Tag Archives: CYBER.ORG

CYBER.ORG: AP Cybersecurity – Lesson 4.1.4 – Application Security, Lesson 4.5.2 – Endpoint – OS & Monitoring & Lesson 1.1.1 – Security Controls

Objective:

  • Students will:
    • Be able to explain how organizations can be more cyber resilient.
    • Investigate common methods to enhance Operating System security and implement monitoring measures in an enterprise.
    • Compare and contrast various types of security controls

Standards:

CompTIA Security+ SYO-701 Objective:
4.1 – Given a scenario, apply common security techniques to computing

  • Application security
    • Input validation
    • Secure cookies
    • Static code analysis
    • Code signing
  • Sandboxing
  • Monitoring

4.5 – Given a scenario, modify enterprise capabilities to enhance security

  • Operating system security
    • Group Policy
    • SELinux
  • File integrity monitoring
  • DLP
  • Network access control (NAC)
  • Endpoint detection and response (EDR)/extended detection and response (XDR)
  • User behavior analytics

1.1 – Compare and contrast various types of controls

  • Category
    • Technical,
      • Managerial,
      • Operational,
      • Physical,
    • Control Type
      • Preventive
      • Deterrent
      • Detective
      • Corrective
      • Compensating
      • Directive

Guiding Questions:

  • How are applications secured?
  • What are some common methods for an enterprise to enhance Operating System security and implement monitoring measures?
  • What are some different control categories and control types?

Resources:

  • Lesson 4.1.4 – Application Security.pptx, Lesson 4.5.2 – Endpoint – OS & Monitoring.pptx and Lesson 1.1.1 – Security Controls.pptx Presentations and Security Concepts Guided Notes – Fall 2025 Form available on Google Classroom

Assignment:

  1. Read through the Lesson 4.1.4 – Application Security.pptx, Lesson 4.5.2 – Endpoint – OS & Monitoring.pptx and Lesson 1.1.1 – Security Controls.pptx presentations in today’s class.
  2. Complete the Security Concepts Guided Notes – Fall 2025 Form using the materials provided.

Assigned: September 30th, 2025
Teacher Pacing Due Date: October 1st, 2025

CYBER.ORG: AP Cybersecurity – Lesson 4.5.1 – Endpoint – Protocol & Email Security

Objective:

  • Students will be able to explain how organizations can be more cyber resilient.

Standards:

CompTIA Security+ SYO-701 Objective:
4.5 – Given a scenario, modify enterprise capabilities to enhance security

  • Implementation of secure protocols
    • Protocol selection
    • Port selection
    • Transport method
  • DNS filtering
  • Email security
    • Domain-based Message Authentication Reporting and Conformance (DMARC)
    • DomainKeys Identified Mail (DKIM)
    • Sender Policy Framework (SPF)
    • Gateway

Guiding Question:

What are some common methods to enhance security for enterprise networks and communications?

Resources:

  • Lesson PPT Lesson 4.5.1 – Endpoint – Protocol & Email Security.pptx Presentation and Case Study – Heartbleed.pdf available on Google Classroom

Assignment:

  1. Read through the Lesson PPT Lesson 4.5.1 – Endpoint – Protocol & Email Security.pptx presentation in today’s class.
  2. Complete the Case Study – Heartbleed.pdf using the materials provided.

Assigned: September 29th, 2025
Teacher Pacing Due Date: September 30th, 2025

CYBER.ORG – LAB – LINUX 102

Objective:

Students will begin preparing for proficiency in cyber security with an overview of Linux fundamentals and advanced commands.

Topics Discussed:

options/flags
df
Superuser
sudo
processes
Searching
grep
uname
chown/chmod
top
syslog
logger

Resources:

  • See PowerPoint presentations: Lab – Linux 102

Assignment:

  1. Read the Lab – Linux 102 to review advanced Linux commands within the Linux operating system.
  2. Use the Terminal app in your Kali Linux virtual environment in the CYBER.ORG Cyber Range to follow along with the presentation, and practice or test the commands as you read about them.
  3. The Lab – Linux 102 presentation will introduce advanced options and flags, searching for text strings using find and grep, changing file ownership and permissions, and gaining “super user” privileges with the sudo command, among other topics.
  4. We will work on this Lab today and tomorrow, and will conclude with a final Linux activity on Wednesday that will be due on Friday.
  5. As proof of completion of the Linux 102 Lab, upload a screenshot of the custom log commands you created on the syslog (On Your Own) slide, as verified by displaying the last 10 lines of the syslog (demonstrated in the presentation).

Assigned: September 22nd, 2025
Teacher Pacing Due Date: September 24th, 2025

CYBER.ORG: AP Cybersecurity – Topic 1.2C – Managing Risk

Objective:

  • Students will be able to explain how organizations can be more cyber resilient.

Standards:

  • CYBER.ORG Cybersecurity Learning Standards
    • 9-12.CS.LOSS- Develop a plan for risk mitigation that implements redundancy.
  • CSTA Compatibility Standards
    • 3A-DA-10: Evaluate the tradeoffs in how data elements are organized and where data is stored.

