Experiences with practice-focused undergraduate security education

Similar documents
STUDENT LEARNING OUTCOMES Beacom College of Computer and Cyber Sciences

Train as you Fight: Are you ready for the Red Team?

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

The GenCyber Program. By Chris Ralph

ITSY Information Technology Security Course Syllabus Spring 2018

Course 831 EC-Council Certified Ethical Hacker v10 (CEH)

Course 831 Certified Ethical Hacker v9

BLACK HAT USA 2013 ADD A CLASS REQUEST FORM INSTRUCTIONS

CompTIA Security+ Study Guide (SY0-501)

Standard Course Outline IS 656 Information Systems Security and Assurance

ICS Penetration Testing

Security Stream for Computer Science

Introducing Cyber Resiliency Concerns Into Engineering Education

Networking Fundamentals Training

Master of Cyber Security, Strategy and Risk Management. CECS PG Information Session April 17, 2018

For information regarding prerequisites for this course, please refer to the Academic Course Catalog.

CEH: CERTIFIED ETHICAL HACKER v9

Network Security

ISM 324: Information Systems Security Spring 2014

Designing and Building a Cybersecurity Program

Hacker Academy UK. Black Suits, White Hats!

Maximum Security with Minimum Impact : Going Beyond Next Gen

CUNY John Jay College of Criminal Justice MATH AND COMPUTER SCIENCE

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

KYPO Cyber Range Design and Use Cases

Cybersecurity Education for Enterprise Cloud Services

CTS1134C Network Essentials (3 Credits), Fall 2018

Sage Data Security Services Directory

6 MILLION AVERAGE PAY. CYBER Security. How many cyber security professionals will be added in 2019? for popular indursty positions are

How Breaches Really Happen

Advisory: Students should have already taken MICROCOMPUTER APPLICATIONS II - 431

Overview. Handling Security Incidents. Attack Terms and Concepts. Types of Attacks

CCISO Blueprint v1. EC-Council

Required Textbook and Materials. Course Objectives. Course Outline

MORGAN STATE UNIVERSITY DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING COURSE SYLLABUS FALL, 2015

IE156: ICS410: ICS/SCADA Security Essentials

EC-Council - EC-Council Certified Security Analyst (ECSA) v8

The Rise of the Purple Team

Cyber Security: It s all about TRUST

ISDP 2018 Industry Skill Development Program In association with

COMPUTER AND NETWORK SUPPORT TECHNICIAN PROGRAM

Required Reading: Conference Activity #1

Boston Chapter AGA 2018 Regional Professional Development Conference Cyber Security MAY 2018

Training on CREST Practitioner Security Analyst (CPSA)

CHCSS. Certified Hands-on Cyber Security Specialist (510)

EC-Council C EH. Certified Ethical Hacker. Program Brochure

ITEN Wired Cyber Competition

MN CYBER STATEWIDE INSTITUTE FOR CYBERSECURITY, FORENSICS, AND IOT

2018 Cyber Mission Training Course Catalog

NATIONAL CYBER DEFENSE COMPETITION. Competition Rules

CCNA Cybersecurity Operations 1.1 Scope and Sequence

UC Santa Barbara. Organizing Large Scale Hacking Competitions

May 14, :30PM to 2:30PM CST. In Plain English: Cybersecurity and IT Exam Expectations

COMPUTER FORENSICS (CFRS)

Threat analysis. Tuomas Aura CS-C3130 Information security. Aalto University, autumn 2017

Advanced Security Tester Course Outline

Cyber Analyst Academy. Closing the Cyber Security Skills Gap.

Continuously Discover and Eliminate Security Risk in Production Apps

Computer Science Technology Department

CCNA Cybersecurity Operations. Program Overview

Information Systems and Tech (IST)

CoreMax Consulting s Cyber Security Roadmap

Certified Cyber Security Analyst VS-1160

Cybersecurity Auditing in an Unsecure World

Introduction to Ethical Hacking. General Introduction to Ethical Hacking Practitioner

Online Intensive Ethical Hacking Training

Information Security

CompTIA Security+ SY Course Outline. CompTIA Security+ SY May 2018

Matt Walker s All in One Course for the CEH Exam. Course Outline. Matt Walker s All in One Course for the CEH Exam.

GDPR Update and ENISA guidelines

CYBER SECURITY TRAINING

The fast track to top skills and top jobs in cyber. Guaranteed. FREE TO TRANSITIONING VETERANS

Advanced Diploma on Information Security

External Supplier Control Obligations. Cyber Security

CERT Overview. Jeffrey J. Carpenter 2008 Carnegie Mellon University

DIS10.1 Ethical Hacking and Countermeasures

CYBER SECURITY AND MITIGATING RISKS

ITSY 2330 Intrusion Detection Course Syllabus

ITSS Model Curriculum. - To get level 3 -

CASP CompTIA Advanced Security Practitioner Study Guide: (Exam CAS-001)

Instructor: Eric Rettke Phone: (every few days)

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

CyberSecurity: Top 20 Controls

Improving SCADA System Security

Students should have an understanding and a working knowledge in the following topics, or attend these courses as a pre-requisite:

Computer Information Systems (CIS) CIS 105 Current Operating Systems/Security CIS 101 Introduction to Computers

90% of data breaches are caused by software vulnerabilities.

