AP Cybersecurity 1.3: Best Practices for Public Networks

Score0 / 10
📅 Last Updated: June 2026 ~50 min 📚 Lesson 3 of 5 — Unit 1
AP Cybersecurity — Unit 1: Introduction to Security

Topic 1.3: Best Practices for Public Networks

Adversary skill levels and motivations, evil twin attacks, jamming, war driving — and the three specific individual protections every user needs when connecting to public Wi-Fi.

Lesson 3 of 5 ~50 min LO 1.3.A – 1.3.C Skills: Analyze Risk • Mitigate Risk
★ AP Exam Focus — Topic 1.3

• Classify adversaries as low-skilled or high-skilled based on tool origin and vulnerability type — not based on damage caused
• Identify evil twin, jamming, and war driving by mechanism, CIA property violated, and attack phase
• Apply the three individual protections (verify SSID, avoid open networks, VPN) to scenario questions
• Explain why no individual-level protection can stop a jamming attack
• Recognize homoglyph substitution in SSID names as the evil twin detection technique

College Board Essential Knowledge Coverage

Topic 1.3 — What Is Testable

CED Ref Essential Knowledge Covered In
1.3.A.1 Low-skilled adversaries rely on tools created by others; exploit known vulnerabilities. High-skilled adversaries create/modify tools; can discover zero-day vulnerabilities. Section 2
1.3.A.2 Adversary motivations include: greed, recognition, dedication to a cause, revenge, politics, beliefs Section 2
1.3.B.1 Evil twin: adversary sets up WAP with SSID similar/identical to target network; victims unknowingly connect; adversary captures traffic Section 3
1.3.B.2 Jamming: adversary floods area with EM signal in wireless frequency range; prevents legitimate traffic = DoS attack Section 3
1.3.B.3 War driving: adversary detects wireless beacons while mobile to map networks and find signal leakage outside buildings Section 3
1.3.C.1 Verify the wireless network name matches exactly the network you intend to join Section 5
1.3.C.2 Avoid joining unprotected wireless networks (no password/authentication required) Section 5
1.3.C.3 Consider using a VPN, which encrypts all traffic so intercepted data is not immediately readable Section 5

Source: AP Cybersecurity CED, Effective Fall 2026. AP Skills: 1.A Identify threats/attacks • 2.A Identify security controls

♡ Bellringer — 3 Questions, 5 Minutes

Answer independently before the lesson. No notes.

  1. At a coffee shop, you see two networks: “CafeWifi” (requires password) and “CafeWifi_Free” (open). Which is more likely to be an evil twin, and what is the one thing you should do before connecting to either?
  2. An adversary uses a $30 device and freely available software to set up a rogue access point at an airport. A nation-state hacker writes custom zero-day exploit code. Which is low-skilled and which is high-skilled? What distinguishes them?
  3. Your laptop’s Wi-Fi is suddenly unable to connect anywhere in a building, even though other devices connected before you arrived. Name the attack type and explain why this is classified as a DoS attack.

Answers: (1) CafeWifi_Free is more suspicious; ask staff for the exact network name. (2) Rogue AP operator = low-skilled (uses tools created by others); nation-state = high-skilled (creates own tools, discovers zero-days). (3) Jamming — it makes the wireless resource unavailable to authorized users = DoS.

In This Lesson
  • 1.3.1 — Learning Objectives (3 min)
  • 1.3.2 — Adversary Classification (8 min)
  • 1.3.3 — Three Wireless Attack Types (10 min)
  • 1.3.4 — Evil Twin Attacks in Depth (8 min)
Continued
  • 1.3.5 — Individual Protections (8 min)
  • 1.3.6 — Defense Coverage Matrix (5 min)
  • 1.3.7 — Worked Scenarios & CFU (6 min)
  • 1.3.8 — Key Terms & FAQ (4 min)

11.3.1 — Learning Objectives

  • Identify adversary types by skill level (low-skilled vs. high-skilled) and explain how skill level affects risk assessment (1.3.A)
  • Identify and distinguish evil twin, jamming, and war driving attacks — including mechanism, CIA impact, and classification (1.3.B)
  • Apply the three CED individual protections (verify SSID, avoid open networks, use VPN) to wireless threat scenarios (1.3.C)
  • Match each protection to the attack type(s) it addresses and explain why no individual protection stops jamming
  • Analyze a wireless attack scenario and select the correct defense using the CED framework

21.3.2 — Adversary Classification: Skill Levels and Motivations

Before examining specific attacks, you need to understand who conducts them. The CED classifies adversaries along two dimensions: skill level and motivation. Both affect the types of attacks they attempt and the defenses that can stop them.

