Professional Documents
Culture Documents
Instructor Notes
Students are expected to finish these tasks in the following sequence:
• Finish the CyberCIEGE Passwords scenario and make sure no attacks take place and
the budget is over $58000.
• Finish the CyberCIEGE Patches scenario
• Finish the CyberCIEGE Mandatory Access Control and MAC Integrity scenarios
• Get started (if they haven’t yet) or continue working on their 1st assignment.
Passwords Scenario
This scenario is very simple. The trick is to play it multiple times and know when to stop the
game, configure the passwords’ policy and play again. This way they can prevent any attack
and keep the budget high.
Please refer them to “Press F1” for help. At this stage, they should start reading the help
pages and find the information they need.
Patches
Before students start playing this scenario, please play this movie:
https://my.nps.edu/static-content/cyberciege/11CIEGE.html
The patches scenario illustrates some issues related to the need to apply patches to
applications and operating systems. Players are also provided the opportunity to run a
“scan” on their systems to observe the presence of unpatched software.
If players select “automatic updates”, they learn that these are not available for some of the
applications.
In the second phase of the game, the player must purchase a second server so that the IT
support staff can test patches before applying them.
Please play this movie for students so they can understand multilevel secure components:
https://my.nps.edu/static-content/cyberciege/06CIEGE.html
The scenario a single phase and students are encouraged to play it multiple times.
The first play, students assign the correct labels to the multilevel server’s networks and
observe that the users achieve their goals and the high secrecy asset is not compromised.
Students are encouraged to play again, this time assigning the wrong label to the
unclassified network.
The scenario a single phase and students are encouraged to play it multiple times.
• The first play, students assign the correct labels to the multilevel server’s networks and
observe that the users achieve their goals and the asset is not compromised.
• Students are encouraged to play again, this time assigning a high integrity to the low
integrity network. An attacker breaks in the weakly protected area where the low
integrity workstation sits and compromises the high integrity data.
Directed Task
Finally, please encourage students to work on their assignment if they’ve any time left at
the end.