• To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!

Seeking Suggestions for Enhancing Student Engagement in Security+ Class

Jump to latest Follow Reply
M

M. Shehata

Member
Aug 7, 2024
8
1
620
#1
Greetings,
I am preparing to start a new class for the Security+ certification and would like to ensure that students remain engaged, active, and participative throughout the course. While I am aware that there are labs included in the course materials, I am curious if you might have recommendations for additional ideas, tools, websites, or hands-on activities that could further enhance student involvement and enjoyment during the class.

Your advice or suggestions would be greatly appreciated.
 
Sort by date Sort by votes
#2
Welcome M.Shehata!

I'm a big fan of active learning and always try to use different techniques to make sure my learners are and stay engaged. I try to mix up my methods offering some from within a lesson and others at end of a lesson. For the Security+ course a couple of ideas might be:
  • Ask students to connect topics back to the CIA triad (Confidentiality, Integrity, and Availability),
  • Ask the students to connect methods back to the Security Controls (categories and functional controls), and
  • Something I call 'Where have we seen this before?' where learners connect topics (important to mastering compare and contrast questions).
I do demos using basic OS installed tools (Windows Event Viewer) and web browsers (examine the CompTIA.org site certificate in Chrome). I take students to the NVD to investigate CVEs and to the FIRST.org site to see a CVSS calculator.

I caution about using too many tools or visiting too many websites. Adult learners can only recall for or five things in a day. If you try to do too much in one day they may not be able to recall the topic the next day (but they may remember the site or the tool).

As far as learners hands on activities in Security+ I stay with the PBQs and Labs in CertMaster. I may walk through the Exploring the Lab exercise with a class but if it's not a bootcamp and time allows I try to organize small teams to complete a lab and then present it to the class. I use teams because if one person is leading a demo and goes blank or has a tech issue it becomes awkward and stops the learning for all. In bootcamp courses the students should do the labs on their own time. I try to fit in a walk through of the Vulnerability Assessment and Packet Capture labs.

I hope this helps.

Brian
.
 
  • Like
Reactions: MBA
Upvote 0 Downvote
#3
Hi M. Shehata.

Kudos on choosing the best possible forum for that question. Hope to see you here often. I started training Security+ in June, 2023 and have polished my presentations to keep students engaged. Here are some items that may work for you.

1. Home network scan. When you get to the NMAP section, scan your network, share the results, then have students scan theirs. This could be in class or as homework. Have them record the results and then share them with the class. I am attaching a .PDF of an NMAP scan result that I copied and pasted into MS Word and then made beautiful. I usually introduce this task with "This is a fair and objective request you may see when interviewing for a job. Might as well practice here..." The CIN forum did not let me attach a .DOC :-(
2. Memory leaks. Show that many programs, including web browsers, open multiple processes. The challenge is to make sure all processes clear out of RAM when the user closes the hosting program. I open Task Manager then a) launch Firefox, b) visit https://online-stopwatch.com and c) exit Firefox. Students see how many processes Firefox opens and then see them clear out of memory within 75 seconds. Explain that if any Firefox processes remained up and running, that would be a sign of a memory leak.
3. Take them into AI. They've already chosen a favorite AI LLM. I take them in Perplexity then follow a progression of initial prompt and then a series of follow-ups. An example that is highly appropriate here is a) Tell me about the CIA, b) tell me about the CIA in cybersecurity, c) tell me about the CIA in cybersecurity at a 6th grade reading level... You can experiment with more specific prompts. Everybody pays attention.

Onward and upward.
 

Attachments

  • My Network.pdf
    43.3 KB · Views: 7
Upvote 0 Downvote
#4
M. Shehata said:
Greetings,
I am preparing to start a new class for the Security+ certification and would like to ensure that students remain engaged, active, and participative throughout the course. While I am aware that there are labs included in the course materials, I am curious if you might have recommendations for additional ideas, tools, websites, or hands-on activities that could further enhance student involvement and enjoyment during the class.

Your advice or suggestions would be greatly appreciated.
Click to expand...
As with any other courses, don't kill the students with powerpoint slides.

Security+ has lots of interesting topics, and the world has lots of news related to cybersecurity. Merge the two - theory and practical. In that way, the students will get to see the value of what is being discussed - and they get to remember the details more, in my experience.

You also don't need to do the talking for the entire time. There are good PBQs and quizzes in the CompTIA material. Let the students talk between themselves either in pair or in groups - depending on the amount of training time, that is.

