💻 AP Cybersecurity lesson plans
Free, standards-aligned high school AP Cybersecurity lesson plans. Each one is a full, ready-to-teach plan with an objective, direct instruction, activities, and formative assessment. Make a free account to unlock the printable worksheet, slides, and unit test for any lesson.
Detecting Attacks on Data and Applications
Students will analyze log and file-integrity evidence to detect and classify a cyberattack, distinguish detection controls from prevention controls, and evaluate which monitoring…
Read the full lesson →Protecting Applications: Secure-by-Design, Input Validation, and Least Privilege
Students will apply secure-by-design principles by (1) rewriting a vulnerable input handler to use server-side allowlist validation, and (2) configuring Linux file permissions wit…
Read the full lesson →Public Wi-Fi Threat & Defense Lab: Sniffing, Evil Twins, and Layered Controls
Students will analyze public-network attack scenarios (MITM, rogue AP, evil twin) using packet-capture evidence and device settings, and will select and justify layered defenses (…
Read the full lesson →Leveraging AI in Cyber Defense: Anomaly Detection, False Positives, and Human-in-the-Loop
Students will analyze how machine-learning-based defenses detect anomalies, evaluate the trade-off between false positives and false negatives in a security context, and justify w…
Read the full lesson →AI-Based Cybersecurity Attacks: When the Red Flags Disappear
Students will analyze how AI-augmented attacks (AI-generated phishing, deepfake audio/video, and automated reconnaissance) weaken traditional detection cues, and recommend layered…
Read the full lesson →Walking Past the Firewall: Physical Vulnerabilities and Attacks
Students will analyze physical attack vectors — tailgating, piggybacking, shoulder surfing, rogue devices, and insider negligence — against a described facility, and justify which…
Read the full lesson →Best Practices for Public Networks: Threat Models and Layered Defenses
Students will analyze the risks of public Wi-Fi networks (open networks, MITM, rogue APs, evil twins) and evaluate layered defensive controls (disable auto-connect, HTTPS-only, VP…
Read the full lesson →Spotting Spoofed Login Pages: URL, TLS, and Verification Habits
Students will analyze suspicious login pages by inspecting URL structure, TLS certificate details, and visual indicators to determine whether a page is legitimate or a credential-…
Read the full lesson →Understanding Social Engineering: Hacking the Human
Students will identify and classify social engineering techniques (phishing, spear phishing, pretexting, vishing, smishing, baiting, tailgating) in realistic scenarios, explain th…
Read the full lesson →Cyber Foundations: CIA, Risk, and Layered Controls
Students will analyze a security scenario by (1) identifying which element(s) of the CIA triad are compromised, (2) distinguishing threat, vulnerability, and risk, (3) reasoning a…
Read the full lesson →