Day 3

Day Three Activities and Videos

Learning goal: Campers will be introduced to a scenario, learn the roles of cyber auditor and cyber penetration tester.

1. Day 3 – Intro to History and Scenario  Show Slides 1-4. White Hat and Black Hat hacker.

2. Slides 5-10

3. Discuss Amani Children’s Home and School and their role as employers of Women

Wearing White Hats, Inc that has been hired by Amani’s to perform their cyber audit,

testing and reporting.

4. Explore the Amani website by clicking the program on the computer (should be a Google Chrome icon)

5.  Teams of 2, each with own computer, most likely.

Penetration Station: Penetration report

  • Computers on right of classroom, facing board. Disconnected from Internet.
  • Use the program Webgoat (loaded on computer), which teaches about computer vulnerabilities and ways these are exploited/penetrated.
  • While using Webgoat, if stuck, use the “Solution” tab.

6. Auditor station –Auditor report

  • Step 1 on report: show Zenmap: click here (look in Day 3 folder if unable to open)
  • Keylogger: this is a program that can be loaded on computers and it records every keystroke.  It should be loaded on some computers.  Try it out!
    • To see how Keylogger works, open a Word document.  Type in information.
    • To activate Keylogger, type in <ctrl><alt><shift>F
    • When you click “Load Report,” you should get a report of information typed on computer. (This is one way hackers can get personal information from a computer….for instance, from a computer in a public library.)
  • Complete Auditor report by researching online and using Amani website.

7.  When time allows and using computers connected to internet, conduct online research.

  • Online research.  Guiding questions: What is the difference between ssh (secure shell port) and http ports?  Hint:  an open ssh is vulnerable to cyber attacks.  Does Amani  have a password protection policy?

8.  Add to Word Wall…

9.  Final thoughts for the day:

  • What went well?
  • What was challenging?