Low-Skilled
Tool Users
Rely on malicious tools created by others — purchased or downloaded online. The tools they use exploit known vulnerabilities: weaknesses already documented by security researchers. These adversaries do not understand how the tools work at a deep level.
Risk implication: Keeping software patched stops most low-skilled attacks. The same tool deployed by a low-skilled adversary can still cause serious damage.
High-Skilled
Tool Creators
Have the capacity to create or modify malicious tools and adapt them to new defenses. Can discover zero-day vulnerabilities — undocumented flaws the vendor has had zero days to patch.
Risk implication: Patching alone does not stop them. Zero-day exploits bypass fully updated systems. Require layered defenses and behavioral detection.
⚠ AP Exam Trap — Damage ≠ Skill

Skill level is determined by tool origin and vulnerability type, not by the damage caused or the target chosen. A low-skilled adversary deploying a sophisticated tool built by others can cause massive harm. A question describing significant damage does not imply a high-skilled adversary.

Adversary Motivations

The CED (1.3.A.2) identifies six motivations adversaries may have: greed (financial gain), recognition (status, proving skill), dedication to a cause (ideological, political, social), revenge (personal or professional), politics, and beliefs. Understanding motivation helps predict which targets are at risk and how persistent an adversary will be.

Check for UnderstandingSpot the Error
Q 1 of 10

A security instructor states: “An adversary who caused a $2 million ransomware attack must be high-skilled because of the magnitude of damage they caused.” Which statement correctly identifies the error?

AThe instructor is correct — only high-skilled adversaries have access to ransomware capable of causing millions in damage.
BThe instructor is partially correct — a $2 million attack requires at minimum a medium-skilled adversary with some technical knowledge.
CThe instructor is wrong — skill level is determined by whether tools are created or borrowed, not by damage magnitude. A low-skilled adversary deploying ransomware-as-a-service built by others can cause millions in damage without understanding the underlying code.
DThe instructor is wrong — ransomware attacks always originate from state-sponsored groups, which are a separate classification from the CED adversary types.

31.3.3 — Three Wireless Attack Types

Wireless networks transmit data via radio waves that extend beyond physical walls — creating attack opportunities that don’t exist on wired networks. The CED identifies three attacks you must know precisely.

1.3.B.1Evil Twin Attack
An adversary sets up a wireless access point (WAP) with a service set identifier (SSID) similar or identical to a target network. This malicious network is called the evil twin. Victims who connect — often unknowingly, sometimes automatically — have all their traffic flowing through the adversary’s device.
CED Scenario 1C: You’re at Sunshine Coffee. Your friend connects to “Sunshine Wi-Fi.” Minutes later their music stops and they’re locked out of their streaming account. The real network is “Guest Wi-Fi.” An adversary running the evil twin captured login credentials and changed the password.
CIA violated: Confidentiality — traffic including credentials, session tokens, and unencrypted data are exposed to the adversary. Note: The adversary cannot read HTTPS-encrypted traffic, but unencrypted protocols and credential capture at login are vulnerable.
1.3.B.2Jamming Attack
An adversary floods an area with a strong electromagnetic (EM) signal in the same frequency range as the wireless network. This interference prevents legitimate traffic between the access point and users — effectively blocking all wireless communication in the affected area.
A jamming attack is classified as a denial of service (DoS) attack — it makes a resource (the wireless network) unavailable to authorized users. It does not steal data; it disrupts communication entirely. Can be used standalone or to force devices to disconnect from a legitimate network before an evil twin attack.
CIA violated: Availability — systems and services become inaccessible. AP Exam Note: No individual-level protection can stop jamming. It operates at the physical radio layer — software on the user’s device cannot counter it.
1.3.B.3War Driving
Adversaries detect wireless network beacons while driving or walking through an area to map networks, identify encryption types, and find locations where signals extend beyond physical buildings. War driving is passive — no traffic is intercepted or modified.
War driving belongs to the reconnaissance phase of a cyberattack. The adversary is not yet attacking — they are gathering intelligence to plan a more targeted attack: identifying weak encryption, finding access points reachable from outside a building, locating networks without authentication.
CIA violated: None directly — war driving itself does not compromise any CIA property. It enables future attacks that may. Common trap: War driving does not intercept or steal data in transit. Any answer claiming war driving captures live traffic is wrong.
Check for UnderstandingSpot the Error
Q 2 of 10

