Please enable JavaScript to use CodeHS

Teaching Fundamentals of Cybersecurity

Description

In this lesson, students will look under the hood of web sites and web applications by using “view page source” in a browser. This will enable them to see HTML markup for images, navigation, and page layouts, CSS styling, and even JavaScript source code or links to JS files. Students will also view code that has been minified and understand what that means. Lastly, students will also take a first look at OWASP (Open Web Application Security Project) which is an important organization in cybersecurity.

Objective

Students will be able to:

  • Identify major sections of code within the view source of a web page/app
  • Understand the importance of OWASP and how it relates to the field of cybersecurity
Description

In this lesson, students will learn about and use the developer tools in a browser. Web developers actually use these to help build and test websites. Cyber professionals need to be very familiar with the different ways of looking at how sites and apps function so they can use various tools to detect vulnerabilities or even detect attacks as they are starting.

Objective

Students will be able to:

  • Identify major developer tools within the inspect element
  • Explain the major difference between view page source and what is rendered in the inspect tools
  • Explain in general terms what each major tool in the inspect area can show a developer
  • Explain how the developer tools can help web developers build and maintain sites, and how understanding the tools can potentially help cyber professionals who are trying to keep sites and data secure
Description

This lesson provides an overview of what SQL injection is, the impact, how it works, and how hackers use SQL to attack a site. The lesson also has connections on the Equifax cyber attack that was a very large scale SQL injection.

Objective

Students will be able to:

  • Understand and explain what a SQL injection attack is and the ongoing, pervasive impact of SQLi cyber attacks
Description

In this lesson, students will learn about and discuss cross-site scripting (XSS), which is another major OWASP (Open Web Application Security Project) cybersecurity risk.

Objective

Students will be able to:

  • Explain what XSS is, how it works, and what kind of damage can occur from an XSS attack
  • Understand the fundamentals of how XSS attacks are prevented or at least mitigated