2017 AFA CyberCamp
Student Workbook
© Air Force Association
© 2017 Air Force Association CyberCamp Student Workbook
2017 CyberCamp Student Workbook
Student Workbook Table of Contents
Student Pre-survey..…………………………...……………………..…………………………………………………....Page i
Module 1 Activities
Activity 1-1: How to Beat Cyberbullying ..…………………………...……………………..………...Page 1
Activity 1-2: Cyber Ethics Case Study…..………………………………………………………..……Pages 2-7
Module 2 Activities
Activity 2-1: VMWare Lab…..……………………………………………………………........……..……….Page 8
Activity 2-2: System Admin Lab…..…………………………………………………........................…Page 9
Module 3 Activities
Activity 3-1: File Protections Lab……………………………………..…………………………………...Page 10
Activity 3-2: Intermediate Security Tools Lab………………………………………….……………..Page 11
Activity 3-3: Checklist Challenge..…………………………………………………………………...Pages 12-14
Module 4 Activities
Activity 4-1: Linux Familiarization Lab…….…………………………………………………………...Pages 15
Activity 4-2: Linux GUI Security Lab……..………………………………………………………………..Page 16
Activity 4-3: Linux Command Line Lab I ……..…………………………………………………Pages 17-18
Activity 4-4: Linux Command Line Lab II……..…………………………………………………Pages 19-20
Activity 4-5: Intermediate Ubuntu Security Lab……..………………………………………………Page 21
Student Post-survey..…………………………...………………………………………………….……………..………...Page ii
Notes Pages (Take notes to use for the week!)
© 2017 Air Force Association CyberCamp Student Workbooki
Student Pre-survey
Dear Students:
Welcome to AFA CyberCamps! We hope you have a fun and exciting week learning about cybersecurity and system administration.
When you have a moment, please use your smart phone, smart device or type in the url into your browser to fill out this brief Student Pre-survey. On Day 5 (Friday) you will find a Post-survey on page ii of this workbook. The survey takes 5-10 minutes to complete.
Your valuable feedback helps CyberPatriot improve your camp experience. Good luck this week and remember to take lots of notes!
2017 Pre-survey
https://goo.gl/1Jd5oc
© 2017 Air Force Association CyberCamp Student Workbook
Activity 1-1: How to Beat Cyberbullying
Well Cast http://static.tumblr.com/alrccnk/J6Hmj0apn/bully.pdf
1
© 2017 Air Force Association CyberCamp Student Workbook2
Activity 1-2: Cyber Ethics Case Study
Instructions: The news articles used for this activity are printed on pages 3-7 of this workbook. Read the article your team has been assigned by the camp instructor and discuss the case together. Be prepared to summarize the case, as well as discuss your answers to the questions below with the rest of the camp. Use the space provided for notes.
Summarize the case in the space below. Who is involved? What happened?
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
Have any of the 10 Commandments of Cyber Ethics been broken? If so, which?
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
Which party or parties violated the Commandments of Cyber Ethics? How so?
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
____________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook3
Activity 1-2: Cyber Ethics Case Study (cont.)
Case One:
Cops Demand Google Data on Anyone Who Searched a Person’s Name…Across a Whole City
March 17, 2017
By: Thomas Fox-Brewster, Forbes
Source: http://www.forbes.com/sites/thomasbrewster/2017/03/17/google-government-data-grab-
in-edina-fraud-investigation/#243a26e17ade
A judge in Minnesota has signed off on a warrant allowing police to demand Google data on anyone who
searched for the name of a fraud victim across a whole city, according to web engineer and public
records researcher Tony Webster.
Webster posted the warrant on his site, explaining that Edina Police Department sought the records
after a bank, Spire Credit Union, was contracted by a man they thought was a customer asking for a
$28,500 wire transfer. Turned out it was a fraud attempt and whoever was behind it had created a fake
passport to use as ID.
Police did a google image search for the real bank account owner and discovered the fake passport
photo used by the fraudster, which was not of the real victim but of someone with the same name.
Searches on Bing and Yahoo didn’t return the same photo.
