Teach Cyber FAQs
Thank you for your interest in the Teach Cyber! The course materials for the “Introduction to the Challenge of Cybersecurity” are herein referred to as the Teach Cyber courseware for brevity.
1. What is the purpose of the Teach Cyber courseware?
The goal of the courseware is to introduce students to the foundational concepts, principles, and tools of cybersecurity. A team of K-12 educators, post-secondary educators, and cybersecurity experts, in partnership with the National Cryptologic Museum Foundation, developed the High School Cybersecurity Curriculum Guidelines (HSCCGs) and the Teach Cyber courseware. The Teach Cyber courseware was built around the HSCCGs
Grounded in learning science, the Teach Cyber instructional materials use a variety of hands-on, active, student-centered learning strategies, including lab experiences using the U.S. Cyber Range.
2. Who is the target audience for the Teach Cyber courseware?
The Teach Cyber courseware and the High School Cybersecurity Curriculum Guidelines (HSCCGs) target 9th-12th grades.
3. What prerequisite knowledge do students need?
We designed the Teach Cyber courseware to introduce students to the foundational concepts, principles, and tools of cybersecurity. There is no pre-requisite computing background. Any previous education about computers, networks, systems, and related security is beneficial but not required.
4. How do I access the courseware?
Access to the courseware is free for educators with a no-cost registration at TeachCyber.org. Once approved, the account enables the user to download individual lessons and/or full units of the courseware.
5. Do you offer teacher training to help teachers prepare to implement the courseware?
Yes, we do! We have multiple avenues to expand subject matter expertise in cybersecurity topics and courseware training.
- Our no-cost Teach Cyber Virtual Lounge will kick off in the Spring of 2021. These are casual, 1.5-hour virtual meetup sessions. The purpose is to chat about cybersecurity with teachers and answer questions about the Teach Cyber courseware. Although we will have a topic or questions prepared for each session, the Teacher Cyber Virtual Lounge is a place for cybersecurity educators to connect on important topics such as what cybersecurity topics to teach, how, and when.
- Summer 2021 Teacher Professional Development. In summer 2021, we will offer two kinds of training workshops: 1-day “Learn Cybersecurity” workshops for teachers who want to boost their cybersecurity content knowledge; and full-week “Teach Cybersecurity” workshops for teachers who want to prepare to implement the Teach Cyber courseware.
Please stay tuned. We will post more info on the Virtual Lounge and Summer PD (including workshop topics, pricing, dates, times, and registration details) ASAP.
6. How long is the Teach Cyber course?
We offer, at a minimum, 1 year’s worth of cybersecurity courseware and, at a maximum, 2 year’s worth of courseware. The time needed to cover all the Teach Cyber courseware will depend on where it is being integrated into your school’s curriculum.
7. Can the length be shortened or extended?
Yes! The Teach Cyber courseware can be (and is currently being) used in part or in whole. The courseware is Creative Commons licensed, which gives educators the rights to adopt, adapt, and disseminate the Teach Cyber courseware to fit their needs and circumstances.
8. Should I follow the sequencing order?
Not necessarily. By design, the units are modular and can be combined and used in a custom order, different from the order listed in the Teach Cyber. Each Unit and Lesson overview outlines any dependencies. We encourage instructors to pick lessons and corresponding activities as best fit their class needs.
For example, several teachers reported teaching Units 1 (What is Cybersecurity?) and 3 (The Basic Building Blocks of Cyberspace: Hardware, Software, and Networks) together, before moving on to Unit 2 (Risk, Adversity and Trust).
9. What resources does the courseware include?
The Teach Cyber courseware contains presentation slide decks, learner-centered hands-on activities and labs, answer keys and exemplars organized into 8 units, with multiple lessons under each unit. Units 1-7 contain assessment questions.
10. Are there test banks for quizzes and tests?
Not currently. Units 1-7 contain assessment questions that serve as a starting point in addition to many hands-on activities and labs with provided answer keys and exemplars.
11. Are there hands-on labs?
Yes! There are over 20 hands-on technical labs including Linux basics, password auditing, port scanning, OS hardening and many other topics. Filled with active learning exercises, students learn through doing and practice.
12. Are there costs associated with using the courseware?
Access to the Teach Cyber courseware is available for free with a no-cost registration on TeachCyber.org.
The hands-on lab activities in the courseware use virtual environments on the Virginia Cyber Range/U.S. Cyber Range. The cyber range is a “cyber range as a service” operated by Virginia Tech University. Virginia Cyber Range access is free to eligible Virginia schools. Schools outside of Virginia may use the U.S. Cyber Range. There are costs for access to and use of the U.S. Cyber Range.
The cyber range functions through HTML5-enabled web browsers. Students access the range through a web browser (Chrome recommended), and they work in totally “sandboxed” environments. This relieves the burden of schools having to configure and maintain special IT.
13. Can this be taught in different modes (e.g., in-person, virtual, and hybrid teaching)?
Yes. Pilot testers and other educators already using this courseware report success teaching it in in-person, hybrid, and fully virtual environments.
Alignments & Certifications
14. Is the Teach Cyber courseware aligned with any standards?
We have mapped the Teach Cyber courseware to several standards. If your state, district or school are interested in using the Teach Cyber approach, please reach out to Melissa.Dark@TeachCyber.org to connect to a team member and discuss your individual needs.
15. Does the courseware map to any certificates?
Teach Cyber is exploring selected certifications, but the mappings are not currently available. Early findings are promising and suggest that the Teach Cyber courseware aligns ~50-60% with the CompTIA Security + exam.
