Tag Archives: Lab Assignment

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.3.2, Pt. 2 – Cross-site Scripting (XSS) Lab

Objective:

  • Students will analyze potential indicators associated with vulnerabilities in operating system and web-based attacks.

Standards:

CompTIA Security+ SYO-701 Objective:

2.3 – Explain various types of vulnerabilities

  • Operating system (OS)-based
  • Web-based
    • Structured Query Language injection (SQLi)
    • Cross-site scripting (XSS)

Guiding Question:

What are some vulnerabilities in operating systems and web applications that can lead to malicious attacks?

Resources:

  • Lesson 2.3.2 – OS and Web-based Vulnerabilities.pptx and Lab – XSS DVWA.pptx Presentations available on Google Classroom

Assignment:

  1. Review the Lesson 2.3.2 – OS and Web-based Vulnerabilities.pptx presentation, if necessary.
  2. Complete the Lab – XSS DVWA.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying the Session ID (PHPSESSID) using the XSS (Reflected) Vulnerability attack to today’s Google Classroom post.

Assigned: December 3rd, 2025
Teacher Pacing Due Date: December 4th, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.3.2 – OS and Web-based Vulnerabilities

Objective:

  • Students will analyze potential indicators associated with vulnerabilities in operating system and web-based attacks.

Standards:

CompTIA Security+ SYO-701 Objective:

2.3 – Explain various types of vulnerabilities

  • Operating system (OS)-based
  • Web-based
    • Structured Query Language injection (SQLi)
    • Cross-site scripting (XSS)

Guiding Question:

What are some vulnerabilities in operating systems and web applications that can lead to malicious attacks?

Resources:

  • Lesson 2.3.2 – OS and Web-based Vulnerabilities.pptx and Lab – SQL Injection DVWA.pptx Presentations available on Google Classroom

Assignment:

  1. Read the Lesson 2.3.2 – OS and Web-based Vulnerabilities.pptx presentation, in today’s class.
  2. Complete the Lab – SQL Injection DVWA.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying the user information from the Victim Website, including the hashed passwords, generated using a successful SQL Injection attack to today’s Google Classroom post.

Assigned: December 2nd, 2025
Teacher Pacing Due Date: December 3rd, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.12 – Lab Activity – Buffer Overflow

Objective:

  • Students will analyze potential indicators associated with application attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Application Attacks
    • Injection
    • Buffer overflow
    • Forgery

Guiding Question:

What are some common application attacks including replay, privilege escalation and directory traversal and how can you defend against them?

Resources:

  • Lesson 2.4.12 – Application Attacks Pt 2.pptx and Lab – Buffer Overflow.pptx Presentations available on Google Classroom

Assignment:

  1. Review the Lesson 2.4.12 – Application Attacks Pt 2.pptx presentation, if necessary.
  2. Complete the Lab – Buffer Overflow.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying the Windows Desktop containing the “document_1” file, the “Malicious” folder and a Wordpad window with the “We have taken over your system” message, demonstrating the Windows 7 system has been successfully compromised to today’s Google Classroom post.

Assigned: November 25th, 2025
Teacher Pacing Due Date: November 26th, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.12 – Application Attacks Part 2

Objective:

  • Students will analyze potential indicators associated with application attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Application Attacks
    • Injection
    • Buffer overflow
    • Forgery

Guiding Question:

What are some common application attacks including injection, buffer overflow and forgery and how can you defend against them?

Resources:

  • Lesson 2.4.12 – Application Attacks Part 2.pptx Presentation available on Google Classroom

Assignment:

  1. Read the Lesson 2.4.11 – Application Attacks Part 1.pptx presentation, in today’s class.
  2. Complete the Lab – Command Injection.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying your Windows system DVWA Command Injection window displaying the passwd file edited with today’s date (as demonstrated in Slide 14 of the Lab presentation) to today’s Google Classroom post.

Assigned: November 24th, 2025
Teacher Pacing Due Date: November 25th, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.11 – Lab Activity – Directory Traversal

Objective:

  • Students will analyze potential indicators associated with application attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Application Attacks
    • Replay
    • Privilege escalation
    • Directory traversal

Guiding Question:

What are some common application attacks including replay, privilege escalation and directory traversal and how can you defend against them?