Believing the perpetrator lived in Edina, the cops asked a court if they could request Google provide
records of everyone in the city who’d searched four different variations of the victims name between
December 1 2016 and January 7 2017. Specifically, they wanted names, email addresses, social security
numbers, payment information, account data and IP addresses, which could be enough to identify
where those searches were made.
Needless to say a lot of innocent people could be caught up in such a data grab. “It’s possible that such a
wide net could catch completely routine and non-criminal searches of the victim’s name by neighbors,
prospective employees or business associates, journalists, or friends,” said Webster.
Unsurprisingly, there was a fair amount of disbelief from privacy and legal experts, including this from
Elizabeth Joh, professor at UC Davis School of Law:
“Is this for real? Warrant for everyone in Edina, Minnesota who entered a particular Google search:
http://t.co/wop8K6aK9V -Elizabeth Joh (@elizabeth_joh) March 17, 2017
One staff attorney at the Electronic Frontier Foundation suggested a case name change was in order:
“[sic]. Case name should be In re Minnesota Unconstitutional General Warrant. Nice job unearthing
@webster https://t.co/IGUd6s32dt -Andrew Crocker (@agcrocker) March 16, 2017
Google initially rejected a subpoena from Hennepin County, but investigators are still arguing for the
information. It’s unknown if Google is fighting the new order. A Google spokesperson said: “We aren’t
able to comment on specific cases, but we will always push back when we receive excessively broad
requests for data about our users.” A spokesperson from Edina Police Department said they could not
comment on active investigations.
© 2017 Air Force Association CyberCamp Student Workbook4
Activity 1-2: Cyber Ethics Case Study (cont.)
Case Two:
Smart Toy Flaws Make Hacking Kids’ Info Child’s Play
February 28, 2017
By: Laura Hautala, CNet
Source: https://www.cnet.com/news/cloudpets-iot-smart-toy-flaws-hacking-kids-info-children-cybersecurity/
Bad news for parents and kids who sent each other voice messages through internet-connected stuffed animals
called CloudPets: Their account information and voice recording were left exposed on the internet, ready for
anyone with a few web search skills to find.
That’s according to reports published Monday from cybersecurity expert Troy Hunt, as well as Vice cybersecurity
publication in Motherboard.
The account information of more than 800,000 users, which included email addresses and easily guessed
passwords, was stored on an online database that could be viewed by anyone – no password required, both
reports said.
Nearly 2.2 million voice recordings were also stored online unsecured. Hackers could listen to them by guessing
the URL of the recording, Hunt found. Finally, both Hunt and Motherboard reported that hackers appear to have
wiped the user database clean and held its contents for ransom at least twice.
Spiral Toys, the maker of CloudPets, said in an email Monday that the voice recordings were not compromised.
The company didn’t comment on whether its database was accessed and ransomed by hackers, or whether
hackers could have accessed the voice recordings either by guessing easy passwords or the URLs of voice
recordings. Spiral Toys didn’t respond to follow-up questions from CNET on these topics.
On Tuesday the company put out an official statement confirming the database of account information was
exposed on the internet.
“Spiral Toys was notified about a potential breach on February 22 and took immediate and swift action to protect
the privacy of our customers,” the company said in its statement. “[W]e carried out an internal investigation and
immediately invalidated all current customer passwords to ensure that no information could be accessed.”
The company said it believed the voice recordings and photos of users weren’t accessed. The company will notify
users and require them to pick password with “increased security,” the statement said.
The reports come two weeks after German regulators warned parents that connected doll My Friend Cayla could
compromise children’s privacy. There haven’t been reports of data leaking from the Cayla doll, but fears of
exposing children’s personal information have been percolating for a few years now.
Those fears heightened with the release of the interactive talking Hello Barbie doll in 2015 and subsequent claims
from researchers that the doll had cybersecurity flaws. Other connected children’s toys have also proved
vulnerable to hackers, including VTech’s Learning Lodge app and the Fisher-Price Smart Toy, also a smart stuffed
animal.
Both Hunt and Motherboard had said they were unable to get in touch with the company. Spiral Toys said in an
email that it didn’t receive emails from Victor Gevers, a cybersecurity researcher who told Motherboard he
reached out to the company multiple times. Gevers sent CNET screenshots of his attempts to reach Spiral Toys via
email, which he said bounced back to him, as well as a link to a tweet sent to the company. Spiral Toys didn’t
respond to questions about the screenshots. Hunt found that the data was no longer publicly searchable after
January 13. He also said there was compelling evidence the database has been copied by hackers, who then
offered to give it back to Spiral Toys for a ransom, paid in bitcoins. Hunt detailed two random demands.
