I had the privilege of sharing some of my experiences on how I conduct my networking and cybersecurity classes online to other IT Educators in a recent webinar hosted by the Philippine Commission on Higher Education (CHED).

Regardless of the Learning Management System (LMS) used by the school, technical subjects like networking and cybersecurity are different because of the need to have a working laboratory to have a complete grasp of the courses. LMS provides storage, collaboration, insights, engagement automation of quizzes. But creating a laboratory might be challenging.

How do I do it online and offline?

• Search for useful and informative references – Aside from the references that are included in the syllabus, I also add a lot of helpful links, videos, and PDF files that I find relevant for the course. I try to relate it in every module so that students will be provided help in their studies.
• Customize slides for the class to meet learning objectives – I create my slides for 2 reasons: First, there is so much information out there that cannot be put in a single material. It is important to choose the most important ones and guide students to relate the materials to the other references. For example. if the topic is network architecture, I’ll just discuss the components of it and provide them references on example implementations/practices for each component. They will be given a list of references that can check but the important thing is that the core concepts are properly discussed. Second, publicly available slides from vendors tend to promote their products. I try to make my materials as vendor-neutral as possible and let the students choose which they prefer. In the end, we don’t like students to be exposed to a single brand and then work on a company that uses another brand.
• Record short lectures to set the context – I also do video recordings of lectures to help explain technical concepts in a way that students will be able to understand easier. Theories are very important because they will be used in any industry or scenario that you may encounter. Another objective is to provide an industrial touch to the discussion. As an industry practitioner, I know that some of the concepts discussed in books are idealistic but some are impractical in the real world. I try to balance both by providing industry insights and let the students make their analysis.
• Create Virtual Machines (VMs) that students can use to run the tools and exercises, anytime and anywhere. – An important aspect of technical classes is lab exercises. For networking and cybersecurity classes, I create my own VMs that contain the tools, environment, programs that students will need to practice what they learned in the lectures. I set up a web server in one VM and the attack tools on another. The good thing about it is that students will be able to try various ways of accomplishing the exercises in their own time. And if it fails, then they can just delete the current VM and load a new one in an instant.

Rubrics

I try to make the course very straightforward to students especially the expected outputs and outcomes. Here are the grading components I use for the online classes

• Learning Log – The learning log is sort of a feedback mechanism from the students. It gives them a venue to speak what is in their mind since not everyone is given time to share in class. Usually, they share their thoughts about the lesson and other things that they observe/experience. They also provide feedback on whether their groupmates are working or if they are having problems with the lesson. The only add-on work for the instructor is to have time to read and respond to these learning logs.
• Lab Exercise – The lab exercises will validate whether you can use the tools given a specific scenario in a practical sense. The good thing about a lab exercise that is in a VM with a plethora of tools is that there are many ways to achieve the objective. Everything will be based on the strategy of the students.
• Case Analysis – The usual problem for technical people is that they are tool-centric. They are well-versed on how to use the tools and their features. However, the usual problem is deciding when to use them. The case analysis portion helps students analyze various cases so that they will carefully think about how they will resolve the problem methodically.
• Exam – Of course, the course will not be complete without an assessment. I usually create an objective multiple-choice exam to check if they know the theories and terms discussed. At the same time, they will also be asked situational questions to check how they will analyze and resolve issues. I try to simulate how IT certification exams work since they will be taking some in the future.

Sample Lesson

On the usual lesson, I start with a question to get their attention and interest. Afterward, there will be a discussion and/or debate. For example, What web application attack is the fastest to exploit and difficult to detect? The answer may vary but what I want to discuss is Session Management. But the question will make the students think and spark sharing, discussion, and debate.

Then I go to the discussion proper. I’ll explain the issues on session management and its best practices when developing a web application etc. Afterward, we do lab exercises and simulate how to check the strength of session ID’s and how to exploit them if found to be weak.

Lastly, we then analyze real-world cases of the organization that has applications with poor session management. We’ll do a root cause analysis and provide recommendations on how to fix the issues.

This is just a sample order of instruction that I find helpful for students in their distance education.

Good Course References

• Cybrary
• Peerlyst
• SANS Reading Room
• Cisco Networking Academy
• OWASP