The labs are good, only if the instructions are clear enough for the students to follow. So, I do recommend you running the labs yourself, then find the possible pain points for the students, so that in class, you can give an intro spiel about the lab, how it connects to the lesson, and what the students may learn or need to know in doing the lab, i.e. how to use Wazuh for the first time, or how to learn the various options for nmap.

There are heaps of tools and websites for Security+. Too many to identify. I suggest that you create threads for each question or topic that you'd need help with.

In any case, I hope this helps :)
 
  • Like
Reactions: BrianFord
Upvote 0 Downvote
#5
Well, it looks like this has been very well covered. For my contribution to this discussion, I'm going to focus on lecture didactic. Hands on is ALWAYS going to be better for learning, but it's nigh impossible to avoid lecture.

One of my favorite things to do when teaching any class, not just Sec+, is something that @BrianFord alluded to - where have I seen this before. For me, what I like to do is randomly toss a question from "the last module", as I move through a day's worth of material. So, for example, let's say I spent an hour or so talking about basic cryptography and now I'm, say, going into PKI. About midway into the PKI conversation, I'll toss out a question from basic crypto - just to see if they are short-term retaining things.

The human brain requires about seven exposures to the same information, and in different methods, such as visual, auditory, or kinesthetic, in order to process it into long term storage. Further, it has to connect to something that the student already knows, which creates that neurological connection.

I've also been known, in classroom situations, to toss candy for correct answers. It's amazing how much an incentive a tiny treat like that can have.

At the end of the day (although hardly the end of the conversation), it's all about engaging the student in a two-way fashion, not just the ol' sage-on-the-stage, when lecturing. Feedback and questioning, engaging the learners directly will do a lot to engage them.

/r
 
  • Like
Reactions: BrianFord
Upvote 0 Downvote
#6
Looks like a good bit has been covered already. I'll add that I throw in some YouTube videos relevant to the topics that we're discussing. Sometimes it's a video I created (for instance showing how a ping flood works using a virtual machine) while other times it's one by someone else. And it all depends on the audience as to which video(s) I may show. Another example of a video is a Wired journalist driving a Jeep Cherokee down the highway while two people hack it remotely over the cellular network. It's a great example of how everything is becoming Internet connected and vulnerabilities are everywhere. I also try and throw in some dry humor. For instance - the "S" in IOT stands for Security. (Don't remember where I heard that one, but I can't take credit for coming up with it. I just relay it to the class and it usually gets a few laughs or snickers.)
 
Upvote 0 Downvote
#7
BrianFord said:
Welcome M.Shehata!

I'm a big fan of active learning and always try to use different techniques to make sure my learners are and stay engaged. I try to mix up my methods offering some from within a lesson and others at end of a lesson. For the Security+ course a couple of ideas might be:
  • Ask students to connect topics back to the CIA triad (Confidentiality, Integrity, and Availability),
  • Ask the students to connect methods back to the Security Controls (categories and functional controls), and
  • Something I call 'Where have we seen this before?' where learners connect topics (important to mastering compare and contrast questions).
I do demos using basic OS installed tools (Windows Event Viewer) and web browsers (examine the CompTIA.org site certificate in Chrome). I take students to the NVD to investigate CVEs and to the FIRST.org site to see a CVSS calculator.

I caution about using too many tools or visiting too many websites. Adult learners can only recall for or five things in a day. If you try to do too much in one day they may not be able to recall the topic the next day (but they may remember the site or the tool).

As far as learners hands on activities in Security+ I stay with the PBQs and Labs in CertMaster. I may walk through the Exploring the Lab exercise with a class but if it's not a bootcamp and time allows I try to organize small teams to complete a lab and then present it to the class. I use teams because if one person is leading a demo and goes blank or has a tech issue it becomes awkward and stops the learning for all. In bootcamp courses the students should do the labs on their own time. I try to fit in a walk through of the Vulnerability Assessment and Packet Capture labs.

I hope this helps.

Brian
.
Click to expand...
Dear Brian,
Thank you for the great suggestions! I really like the idea of connecting topics to the CIA triad and Security Controls, and your hands-on approach sounds like a great way to keep students engaged.
Do you have any specific recommendations for engaging activities or labs that work well for the Vulnerability Assessment or Packet Capture labs?

Thanks again!
M. Shehata
 
Upvote 0 Downvote
#8
Mark Anthony Germanos said:
Hi M. Shehata.

Kudos on choosing the best possible forum for that question. Hope to see you here often. I started training Security+ in June, 2023 and have polished my presentations to keep students engaged. Here are some items that may work for you.