© 2017 Air Force Association CyberCamp Student Workbook5
Activity 1-2: Cyber Ethics Case Study (cont.)
Case Three:
Man Indicted for Using GIF as ‘Deadly Weapon’
March 22, 2017
By: Tom Brant, PC Magazine
Source: http://www.pcmag.com/news/352556/man-indicted-for-using-gif-as-deadly-weapon
A Texas grand jury this week indicted a man for using an animated GIF to cause Newsweek journalist
Kurt Eichenwald to suffer a seizure, in what could be the first case to legally consider a GIF to be an
assault weapon.
Eichenwald, who has epilepsy, suffered a seizure after he received a GIF in December from the
defendant, John Rivello, according to the FBI’s criminal complaint. The GIF, which Rivello sent via
Twitter, contained an animated strobe image embedded with the statement, “You deserve a seizure for
your post.”
Rivello’s tweet was sent shortly after Eichenwald appeared on Fox News to discuss a claim [sic] about
President Donald Trump. As the Washington Post, notes there is no evidence to support that claim.
The FBI arrested Rivello, of Salisbury, Maryland, on Friday and charged him with violating a federal
cyberstalking law. A Dallas grand jury indicted him for using Twitter and the GIF as a “deadly weapon“
the Post Reports.
Defense attorney Tor Ekeland told NBC News that Rivello’s case is likely the first time someone has been
indicted for using “the internet as a weapon that causes physical harm.”
The case is also noteworthy for how the FBI used cyber sleuthing methods to identify Rivello as the
perpetrator. Rivello sent the seizure-inducing tweet from a fake account using data from a prepaid SIM
card that he purchased with case, according to the complaint. The FBI obtained the phone number from
a search warrant sent to Twitter, which revealed the phone number associated with the fake account.
Agents then requested subscriber data for that phone number from AT&T, the provider of the SIM card.
Although there was no subscriber data because the account was prepaid with cash, AT&T records did
show that the SIM card was used in an iPhone 6. Yet another search warrant to Apple revealed that the
iPhone was linked to Rivello’s iCloud account.
© 2017 Air Force Association CyberCamp Student Workbook6
Activity 1-2: Cyber Ethics Case Study (cont.)
Case Four:
Hacker Takes Over Burger King Twitter Account
February 18, 2013
By: Candice Choi and Joshua Freed, The Christian Science Monitor
Source: http://www.csmonitor.com/Business/Latest-News-Wires/2013/0218/Hacker-takes-over-
Burger-King-Twitter-account
Somebody hacked Burger King’s Twitter account on Monday, posting obscene messages and changing
its profile picture to a McDonald’s logo.
The tweets stopped after a little more than an hour, and Burger King said it had reached out to Twitter
to suspend the account. A Twitter spokesman did not immediately respond to a phone message left on
Monday.
Burger King, which usually tweets several times a week, said it was working to get the account back up.
Typical tweets promoted sales on chicken sandwiches, or asked how many bites it takes to eat a chicken
nugget.
But just after noon EST (1700 GMT) on Monday, someone tweeted via Burger King’s account, “We just
got sold to McDonalds!” They also changed the icon to rival McDonald Corp.’s golden arches and the
account’s background picture to McDonald’s new Fish McBites.
About 55 tweets and retweets followed over the next hour and a quarter, including some that contained
racial epithets, references to drug use and obscenities. The account tweeted: “if I catch you at a wendys,
we’re fightin!”
Monday’s appropriation of Burger King’s Twitter account was as relatively mild of cybersecurity
problems, which are causing increasing concern in Washington and for industry. Media outlets including
The New York Times, The Wall Street Journal and the Washington Post have all said this year that their
computer systems were breached, while several NBC websites were briefly hacked in November. White
House officials and some lawmakers are pursuing legislation that would make it easier for the
government and industry to share information on how to defend against hacking.
