Tag Archives: Unit 1

CYBER.ORG: AP Cybersecurity – Lesson 4.1.4 – Application Security, Lesson 4.5.2 – Endpoint – OS & Monitoring & Lesson 1.1.1 – Security Controls

Objective:

  • Students will:
    • Be able to explain how organizations can be more cyber resilient.
    • Investigate common methods to enhance Operating System security and implement monitoring measures in an enterprise.
    • Compare and contrast various types of security controls

Standards:

CompTIA Security+ SYO-701 Objective:
4.1 – Given a scenario, apply common security techniques to computing

  • Application security
    • Input validation
    • Secure cookies
    • Static code analysis
    • Code signing
  • Sandboxing
  • Monitoring

4.5 – Given a scenario, modify enterprise capabilities to enhance security

  • Operating system security
    • Group Policy
    • SELinux
  • File integrity monitoring
  • DLP
  • Network access control (NAC)
  • Endpoint detection and response (EDR)/extended detection and response (XDR)
  • User behavior analytics

1.1 – Compare and contrast various types of controls

  • Category
    • Technical,
      • Managerial,
      • Operational,
      • Physical,
    • Control Type
      • Preventive
      • Deterrent
      • Detective
      • Corrective
      • Compensating
      • Directive

Guiding Questions:

  • How are applications secured?
  • What are some common methods for an enterprise to enhance Operating System security and implement monitoring measures?
  • What are some different control categories and control types?

Resources:

  • Lesson 4.1.4 – Application Security.pptx, Lesson 4.5.2 – Endpoint – OS & Monitoring.pptx and Lesson 1.1.1 – Security Controls.pptx Presentations and Security Concepts Guided Notes – Fall 2025 Form available on Google Classroom

Assignment:

  1. Read through the Lesson 4.1.4 – Application Security.pptx, Lesson 4.5.2 – Endpoint – OS & Monitoring.pptx and Lesson 1.1.1 – Security Controls.pptx presentations in today’s class.
  2. Complete the Security Concepts Guided Notes – Fall 2025 Form using the materials provided.

Assigned: September 30th, 2025
Teacher Pacing Due Date: October 1st, 2025

CYBER.ORG: AP Cybersecurity – Lesson 4.5.1 – Endpoint – Protocol & Email Security

Objective:

  • Students will be able to explain how organizations can be more cyber resilient.

Standards:

CompTIA Security+ SYO-701 Objective:
4.5 – Given a scenario, modify enterprise capabilities to enhance security

  • Implementation of secure protocols
    • Protocol selection
    • Port selection
    • Transport method
  • DNS filtering
  • Email security
    • Domain-based Message Authentication Reporting and Conformance (DMARC)
    • DomainKeys Identified Mail (DKIM)
    • Sender Policy Framework (SPF)
    • Gateway

Guiding Question:

What are some common methods to enhance security for enterprise networks and communications?

Resources:

  • Lesson PPT Lesson 4.5.1 – Endpoint – Protocol & Email Security.pptx Presentation and Case Study – Heartbleed.pdf available on Google Classroom

Assignment:

  1. Read through the Lesson PPT Lesson 4.5.1 – Endpoint – Protocol & Email Security.pptx presentation in today’s class.
  2. Complete the Case Study – Heartbleed.pdf using the materials provided.

Assigned: September 29th, 2025
Teacher Pacing Due Date: September 30th, 2025

CYBER.ORG – LAB – LINUX 101

Objective:

Students will begin preparing for proficiency in cyber security with an overview of Linux fundamentals and advanced commands.

Resources:

  • See PowerPoint presentations: Lab – Linux 101

Assignment:

  1. Read the Lab – Linux 101 to review fundamental Linux commands within the Linux operating system.
  2. Use the Terminal app in your Kali Linux virtual environment in the CYBER.ORG Cyber Range to follow along with the presentations, and practice or test the commands as you read about them.
  3. Begin reading the Lab – Linux 101 presentation to study the fundamentals of the Linux operating system. I will show you how to do some of the steps (Watch) and we will do some of the steps together (Together). Then, you will need to follow the steps listed on each “On Your Own” slide, being careful not to skip any steps.
  4. To demonstrate completion of this Lab Activity, upload three screenshots to today’s Assignment Post in the Google Classroom:
    • The Terminal window from slide 24 that shows the results of the rm -rf command
    • The Terminal window from the On Your Own exercise on Slide 30 displaying the results of the Move/Copy Files sequence
    • The Terminal window displaying the results of the -v option when used with both of the directory commands introduced on slide 36 of the Lab presentation.

Assigned: September 15th, 2025
Teacher Pacing Due Date: September 16th, 2025

CYBER.ORG: AP Cybersecurity – Topic 1.2C – Managing Risk

Objective:

  • Students will be able to explain how organizations can be more cyber resilient.

Standards:

  • CYBER.ORG Cybersecurity Learning Standards
    • 9-12.CS.LOSS- Develop a plan for risk mitigation that implements redundancy.
  • CSTA Compatibility Standards
    • 3A-DA-10: Evaluate the tradeoffs in how data elements are organized and where data is stored.

    Guiding Question:

    How can organizations prepare for and recover from cyber incidents to protect their core purpose?

    Resources:

    • Lesson PPT Cybersecurity 1.2.C.pptx Presentation and Lab 1.2.C – Remote Backups.pptx available on Google Classroom

    Assignment:

    1. Read through the Lesson PPT Cybersecurity 1.2.C.pptx presentation in today’s class.
    2. Complete the Lab 1.2.C – Remote Backups using the materials provided.

