High School Block:
Cybersecurity 120
The field of cybersecurity has evolved significantly, especially in the past decade. The primary purpose of this course permits learner to gain operational skills and will use computational thinking to solve problems and to analyze cybersecurity challenges with an eye to mitigating risks. Learners are inspired through practice of experiential learning of the fundamentals and possibilities of cybersecurity. Learners will be actively engaged in the design, development and evaluation of defensive cybersecurity projects, including awareness, concepts and challenges. The intent of this program of study is to have learners discussing real-world case studies and learning in hands-on activities from day one, while maintaining a high level of engagement throughout the course through a commitment to problem-based and project-based learning.
Cybersecurity concepts are introduced through real-world case studies and hands-on activities that are based on problems, challenges, and projects that become increasingly open-ended. These open-ended challenges permit learners to weigh the benefits, costs, risks, precedents, consequences, and side effects in complex situations. Learners will have an awareness, understanding and experience with cybersecurity, especially in the context of vulnerability identification and assessment, defensive strategizing, risk mitigation, and the forensic removal of cybersecurity threats.
Learners will explore real-world events and criminal activities. Learners should be made aware that the illegal events are not to be glorified nor implemented, other than for the purpose of preventing such events. No activities will contravene Policy 311. The focus is entirely defensive, as learners are involved in forensics, vulnerability analysis, case studies, securing and safeguarding computer images and networks, and similar activities. As much as possible, the activities will be done in a virtual network setting contained in a sandbox environment. There may be opportunities for learners to learn offensive cybersecurity skills, including ethical hacking, largely based on a white hat hacker’s skill set and activities.
Learners will explore topics with digital literacy in mind, including inquiry, problem-solving and decision-making. Inquiry also involves empathy and understanding the challenges that humans are facing. Problem-solving involves understanding human challenges and brainstorming solutions based on a thorough understanding of the people facing the challenge and their expectations for any solution. Decision-making involves both solution selection, project management, project testing and quality assurance, as well as evaluation. Decision-making also involves selecting a development model (waterfall or agile) and understanding the advantages, disadvantages and consequences of using said models.
Strand: Mindset
Big Idea: Computational thinking
Skill Descriptor: Utilize Computational Thinking to solve issues and harden systems.
Global Competencies: CM, CTPS, SASM
Achievement Indicators:
- Analyze, evaluate and continue to be resourceful in the face of ongoing challenges.
- Analyze cybersecurity challenges and vulnerabilities involving people, technology or both.
- Presented with a situation containing a potential vulnerability, learners suggest a way to resolve the vulnerability.
- Combine the solutions to smaller challenges in a way that solves the original larger challenge.
- Secure a variety of digital devices using common patterns and solutions.
- Adapt a solution to solve a challenge that has common elements but is slightly different (and may involve human and/or technology automation).
- Gather data related to a cybersecurity event and analyze that data to determine important elements.
- Prove, using data, that a cybersecurity event happened.
- Create a list of issues to check with each cybersecurity event.
- Discover flaws and security threats on digital devices.
Big Idea: Perseverance
Skill Descriptor: Developing strategies to continue to work in challenging situations.
Global Competencies: CM, CTPS, SASM
Achievement Indicators:
- Persevere in work that is complex, ambiguous, non-trivial or difficult to grasp.
- Focus on a task with multiple potential solutions, and keep in mind both the task and the larger goal.
- Continue to work on a task, even though it is more difficult than previous task.
Big Idea: Proactive
Skill Descriptor: Engaging and anticipating potential future risks.
Global Competencies: CM, CTPS, SASM
Achievement Indicators:
- Hypothesize solutions based on the brainstorming, researching, analyzing and discussing possible causes and potential solutions to cybersecurity challenges and vulnerabilities.
- Identify and implement proactive strategies for mitigating cybersecurity risks and vulnerabilities, including secure password methodology, software patches and updates.
- Create and maintain a list of possible solutions to mitigate a variety of cybersecurity challenges, risks and vulnerabilities.
- Use data to prove the mitigation is enabled and effective.
- Evaluate policies designed to prevent password attacks.
Big Idea: Ethics
Skill Descriptor: Identify ethical and legal implications of cybersecurity actions and events
Global Competencies: CM, CTPS, SASM
Achievement Indicators:
- Identify the classifications of hackers, including white hat, grey hat, and black hat.
- Identify the types of hackers, including script kiddies, semi-skilled hackers, and professionals.
- Understand and communicate to others the destructive consequences that can be associated with in secure digital data.