Burger King didn’t know who hacked the account, and no other social media accounts were affected,
said Bryson Thorton, a spokesman for Miami-based Burger King worldwide Inc. Its social media team
and an outside agency manage the Twitter account, but Thornton declined to say how many people
knew the account’s password. He said they hope to have it working again soon, and will post a
statement on Facebook later Monday apologizing for the tweets.
Twitter acknowledged on Feb. 1 that cyber attackers may have stolen user names and password of
250,000 users. It said at the time that it notified users of the breach.
Competitors were sympathetic.
McDonald’s responded on Twitter that it empathized with its Burger King counterparts. “Rest assured,
we had nothing to do with the hacking.”
“My real life nightmare is playing out” on Burger King’s Twitter feed, wrote Wendy’s social media
worker Amy Rose Brown.
© 2017 Air Force Association CyberCamp Student Workbook7
Activity 1-2: Cyber Ethics Case Study (cont.)
Case Five:
Hack Brief: Hackers are Holding an LA Hospital’s Computers Hostage
February 16, 2016
By: Brian Barrett, WIRED
Source: https://www.wired.com/2016/02/hack-brief-hackers-are-holding-an-la-hospitals-computers-
hostage/
Ransomware attacks, in which hackers lock your computer or keyboard until you pay a ransom, are on
the rise. The latest notable ransomware victim is Hollywood Presbyterian Medical Center in Los Angeles,
whose computers have been offline for over a week. The computers will come back online, the hackers
reportedly say, in exchange for $3.4 million, paid in bitcoin.
The Hack
The incident, first reported by a local NBC affiliate, affects the Los Angeles hospital’s computer systems,
including those needed for lab work, pharmaceutical orders, and even the emergency room.
While the hospital’s spokesperson was unavailable to comment, HPMC president and CEO Allen
Stefanek told KNBC that it was “clearly not a malicious attack; it was just a random attack.” It’s not clear
what he means, though; a hospital in a wealthy neighborhood seems unlikely to be a random target,
especially for such a large sum.
As WIRED explained last fall, while ransomware has been around for over a decade, hackers have been
embracing increasingly sophisticated methods. In the past, ransomware could only lock down a target’s
keyboard and computer; now, hackers can encrypt an infected system’s files with a private key know
only to the attacker. That may be what has happened here, according to anonymous hospital sources
who told NBC4 that the hackers offered a “key” in exchange for the ransom money. The hospital has yet
to officially detail the attack.
Who’s Affected
Stefanek told NBC4 that patient care hasn’t suffered, although some 911 patients have been sent to
other nearby hospitals. Meanwhile, it appears to mostly add up to a headache for those in the HPMC
system because hospital staff have had to write all documentation out by hand for the last week. Some
patients, meanwhile, need to drive to more remote hospitals for medical tests that HPMC cannot offer
without a functioning network.
The fallout appears limited to this one hospital, though, and even within its walls the impact seems
annoying, but not crippling. HPMC says it’s working with the FBI, LAPD, and computer forensics experts
to recover its systems.
How Bad Is It?
Given the degree of things that could potentially go wrong at the intersection of hospitals and hackers,
this isn’t so terrible. But in terms of the scale of the ransomware, it’s about as bad as it gets. Symantec
recently pegged the total amount of ransomware paid out in any given year at $5 million. This single
incident asks for well over half that amount.
The bigger impact many not be clear until after the incident is resolved. If the hospital ends up paying
out, it could inspire copycat attacks. If not, and the hackers are identified, it could act as a deterrent.
Either way, for not it shows that no target is off limits for ransomware, nor is any sum.
© 2017 Air Force Association CyberCamp Student Workbook8
Activity 2-1: VMWare Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not listed below.
1. Open the Windows 7 Demo Image in VMWare Player. Click the “CyberPatriot” account. This is the account you will use throughout the camp.
2. Personalize the desktop background to the sample picture of penguins in the “Pictures” library.
3. Open Mozilla Firefox. Click the list button to the right of the Home icon and select “Options”. Change the homepage to www.uscyberpatriot.org.
