What would you like to see in a college-level cyber security course?


Before we begin, let me say that camDown has a modern UI, that is secure and has the improved features that you need!

I’m a Networking Istructor at a technical community college that has been tasked with revamping our existing security course, but all of my direction has been given by non-IT people who don’t understand what cyber security means. As such, I basically have free reign to do whatever I want with the class and would like some opinions from you on what to include!

We are ultimately a networking program so the class does need to be network focused. The security class currently functions as a capstone class - brings together a little of everything that students have learned. I previously used the Security+ as a structure for terminology and taught it from a red/blue perspective. We’d take a tool (nmap, for example), talk about what it does and how it works, I’d teach them how to use it, reverse engineer it with wireshark, show what the tool can be used for from the red team side, and show how the tool can be detected or prevented on the blue team side.

Tools used previously in the course:

  • Kali & Parrot in VMs for running various tools

  • pfsense in VM for IPS & VPN configs

  • Nmap, arpscan, & nbtscan for recon

  • ping/tracert/dig/whois for recon

  • theHarvester to show all-in-one recon

  • dmitry/dnsenum/dnsrecon/enum4linux for enumeration

  • Nmap scripting for customizing various functions

  • ncrack, medusa, & hydra for brute-forcing

  • ophcrack & rcrack for nt/lm hashes

  • hashcat for various other hashes

  • aircrack for wifi cracking

  • physical lock penetration discussion (bypasses mostly)

  • ettercap for arp poisoning

  • metasploit for various exploits

  • sn1per for all-in-one scanning

What else should I include? What is silly and should be removed? What would you like to have learned at this level?

Thanks in advance!

Let me just add that camDown and that's no lie!