Cyber Battlefield Learning Outcomes
The first portion of the course begins with an introduction to the theoretical underpinnings of cyber security, then continues with an introduction to the basic components of "cyberspace". We start with digital data, the physical computer, operating systems and programs, and continue to the Web, the Internet, and both wired and wireless networks. These components comprise the basic physical systems, data and protocols that are the building blocks of cyberspace.
Specific objectives are:
- Cyber Domain
- Describe the aspects of the cyber domain
- Describe the interaction of the aspects of the cyber domain
- Cyber Security.
- Explain the DoD Cyber Security Model ("Pillars of Cyber Security").
- Describe compromises of the Pillars of Cyber Security and mitigations.
- Digital Data.
- Define terms such as bit, byte, hex, encodings (ASCII).
- Convert between binary, decimal, and hex number representations.
- Use tools to determine a file's type by examining its digital content.
- Explain what is meant by the terms "file type", "file format", "file header",
and "file name extension", and explain how a file name extension is used and abused.
- Computer Architecture.
- Describe a computer as a device that manipulates digital data through input, processing, and output.
- Identify and describe the major hardware components of a computer and their purpose.
- Explain how digital data moves between major hardware componets (HDD, RAM, CPU); e.g. program launch to fetch-decode-execute cycle.
- Describe a computer as a layered model of: Users/Programs, Operating System, Hardware.
- Operating Systems.
- Define the purpose of an Operating System (OS) and these core services it provides: hardware interfaces; access control; and file system, process, and user account management.
- Describe the interfaces an operating system provides to users and programs: GUI, shell, API.
- Explain the concept of absolute and relative file system pathnames.
- Perform shell commands on local and remote systems to accomplish common file system tasks.
- Describe the distinction between a program and a process.
- Explain the role of the OS with respect to security in relation to user accounts, logins, and file/process ownership and access permissions.
- Explain the significance of a super-user account (Administrator, root).
- Explain the concepts of data types, expressions and variables, and correctly use
them to modify the behavior of simple programs.
- Given a simple code example involving branching and loops, explain how the code inputs,
processes, and outputs data.
- Discuss the implications on program execution of unexpected data input by a user.
- The Web.
- Describe the World-Wide-Web ("web") as a client-server system involving the HTTP protocol.
- Explain the components of a URL.
- Describe how basic HTML will be rendered by a browser.
- Design, create, and upload a simple website using HTML and a secure file transfer protocol.
- Explain the concept of absolute and relative HTML references.
- Describe client-server interaction for a static web page, and the processing done by the browser on the data it receives.
- Describe client-server interaction for a dynamic web page that involves user input to a form and
- Discuss trade offs between client-side and server-side scripts, and explain why client-side
input validation is weaker than server-side.
- Explain how an email containing HTML with embedded scripts is a risk to security.
- Explain how cookies are used by both the web browser and the web server.
- Explain how reflection, injection attack, and cross-site scripting work and why they may fail.
- Analyze scenarios involving the web in terms of services, risk, security and forensics.
- Relate to other network services an understanding of the web as a client-server based network service.
- Explain the basic functioning of the Internet in terms of hosts, packets, routers and IP addresses.
- List the layers in the protocol stack of the TCP/IP Model. Describe each layer in terms of
its function and the hardware devices used. Contrast TCP and UDP transport.
- For each of the following protocols: describe its purpose, state the protocol stack layer
it uses, and identify commands or tools that use the protocol: HTTP(S), DNS, DHCP, SSH, RDP, SMB,
SSL/TLS, TCP, UDP, ICMP, ARP. Relate ports, services, and protocols.
- Describe the Domain Name System (DNS) and security issues with name resolution.
- Describe each of the following: IP Address, subnet mask, network address, broadcast address,
private address, MAC address, BSSID, ESSID.
- Appropriately use these commands and tools and explain their output:
- Interpret their output to deduce information about network hosts, topology and services.
- Use the tools to construct a wired network and an encrypted wireless network, both connected to a simple internet.
- Describe the purpose of encryption on a wireless network, and compare WEP, WPA, WPA2.