4. Open Notepad from the Start Menu (Start Menu > All Programs > Accessories > Notepad)
5. Type a question in Notepad and leave the window up.
6. Close VMWare. When prompted, select “Suspend” instead of “Power Off”.
7. Re-open the Windows 7 Demo Image.
8. Open the DemoBackground picture in the Pictures library. Right-click it and select “Set as desktop background”.
9. Type an answer to your question in Notepad and save it as “Q&A” in your “Documents” folder.
10. Close VMWare. When prompted, select “Power Off” instead of “Suspend”.
11. Re-open the Windows 7 Demo Image.
12. Drag the sample Koala picture from the image Pictures library and drop it onto the desktop of your host computer.
13. Right-click the Koala picture on your host computer and select “Rename”. Rename the file “Giraffe”.
14. Drag and drop the “Giraffe” image file you just created from your host computer onto your virtual image’s desktop.
15. Hover over the Start Menu of your host machine. Click the small Windows Demo Image menu that says that pops up. Select “My Documents” from the menu. Open your “Q&A” file.
16. Type another question in the Notepad and click File > Save.
17. Open the Q&A file from your “My Documents” folder. Type an answer to your question and save it.
18. Close VMWare Player. Select “Power Off”.
© 2017 Air Force Association CyberCamp Student Workbook9
Activity 2-2: System Admin Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not described below.
1. Open the Windows 7 Demo Image in VMWare Player. When you click the “CyberPatriot” account, you should receive an error message notifying you the password is expired. This is because we just updated password policies in the Local Security Policies menu as a group. Leave the first Password text field blank and type Cyb3rD3mo! into the New Password and Confirm Password text fields. Do not change the password to anything other than Cyb3rD3mo!. If you do, you could lock yourself out of the image for the rest of the camp.
2. Check Windows Update for notifications. Install any important updates. You can continue to work on the next steps of this lab as the updates are being downloaded. Restart the image, if prompted.
3. Navigate to the Local Security Policy menu in Control Panel. Change the minimum password age to 24 days. Change the minimum password length to 10 characters.
4. Until recently, Nadia was an intern at the company. She just graduated with a degree in computer science has been given a full-time position in the IT department. Give her account administrator rights.
5. Hodor just quit his job in the marketing department to work with the company’s main competitor, Lanister Enterprises. Remove Hodor’s account and create a new account for his replacement, Fleur. She should be a Standard User.
6. Since allowing Spotify through Windows Firewall, employee efficiency has dropped significantly. Remove Spotify from the list of Windows Firewall exceptions by clicking the “Allow a program or feature through Windows Firewall” button and then the “Change settings” button. Uncheck the network boxes next to the Spotify.exe entries. Alternatively, you can select Spotify and choose to remove it from the list.
7. Use the Users and Groups Console to set a temporary password for every employee except the “CyberPatriot” account (you) and then require each user to reset his or her password at next login. Keep the Cyb3rD3mo! password for the “CyberPatriot” account.
8. Becky’s username is misspelled. Use the User and Groups Console to rename her user account and full name.
9. Use the Users and Groups Console to make sure IT staff (Eric and Nadia), the built-in Administrator account (Alex), and “CyberPatriot” (you) are the only members of the Administrators group.
© 2017 Air Force Association CyberCamp Student Workbook10
Activity 3-1: File Protections Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not described below.
1. Open the Windows 7 Demo Image in VMWare Player and log into the “CyberPatriot” account (password: Cyb3rD3mo!).
2. Set up a regular backup of the department folders on this computer by following these instructions:
1. Navigate to the Backup and Restore menu in Control Panel.
2. Click the “Change settings” link in the right portion of the menu.
3. Select the DVD or CD Drive as your Backup Destination. Click “Next”.
4. Select “Let me choose” and click “Next”.
5. Uncheck all of the boxes in the Data Files section
6. Expand the OS (C:) drive and check the boxes next to the Finance, Human Resources, IT, Legal, and Marketing folders. These should be the only folders checked.
7. Click “Next”.
8. Click the “Change schedule” link and change the backup time to Fridays at 6:00 PM.
9. Click “Save settings and run backup.” Note that since your computer does not have a blank CD or DVD drive in it, you will get an error message. However, although this backup cannot be completed, your settings for automatic backups will remain. If you had a blank CD, DVD, or USB drive, you would need only insert in your computer every Friday before 6:00pm, and Windows would automatically save a backup to it.
