The goal of this course is to provide a basic and broad overview of cybersecurity, helping the student to understand correct and safe online behavior and increase their interest in cybersecurity and careers in the cybersecurity workforce. In this course, we will explore various cybersecurity topics to include networking and network security tools, cryptography (ciphers, keys, digital signatures, hashes, encryption protocols, etc.), hacking basics (network reconnaissance and scanning, password cracking, and exploiting web application vulnerabilities), and the legal and ethical considerations of cybersecurity activities.
This course was recently taught at Virginia Tech by the author as two GenCyber Camps in June and July 2017. There is a total of seven modules in this course, but only the first six are meant to be taught to the students. The additional seventh module (Module 6) is provided as a resource for the prospective teacher.
These modules are broken down as follows:
- << New >> Module 0: Introduction to Linux [A collection of introductory Linux hands-on labs.]
- Module 1: Introduction to Cybersecurity and Virtualization
- Module 2: Networking
- Module 3: Cryptography
- Module 4: Hacking
- Module 5: Legal and Ethics
- Module 6: Teacher Resources
- Understand the basics of cybersecurity and its principles
- Describe some common cybersecurity threats and vulnerabilities
- Install and use virtualization software
- Understand layered network models
- Use software tools to examine network traffic
- Describe basic network defense tools
- Explain basic cryptography terminology (plaintext, ciphertext, cipher, key, encipher, decipher, cryptanalysis, cryptology)
- Understand the benefits of encryption
- Apply techniques for encrypting and decrypting files
- Describe techniques for passive network reconnaissance
- Describe attacks on and apply tools to attack password hash files
- Understand and exploit known web application vulnerabilities
- Describe importance of ethical behavior when engaging in cybersecurity activities
No previous experience with or understanding of cybersecurity is required. We assume basic familiarity with computing and technology.
Homework Assignments and Labs
There are no homework assignments per se, but, in addition to the Module 0 Linux labs, there are five hands-on lab exercises provided in the Cyber Basics (aka GenCyber) course intended to reinforce the lecture material:
- Introduction to Cryptography Lab
- Introduction to Password Auditing Lab
- Reconnaissance and Network Scanning Lab
- Web App Penetration Security: Command Injection Lab
- Web Application Security: SQL Injection Lab
These labs can be completed during a class period or assigned as graded or ungraded homework. It is up to each instructor how they want to use these labs. They all may be found in the courseware repository.
It is left up to each instructor to determine how to grade the material in this course. The material presented in this course was recently taught at Virginia Tech by the author as two GenCyber Camps in June and July 2017. Grading is not a part of the GenCyber model.
This set of modules and lessons can also be used by a student club or team to teach introductory cybersecurity concepts to their membership. The sessions on virtualization and Linux command line are a great way to get students started with Linux, which is almost a prerequisite for any serious technical study of cybersecurity tools and techniques. Once students are comfortable a stand-alone system, giving them access to the cyber range with the environment used for the Cyber Basics – Reconnaissance and Network Scanning Lab allows them to operate in a subnet with three other virtual machines, each of which has vulnerabilities that can be exploited. This allows for a more sophisticated hands-on experience.
Instructors should note that all of the exercises in this module can be completed using the Cyber Basics - Reconnaissance and Network Scanning Lab, so if they plan to use multiple exercises from this list, adding that exercise to their course is sufficient for students to use for all of the labs.
- K0003: * Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity.
- K0004: * Knowledge of cybersecurity principles.
- K0018: Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Message Digest Algorithm [MD5], Secure Hash Algorithm [SHA], Triple Data Encryption Standard [3DES]).
- K0019: Knowledge of cryptography and cryptographic key management concepts.
- K0044: Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
- K0049: Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption).
- K0056: Knowledge of network access, identity, and access management (e.g., public key infrastructure [PKI]).
- K0061: Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol [TCP] and Internet Protocol [IP], Open System Interconnection Model [OSI], Information Technology Infrastructure Library, current version [ITIL]).