16. What are the main strengths of the Teach Cyber courseware?
Some of the strengths of the courseware are as follows:
- We base the courseware on the High School Cybersecurity Curriculum Guidelines (HSCCG) that cover the broad, encompassing areas of importance to cybersecurity to develop thinkers with a cybersecurity mindset.
- The courseware has multiple lessons that contain engaging activities and hands-on labs.
- The overarching themes that run throughout the courseware include ethics, confidentiality, integrity, availability, risk, and adversarial thinking.
- The courseware provides a solid foundation in the WHAT, WHY, and HOW of cybersecurity.
Here is what educators say about the strengths of the Teach Cyber courseware:
- It’s easy to adapt into a cyber course at any level.
- There are quality lessons and engagement activities.
- It’s easy to implement with limited prep.
- There are carefully structured, paced lessons.
- Access to the materials is simple, and it’s easy to incorporate the materials into learning management systems.
- The U.S. Cyber Range allows students to explore in a safe, sand-boxed environment.
- Students are authentically interested and engaged.
- The support from Teach Cyber has helped teachers learn new concepts and labs before teaching them to their students.
17. What are the units in the Teach Cyber courseware?
The courseware considers a class period, or “day”, to be a 45-minute period. The number of class periods listed includes time for all activities and labs. Instructors can adopt and adapt the Teach Cyber courseware to fit their needs and circumstances. Below, we share the “story” of each unit in the courseware.
Unit 1 – What is Cybersecurity? (11 class periods)
Unit 1 builds the foundation, diving into what is cyberspace. The foundational confidentiality, integrity and availability model is introduced and practiced. Students explore the impacts of cybersecurity on the quality of people’s lives through an examination of digital participation worldwide and the rise of IoT. Defining and describing complex systems and aspects of how these systems are not easy to predict or model, and therefore secure. Another foundation pillar of the course addresses the ethical obligations in cybersecurity, a thread that runs throughout each unit.
Unit 2 – Risk, Adversity, and Trust (15 class periods)
Unit 2 expands cybersecurity knowledge looking into threats, vulnerabilities, and attacks (adversity) i.e., disclosure, deception, disruption, destruction, and/or usurpation. Living in the digital age, this looks at information as a valuable resource requiring protections. The courseware introduces controls such as authentication, cryptography, access control, firewalls, intrusion detection. The courseware shows controls as means of prevention, detection, and/or response. Controls are also a method to establish trust. Also covered is the need for trust, risk, how we think systematically about adversity.
Unit 3 – The Basic Building Blocks of Cyberspace: Hardware, Software, and Networks (14 class periods)
The main theme of Unit 3 is understanding how hardware and software work together to achieve an overall objective. This unit consists of an introductory level to computer systems and Linux. Students explore operating system concepts through Linux and launch into an introduction of networks and networking concepts, also using Linux. Students compare open source versus proprietary protocols after being introduced to network models. These basic building blocks connect to larger-scale issues examining society’s use of and reliance on computers and networks. For students with this background firmly established, instructors can reduce or remove this unit.
Unit 4 – Data, Software, Hardware, and Network Security (25 class periods)
In Unit 4, students delve deep into the technical aspects of cybersecurity, including data states and data controls, and vulnerabilities and exploits in software, hardware, networks, cyber-physical systems, and human use of data. Students gain both a theoretical understanding and practical, hands-on experience of cybersecurity as a complex set of systems, networks, and human interactions. Addressed in this unit are data states and data controls, as well as vulnerabilities and exploits in software, hardware, networks, cyber-physical systems, and human error in the use of data.
Unit 5 – Countermeasures Against Cyberattacks (32 class periods)
Security controls exist to reduce or mitigate the risk to assets. The NIST Cybersecurity Framework functions are identify, protect, detect, respond, and recover; Unit 5 explores the first three controls, including technical and policy controls. The lessons dive into controls for data, software, hardware, networks, and physical security. We examine multiple tools and technical approaches from the perspective of their function to prevent disclosure, deception, disruption, destruction, or usurpation. This includes symmetric and asymmetric cryptosystems, digital certificates, and legal aspects, in addition to hands-on labs for encryption, firewalls, intrusion detection, and OS hardening.
Unit 6 – The Economics of Cybersecurity (8 class periods)
The sixth unit looks at how economics shapes cybersecurity decisions which impact designers (hardware, software, network technology and service providers), businesses and entities that rely on cyberspace for their operation (manufacturing, energy, food and agriculture, emergency services, financial services, transportation, etc.), and end-users who use the operations and services. Students identify key stakeholders and understand their motivations and interests in cybersecurity decisions.
Unit 7 – Threats, Vulnerabilities, and Attacks: A Closer Look (15 class periods)
The seventh unit ties together a variety of aspects from the courseware, building a deeper understanding of the foci of Unit 4 and 5: threats, vulnerabilities, and controls, respectively. This unit weaves ethics across threat modeling, the kill chain, risk assessment, penetration testing, and carefully considers right and wrong and the many shades of gray of white-gray-black hat hacking. A deeper look into the anatomy of attacks, the unit changes perspective from that of the attacker to that of the defender and looks carefully at how to conduct vulnerability assessment (aka penetration testing). We revisit risk assessment and controls.
Unit 8 – States, Statelessness, Sovereignty, and Cybersecurity (15 class periods)
This unit explores how cybersecurity is both a deeply technical and a deeply political space. Students investigate contemporary complex and co-adaptive relationships between cyberspace, cybersecurity, cyberwarfare. Using the National Security Council, students learn and explore competing social values and ideologies that are forces in “The Cryptowars.” Students dive into a deeper understanding of the values and tensions by participating in a simulation where they play different roles in the National Security Council tasked with making a recommendation to the President of the United States.