3. As the company’s legal counsel, Becky should have Full Control permission to the Legal folder and its child objects. Administrators (IT staff) should also have Full Control permission, but all other users should not have permissions. Apply these permissions.
4. The company’s CEO is preparing to brief the board of directors. He would like you to email him all of the company’s Annual Financial Reports. The files are too large to send by email as is, so use 7-Zip to create a zipped folder containing all of the reports. Encrypt the folder with the password 3Broom$st1cks.
5. Becky is preparing to defend the company in a wrongful termination suit filed by Iso. Give her Read access to the Employee Incident Reports folder.
© 2017 Air Force Association CyberCamp Student Workbook11
Activity 3-2: Intermediate Security Tools Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not described below.
1. Open the Windows 7 Demo Image in VMWare Player and log into the “CyberPatriot” account (password: Cyb3rpD3mo!).
2. Use Task Manager to disable the Telnet service.
3. Navigate to the Audit Policy menu (Control Panel > System and Security > Administrative Tools > Local Security Policy > Local Policies > Audit Policy) and enable Success and Failure auditing for account logon events, account management, logon events, policy change, process tracking, and system events.
4. If you have not guessed already, the Severe Weather Alerts pop-up is a piece of malware. Use Task Manager to disable the SevereWeatherAlerts.exe process running on the system. Then, open My Computer and search for files containing “severe weather”. Delete all of the files in the search result.
5. Share the System Files folder with Joseph (right-click the folder, select Properties, click the Sharing tab, and then click the Share button). In the File Sharing menu that pops-up, add Joseph and give him “Read/Write Permissions”.
6. View all the folders and drives currently being shared on the system by clicking Control Panel > Administrative Tools > Computer Management. After you have opened the Computer Management menu, double-click the “Shared Folders” icon on the left and then click the “Shares” folder. Revoke Joseph’s access to the System Files folder by right-clicking it and selecting “Stop Sharing”.
© 2017 Air Force Association CyberCamp Student Workbook12
Activity 3-3: Checklist Challenge
Instructions: Discuss what you have learned the last few days with your team and use your notes to create a standard checklist for securing a computer system. Describe how and why you would enforce each security setting in your checklist. Additional worksheet space is provide on the two next page.
e.g. Step: __Turn on Windows Firewall______________________________________________
Why: Firewalls filter incoming data packets, blocking data from the Internet that has irregularities or might bemalware.__________________________________________________________________________________
How: Control Panel > System and Security > Windows Firewall > Turn Firewall on or off. Turn firewalls on for all network types and enable notifications for when Windows Firewall blocks a program._________________
1. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
2. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
3. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
4. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook13
Activity 3-3: Checklist Challenge (cont.)
5. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
6. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
7. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
8. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
9. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook14
Activity 3-3: Checklist Challenge (cont.)
10. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
11. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
12. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
13. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
14. Step:_____________________________________________________________________________
Why:_____________________________________________________________________________
_________________________________________________________________________________
How:_____________________________________________________________________________
_________________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook15
Activity 4-1: Linux Familiarization Lab
Part 1 Instructions: Complete the tasks listed below in your Ubuntu Demo Image and answer the questions in order. Do not edit the image in any way not listed below.
1. Open the Ubuntu Demo Image in VMWare Player and log into the CyberPatriot account (password: CyberPatriot!)
2. Find Ubuntu Software Center in the menu on the left of the desktop. Open the program and search for gufw. Click Firewall Configuration and install the program. Note: you will be prompted for a password when you start the install. The password is “CyberPatriot!” (without the quotation marks).
3. Look at the reviews for this program by clicking More Info (the description) under gufw in the Software Center and scrolling down to the reviews section. Do you think that this software is both safe and useful?
___________________________________________________________________________
4. In the menu on the left of the desktop, open the program called LibreOffice Impress. What Microsoft Office program does this remind you of?
___________________________________________________________________________
5. Personalize the desktop background with one of the other available wallpapers that come with Ubuntu. Click on the System Settings icon in the menu to the left. Click on Appearance and select a wallpaper. Change back to the CP Demo background using the same steps (CP background is under the drop down box, Pictures folder).