Strand: Digital Technologies
Big Idea: Operating Systems
Skill Descriptor: Harden computing environments
Global Competencies: CL, CM, CTPS, SASM
Achievement Indicators:
- Set up a basic operating system with appropriate firewalls, antivirus, and user rights.
- Secure devices – including mobile devices – that use a variety of operating systems.
- Secure devices by creating, modifying and deleting appropriate user account types and access.
- Perform digital forensics.
- Perform vulnerability management in a Windows OS image and in a Linux OS image.
- Collaborate with others to harden a system.
Big Idea: Tools
Skill Descriptor: Examining OS operation through use built-in tools and/or Third-party tools
Global Competencies: CM, CL, CTPS, SASM
Achievement Indicators:
- Reconnaissance, exploitation, installation, command and control, lateral movement and exfiltration.
- Troubleshoot a cybersecurity event using a variety of tools including vulnerability management.
- Use asymmetric encryption involving public and private keys.
- Explain the differences between symmetric and asymmetric encryption.
- Explain and demonstrate multi-factor authentication using networked platforms.
- List and support the principles of confidentiality, system availability and data integrity.
Big Idea: Digital Communications
Skill Descriptor: Examining interconnected computing devices and associated risks
Global Competencies: CL, CM, CTPS, SASM
Achievement Indicators:
- Explain how computer hardware functions.
- Explain how computer software functions, and how it works together with hardware
- Identify an unplugged piece of hardware and know where it needs to be plugged in.
- Identify a hardware issue and a software issue and explain some common differences.
- Physically identify basic network hardware components such as routers, switches, Ethernet adapters, and wireless adapters.
- Explain network principles and designs, including LAN, WWW and the Internet.
- Identify steps in a cybersecurity attack and describe how to mitigate against these.
- Implement authentication and access control.
- Implement encryption.
- Implement intrusion detection.
- Defend against a variety of malware.
- Explain a botnet and can mitigate against them.
- Determine if a group of computers is connected to the Internet.
- List potential cybersecurity threat agents (natural, human, and technical).
Big Idea: Physical Security
Skill Descriptor: Securing digital technologies from physical risks.
Global Competencies: CL, CM, CTPS, SASM
Achievement Indicators:
- Secure devices from physical risk.
- Determine if a computer’s keyboard, mouse and video displays are working correctly.
- Identify an unplugged piece of hardware and know where it needs to be plugged in.
- Create a plan to secure devices in an unfamiliar environment.
- Enact access control through the processes of identification, authentication, and authorization.
Strand: Trends
Big Idea: Life-long Learning
Skill Descriptor: Engaging in continual learning in a quickly changing field.
Global Competencies: CL, CM, SGC, CTPS, ICE, SASM
Achievement Indicators:
- Determine the usefulness of guides found on the Internet for software and cybersecurity updates.
- Demonstrate how diverse thinking practices lead to safer and more secure systems.
Strand: Collaboration
Big Idea: Teamwork
Skill Descriptor: Ability to work with others to solve problems.
Global Competencies: CL, CM, CTPS, ICE, SASM
Achievement Indicators:
- Communicate effectively with my team, and when there is confusion, I can determine how best to improve my communication.
- Communicate and collaborate effectively with my team, both online and in-person.
- Share an idea clearly and objectively with my team members.
- Accept comments and criticism about my contributions and suggestions, as our team develops solutions and work plans.
- Design a troubleshooting guide to help others respond to cybersecurity events.
- Assess or appraise the efficiency and effectiveness of a solution to a cybersecurity challenge’s solution, whether it was created by me or not.
Big Idea: Communication
Skill Descriptor: Ability to communicate with others with detail appropriate for understanding.
Global Competencies: CL, CM, CTPS, ICE, SASM
Achievement Indicators:
- Explain cybersecurity challenges that may involve people, technology or both.
- Use cybersecurity vocabulary effectively.
- Be given materials (e.g., device images, news article) about a current cybersecurity attack and make a hypothesis about:
- the type of cybersecurity attack;
- what components were involved;
- what actions were taken in the attack;
- what resulted from the actions taken; and,
- what might have caused the attack to end, either temporarily or permanently.
- Document steps to a cybersecurity solutions to a variety of audiences.
- Guide a peer through the process of securing a digital device, including searching for vulnerabilities.
- Explain, using data, how a cybersecurity event happened.
Big Idea: Management
Skill Descriptor: Ability to understand the roles that individuals play within an organization.
Global Competencies: CL, CM, CTPS, ICE, SASM
Achievement Indicators:
- Part of a team that delegates tasks with timelines, and I can be accountable for my tasks.
- identify key roles on effective teams, and I can evaluate the effectiveness of my role on my team.