A student writes: “A jamming attack is when an adversary creates a fake wireless access point to flood a network with traffic, causing a denial of service.” Which part contains an error?

AThe statement incorrectly identifies jamming as causing a denial of service — jamming is actually a data theft attack.
BThe mechanism is wrong — jamming floods an area with EM signals in the wireless frequency range, not by creating a fake access point. Creating a fake access point describes an evil twin attack.
CThe statement incorrectly implies jamming targets a specific network — jamming actually targets individual devices, not networks.
DThe DoS classification is wrong — jamming is correctly classified as a man-in-the-middle attack because the adversary sits between users and the network.
Check for UnderstandingI / II / III
Q 3 of 10

Which of the following statements about wireless attacks are TRUE?

I. An evil twin attack allows an adversary to capture a victim’s network traffic by setting up a WAP with a similar or identical SSID.
II. A jamming attack prevents legitimate wireless communication by flooding an area with EM signals in the wireless frequency range.
III. War driving allows an adversary to modify data on a wireless network by intercepting packets in transit.

AI only
BI and II only
CII and III only
DI, II, and III
Check for UnderstandingMatching
Q 4 of 10

Match each scenario to the wireless attack type it describes.

Click a scenario on the left, then click the attack type on the right. Click a matched pair to undo it.
Scenarios
1An adversary drives through an office park with a laptop, recording SSIDs, encryption types, and signal coverage areas for each building.
2An adversary sets up a hotspot named “Airport_Free_WiFi” near a busy departure gate to intercept passenger credentials.
3An adversary uses a device to broadcast a strong signal on the 2.4 GHz band, preventing all nearby devices from connecting to any network.
Attack Type
AEvil Twin
BJamming
CWar Driving

41.3.4 — Evil Twin Attacks in Depth

The evil twin is the most dangerous wireless attack for individual users because it enables credential theft at scale with minimal skill. Understanding the step-by-step anatomy makes it concrete and memorable.

1Anatomy of an Evil Twin Attack
1

Setup

The adversary configures a device — often a laptop or cheap portable router — to broadcast a WAP with an SSID matching or resembling a legitimate network. In the CED scenario, the adversary named it “Sunshine Wi-Fi” when the real network was “Guest Wi-Fi.”

2

Lure

Victims see the evil twin in their available network list. If the SSID matches one they’ve joined before, their device may auto-connect without user action. If it’s slightly different but plausible, users may select it manually without scrutinizing the name.

3

Interception

All traffic flowing through the evil twin passes through the adversary’s device. Packet capture tools record everything: web requests, login forms, session tokens, chat messages. Any data transmitted without encryption is visible in plaintext.

4

Exploitation

The adversary extracts credentials from captured traffic. In the CED scenario: the adversary logs in as the victim, changes the streaming service password, and locks the victim out. The attack is complete.

Why it works

Evil twin networks are almost always open (no password) by design — the adversary wants frictionless connections. This is why the CED warns against joining unprotected networks: no password means no assurance about who is operating it. Homoglyph substitution (replacing “l” with “I”, “0” with “O”) makes SSID spoofing visually convincing at a glance.

Check for UnderstandingSequence Sort
Q 5 of 10

Sort the following steps of an evil twin attack into the correct chronological order. Click a card to select it, then click the bucket where it belongs.

Adversary captures victim’s traffic including login credentials
Adversary configures a device to broadcast a WAP with a spoofed SSID
Adversary uses stolen credentials to log into victim’s accounts
Victim connects to the evil twin instead of the legitimate network
Step 1
Step 2
Step 3
Step 4

51.3.5 — Individual Protections (CED 1.3.C)

The CED identifies three specific actions individuals can take to protect themselves from wireless attacks. These are personal-level defenses, not enterprise controls. AP exam questions about wireless defense in Unit 1 focus on these three.