6. Inside the file browser (second icon down), double-click the file labeled 4.mp3 in your Music folder. (Please pause playback immediately in order to limit classroom disruption.) What program opened when you double clicked the music file? (Hint: What icon do you see that’s new on the left hand side?)
___________________________________________________________________________
7. To stop playback do NOT close the window. Instead, move your mouse over the panel at the top of the screen, when you do a menu will appear. After this menu appears choose FileClose.
8. Create a new folder called Math! in the home directory. Double-click on the Files icon in the menu to the left. Right-click in the open white space and choose New Folder. Rename Untitled Folder to Math!
9. Find out where Infinity is located. Open a Terminal and type locate infinity. Use the Search Your Computer Icon to open a Terminal. Answer will follow this setup: /____/_____/______/
________________________________________________________________________________
10. Inside the Files icon, click on Computer on the left hand side. After clicking on Computer, click on the file folder labeled root. Why can’t you access this folder? Is it because you are not authorized or not authenticated?
___________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook16
Activity 4-2: Linux GUI Security Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not described below.
1. Open the Ubuntu Demo Image in VMWare Player and log into the CyberPatriot account (password: CyberPatriot!)
2. Navigate to the Software & Updates settings. Click on the System Settings icon and then click on the Software & Updates tab. Then click Update tab. Check the check box indicating you want Ubuntu to install updates from Important security updates. You'll will be asked for the password to authenticate.
3. Usually you want to select Recommended updates, but we’re going to try and save time and bandwidth, so leave Recommended updates unchecked for now.
4. Configure Ubuntu to automatically check for updates daily. Check for updates daily by changing Automatically check for Updates from Never to Daily.
5. Close the Software & Updates settings window and Reload the information about available software when prompted. This may take a few moments.
6. Open the Software Updater (use Search Your Computer to find). To select individual packages to update, click the text Details of updates. Check only the update for Firefox Web Browser by unchecking the Security updates box, then selecting Firefox Web Browser. and click Install Now. You'll will be asked for the password to authenticate
7. The user euler is at least 2.71828 times more knowledgeable of cybersecurity principles than khayyam. Make euler an Administrator and make Khayyam a Standard user. Do this by going to System Settings> User Accounts, then find the account. Unlock to change the settings (you will need to use the password to authenticate). Click Account type and change to appropriate account type.
8. The user winkle is not an authorized user. Delete her account. Highlight name and click the – (minus) sign. Do you want to keep the files?
9. The user gauss has been temporarily suspended from his position. Disable his account so that he cannot log in. Ensure that the account has been disabled by logging out (top right hand side of the Ubuntu image, click the last icon and select Log Out). Then try to log in as gauss using his password “password”.
10. Log back in to the CyberPatriot account, re-enable the account gauss, and give him a new, stronger password.
11. The users on this computer want to set up a TeamSpeak 3 server to communicate with their other math friends. However, TeamSpeak 3 is currently blocked by UFW. Go into the firewall settings and allow the program. Do this by clicking the Firewall Configuration icon, authenticate to create change to firewall. Then click Rules>click + (Add Rule)> Application> find TeamSpeak3. The Policy should Allow, click Add. You will now see that TeamSpeak3 has been added to the firewall list.
© 2017 Air Force Association CyberCamp Student Workbook17
Activity 4-3: Linux Command Line Lab I
Instructions: Type each of the following commands in order into the command line (terminal). What is the output of the final command of each sequence? Follow the example below – spaces do matter!
Commands
a) cd type into the terminal cd, hit enter
b) pwd type into the terminal pwd, hit enter
Result: /home/cyberpatriot
1. Commands:
a) cd
b) cd ..
c) pwd
Result:_____________________________________________________________________
2. Commands:
a) cd
b) cp Music/4.mp3 test
c) file test
Result:_____________________________________________________________________
3. Commands:
a) cd
b) cat Documents/hamilton.txt
Result:_____________________________________________________________________
4. Commands:
a) cd
b) cat Documents/hamilton.txt > test
c) file test
Result:_____________________________________________________________________
Go to the next page.
© 2017 Air Force Association CyberCamp Student Workbook18
Activity 4-3: Linux Command Line Lab I
Instructions: Use the command line commands you have learned so far to help answer the following questions.
