The goal of this course is to provide a basic and broad overview of cybersecurity, helping the student to understand correct and safe online behavior and increase their interest in cybersecurity and careers in the cybersecurity workforce. In this course, we will explore various cybersecurity topics to include networking and network security tools, cryptography (ciphers, keys, digital signatures, hashes, encryption protocols, etc.), hacking basics (network reconnaissance and scanning, password cracking, and exploiting web application vulnerabilities), and the legal and ethical considerations of cybersecurity activities.
This course was recently taught at Virginia Tech by the author as two GenCyber Camps in June and July 2017. There is a total of six modules in this course, but only the first five are meant to be taught to the students. The additional sixth module is provided as a resource for the prospective teacher.
These modules are broken down as follows:
- Module 1: Introduction to Cybersecurity and Virtualization
- Module 2: Networking
- Module 3: Cryptography
- Module 4: Hacking
- Module 5: Legal and Ethics
- Module 6: Teacher Resources
- Understand the basics of cybersecurity and its principles
- Describe some common cybersecurity threats and vulnerabilities
- Install and use virtualization software
- Understand layered network models
- Use software tools to examine network traffic
- Describe basic network defense tools
- Explain basic cryptography terminology (plaintext, ciphertext, cipher, key, encipher, decipher, cryptanalysis, cryptology)
- Understand the benefits of encryption
- Apply techniques for encrypting and decrypting files
- Describe techniques for passive network reconnaissance
- Describe attacks on and apply tools to attack password hash files
- Understand and exploit known web application vulnerabilities
- Describe importance of ethical behavior when engaging in cybersecurity activities
No previous experience with or understanding of cybersecurity is required. We assume basic familiarity with computing and technology.
Homework Assignments and Labs
There are no homework assignments per se, but there are five hands-on lab exercises provided in the Cyber Basics (aka GenCyber) course intended to reinforce the lecture material:
- Introduction to Cryptography Lab
- Introduction to Password Auditing Lab
- Reconnaissance and Network Scanning Lab
- Web App Penetration Security: Command Injection Lab
- Web Application Security: SQL Injection Lab
These labs can be completed during a class period or assigned as graded or ungraded homework. It is up to each instructor how they want to use these labs. They all may be found in the courseware repository.
It is left up to each instructor to determine how to grade the material in this course. The material presented in this course was recently taught at Virginia Tech by the author as two GenCyber Camps in June and July 2017. Grading is not a part of the GenCyber model.
This set of modules and lessons can also be used by a student club or team to teach introductory cybersecurity concepts to their membership. The sessions on virtualization and Linux command line are a great way to get students started with Linux, which is almost a prerequisite for any serious technical study of cybersecurity tools and techniques. Once students are comfortable a stand-alone system, giving them access to the cyber range with the environment used for the Cyber Basics – Reconnaissance and Network Scanning Lab allows them to operate in a subnet with three other virtual machines, each of which has vulnerabilities that can be exploited. This allows for a more sophisticated hands-on experience.
Instructors should note that all of the exercises in this module can be completed using the Cyber Basics - Reconnaissance and Network Scanning Lab, so if they plan to use multiple exercises from this list, adding that exercise to their course is sufficient for students to use for all of the labs.