Resources:

  • Lesson 2.4.11 – Application Attacks Part 1.pptx and Lab – Directory Traversal.pptx Presentations available on Google Classroom

Assignment:

  1. Review the Lesson 2.4.11 – Application Attacks Part 1.pptx presentation, if necessary.
  2. Complete the Lab – Directory Traversal.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying your Windows system web browser displaying the “Secret Message” you created (as demonstrated in Slide 15 of the Lab presentation) to today’s Google Classroom post.

Assigned: November 21st, 2025
Teacher Pacing Due Date: November 24th, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.11 – Lab Activity – Pass the Hash

Objective:

  • Students will analyze potential indicators associated with application attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Application Attacks
    • Replay
    • Privilege escalation
    • Directory traversal

Guiding Question:

What are some common application attacks including replay, privilege escalation and directory traversal and how can you defend against them?

Resources:

  • Lesson 2.4.11 – Application Attacks Part 1.pptx and Lab – Pass the Hash.pptx Presentations available on Google Classroom

Assignment:

  1. Review the Lesson 2.4.11 – Application Attacks Part 1.pptx presentation, if necessary.
  2. Complete the Lab – Pass the Hash.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying your successful administrative login in the Meterpreter session on the Kali Linux machine to today’s Google Classroom post.
    • Note: You will need to complete yesterday’s Privilege Escalation lab to locate the Windows Password Hashes for use in this lab!

Assigned: November 20th, 2025
Teacher Pacing Due Date: November 21st, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.11 – Application Attacks Pt 1

Objective:

  • Students will analyze potential indicators associated with application attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Application Attacks
    • Replay
    • Privilege escalation
    • Directory traversal

Guiding Question:

What are some common application attacks including replay, privilege escalation and directory traversal and how can you defend against them?

Resources:

  • Lesson 2.4.11 – Application Attacks Part 1.pptx Presentation available on Google Classroom

Assignment:

  1. Read the Lesson 2.4.11 – Application Attacks Part 1.pptx presentation in today’s class.
  2. Complete the Lab – Privilege Escalation.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot displaying your successfully escalated privileges in the Meterpreter session on the Kali Linux machine to today’s Google Classroom post.

Assigned: November 19th, 2025
Teacher Pacing Due Date: November 20th, 2025

AP Cybersecurity

CYBER.ORG: AP Cybersecurity – Lesson 2.4.8 – DoS and DDoS Lab Activity

Objective:

  • Students will analyze potential indicators associated with network attacks.

Standards:

CompTIA Security+ SYO-701 Objective:
2.4 – Given a scenario, analyze indicators of malicious activity

  • Network Attacks
    • Distributed denial-of-service (DDoS)
      • Amplified
      • Reflected

Guiding Question:

What are 3 types of DDoS attacks and how can you defend against them?

Resources:

  • 2.4.8 – DoS and DDoS.pptx and Lab – Denial of Service.pptx Presentations available on Google Classroom

Assignment:

  1. Review the 2.4.8 – DoS and DDoS.pptx presentation.
  2. Complete the Lab – Denial of Service.pptx Activity in class using the materials provided in Google Classroom.
  3. To confirm completion the lab activity, upload a screenshot (with today’s date) of the exploit running in the Terminal window on the Kali system confirming that the Victim’s Windows 7 system “seems down” from the active Metasploit session in the Kali environment to today’s Google Classroom post.

Assigned: November 12th, 2025
Teacher Pacing Due Date: November 13th, 2025

Networking and Operating Systems

Section 2.4.3 Wireless Technologies Lab – DIY Directional Antennas Project 2023

Objective:

  • I can demonstrate my understanding of computer networks, network operating systems and wireless networking by assembling a directional antenna with the intent of establishing and sustaining a 2.4 GHz wireless signal at a distance of greater than 100 yards.