Live Adversary Simulation: Red and Blue Team Tactics

Advanced Techniques for DDoS Mitigation and Web Application Defense

Trustwave Managed Security Testing

ITT Technical Institute. CS420 Application Security Onsite Course SYLLABUS

HOLY ANGEL UNIVERSITY COLLEGE OF INFORMATION AND COMMUNICATIONS TECHNOLOGY CYBER SECURITY COURSE SYLLABUS

Cybersecurity Today Avoid Becoming a News Headline

Bachelor of Information Technology (Network Security)

A Better Space Mission Systems threat assessment by leveraging the National Cyber Range

OA Cyber Security Plan FY 2018 (Abridged)

Software Development & Education Center Security+ Certification

Building a Threat-Based Cyber Team

Descriptions for CIS Classes (Fall 2017)

Protecting Smart Buildings

Transcription:

Experiences with practice-focused undergraduate security education Robert L. Fanelli and Terrence J. O Connor Department Electrical Engineering and Computer Science United States Military Academy, West Point, NY, USA 1

Introduction Experiences from United States Military Academy s CS482 Information Assurance Senior undergraduates in CS, IT and EE Imperatives Provide graduates with knowledge of, and appreciation for, information system security What do I wish MY undergraduate program provided? Theory and practice: classroom instruction and competitive security exercises 2

Classroom Instruction There is no substitute for hands-on learning, especially in security Alternating lectures and practical exercises, plus labs Active, self-guided learning STFW and RTFM Google is your fiend friend 3

Capture the Flag Scrimmage Head-to-head competition between groups Objective: gather others flags while protecting your own Combination of offense and defense Free form; loose rules of engagement Deliverables Action plans Flags found After action reviews Observations Teamwork and a good plan carried the day First contact with exercise conditions was an eye-opener Several students showed a visible increase in enthusiasm 4

NSA/CSS Cyber Defense Exercise (CDX) Annual, week-long exercise Students design, implement and defend a Blue Cell network NSA provides a headquarters White Cell and attacking Red Cell Scoring is based on preserving confidentiality, integrity and availability, plus accomplishing injected security tasks CDX serves as our capstone exercise 5

Updated Features in CDX 2010 More realistic representation of client side threats Administrator hands-off No process whack-a-mole Penalty for user disruption Patch freeze Virtual 0-days Tainted hosts Live user Grey Cell Acceptable use policies 6

CDX Preparation Phase Students design a network conforming to a network specification and a notional budget Services: web, e-mail, DNS/AD, chat, file server, VoIP, PKI Safeguards and infrastructure Defensible network architecture COA development Students implement their network from bare metal and installation media 7

CDX Live Phase Week-long, 0700 2200 daily Red Cell operates full time Flooding DOS and on-site attacks are out of scope Publicly disclosed vulnerabilities only Limited social engineering Incident response Reporting Injects, e.g. Forensic analysis Technical orders Web crawler General s laptop 8

Lessons Learned 9

The value of competition Competitions capture the imagination We see greater effort than for grades alone Team working 10

Security makes the other stuff more interesting Security can serve as a lure that builds interest otherwise boring material 11

They don t know what they don t know It is easy to underestimate the inexperience of undergraduates Assignments can guide students to producing deliverables they don t know that they need 12

It takes longer than they think it will Time estimation is hard, especially for undergraduates Written estimates and back briefings Annual CDX death march not entirely bad 13

Students often miss the obvious, but learn from doing so Sometimes the easy way really IS the easy way After action reviews are essential for learning from missing the obvious 14

The value of preparation Preparation usually trumps inspired improvisation Have a plan.and a backup or two 15

Replicating the client side is hard, but important The client side is as important as the server side Replicating users is difficult but necessary to replicate current threats 16

Security courses are among the most time consuming and resource intensive Some subject areas need little updating Security principles may change little, but practical details change constantly New technology, protocols, software Threats, exploits and vulnerabilities; new and obsolete Virtualization is a key labor saver Competitive exercises require even more effort, but are worthwhile 17

Experiences with practice-focused undergraduate security education Robert L. Fanelli and Terrence J. O Connor Department Electrical Engineering and Computer Science United States Military Academy, West Point, NY, USA 18

CS482 Topic Listing o Incident Handling o Security Fundamentals o Network Fundamentals o Lab 1: Network Concepts Review o Securing Unix PE o Network Tools o Network Tools PE o Securing Windows PE o Lab 2: Domain Name System o Securing Web Apps o Audit and Vulnerability Assessment PE o Confidentiality and Cryptography o Encryption Protocols and Tools o Lab 3: Active Directory o Encryption Protocols and Tools PE o MITM / Session Hijacking PE o Vulnerabilities and Exploits o Metasploit PE o Lab 4: Securing Services o Hiding Data / Covering Tracks o Hiding Data / Covering Tracks PE o Network Security Monitoring o Network Security Monitoring PE o Lab 5: CTF Scrimmage o Defensible Network Design o William Cheswick Presentation o CDX COA Briefings o Ed Skoudis Presentation o Lab 6: CDX Implementation o Digital Forensics o Wireless Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback