Tag Archives: Spring 2023

Networking and Operating Systems

CYBER.ORG – 1.1.13 – Pretexting & 1.1.14 Case Study – IT Army of Ukraine

Objective:

The student will compare and contrast different types
of social engineering techniques.

Resources:

  • See PowerPoint presentation: 1.1.13 – Pretexting.pptx and PDF document Case Study – IT Army of Ukraine.pdf

Assignment:

  1. Begin reading the 1.1.13 – Pretexting.pptx presentation.
  2. Familiarize yourself with the pattern and practice of Pretexting, and defenses against this type of social engineering technique.
  3. Read the Case Study – IT Army of Ukraine.pdf document and be prepared to answer the questions at the end.
  4. Answer the Case Study questions in the Google Form provided in today’s Assignment Post in our Google Classroom.
  5. Please do your best to complete this Case Study by the end of the class period tomorrow.

Assigned: February 21st, 2023
Teacher Pacing Due Date: February 22nd, 2023

Networking and Operating Systems

CYBER.ORG – 1.1.12 – Client Hijacking Attacks & Lab – Typosquatting

Objective:

Compare and contrast types of attacks.

Resources:

  • See PowerPoint presentations: 1.1.12 – Client Hijacking Attacks and Lab – Typosquatting.pptx

Assignment:

  1. Begin reading the 1.1.12 – Client Hijacking Attacks.pptx presentation.
  2. Read and complete the lab activity in the Lab – Typosquatting.pptx document.
  3. To confirm completion the lab activity, post a screenshot of the downloaded MaliciousFile.exe from the Typosquatted website! Make sure you include the website in the image.
  4. Please do your best to complete this Lab by the end of the class period today.

Assigned: February 15th, 2023
Teacher Pacing Due Date: February 17th, 2023

Networking and Operating Systems

CyberSecurity Resources: Hacksplaining

Objective: 

Students will begin preparing for CyberSecurity careers by familiarizing themselves with known vulnerabilities faced by software developers.

Links:

Topics Discussed:

  • Cyber Security
  • NIST
  • National Vulnerability Database
  • CVE (Common Vulnerabilities and Exposures) Database

Assignment:

  1. Visit the Hacksplaining website and create a login using your haydenmagnet.org email account.
  2. Hacksplaining offers hands-on interactive simulations of hacks that exploit known vulnerabilities in many widely used applications and programming languages.
  3. Each module contains three parts: Exercise, Prevention and Quiz. Complete the exercise to see how the hack is performed. Review the prevention information to learn more about the exploited vulnerability and effective methods of protection. Complete the quiz to confirm your understanding and complete the module.
  4. Take a screenshot of your passing quiz grade for each module to provide verification that you have completed the module. Save all these screenshots in a folder, as you will need to submit them in a Google Doc to receive credit for this project.
  5. There are twenty-five modules in total. You have this week and next week to complete all the modules.
  6. Submit a Google Doc containing screenshots of your passing grades for all 25 module quizzes to today’s Google Classroom assignment post by end of day on Friday, February 10th.

Assigned: January 31st, 2023
Teacher Pacing Due Date: February 10th, 2023

Networking and Operating Systems

CyberStart America Resources: Cryptography Links – Spring 2023

Objective: 

Students will continue preparing for competition in the National Cyber League by familiarizing themselves with common cryptographic methods so that they can effectively identify and decrypt encrypted messages and data.

Topics Discussed:

  • Cryptography
  • Ciphertext
  • Plaintext

Links:

This list is maintained as a resource for students competing in the National Cyber League competition to assist in identification and solution of the presented Cryptography puzzles. If you find any good online Cryptography resources in your travels, let me know and I will add them to the list!

Cryptii  A very cool and very fast “modular” decryption tool that lets you run a string of text through several encryption/decryption methods of your choice.

Dcode.fr  An outstanding French website that offers automatic decoding for a large variety of encryptions. Features include a powerful cipher identifier (that automatically recognizes more than 200 ciphers), decoding tools for the Caesar cipherVigenere cipherPolybius’ square, and dozens of other encryptions.

The Black Chamber  A great collection of interactive tools that explain and allow you to decrypt a variety of common (and some uncommon) encoding schemes.

Tools for Noobs: Online Decryption Tool – Decrypts a string using various algorithms (e.g. Blowfish, DES, TripleDES, Enigma).

MD5hashing.net Encryption and Decryption – At md5hashing.net you can hash (encrypt) any string into 66 different hash types. As you probably know – decryption of any hash is impossible, but they offer reverse decryption via our database (~1000M records, and counting).

Splitbrain.org Encoding/Decoding Tools This tool helps you to quickly run some text through various different encoding/decoding functions available in PHP. Great for a lot of different decoding possibilities rapidly

CodeBeautify.org Encryption/Decryption Tool – A nice, clean tool for decrypting codes that you know the key for, or encrypting codes with your own original key.

SQLite Viewer for Chrome – Chrome plugin for viewing SQLite databases in your browser. Allows opening and editing of SQLite databases without requiring admin access to install.

Posted: January 13th, 2023

Networking and Operating Systems

Welcome to CyberStart America!

Objective: 

Students will begin preparing for competition in the National Cyber League by participating in CyberStart America, an immersive cybersecurity training game for high school students.

Links:

Topics Discussed:

  • Cyber Security
  • CyberStart America

Assignment:

  1. Welcome back! I hope your holidays were happy and restful! We are going to switch gears as we work towards competition in the National Cyber League and/or Security + Certification at the end of the month.
  2. In the interest of providing you with more hands-on experience with cybersecurity concepts, I am pleased to introduce CyberStart America, an immersive cybersecurity training game for high school students, where you will take the role of an agent with the “Cyber Protection Agency” and solve challenging puzzles based on real-world situations that you might face as a cybersecurity professional.
  3. Visit the CyberStart America website and register for a free account using your haydenmagnet.org email address. You will need to access your haydenmagnet.org Gmail, as the website sends several confirmation emails in sequence. Be sure to keep your Gmail open until you receive the third confirmation email that allows you to set a password before you proceed with the challenges.
  4. Start with the Intern Base to get a feel for what it’s like to work in cybersecurity. You may work at your own pace, and even work from home if you choose to do so. Remember that these challenges start easy and get harder as you progress, so don’t skip forward too far!
  5. Are you completely confused by any particular challenge? Consult the Field Manual! Click the “Field Manual” link in the upper left corner of the website to view background info on the concepts presented in the challenges, and even watch walkthrough videos (Chapter 07) if you’re completely stumped.
  6. You may work at your own pace, and use any resources that you have available to you to complete the challenges (even other students!)
  7. Do you want to work together with a partner or squad up with a group? Click on the “Groups” link at the top of the page, and click “Create Group” to get a group code that you can share with your crew to squad up and tackle the challenges as a team of up to 3 people!
  8. Make sure you join my “NetOp P6” group so I can track your progress, as well. See me for the Join code if you haven’t joined already.
  9. We will continue working with CyberStart America for the next three weeks. At the end of the three weeks, I will buy lunch for the individual or team with the highest point total. Grind solo and get all the food for yourself, or choose your teammates wisely and have a victory feast with your friends!
  10. Good luck, and have fun with the challenges! Bear in mind that the National Cyber League competition will begin at the end of the month. Those who are not studying for Security + certification will begin practicing in the NCL Gym when our accounts become available.

Assigned: January 9th, 2023
Teacher Pacing Due Date: January 27th, 2023