AP Cybersecurity Unit 2 Integration

AP Cybersecurity — Unit 2 Integration

Securing Spaces: Connecting the Concepts

This integration page ties together all five Unit 2 concepts — CIA Triad, defense-in-depth, physical security, risk assessment, and access controls — through unified Vantex Financial Group scenarios.

How Unit 2 Concepts Connect

Every security decision at Vantex Financial Group involves multiple Unit 2 concepts simultaneously. A ransomware attack violates the CIA Triad (Availability primary), spans multiple defense-in-depth layers (Host: infected endpoint, Data: encrypted files), is quantified through risk assessment (ALE = SLE × ARO), is mitigated through access controls (least privilege limits lateral movement), and requires physical security to prevent an insider from directly plugging in the malware payload.

Integration Principle

The AP Cybersecurity exam frequently presents multi-concept scenarios. Identifying ALL relevant frameworks (CIA property + defense-in-depth layer + risk response + control type) demonstrates mastery.

Unit 2 Integration Scenario Table

For each Vantex Financial Group scenario below, every Unit 2 concept is applied:

Scenario CIA Property DiD Layer Risk Response Control
Ransomware encrypts all Vantex servers for 72 hours Availability Host / Data Mitigate Backup + EDR + patch management
A contractor copies client SSNs to a personal USB drive Confidentiality Physical / Data Mitigate USB port blocking + DLP + badge access
An attacker changes wire transfer amounts in the database Integrity Application / Data Mitigate SHA-256 hashing + WAF + audit logs
An employee tailgates into the server room Confidentiality Physical Mitigate Mantrap + security awareness training
Help desk account with Domain Admin is compromised CIA all three Host / Network Mitigate Least privilege + RBAC + MFA

Unit 2 Synthesis Exercise

Vantex’s board requests a one-page executive summary of their security posture based on your Network Security Audit Report findings (Phases 1-5). Write a summary that:

  • 1. Identifies the TOP three risks by ALE from Phase 4 (Risk Assessment)
  • 2. Maps each risk to the CIA property it MOST directly threatens
  • 3. Identifies which defense-in-depth layer has the most critical gap
  • 4. Recommends one physical security improvement and one access control improvement with justification
  • 5. States the recommended risk response (mitigate/transfer/accept/avoid) for each top risk and justifies the cost-effectiveness decision
AP Exam Prep

This synthesis exercise mirrors the style of AP Cybersecurity free-response questions that ask you to analyze a scenario, identify controls, and justify security decisions using standard frameworks.

AP Cybersecurity Course | APCSExamPrep.com | Built by Tanner Crow, AP CS Teacher (11+ years)

Get in Touch

Whether you're a student, parent, or teacher — I'd love to hear from you.

Just want free AP CS resources?

Enter your email below and check the subscribe box — no message needed. Students get daily practice questions and study tips. Teachers get curriculum resources and teaching strategies.

Typically responds within 24 hours

Message Sent!

Thanks for reaching out. I'll get back to you within 24 hours.

🏫 Welcome, fellow educator!

I offer curriculum resources, practice materials, and study guides designed for AP CS teachers. Let me know what you're looking for — whether it's classroom materials, a guest speaker, or Teachers Pay Teachers resources.

Email

[email protected]

📚

Courses

AP CSA, CSP, & Cybersecurity

Response Time

Within 24 hours

Prefer email? Reach me directly at [email protected]