1.3.C.1Verify the Network Name Exactly
Individuals should verify that the name of any wireless network they join exactly matches the name of the network they intend to join. “Exactly” means checking for subtle differences: extra spaces, homoglyph substitutions (lowercase ‘l’ vs. number ‘1’, zero vs. letter ‘O’), or slight name variations.
Best practice: ask an employee of the establishment for the exact network name rather than guessing. This is the primary defense against evil twin attacks.
1.3.C.2Avoid Unprotected Networks
Individuals should avoid joining unprotected wireless networks — networks that do not require a password or authentication to join. An open network provides no encryption between your device and the access point. Any adversary within range can intercept that traffic.
If you must use an open network, layer additional protection on top (see VPN). Evil twin networks are almost always open by design — avoiding open networks directly reduces evil twin exposure.
1.3.C.3Use a VPN
Individuals may consider using a virtual private network (VPN), which encrypts all their traffic, so that any intercepted traffic would not be immediately readable. A VPN creates an encrypted tunnel between your device and a remote server. Even if an adversary captures your traffic, the data inside the tunnel is unreadable without the decryption key.
Note the CED’s careful phrasing: “not immediately readable.” A VPN makes interception impractical for most adversaries — not theoretically impossible. Also note: the VPN provider can view your traffic. You are trusting the VPN provider instead of the network operator.
Check for UnderstandingFill in the Blank
Q 6 of 10

Place the correct term from the bank into each blank.

Word Bank (click to select, then click a blank) SSID unprotected VPN zero day denial of service

1. Before connecting to any wireless network, verify that its exactly matches the name of the network you intend to join.

2. Avoid joining wireless networks that require no password or authentication.

3. Using a encrypts all traffic so that intercepted data is not immediately readable.

4. A vulnerability undocumented by the vendor — meaning the vendor has had zero days to prepare a fix — is called a .

5. A jamming attack is classified as a attack because it makes the wireless network unavailable to authorized users.

Check for UnderstandingMCQ
Q 7 of 10

A user at an airport connects to an open public Wi-Fi network and logs into their bank account. An adversary on the same network captures the user’s banking credentials. Which control would have been most effective at preventing the credential theft?

ARestarting the device before connecting to the network
BUsing a VPN to encrypt all traffic before transmitting it over the network
CChanging the bank account password immediately after logging in
DConnecting using a device with recently updated antivirus software

61.3.6 — Defense Coverage Matrix

The three individual protections address different attack types. Understanding which protection works against which attack is a high-frequency AP exam pattern.

Protection Evil Twin Jamming War Driving
Verify SSID exactly (1.3.C.1) ✓ Yes — prevents connecting to impersonating network ✗ No — EM interference affects all networks ✗ No — war driving is passive; doesn’t connect to your device
Avoid open networks (1.3.C.2) ✓ Yes — most evil twins are open by design ✗ No — jamming affects protected and open networks equally ✗ No — war driving detects all networks regardless of protection
Use a VPN (1.3.C.3) ✓ Yes — encrypts data even if connected to an evil twin ✗ No — if the connection is jammed, there’s no traffic to encrypt ✗ No — VPN doesn’t prevent beacon detection
★ AP Exam Pattern — Jamming Has No Individual Defense

All three individual protections address evil twin most effectively. No individual action can stop a jamming attack — it operates at the physical radio layer and requires organizational responses (signal shielding, frequency hopping, wired backup). If an exam question asks what an individual can do to stop jamming, the correct answer is: nothing at the individual level. If the answer choices include a VPN or SSID verification, they are all wrong for jamming.

Check for UnderstandingI / II / III
Q 8 of 10

Which of the following statements about defending against wireless attacks are TRUE?

I. Verifying the exact network name before connecting can prevent a user from joining an evil twin network.
II. Using a VPN prevents a jamming attack from disrupting the user’s wireless connection.
III. Avoiding open (unprotected) wireless networks reduces the risk of an adversary capturing unencrypted traffic.

AI only
BI and III only
CII and III only
DI, II, and III

71.3.7 — Worked Scenarios

Check for UnderstandingSpot the Error
Q 9 of 10

A cybersecurity blog states: “War driving is particularly dangerous because it allows adversaries to intercept private data being transmitted over a wireless network in real time.” What is wrong with this claim?

AWar driving does not intercept data — it is a passive reconnaissance technique that detects wireless beacons to map networks, identify encryption types, and locate signal leakage. No data in transit is captured.
BWar driving does intercept data, but only from unprotected networks, not from all wireless networks as the blog implies.
CWar driving is only dangerous when performed by high-skilled adversaries with custom tools, which limits its frequency.
DWar driving requires the adversary to be inside the building to be effective, so the blog overstates its reach.
End of LessonIntegrative Scenario
Q 10 of 10
Mariana visits a hotel lobby and sees three available Wi-Fi networks on her phone:
1. “HotelGrand_Lobby” — requires password 🔒
2. “Hotel Grand Free WiFi” — open 🔓
3. “HoteIGrand_Lobby” — requires password 🔒

Mariana asks the front desk, confirms the real network is “HotelGrand_Lobby,” connects to it, and activates her VPN before browsing.

Which network is most likely the evil twin, and which statement best explains why Mariana’s actions demonstrate all three CED individual protections?

ANetwork 2 is the evil twin because it is open. Mariana applied two protections: avoiding the open network and using a VPN.
BNetwork 3 is the evil twin because it requires a password, making it harder to detect. Mariana only applied one protection: SSID verification.
CNetwork 3 is the evil twin — it uses a homoglyph substitution (“HoteI” with uppercase I instead of lowercase l). Mariana applied all three protections: verified the exact name with staff (1.3.C.1), connected to the password-protected real network rather than the open one (1.3.C.2), and activated a VPN for additional encryption (1.3.C.3).
DBoth networks 2 and 3 are likely evil twins. Mariana should not have connected at all — the only safe option in a hotel lobby is to use cellular data.

!Common AP Exam Mistakes — Topic 1.3

Mistake Why It’s Wrong What to Do Instead
Classifying adversaries by damage caused “The attack caused $2M in damage, so they must be high-skilled.” Damage magnitude tells you nothing about skill level. Look for tool origin (created vs. borrowed) and vulnerability type (known vs. zero-day).
Claiming war driving intercepts data War driving is passive beacon scanning — no data in transit is captured or modified. Classify war driving as Reconnaissance only. Any answer attributing data theft to war driving is wrong.
Saying VPN stops jamming A VPN encrypts traffic, but jamming cuts the wireless connection entirely. No connection = no VPN tunnel to encrypt anything. No individual-level action stops jamming. Never select a VPN or SSID check as a jamming defense.
Assuming HTTPS alone makes public Wi-Fi safe HTTPS encrypts the content of web traffic but doesn’t prevent an evil twin from capturing metadata, redirecting to lookalike pages, or exploiting non-HTTPS traffic. HTTPS is necessary but not sufficient on public Wi-Fi. Layer with VPN and SSID verification.
Confusing jamming mechanism with evil twin Students write “jamming creates a fake access point” — that’s an evil twin. Jamming floods a frequency with EM signals. Jamming = EM interference. Evil twin = fake WAP with spoofed SSID. These are completely different mechanisms.

81.3.8 — Key Terms & FAQ

Term Definition AP Exam Note
Evil Twin Rogue WAP with SSID matching a legitimate network, used to intercept victim traffic Adversary captures traffic; victims may auto-connect
Jamming EM signal flood in wireless frequency range preventing legitimate communication = DoS No individual-level defense exists
War Driving Passive scanning for wireless beacons while mobile to map networks and find signal leakage Does NOT intercept data; belongs to Reconnaissance phase
SSID Service Set Identifier — the name of a wireless network Verify it exactly matches; watch for homoglyphs
VPN Virtual Private Network — encrypts all traffic between device and remote server Makes intercepted data “not immediately readable” (CED phrasing)
Zero Day Undocumented vulnerability; vendor has had zero days to prepare a patch Exploited by high-skilled adversaries
Low-Skilled Uses tools created by others; exploits known vulnerabilities Damage caused does NOT determine skill level
High-Skilled Creates or modifies tools; discovers zero-day vulnerabilities Can bypass patched systems with novel techniques
Unprotected Network Wireless network requiring no password or authentication to join Evil twins are almost always open by design
  • Can a VPN stop an evil twin attack entirely?

