Cyber Awareness Challenge
By Carney, Inc., Defense Information Systems Agency, & SAIC
Skills and Ideas Taught: This game teaches information assurance practices that support the following objectives:
- Identify information assurance awareness/information systems security and why it is important
- Identify the different types of information and the requirements to protect each content type(for example, classified information, personally identifiable information, protected health information)
- Identify the different forms and methods of cyber attacks(for example, social engineering, email phishing, viruses/malware, identity theft)
- Identify the types of technologies that are particularly vulnerable to attacks(for example, removable media, mobile computing devices –cell phones and tablets, wireless technology)
Goal or Challenge: The goal of the Cyber Awareness Challenge is to capture an unnamed hacker (referred to throughout the game as the “adversary”), who is targeting federal government information systems in order to access sensitive government information. To capture the adversary, players complete a series of tasks within the game that challenge them to engage in safe information assurance practices to protect government information systems and sensitive information.
Primary Audience: The primary target audience for this game is all authorized users of Department of Defense and Federal information systems. This includes civilian and military employees and
Assessment Approach: Financial performance data is generated for each turn, and players are graded on quality and timeliness for every contract fulfilled for every client. In addition, critical thinking questions are presented to players every turn.
Description: The player’s learning is measured through the completion of the series of tasks that make up the game. For the majority of the tasks within the Challenge,players are seated at a simulated desk in front of a computer. The computer lists tasks players must complete by the end of the day. These tasks are divided into four groupings by time of day and environment and cover all required and approved information assurance content.For each task, the player completes some combination of activities made up of either a simulation or a mini-game. In simulations, the players are presented with a scenario in which they must select the best course of action to protect information systems and sensitive information. In mini-games, players apply information assurance concepts in a fun and interactive context. Players receive points for correct responses to all task activities, and they award points to the adversary for incorrect responses.
Game Engine: Adobe Flash
Operating System: Windows
Platform: Personal computer
Special Hardware: None