QA King of the Hill is highly technical experiential learning experience. Focussing on developing 'hands-on' cyber defenders across the full spectrum of attack and defence while also training tactical managers in how to monitor and coordinate their team. This is a fully interactive hackathon with a pwn twist, requiring the attacker & defender to dynamically assign resources based on the changing nature of the attack and provide periodic high level reports to senior management.
With all experiential learning, mastering expertise is a continuous process of experience, reflection, conceptualisation and experimentation. King of the Hill will challenge the best ‘offensive cyber defender’ to learn through doing, in an immersive environment that feels real.
Delegates are expected to have at least some experience within the Linux environment and be able to identify vulnerabilities and attacks using a variety of network, vulnerability and malware analysis tools, techniques and procedures. Exposure to scripting languages will be an advantage.
- Delegates will learn to exercise choice and autonomy wherever possible and appropriate
- Delegates will learn to practice and apply the most relevant knowledge and skills within the scenarios
- Delegates will learn to anticipate disruptions and deploy alternative options
- Delegates will learn to provide appropriate level of support and guidance to fellow team members (if playing in a team)
- Delegates will learn to take risks and reflect on their choices (again and again as needed)
- Delegates will acquire transferable skills from within a 'real world' environment
- Delegates will develop reflective learning skills, place them in a real world context and develop new ideas to implement their skills
To take part players must attack various vulnerable machines within the discovered network. Once you manage to get inside, evading detection, you must harden the machines that you’ve just pwned!
Now let the fun begin! In this active cyber defence scenario you will not be the only player trying to take the hill.
You must rapidly seek to protect and defend your pwned assets from the other players and against other attackers. There is a central platform that keeps track of which players / teams have compromised which networks, machines and allocates points every 5 seconds - the more machines you maintain control over the faster your points accumulate. The player or team with the most points wins!
There are constant opportunities for participants to take the initiative, make decisions and be accountable for the results. It provides opportunities to reflect and engage intellectually, creatively and emotionally for a deeper learning experience.