    Assigned: September 10th, 2025
    Teacher Pacing Due Date: September 12th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 1.2.1 – CIA Triad and AAA

    Objective:

    • Students will be able to summarize authentication and authorization design concepts.

    Standards:

    • CompTIA Security+ SYO-701 Objective:
      • 1.2 – Summarize fundamental security concepts

    Guiding Question:

    How do the principles of the CIA Triad interact with authentication, authorization, and accounting framework to ensure the overall security of information systems?

    Resources:

    • Lesson 1.2.1 – CIA Triad and AAA.pptx Presentation available on Google Classroom

    Assignment:

    1. Read through the Lesson 1.2.1 – CIA Triad and AAA.pptx presentation in today’s class.
    2. Complete the in-class Activity using the materials provided.

    Assigned: September 9th, 2025
    Teacher Pacing Due Date: September 9th, 2025

    APCK Cyber: AP Cybersecurity – Topic 1.1 – Analyzing Cyber Attacks

    Objectives:

    • Students will be able to analyze a cyber attack, including identifying the phases of the attack, internalizing key learnings for future protection, and sharing an analysis of the attack with a non-technical audience.

    Standards:

    • 1.1.A Describe types of adversaries and their motivations.
    • 1.1.B Determine the type of attack used by a cyber adversary.
    • 1.1.C Determine the phases used in a cyber attack.

    Guiding Question:

    What are the common elements of a Cyber Attack?

    Resources:

    • 1.1 Analyzing Cyber Attacks PPT.pptx Presentation available on Google Classroom

    Assignment:

    1. Read through the 1.1 Analyzing Cyber Attacks PPT.pptx presentation in today’s class.
    2. Divide into groups of 2 – 3, your group will receive a specific historical cyber attack to research.
    3. Work as a team to complete the Cyber Attacks Case Study Analysis document available in the Google Classroom to research your assigned attack.
    4. You will be using the information your group collects on this graphic organizer to write a brief synopsis of your assigned attack including:
      • Who the adversaries carrying out the attack were,
      • How the attack happened
      • What the impact of the attack was
      • Who was impacted
    5. You will be sharing your information with the class on Monday via a 3–5-minute presentation.
    6. Many other information sources for these attacks are available beyond the provided articles. You are encouraged to use any and all resources available to you to go beyond the provided resources.
    7. Presentations will take place during Monday’s class meeting, and each team member will be expected to contribute, so prepare your materials accordingly.

    Article Links:

    Assigned: September 4th, 2025
    Teacher Pacing Due Date: September 8th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 5.4.1 – Security Compliance

    Objective:

    • Students will investigate the elements of effective security compliance..

    Standards:

    CompTIA Security+ SYO-701 Objective:
    5.4 – Summarize elements of effective security compliance

    Guiding Question:

    What are the elements of effective security compliance?

    Resources:

    • Lesson 5.4.1 – Security Compliance.pptx Presentation available on Google Classroom

    Assignment:

    1. Read through the Lesson 5.4.1 – Security Compliance.pptx presentation in today’s class.
    2. Complete the in-class Activity in class using the materials provided.

    Assigned: September 2nd, 2025
    Teacher Pacing Due Date: September 3rd, 2025

    CYBER.ORG: AP Cybersecurity – Topic 2.2.2 – OSINT

    Objective:

    • Students will investigate open source-online tools (OSINT) used to perform reconnaissance.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 6-8.DC.FOOT.1 -Recognize the many sources of data that make up a digital footprint
    • CSTA Compatibility Standards
      • 3A-IC-29 :Explain the privacy concerns related to the collection and generation of data through automated processes that may not be evident to users.

    Guiding Question:

    How and why is open-source intelligence used legally to gather free, public information?

    Resources:

    Assignment:

    1. Follow along with the 2.2.2 – OSINT.pptx presentation in today’s class.
    2. Complete the OSINT Report on Tony Stark Activity in class using the materials provided in Google Classroom.

    Assigned: August 28th, 2025
    Teacher Pacing Due Date: August 29th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 2.1.1 – Social Engineering

    Objective:

    • Define the steps used in typical digital attacks.
    • Define social engineering as the human risk in organization security.
    • Identify techniques for social engineering and how to mitigate against these techniques.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 9-12.SEC.PHYS -Analyze the different types of attacks that affect physical security
    • CSTA Compatibility Standards
      • 3A-IC-29 :Explain the privacy concerns related to the collection and generation of data through automated processes that may not be evident to users.

    Guiding Question:

    How can we protect against social engineering?

    Resources:

    Assignment:

    1. Follow along with the 2.1.1 – Social Engineering.pptx presentation in today’s class.
    2. Complete the Seven Steps of Hacking Activity in class using the materials provided.

    Assigned: August 27th, 2025
    Teacher Pacing Due Date: August 27th, 2025

    CYBER.ORG: AP Cybersecurity – Topic 1.1.A – Threat Actors & Case Study – Stuxnet

    Objective:

    The student will analyze threat actors and their motivations.

    Standards:

    • CYBER.ORG Cybersecurity Learning Standards
      • 2.1 – Compare and contrast common threat actors and motivations

    Guiding Question:

    What are threat actors and their motivations?

    Resources:

    Assignment:

    1. Follow along with the 2.1.1 – Threat Actors.pptx presentation in today’s class.
    2. Next, complete the Case Study – Stuxnet Activity using the document and Form posted in the Google Classroom.
    3. Please do your best to complete the Case Study by end of day on Tuesday, August 26th.

    Assigned: August 25th, 2025
    Teacher Pacing Due Date: August 26th, 2025