- K0069: Knowledge of query languages such as SQL (structured query language).
- K0070: Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
- K0111: Knowledge of common network tools (e.g., ping, traceroute, nslookup) and interpret the information results.
- K0119: Knowledge of hacking methodologies in Windows or Unix/Linux environment.
- K0129: Knowledge of Unix command line (e.g., mkdir, mv, ls, passwd, grep).
- K0130: Knowledge of virtualization technologies and virtual machine development and maintenance.
- K0158: Knowledge of organizational information technology (IT) user security policies (e.g., account creation, password rules, access control).
- K0206: Knowledge of ethical hacking principles and techniques.
- K0211: Knowledge of confidentiality, integrity, and availability requirements.
- K0221: Knowledge of OSI model and underlying network protocols (e.g., TCP/IP).
- K0224: Knowledge of system administration concepts for Unix/Linux and/or Windows operating systems.
- K0236: Knowledge of how to utilize Hadoop, Java, Python, SQL, Hive, and PIG to explore data.
- K0295: Knowledge of confidentiality, integrity, and availability principles.
- K0300: Knowledge of network mapping and recreating network topologies.
- K0301: Knowledge of packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
- K0305: Knowledge of encryption algorithms, stenography, and other forms of data concealment.
- K0307: Knowledge of common network tools (e.g., ping, traceroute, nslookup).
- K0308: Knowledge of cryptology.
- K0326: Knowledge of cybersecurity methods, such as firewalls, demilitarized zones, and encryption.
- K0331: Knowledge of network protocols (e.g., Transmission Critical Protocol (TCP), Internet Protocol (IP), Dynamic Host Configuration Protocol (DHCP)), and directory services (e.g., Domain Name System (DNS)).
- K0340: Knowledge of how traffic flows across the network (e.g., Transmission Control Protocol (TCP), Internet Protocol (IP), Open System Interconnection Model (OSI)).
- K0342: Knowledge of penetration testing principles, tools, and techniques.
- K0351: Knowledge of all applicable statutes, laws, regulations and policies governing cyber targeting and exploitation.
- K0487: Knowledge of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- K0515: Knowledge of OSI model and underlying networking protocols (e.g., TCP/IP).
- K0516: Knowledge of physical and logical network devices and infrastructure to include hubs, switches, routers, firewalls, etc.
- K0524: Knowledge of relevant laws, regulations, policies.
- K0537: Knowledge of system administration concepts for the Unix/Linux and Windows operating systems (e.g., process management, directory structure, installed applications, Access Controls).
- K0555: Knowledge of TCP/IP networking protocols.
- K0561: Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection).
- K0609: Knowledge of virtual machine technologies.
- K0610: Knowledge of virtualization products (VMware, Virtual PC).
- S0006: Skill in applying confidentiality, integrity, and availability principles.
- S0046: Skill in performing packet-level analysis using appropriate tools (e.g., Wireshark, tcpdump).
- S0051: Skill in the use of penetration testing tools and techniques.
- S0073: Skill in using virtual machines.
- S0076: Skill in configuring and utilizing software-based computer protection tools (e.g., software firewalls, anti-virus software, anti-spyware).
- S0084: Skill in configuring and utilizing network protection components (e.g., Firewalls, VPNs, network intrusion detection systems).
- S0130: Skill in writing scripts using R, Python, PIG, HIVE, SQL, etc.
- S0156: Skill in performing packet-level analysis (e.g., Wireshark, tcpdump, etc.).
- S0168: Skill in applying cybersecurity methods, such as firewalls, demilitarized zones, and encryption.
- A0055: Ability to operate common network tools (e.g., ping, traceroute, nslookup).
- Cyber Threats
- Database Management Systems
- IA Fundamentals
- Intro to Cryptography
- Intrusion Detection
- Networking Concepts
- Network Defense
- Operating Systems Hardening
- Penetration Testing
- System Administration
- Virtualization Technologies