    Guiding Question:

    How can organizations prepare for and recover from cyber incidents to protect their core purpose?

    Resources:

    • Lesson PPT Cybersecurity 1.2.C.pptx Presentation and Lab 1.2.C – Remote Backups.pptx available on Google Classroom

    Assignment:

    1. Read through the Lesson PPT Cybersecurity 1.2.C.pptx presentation in today’s class.
    2. Complete the Lab 1.2.C – Remote Backups using the materials provided.

    Assigned: September 10th, 2025
    Teacher Pacing Due Date: September 12th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 1.2.1 – CIA Triad and AAA

    Objective:

    • Students will be able to summarize authentication and authorization design concepts.

    Standards:

    • CompTIA Security+ SYO-701 Objective:
      • 1.2 – Summarize fundamental security concepts

    Guiding Question:

    How do the principles of the CIA Triad interact with authentication, authorization, and accounting framework to ensure the overall security of information systems?

    Resources:

    • Lesson 1.2.1 – CIA Triad and AAA.pptx Presentation available on Google Classroom

    Assignment:

    1. Read through the Lesson 1.2.1 – CIA Triad and AAA.pptx presentation in today’s class.
    2. Complete the in-class Activity using the materials provided.

    Assigned: September 9th, 2025
    Teacher Pacing Due Date: September 9th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 5.4.1 – Security Compliance

    Objective:

    • Students will investigate the elements of effective security compliance..

    Standards:

    CompTIA Security+ SYO-701 Objective:
    5.4 – Summarize elements of effective security compliance

    Guiding Question:

    What are the elements of effective security compliance?

    Resources:

    • Lesson 5.4.1 – Security Compliance.pptx Presentation available on Google Classroom

    Assignment:

    1. Read through the Lesson 5.4.1 – Security Compliance.pptx presentation in today’s class.
    2. Complete the in-class Activity in class using the materials provided.

    Assigned: September 2nd, 2025
    Teacher Pacing Due Date: September 3rd, 2025

    CYBER.ORG: AP Cybersecurity – Topic 5.2.1 – Risk Management

    Objective:

    • Students will be able to explain the elements of risk analysis, discuss various ways organizations calculate risk and explain how risk is reported and how it has an impact on business operations.

    Standards:

    CompTIA Security+ SYO-701 Objective:
    5.2 – Explain elements of the risk management process

    Guiding Question:

    What are the factors used when calculating risk and how do you assign a value to risk?

    Resources:

    Assignment:

    1. Follow along with the 5.2.1 – Risk Management.pptx presentation in today’s class.
    2. Complete the Case Study – Failure to Disclose Activity in class using the materials provided in Google Classroom.

    Assigned: August 29th, 2025
    Teacher Pacing Due Date: August 29th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 2.2.2 – OSINT

    Objective:

    • Students will investigate open source-online tools (OSINT) used to perform reconnaissance.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 6-8.DC.FOOT.1 -Recognize the many sources of data that make up a digital footprint
    • CSTA Compatibility Standards
      • 3A-IC-29 :Explain the privacy concerns related to the collection and generation of data through automated processes that may not be evident to users.

    Guiding Question:

    How and why is open-source intelligence used legally to gather free, public information?

    Resources:

    Assignment:

    1. Follow along with the 2.2.2 – OSINT.pptx presentation in today’s class.
    2. Complete the OSINT Report on Tony Stark Activity in class using the materials provided in Google Classroom.

    Assigned: August 28th, 2025
    Teacher Pacing Due Date: August 29th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 2.1.1 – Social Engineering

    Objective:

    • Define the steps used in typical digital attacks.
    • Define social engineering as the human risk in organization security.
    • Identify techniques for social engineering and how to mitigate against these techniques.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 9-12.SEC.PHYS -Analyze the different types of attacks that affect physical security
    • CSTA Compatibility Standards
      • 3A-IC-29 :Explain the privacy concerns related to the collection and generation of data through automated processes that may not be evident to users.

    Guiding Question:

    How can we protect against social engineering?

    Resources:

    Assignment:

    1. Follow along with the 2.1.1 – Social Engineering.pptx presentation in today’s class.
    2. Complete the Seven Steps of Hacking Activity in class using the materials provided.

    Assigned: August 27th, 2025
    Teacher Pacing Due Date: August 27th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 1.1.A – Threat Actors & Case Study – Stuxnet

    Objective:

    The student will analyze threat actors and their motivations.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 2.1 – Compare and contrast common threat actors and motivations

    Guiding Question:

    What are threat actors and their motivations?

    Resources:

    Assignment:

    1. Follow along with the 2.1.1 – Threat Actors.pptx presentation in today’s class.
    2. Next, complete the Case Study – Stuxnet Activity using the document and Form posted in the Google Classroom.
    3. Please do your best to complete the Case Study by end of day on Tuesday, August 26th.

    Assigned: August 25th, 2025
    Teacher Pacing Due Date: August 26th, 2025