1. Home network scan. When you get to the NMAP section, scan your network, share the results, then have students scan theirs. This could be in class or as homework. Have them record the results and then share them with the class. I am attaching a .PDF of an NMAP scan result that I copied and pasted into MS Word and then made beautiful. I usually introduce this task with "This is a fair and objective request you may see when interviewing for a job. Might as well practice here..." The CIN forum did not let me attach a .DOC :-(
2. Memory leaks. Show that many programs, including web browsers, open multiple processes. The challenge is to make sure all processes clear out of RAM when the user closes the hosting program. I open Task Manager then a) launch Firefox, b) visit https://online-stopwatch.com and c) exit Firefox. Students see how many processes Firefox opens and then see them clear out of memory within 75 seconds. Explain that if any Firefox processes remained up and running, that would be a sign of a memory leak.
3. Take them into AI. They've already chosen a favorite AI LLM. I take them in Perplexity then follow a progression of initial prompt and then a series of follow-ups. An example that is highly appropriate here is a) Tell me about the CIA, b) tell me about the CIA in cybersecurity, c) tell me about the CIA in cybersecurity at a 6th grade reading level... You can experiment with more specific prompts. Everybody pays attention.

Onward and upward.
Click to expand...
Hi Mark,

Thank you so much for your suggestions and the attached file! Using NMAP to scan home networks is practical and engaging, and the memory leak demo simplifies complex concepts greatly. The AI progression for explaining the CIA triad is innovative and captivating. I’m eager to incorporate these ideas into my class.

Do you have tips for managing these activities within limited class time without overwhelming students?

I appreciate it.
M. Shehata
 
Upvote 0 Downvote
#9
jarrelrivera said:
As with any other courses, don't kill the students with powerpoint slides.

Security+ has lots of interesting topics, and the world has lots of news related to cybersecurity. Merge the two - theory and practical. In that way, the students will get to see the value of what is being discussed - and they get to remember the details more, in my experience.

You also don't need to do the talking for the entire time. There are good PBQs and quizzes in the CompTIA material. Let the students talk between themselves either in pair or in groups - depending on the amount of training time, that is.

The labs are good, only if the instructions are clear enough for the students to follow. So, I do recommend you running the labs yourself, then find the possible pain points for the students, so that in class, you can give an intro spiel about the lab, how it connects to the lesson, and what the students may learn or need to know in doing the lab, i.e. how to use Wazuh for the first time, or how to learn the various options for nmap.

There are heaps of tools and websites for Security+. Too many to identify. I suggest that you create threads for each question or topic that you'd need help with.

In any case, I hope this helps :)
Click to expand...
Hi Jarrel,
Sure that it helps a lot. Thank you so much! Your advice is incredibly helpful. I completely agree that combining theory with real-world examples and engaging students in discussions is essential. That's exactly why I'm here—to seek suggestions based on your experiences.

I appreciate it.
M.Shehata
 
  • Like
Reactions: jarrelrivera
Upvote 0 Downvote
#10
Rick Butler said:
Well, it looks like this has been very well covered. For my contribution to this discussion, I'm going to focus on lecture didactic. Hands on is ALWAYS going to be better for learning, but it's nigh impossible to avoid lecture.

One of my favorite things to do when teaching any class, not just Sec+, is something that @BrianFord alluded to - where have I seen this before. For me, what I like to do is randomly toss a question from "the last module", as I move through a day's worth of material. So, for example, let's say I spent an hour or so talking about basic cryptography and now I'm, say, going into PKI. About midway into the PKI conversation, I'll toss out a question from basic crypto - just to see if they are short-term retaining things.

The human brain requires about seven exposures to the same information, and in different methods, such as visual, auditory, or kinesthetic, in order to process it into long term storage. Further, it has to connect to something that the student already knows, which creates that neurological connection.

I've also been known, in classroom situations, to toss candy for correct answers. It's amazing how much an incentive a tiny treat like that can have.

At the end of the day (although hardly the end of the conversation), it's all about engaging the student in a two-way fashion, not just the ol' sage-on-the-stage, when lecturing. Feedback and questioning, engaging the learners directly will do a lot to engage them.

/r
Click to expand...
Hey Rick,

This is awesome, thanks for sharing! I really like the idea of revisiting earlier topics during the lesson to reinforce retention. Yes, for the toss candy, I use that sometimes.

My question is: when you're diving into the heavier stuff in Security+, how do you make sure it doesn’t feel like a lecture marathon, especially with concepts that can be pretty dense?

Thank you!

M.Shehata
 
Upvote 0 Downvote
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu