AP Cybersecurity Unit 3 Lesson 6 Lab
Lab — Operation Cipher Sweep: Protocol Security Audit
6 steps, 30 points — Mixed formats: matching, fill-blank, select-all, MCQ, and written analysis
Your team deployed network sensors across Meridian’s corporate office, SCADA operations center, and customer billing portal. You have 48 hours of packet captures revealing FTP credentials in plaintext, unencrypted Modbus commands to substations, HTTP-to-HTTPS redirect vulnerability, and Telnet root access to SCADA servers. Audit all findings.
HTTPS wraps HTTP inside a tunnel to encrypt all data between browser and server.
A browser warning that a certificate has expired means the server’s cannot be verified.
An attacker intercepting an HTTP-to-HTTPS redirect to keep the user on the unencrypted site is performing SSL .
The technology that tells browsers to ALWAYS use HTTPS, eliminating the initial HTTP request, is called .
During the TLS handshake, the client and server establish a shared key for encrypting the session.
AP® is a registered trademark of the College Board.
Get in Touch
Whether you're a student, parent, or teacher — I'd love to hear from you.
Just want free AP CS resources?
Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.
Message Sent!
Thanks for reaching out. I'll get back to you within 24 hours.
Prefer email? Reach me directly at [email protected]