Unit 2 – Lesson 1 – “Information Assets”
1 Day
This lesson introduces the process of identifying and classifying information assets according to their sensitivity. Security controls are briefly introduced as a means to ensure confidentiality, integrity, and availability of information assets.
Unit 2 – “Risk, Adversity, and Trust”
17 Days
Unit 2 picks up with the question of the value of information. Students identify what information assets need to be protected, and how they need to be protected. The unit then introduces the idea of threat sources, and students identify the vulnerabilities in conjunction with the impacts (i.e., disclosure, deception, disruption, destruction, and/or usurpation). The unit shifts focus to countering threats, vulnerabilities, and attacks with security services or controls. Security controls are introduced in two ways. First a few controls are introduced, e.g., authentication, cryptography, access control, firewalls, intrusion detection. Here students are engaged in learning about the control and its role in prevention, detection, and response. This unit then considers these same controls but this time through the lens of establishing trust. In order to do that, the unit addresses the question of “what is trust”? It is pointed out that while trust cannot be quantified precisely, trust is essential in everyday life and cyberspace. After exploring attacks, vulnerabilities, threats, control measures, and trust, students will develop an understanding of cyber risk.
Unit 7 – Lesson 7 – “The Continuous Cycle of Security”
2 Days
This is the culminating lesson of the unit, bringing together many of the aspects of the unit to demonstrate that cybersecurity is constantly evolving, that there is no such thing as perfect security, and that risk must be planned for and held to a level where the risk balances the tradeoffs an organization is willing to make.
Unit 7 – Lesson 6 – “Penetration Testing”
5 Days
In this lesson, the focus is on penetration testing. Students will conduct hands-on labs with DoS attacks, address spoofing, performing attacks with Meterpreter, and hardening a compromised server.
Unit 7 – Lesson 4 – “Marcus Hutchins: Can We Label His Hat?”
1 Day
This lesson is based upon the Wired Magazine article The Confessions of Marcus Hutchins, the Hacker Who Saved the Internet written by Andy Greenberg. Marcus Hutchins, the hacker who discovered a kill switch in WannaCry (arguably the worst cyberattack the world had ever seen) was arrested by the FBI for hacking crimes he had committed in the past. This lesson challenges students to think about the gray area that often occurs in the cyber world and wrestle with ideas of right and wrong.
Unit 7 – Lesson 5 – “Discord: Software and Unintended Consequences”
1 Day
Software is always developed with one or more purposes in mind, but then released into the real world where users frequently make use of the software based upon different interests and assumptions than the original designer. In this lesson students explore how developing software can have unintended consequences and that this complicates the world of cybersecurity.
Unit 7 – Lesson 3 – “The Cyber Kill Chain”
2 Days
In this lesson students learn about the cyber kill chain and apply that understanding to scenarios to explore the role that the kill chain plays in a cyberattack. After exposure to the kill chain, students investigate the cyber kill chain through the lens of the 2017 Equifax data breach. On the second day of this lesson students apply this understanding of the kill chain to the scenario they began working on in Unit 5, Lesson 8 and Unit 7, Lesson 2.
Unit 7 – “Threats, Vulnerabilities, and Attacks: A Closer Look”
15 Days
Unit 7 begins with threat modeling, which is challenging and uncertain. The unit picks up on attacks covered earlier and identifies the threat source. The unit goes further by teaching students how to think about the threat source in terms of resources, capabilities, motivations and aversion to risk. The unit then pivots to the attack kill chain and students explore a few historic threat sources using the kill chain. The exploits will be looked at carefully to realize how features that were designed to help administrators and users can be the same tools that enable exploitation of targets for nefarious goals. This is a perfect time to reemphasize the role of ethics and the fact that the same policy approach that allows something to happen that might be “good,” also affords the fissure that allows the “bad.” The unit carefully considers right and wrong and the many shades of gray of white-gray-black hat hacking. Now that we are deeper into the anatomy of attacks, the unit changes perspective from that of the offender, to that of the defender and looks carefully at how to conduct vulnerability assessment (aka penetration testing). In digging deeper into threats, attacks and vulnerabilities, students are doing risk assessment, so the unit revisits controls. Not every vulnerability can/should be remediated. There is no such thing as perfect security. Therefore, decisions need to be made regarding what needs to be remediated, why, how, etc.
Unit 7 – Lesson 1 – “What Were the Threats?”
1 Day
This lesson begins the unit exploring three previous attacks that students will have examined earlier in the course. This examination will be through the lens of the threat environment. Students will work in small groups to analyze their assigned attack thinking about both internal and external sources and both intentional and unintentional consequences. Each group will be assigned an attack and tasked with noting information about the attack and how that attack relates to the threat environment.
Unit 7 – Lesson 2 – “Threat Modeling”
2 Days
This lesson builds upon the introduction to the idea of threat modeling that students developed in the first lesson of the unit. Students will work to develop a threat model based upon a hypothetical scenario provided to them. Day 1 focuses on building the model, while day 2 focuses on presentations and feedback.