Re: Information Security Classes on the campus network

["Mclaughlin, Kevin (mclaugkl)" <mclaugkl () UCMAIL UC EDU>]

Hi Rob:

We have the college setup and maintain a self contained network for the courses to use.  As part of the course we 
actually have a Cyber Wargame at the end that lasts half a day long and a member of my Information Security team leads 
the Red team and another member of my team leads the Blue team.  This runs from 10-3 and we buy pizza for the students. 
   ½ the students defend and ½ the students attack pre-set machines that are attached to the self contained network.

To get some basic equipment for the creation of the network I was able to go to my local CISCO rep about 6 years ago 
and got them to donate the router and some switches.   That worked out well but getting the legal donation agreement 
completed was more challenging than I expected it to be.

- Kevin


Kevin L. McLaughlin,  CISM, CISSP, GIAC-GSLC, CRISC, PMP, ITIL Master Certified
Assistant Vice President, Information Security & Special Projects
University of Cincinnati
513-556-9177

The University of Cincinnati is one of America's top public research institutions and the region's largest employer, 
with a student population of more than 41,000.

[cid:image001.gif@01CC76BC.7FCD6C40]

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Weaver, 
Rob
Sent: Monday, September 19, 2011 10:50 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Information Security Classes on the campus network

I am curious how others are handling Information Security courses that want to run password auditors, packet sniffers, 
port scanners, and vulnerability scanners against the production network as part of their assignments.

Thanks for your input...

-Rob