    Not entirely, but it removes most of the danger. If you connect to an evil twin while using a VPN, the adversary can see that traffic is flowing through their access point, but the contents of that traffic are encrypted inside the VPN tunnel. They cannot read your credentials or session data. The CED uses the phrase “not immediately readable” — meaning decryption is impractical for most adversaries, not theoretically impossible. Verifying the SSID first is still important because connecting to an evil twin even with a VPN may expose your device to other risks.

  • Why is war driving in the Reconnaissance phase rather than a direct attack?

    War driving collects information without taking action against any system. The adversary is building a map: which networks exist, where their signals reach, what encryption they use, whether any are open. This information is then used to plan a targeted attack later — identifying which building has an unencrypted access point reachable from the parking lot, for example. War driving itself does not compromise any CIA property, which is why it belongs to Reconnaissance rather than the Initial Access or Taking Action phases.

  • Is there anything an individual can do about jamming?

    At the individual level, no. Jamming operates at the physical radio frequency layer — it is a hardware-level attack that software on your device cannot counter. Individual protections (verify SSID, avoid open networks, VPN) all assume a working wireless connection exists. When jamming cuts the connection, none of these protections can help. Organizational responses exist — frequency hopping (FHSS), wired backup connections, signal monitoring — but these are enterprise controls, not individual actions. On the AP exam, never select an individual protection as a defense against jamming.

📋 Exit Ticket — Topic 1.3 | 5 Questions | Ready for Canvas / Google Classroom

Students submit before leaving. Target 70%+ on Q1–3.

  1. An adversary uses a $30 router and free software to set up an evil twin at an airport. A separate adversary writes custom zero-day exploit code targeting airport networks. Classify each by skill level and explain the single factor that distinguishes them. (AP Skill: Analyze Risk)
  2. Name all three wireless attack types the CED requires, classify each by CIA property violated, and identify which one belongs to the Reconnaissance phase of a cyberattack. (AP Skill: Analyze Risk)
  3. A user at a library sees two available networks: “LibraryPublic” (open) and “LibraryPubllc” (requires password). Which is likely the evil twin and why? What should the user do before connecting to either? (AP Skill: Analyze Risk)
  4. A student claims: “Using a VPN on public Wi-Fi protects you from jamming attacks.” Is this true or false? Explain why using the CED framework. (AP Skill: Mitigate Risk)
  5. Apply all three CED individual protections to this scenario: you need to use Wi-Fi at a coffee shop to access your bank account. Explain exactly what you would do and which protection each action represents. (AP Skill: Mitigate Risk)
Answer Key: (1) Evil twin operator = low-skilled (tools created by others, known vulnerability); custom zero-day developer = high-skilled (creates tools, discovers undocumented vulnerabilities). Distinguishing factor: tool origin and vulnerability type. (2) Evil Twin (Confidentiality), Jamming (Availability/DoS), War Driving (none directly — Reconnaissance phase). (3) “LibraryPubllc” uses double-l, likely homoglyph substitution — the extra ‘l’ is an impersonation attempt; ask staff for exact network name before connecting. (4) False — a VPN encrypts traffic but cannot restore a jammed wireless connection; jamming cuts the physical radio link that a VPN tunnel requires. (5) Ask barista for exact network name (1.3.C.1); connect only to the password-protected network, avoid any open networks (1.3.C.2); activate VPN before opening the bank site (1.3.C.3).
Premium Feature

1-on-1 Expert Support

Get personalized help from an AP Cybersecurity instructor — 2,067+ verified hours, 5.0 rating, 499+ reviews.

2,067+ Verified Hours 5.0 Wyzant Rating 499+ Reviews
Learn About Expert Sessions →
TC
Tanner Crow
AP Computer Science Teacher — Blue Valley North High School

Tanner has taught AP Computer Science for 11+ years and built APCSExamPrep.com to give every student access to the same resources his own students use. He holds 2,067+ verified tutoring hours on Wyzant with a 5.0 rating from 499+ reviews.

11+ Years Teaching AP CS 2,067+ Verified Tutoring Hours 499+ Five-Star Reviews 5.0 Rating on Wyzant
Content last reviewed and updated: June 2026
← Topic 1.2 Exercise 1 →

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]