering, authorization, and least privilege.

Unit 12 – Why is Software Vulnerable?

6 Hours

Bug hunting becomes a topic of interest as learners translate what they know about baked-in versus bolted-on security into the area of software design. Patch management is discussed, as well as designer and user assumptions. Students also gain a deeper understanding of modularity and simplicity.

Unit 13 – Software Vulnerabilities

10 Hours

Building on topics from the previous chapter, students look at the technical side of software vulnerabilities. From buffer overflows to zero day attacks, the unit covers security-related software vulnerabilities and how to avoid them through security software development. Process isolation is explored in greater detail.

Unit 14 – OSI Model

8 Hours

All People Seem To Need Data Processing. This lesson traces a packet through the OSI model. Students also focus on abstraction.

Unit 15 – Network Standards & Protocol

8 Hours

Using their connections to the OSI model, students will learn about various devices’ standards and protocols. Students will also learn more about minimization.

Unit 16 – Complexity of Cyberspace

7 Hours

Taking concepts from previous units, students will tie the knowledge together to appreciate the complexity of cyber space. Not only will students visualize the size and complexity of cybersystems, they will also have a better understanding of adversaries.

Unit 17 – Why is the Internet Vulnerable?

7 Hours

Once students understand the complexity of cyberspace, they will map the Internet as an attack surface. Drawing from previous lessons, the students will contrast ethics with the various ways the Internet can be attacked.

Unit 18 – Cyber Attack Chain

6 Hours

After seeing the ways the Internet is vulnerable, the learners will trace the steps of a cyber- attack. Starting with reconnaissance and ending with covering his/her tracks, the students will see how individuals and businesses defend against advanced persistent threats.

Unit 19 – Network Security Technologies

7 Hours

Network defense is the topic of this unit. Students become familiar with all the tools available to protect attackers. This unit covers the tools individually and then asks students to apply the principle of layering to see how the tools can work together.

Unit 20 – Network Meets Cryptography

5 Hours

Drawing from their understanding of network security, students will see where cryptography fits into network security. Here, data protection through data hiding is the focus.

Unit 21 – Hardware & Software Integration

10 Hours

The unit explores the interrelationship between hardware and software. It offers a transition between software vulnerabilities studied previously and hardware vulnerabilities studied in the next unit. It details embedded systems and hardware’s reliance on software for instructions. Domain separation is a design principle covered in this unit.

Unit 22 – Common Hardware Vulnerabilities

8 Hours

Looking through the context of a backdoor, students explore how attackers bypass normal authentication and encryption. They also learn about RFID and side channel attacks. Students will tie this to supply chain topics covered earlier in the curriculum.

Unit 23 – Conducting Security Testing & Assessments

12 Hours

Building upon the knowledge of vulnerabilities taught throughout the curriculum, this unit familiarizes students with conducting standard security testing and assessments. It also shows how adversaries can use the same tools to target systems.

Unit 24 – Cyber Physical Systems

9 Hours

Students will take the cybersecurity knowledge they have gained from previous units and apply the concepts to cyber physical systems. Here, coming full circle from the curriculum’s introduction, students will see how attackers can leverage exploits to attack a nation’s infrastructure. As the world’s dependence on IoT grows, so does the impact of such an attack.

Unit 25 – Design Trade-Offs

5 Hours

This concluding unit stresses that security is only as strong as the weakest link. It reminds students of humanity’s dual role as producers and defenders. Additionally, it addresses additional threats to a system, such as natural disasters, change, and human error.