MHS CyberPatriot Pages

Where to Start Learning

Here is the non-official CyberPatriot Discord where you can find help from the community.

https://cypat.guide/guide and https://cyberstudents.net are written by me(Marc) as well as some other people in the community and covers some of the content mentioned here. Note that these are currently not released yet, sorry. You can learn about general cybersecurity through try hack me or through just a book. You can then practice those skills with CTFs and the CyberPatriot competition. Official practice images are easier than the real ones, so keep that in mind. For Cisco, all you really need is the netacad course and maybe some supplementary material such as Jeremy's it lab.

The list below provides some of the curriculum of CyberPatriot. You can practice these skills in the official practice images as well as the MHS image spreadsheet.

Official Training Modules

Nine Units worth of training materials on www.uscyberpatriot.org covering:

  • Introduction to CyberPatriot and Cybersecurity
  • Introduction to Online Safety & Cyber Ethics
  • Principles of Cybersecurity
  • Computer Basics and Virtualization
  • Microsoft Windows Basics & Security Tools
  • Microsoft Windows Security Configuration
  • Introduction to Linux and Ubuntu

Windows

Account Security and Management

  • Password Policy: Defining password complexity, length, expiration, history, and hashing algorithms.
  • Account Lockout: Configuring duration, threshold, administrative privileges, and reset procedures.
  • User Account Management: Creating, modifying, and disabling user accounts; managing groups and access privileges.

Application Security and Updates

  • Application Updates: Using Winget, Ninite, Chocolatey, or built-in updaters.
  • Software Installation Control: Using group policy to prevent unauthorized applications.
  • Application Hardening: Enabling secure settings for browsers and auditing addons.
  • Service Hardening: Disabling unnecessary services (RDP, SMB, Print, WinRM, etc.).

Operating System Hardening and Updates

  • Windows Updates: Applying critical updates and security patches.
  • System Hardening: Configuring security options, group policies, and security templates.
  • Logging & Monitoring: Using Event Log audit policies and Sysmon from Sysinternals.
  • Endpoint Protection: Configuring firewall rules and using BitLocker encryption.

Software/Malware Detection and Removal

  • Identifying and removing backdoors, keyloggers, and rootkits using antivirus and Sysinternals tools (procmon, procexp, autoruns).
  • Detecting prohibited files, unauthorized software, PUPs, and hacking tools.
  • Inspecting Scheduled Tasks and file sharing configurations.
  • Using Local Group Policy Editor and LGPO templates.

Linux

Account Security and Management

  • Password Policy: Configuring PAM (`/etc/pam.d/common-password`) for password length, age, complexity, and hashing algorithms.
  • Account Lockout: Setting lockout duration and threshold.
  • User Account Management: Managing users and groups in `/etc/passwd`, `/etc/shadow`, and `/etc/group`.
  • User Rights: Configuring `sudo` permissions.

Application Security and Updates

  • Package Management: Using `apt`, `yum`, `dnf` for updates.
  • Repository Management: Ensuring secure and correct software sources.
  • Service Hardening: Updating configurations for critical services like SSH, web servers, and FTP servers.

Operating System Hardening and Updates

  • OS Patching: Applying security patches to the kernel and system libraries.
  • Securing System Settings: Configuring file system mount options, system services (X11, Wayland, dbus, polkit).
  • Logging & Monitoring: Implementing `auditd` policies and monitoring `syslog`.
  • Firewall: Configuring rules with `iptables`, `ufw`, or `nftables`.
  • Scheduled Tasks: Auditing `cron`, `at`, and `systemd` timers.

Networking

  • Using NetAcad materials for core concepts.
  • Device Hardening: Limit device access (VTY/console), encrypt passwords.
  • Interface Hardening: Shutdown unused interfaces, disable IP redirects, proxy-arp, and directed-broadcast.
  • Security: Secure routing protocols, disable unnecessary services (e.g., `no ip http server`), configure banners and rate limiting.
  • Infrastructure: Configure logging and secure NTP.