AP Cybersecurity Unit 1 Lesson 4 Exercise 2

AP Cybersecurity — Unit 1, Topic 1.4

Exercise 2: Applied AI Attack Analysis

Harder multi-step scenarios: deepfake video analysis, OSINT reconnaissance, and policy-based defenses. AP-level applied reasoning for Topic 1.4.

Skills 1.B, 1.C ~30–40 min • 3 Parts • 24 pts
Progress: 0 / 3 Parts Complete 0 / 24 pts
Part 1
Applied Attack Analysis (12 pts)
12 pts

Review the four scenarios below. For each, identify which AI attack capability was used, what the attacker’s goal was, and whether an out-of-band verification would have helped.

Scenario 1: The CFO Request

A nonprofit’s accounting staff received a video call from their CFO (working remotely) requesting urgent approval of a $47,000 wire transfer. The video showed the CFO speaking clearly, facial expressions matched normal, and the background was her usual home office. The wire was approved. Investigation later found the CFO had never made the call.

AI capability used:

Would out-of-band verification have prevented this?

Scenario 2: The IT Support Call

Employees at a 50-person company received calls from someone who identified himself as “IT support,” sounding exactly like the IT manager they knew. The caller said accounts were being migrated and employees needed to provide their current password for account verification. Eleven employees complied. The IT manager had never made any calls.

Why is this attack MORE dangerous than a traditional impersonation call?

Defense (select the MOST effective):

Scenario 3: The Scanning Attack

A small clinic ran an AI-powered vulnerability scanner to identify weaknesses in their web portal before launch. Three days later, the same vulnerabilities that the scanner identified (but hadn’t been fixed yet) were exploited by an attacker. The scanner findings had been stored unencrypted in a shared folder.

What does this scenario illustrate about AI security tools?

Part 2
OSINT & Spear Phishing Construction (6 pts)
6 pts

The following social media posts are from a target the attacker is researching to build an AI-personalized spear phishing email. Identify what information the attacker can harvest and how it will be used.

Social Media Posts — Target: Alex Chen, Accounts Payable, Riverside Medical Group
March 5 • LinkedIn

Excited to announce I just hit my 3-year work anniversary at Riverside Medical Group! Grateful to work with such an amazing finance team. My manager Sarah M. just got promoted to CFO — so proud! 🎉

March 8 • Twitter/X

Finally got that Q1 vendor reconciliation done! 47 invoices processed. Our new accounting software (Sage 300) makes it SO much easier than the old system. Now if only IT would fix the VPN... 😂

March 10 • LinkedIn

Heading to the Healthcare Finance Summit in Chicago next Tuesday! Anyone else attending? DM me!

1. List THREE specific pieces of information the attacker can use to personalize an attack targeting Alex. (2 pts)

2. The attacker crafts a spear phishing email from Sarah M. (CFO). Which attack scenario is most effective based on this OSINT? (2 pts)

3. Why does Alex need to recognize this threat rather than just relying on email filters to stop it? (2 pts)

Part 3
Scenario Response Analysis (6 pts)
6 pts

The AP exam presents multi-step scenario analysis questions. For each situation, identify the AI attack involved, what made it effective, and what specific control addresses it.

Scenario 1: A company’s CEO sends an urgent message via the company messaging app saying 'I’m in meetings all day, can you process this supplier payment of $18K? I’ll approve formally tomorrow.' The CEO’s account was compromised last week. Which attack type is this and what policy prevents it? (2 pts)

Scenario 2: A school district employee receives a phone call that sounds exactly like the superintendent, asking for the district’s network administrator password for 'an emergency security audit.' The employee has spoken with the superintendent many times and is certain it is her voice. What is the correct response? (2 pts)

Scenario 3: An AI tool scans a hospital's web application code and identifies 12 vulnerabilities. The development team, under deadline pressure, deploys anyway and plans to fix the vulnerabilities 'next sprint.' What is the risk, and what should the team have done? (2 pts)

✎ AP Exam Tip

AI-based attacks on the AP exam always involve THREE elements: (1) an AI capability (voice cloning, deepfake, personalization, filter evasion), (2) a human psychological weakness being exploited (trust in a familiar voice/face, urgency, authority), and (3) a specific defense that addresses the human layer even when the AI deception is perfect. Out-of-band verification defeats voice cloning. Policies defeat pretexting. Human review defeats filter evasion. Know all three for every AI attack type.

AP Cybersecurity · Unit 1 · Lesson 1.4 · Exercise 2
LessonExercise 1Exercise 2Quiz

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]