AP Cybersecurity Unit 1 Lesson 4 Exercise 1

AP Cybersecurity — Unit 1, Topic 1.4

Exercise 1: AI Attack Classification Lab

Classify AI-based attack techniques, analyze a phishing email log for adversarial patterns, and recommend defenses. The three skills tested most on the AP exam for Topic 1.4.

Skills 1.A, 1.B ~30–40 min • 3 Parts • 24 pts
Progress: 0 / 3 Parts Complete 0 / 24 pts
Part 1
AI Attack Classification (12 pts)
12 pts

Below are four AI-assisted attacks Maple Street Veterinary Clinic’s staff encountered. For each one, identify the AI technique used and the psychological tactic the attacker deployed.

Incident A

The clinic’s office manager, Sarah, received an email appearing to come from Dr. Martinez (the clinic owner). The email referenced a real patient case they had discussed that morning, Sarah’s exact role, and a pending vendor invoice. It requested she approve a $3,400 wire transfer to a new account. The sender’s email address had one letter different from Dr. Martinez’s real address.

AI technique used:

Psychological tactic:

Incident B

A veterinary technician named Carlos received a phone call from what sounded exactly like his father, saying he was in a car accident, needed bail money immediately, and asked Carlos to wire $1,800 to an account. Carlos almost complied before calling his father’s cell phone directly and confirming his father was safe at home.

AI technique used:

What would have happened without out-of-band verification?

Incident C

The clinic received 847 emails in one week from different sender addresses, all with slightly different subject lines, all promoting the same fraudulent medical supplier. Traditional keyword filters blocked the first 200; the remaining 647 had been automatically rewritten by an AI tool to avoid the specific phrases that triggered the filter.

Which AI capability enabled this attack to evade filters?

This is an example of:

Incident D

A security researcher found that an AI tool scanning for SQL injection vulnerabilities could also be used by attackers to automatically scan Maple Street’s patient portal for weaknesses. The same tool the clinic uses for defense was used offensively to map attack surfaces.

What does this demonstrate about AI security tools?

Part 2
Phishing Log Analysis (6 pts)
6 pts

Maple Street Veterinary Clinic has installed a basic email security system. Review the following email log from the past week and answer the questions.

# Date/Time Sender Domain Subject AI Phishing Score Action
1 2026-03-10 08:22:14 vetsupp1y.com Your Order #8872 has shipped 0.12 Delivered
2 2026-03-10 09:45:02 paypa1.com Urgent: Account access restricted 0.94 Quarantined
3 2026-03-11 02:17:33 dhl-delivery-notif.net Package held: confirm address 0.87 Quarantined
4 2026-03-11 14:02:18 maple-street-vet.com Re: Tuesday patient roster 0.08 Delivered
5 2026-03-12 11:33:44 vetsupply.com Invoice #4421 - March order 0.19 Delivered
6 2026-03-12 22:58:01 accounts-payabIe-dept.net Wire confirmation needed - Dr. Martinez 0.61 Delivered
7 2026-03-13 08:14:55 microsoft-secur1ty.com Your account has been compromised 0.96 Quarantined
8 2026-03-13 13:45:22 gmail.com Vet conference registration reminder 0.09 Delivered

1. Which delivered email (not quarantined) is MOST suspicious and should be investigated immediately? Why? (2 pts)

2. The AI phishing filter scored email #6 at 0.61 but delivered it. What does this suggest about the attacker's technique? (2 pts)

3. What threshold change and additional control would best address the gap shown by email #6? (2 pts)

Part 3
Defense Recommendations (6 pts)
6 pts

The clinic wants to defend against the AI-based attacks in this exercise. Recommend specific controls for each scenario.

Scenario 1 (Business Email Compromise): The clinic received a wire transfer request that appeared to come from Dr. Martinez. List TWO specific controls that would prevent this attack from succeeding. (2 pts)

Scenario 2 (Voice Cloning Defense): List the single MOST important protection against voice cloning scams, and explain why it works even when the voice sounds completely authentic. (2 pts)

Scenario 3 (AI Arms Race): The clinic's email filter blocked 200 AI-evading phishing emails but the attacker's AI kept rewriting them. Describe TWO approaches that would help the defense stay ahead. (2 pts)

✎ AP Exam Tip

For any AI-based attack on the AP exam: identify (1) what AI capability was used to make the attack more effective, (2) what defense would have stopped it, and (3) whether human oversight was part of the solution. Business Email Compromise with AI personalization = out-of-band verification. Voice cloning = verify via known contact number. Filter evasion = add human review layer + model retraining.

AP Cybersecurity · Unit 1 · Lesson 1.4 · Exercise 1
LessonExercise 1LabQuiz

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]