Article: The Day the School Network Was Attacked
Creekside High School – 10:20 AM
It started like any normal school day. Students were working on coding assignments, submitting projects online, and reviewing for tests using interactive tools.
Suddenly, things began to go wrong.
• Websites started loading very slowly
• Some students saw “Connection Timed Out” errors
• Others received “Page Not Found (404)” messages
• A few computers froze completely
Teachers quickly reported the issue to the IT department.
________________________________________
The Investigation Begins
The school’s Security Analyst opened the network monitoring dashboard and immediately noticed something unusual.
There was a huge spike in network traffic.
One computer inside the school network was sending hundreds of requests per second to an unknown external server.
________________________________________
Suspicious Activity Detected
As the analyst looked deeper, they discovered:
• A program called revshell.exe was running
• The system was executing commands like:
o whoami
o net user
This confirmed that the school network had likely been compromised by malware.
________________________________________
Why the Network Became Slow
The infected computer was:
• Sending massive amounts of data outside the network
• Increasing overall bandwidth usage
• Creating network congestion
• Causing high latency
________________________________________
The Response
The Security Analyst:
1. Disconnected the infected device
2. Blocked the suspicious server
3. Ran malware scans
4. Reset user accounts
________________________________________
Career Spotlight: Security Analyst
• 📈 High demand (30%+ growth)
• 💰 Salary: $65K – $160K+
• 🛠️ Skills: Networking, cybersecurity, problem-solving
How to Start (Student Pathway):
1. Learn networking basics (like this class 👀)
2. Practice labs (TryHackMe, LetsDefend)
3. Earn certifications (Security+ — like your teacher 👨‍🏫)
4. Build projects (detect attacks, analyze logs)


Investigation Questions (15 Total)
DOK 1 — Basic (5 Questions)
1. What problem first alerted teachers that something was wrong?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
2. What does “Connection Timed Out” mean?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
3. What is malware?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
4. What program was found on the infected computer?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
5. What commands were executed on the system?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
________________________________________

Question

Article: The Day the School Network Was Attacked
Creekside High School – 10:20 AM
It started like any normal school day. Students were working on coding assignments, submitting projects online, and reviewing for tests using interactive tools.
Suddenly, things began to go wrong.
• Websites started loading very slowly
• Some students saw “Connection Timed Out” errors
• Others received “Page Not Found (404)” messages
• A few computers froze completely
Teachers quickly reported the issue to the IT department.
________________________________________
The Investigation Begins
The school’s Security Analyst opened the network monitoring dashboard and immediately noticed something unusual.
There was a huge spike in network traffic.
One computer inside the school network was sending hundreds of requests per second to an unknown external server.
________________________________________
Suspicious Activity Detected
As the analyst looked deeper, they discovered:
• A program called revshell.exe was running
• The system was executing commands like:
o whoami
o net user
This confirmed that the school network had likely been compromised by malware.
________________________________________
Why the Network Became Slow
The infected computer was:
• Sending massive amounts of data outside the network
• Increasing overall bandwidth usage
• Creating network congestion
• Causing high latency
________________________________________
The Response
The Security Analyst:
1. Disconnected the infected device
2. Blocked the suspicious server
3. Ran malware scans
4. Reset user accounts
________________________________________
Career Spotlight: Security Analyst
• 📈 High demand (30%+ growth)
• 💰 Salary: $65K – $160K+
• 🛠️ Skills: Networking, cybersecurity, problem-solving
How to Start (Student Pathway):
1. Learn networking basics (like this class 👀)
2. Practice labs (TryHackMe, LetsDefend)
3. Earn certifications (Security+ — like your teacher 👨‍🏫)
4. Build projects (detect attacks, analyze logs)


Investigation Questions (15 Total)
DOK 1 — Basic (5 Questions)
1. What problem first alerted teachers that something was wrong?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
2. What does “Connection Timed Out” mean?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
3. What is malware?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
4. What program was found on the infected computer?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
5. What commands were executed on the system?
________________________________________________________________________________________________________________________________________________________________________________________________________________________
________________________________________

Your name

Your answer