Well, it looks like this has been very well covered. For my contribution to this discussion, I'm going to focus on lecture didactic. Hands on is ALWAYS going to be better for learning, but it's nigh impossible to avoid lecture.
One of my favorite things to do when teaching any class, not just Sec+, is something that
@BrianFord alluded to - where have I seen this before. For me, what I like to do is randomly toss a question from "the last module", as I move through a day's worth of material. So, for example, let's say I spent an hour or so talking about basic cryptography and now I'm, say, going into PKI. About midway into the PKI conversation, I'll toss out a question from basic crypto - just to see if they are short-term retaining things.
The human brain requires about seven exposures to the same information, and in different methods, such as visual, auditory, or kinesthetic, in order to process it into long term storage. Further, it has to connect to something that the student already knows, which creates that neurological connection.
I've also been known, in classroom situations, to toss candy for correct answers. It's amazing how much an incentive a tiny treat like that can have.
At the end of the day (although hardly the end of the conversation), it's all about engaging the student in a two-way fashion, not just the ol' sage-on-the-stage, when lecturing. Feedback and questioning, engaging the learners directly will do a lot to engage them.
/r