Links:

Project Team Agreement FormDownload
Project Team Work Plan FormDownload


Do It Yourself Wireless Antenna (Pringles Can Yagi): https://www.makeuseof.com/tag/how-to-make-a-wifi-antenna-out-of-a-pringles-can-nb/

Building the Cylinder (Can) Waveguide (measurements calculator):
https://www.wikarekare.org/Antenna/WaveguideCan.html

DIY Bi-Quad Directional Wi-Fi Antenna:  https://lifehacker.com/5964111/diy-wi-fi-antenna-cheaply-extends-your-wireless-network

$10 Wi-Fi 16dBi Super Antenna: https://www.instructables.com/id/10–WIFI-16dBi-Super-Antenna-Pictorial/

Topics Discussed:

  • Wireless Networking
  • 802.11 Wi-Fi spec
  • Directional Antennas
  • Waveguide Antenna
  • Yagi Antenna
  • Flickenger design Antenna

Assignment:

Today, we are going to begin a focused short-term project that is to be completed before the Christmas Break. The goal is simple: design and build a directional antenna that will sustain a 2.4 GHz Wi-Fi signal over a minimum distance of 100 yards (300 ft or ~92m).

The stretch goal is a little more complex: design and build a directional antenna that will extend that 2.4 GHz Wi-Fi signal as far as possible.

  1. Use the links I have provided to learn about do-it-yourself directional antenna designs. There are many designs to choose from, so do your research and select the design that you think will be most effective in extending and sustaining the Wi-Fi signal over the longest range.
  2. You may work with a partner, or choose to go it alone. If you choose to work with a partner, you will need to download, complete and turn in both a Project Team Agreement and a Project Team Work Plan (available via the links provided above).
  3. Even if you are working by yourself, use the Project Team Work Plan to identify and prepare for the steps of this project (i.e. research, acquisition of materials, installation, configuration, building, testing, modification and upgrades).
  4. Upload your completed Project Team Agreement Form and Project Team Work Plan Form to today’s assignment post on our Google Classroom as soon as they are completed. The completed Project Team Contract and Project Team Work Plan are due by the end of the class on Wednesday, December 6th.
  5. Proceed with the first identified steps in your Project Team Work Plan. Do your best to follow the plan, but don’t be afraid to amend or alter the plan as the need arises.
  6. Tools and equipment will be provided, and all work should be completed in Room 225. You will need to notify the instructor if you need access to any additional tools located in Room 212. Testing PCs (sender and recipient) will be provided on rolling carts to allow for testing of antennas.
  7. Please use this time to make progress on your project. We have time provided to complete the project, but no time to waste. It is highly likely that your first antenna design will not work as well as you expect it to, and you will need time to test and make adjustments to your design to achieve optimal results. Use the time given to build, test, modify and retest to get the best results!
  8. We will conduct initial tests the week of December 11th. To be considered a success (and receive credit for the project), your antenna design must be able to sustain at least a -67 dBm wireless signal over a 100 yard distance (the length of the football field).
  9. Upon completion of initial tests, you will have a week to revise and retest your design before the final testing on Monday, December 19th.
  10. The team (or individual) that produces the antenna that can reliably sustain the highest signal strength over the longest distance on the final testing day will receive a personal pizza and wings party, to be held while everyone else writes a three paragraph personal reflection on Wednesday, December 20th describing their participation in this project.

Good luck, and remember: the best way to eat an elephant is one bite at a time.

Posted: December 5th, 2023
Due Date: December 19th, 2023

Networking and Operating Systems

CYBER.ORG: Networking Fundamentals – 1.6.2 – Lab – DNS and nslookup

Objective:

The student will explain the use and purpose of network services.

Resources:

  • See PowerPoint presentation: 1.6.2 – Lab – DNS and nslookup.pptx

Assignment:

  1. Use the CYBER.ORG Cyber Range Kali Linux installation to access the nslookup utility, and use it to complete the 1.6.2 – Lab – DNS and nslookup.pptx Lab activity.
  2. Complete the Lab by answering the questions in the CYBER.ORG: Networking Fundamentals – 1.6.2 – Lab – DNS and nslookup Google form posted on the Google Classroom in class today.
  3.  Refer to the 1.6.2 – DNS.pptx presentation if you need to review DNS information.
  4. Please do your best to complete this Lab activity by the end of the day today.

Assigned: November 3rd, 2023
Teacher Pacing Due Date: November 3rd, 2023