1. According to the manual for the command touch, the -c option does what?
Answer:________________________________________________________________
2. According to the manual for the command rm, the -R option does what?
Answer:________________________________________________________________
3. What type of an image is the file Pictures/escher? (i.e. PNG,GIF,JPEG,BMP)
Answer:________________________________________________________________
4. What is the PDF document version of the file Documents/Nutcracker.pdf?
Answer:________________________________________________________________
5. What is the text contained in the file Documents/strogatz.txt?
Answer:________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook19
Activity 4-4: Linux Command Line Lab II
Instructions: Use the command line commands you have learned so far to help answer the following questions. Hint: Presentation slides 33 & 34 may help.
1. Which user has a User ID of 1018?
Answer:________________________________________________________________
2. Hypatia changed her login shell, what is it currently set to?
Answer:________________________________________________________________
3. What is the “Group ID” of the sambashare group?
Answer:________________________________________________________________
4. Which users are members of the geometry group?
Answer:________________________________________________________________
5. Which user owns the file Documents/einstein.txt?
Answer:________________________________________________________________
6. Which group does the file Documents/1812.pdf belong to?
Answer:________________________________________________________________
7. Who has been granted permission to read the file Documents/1812.pdf?
Answer:________________________________________________________________
8. Who has been granted permission to write to the file Documents/1812.pdf?
Answer:________________________________________________________________
9. There is a hidden folder in your home directory that is owned by the user lovelace. What is the name of that directory?
Answer:________________________________________________________________
Go to the next page.
© 2017 Air Force Association CyberCamp Student Workbook20
Activity 4-4: Linux Command Line Lab II
Instructions: Hone your command line skills by completing the following actions using only the command line.
1. A new employee joined your office of mathematicians. Create a new user account named hilbert.
2. The users hilbert and boole work together on a team. Create a new group for their team named logic.
3. Add the users boole and hilbert to the logic group.
4. The user cooper is not an authorized user. Remove this account from the computer.
5. Change the group for the file Documents/euler.txt to calculus.
6. Some of your users want to access this computer remotely. Install the OpenSSH Server. The OpenSSH Sever package name is “openssh-server”
7. Chebyshev informed you that there is an unauthorized password cracker installed. Remove the prohibited software package “lcrack”
© 2017 Air Force Association CyberCamp Student Workbook21
Activity 4-5: Intermediate Ubuntu Security Lab
Instructions: Complete the tasks listed below in order. Do not edit the image in any way not described below.
1. Open the Ubuntu Demo Image in VMWare Player and log into the cyberpatriot account (password: CyberPatriot!)
2. These mathematicians are very hard to please. They want the password age policy figures to be palindrome numbers (numbers that are the same written forwards or backwards). Change the maximum password duration to 99 and the minimum password duration to 11. While you’re at it, change the password change warning duration to 8.
3. Use System Log to look at the dpkg.log file. List some of the most recently installed programs.
________________________________________________________________________
4. Use System Log to examine the bottom of the auth.log file. Do not close this window.
5. In a terminal, as the cyberpatriot user, type the command su and press Enter. You will be prompted for a password, but don’t type anything and press Enter. You should see a new failed authentication attempt at the bottom of the auth.log. What information is present about your failed login attempt next to the line pam_unix(su:auth): ?
________________________________________________________________________
6. Apache is currently installed and running on this computer. Use bum to disable the apache2service.
© 2017 Air Force Association CyberCamp Student Workbookii
Student Post-survey
Thank you for filing out the Student Post-survey. This survey should take about 5-10 minutes to complete.
Your valuable feedback helps CyberPatriot improve your camp experience! We hope to see you compete in the CP-X in the fall. Have a terrific summer of cyber!
2017 Post-survey
https://goo.gl/P955hw
© 2017 Air Force Association CyberCamp Student Workbook
Notes
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook
Notes
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook
Notes
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook
Notes
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
© 2017 Air Force Association CyberCamp Student Workbook
Notes
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
For more information on how to
participate in the CyberPatriot
National Youth Cyber Defense Competition,
visit wwww.uscyberpatriot.org
or contact [email protected] to join our
mailing list.
SECURING NETWORKS, SECURING FUTURES
Top Related