HOME  |  Search
Frequently Asked Questions

Q: My institution has just started a security program. We're not ready and we don't think we can be competitive! Why should we participate?
A: The goal of the competition is not necessarily to determine which team is the best, although scores will be awarded, but to provide insight into your program. The competition's mission statement presents the organizer's philosophy to be much broader than an "electronic gladiatorial" competition" with the "Red Team". In essence, the Collegiate Cyber Defense Competition (CCDC) will provide the participating institution an "environment to assess their student's depth of understanding and operational competency in managing the challenges inherent in protecting an enterprise network infrastructure and business information systems". Many of last years competing schools used the event as a diagnostic tool. Strength and weaknesses in their curriculum were noted by how students reacted to the game scenario. Instructors then used these observations to improve their overall security program and as a learning experience.

Q: What type of summative information will we receive as the result of participating in the CCDC.
A: Scoring will be based on points earned by maintaining basic services and other points earned by successfully completing specific taskings/injects. Each event/inject or system query will be categorized according to the ten domains identified by ISC2 in their Common Body of Knowledge as a percentage of correct actions. In this manner, educators can get quantifiable snapshot or their team's performance.

Q: Will we know ahead of time what services/versions will be running on each system?
A: Yes, each team will be provided with a list of the operating system and required services for each system but we will not provide specific version or patch information - that's part of the competition, to find out what needs to be fixed.

Q: Will we have a KVM and a single head, or will we have a head for every machine?
A: At present, available resources will give us a single head for each system.

Q: Will the competition systems be connected to the Internet?
A: No - the actual competition network will not be connected to the Internet. Each team will be provided with an Internet-connected PC running Windows XP Pro where they can download software, patches, Google, etc. The Internet PC can not be connected to the competition network at any time.

Q: How will we transfer data from the air gapped Internet machine to the competition network?
A: Each team will be provided with a 1GB flash drive to facilitate file transfers.

Q: Can we connect our laptops to the Internet?
A: No - the Internet connection can only be used with the competition provided PC.

Q: For the "business tasks"/injects, if our team is able to suggest a more secure alternative that meets the same objective, and doesn't require a CS degree to carry out (ie its easy for a mgmt type), can we substitute that alternative and still receive full credit?
A: The business tasks will be similar to business tasks you may receive in a corporate environment - you'll be asked to provide a service or a function. If you can come up with a better, faster, more secure way of providing that service or function by all means do so. For example, we going to ask you to provide an FTP service with the following files and accounts - how you support that FTP service and what software you use is up to you.

Q: What IP address will the scoring engine be on?
A: The IP address of the scoring engine will change periodically throughout the competition.

Q: Does the scoring engine just check availability of services?
A: No - the scoring engine will be checking functionality as well so it's not enough to have something "listening" to a specific port. The scoring engine will check to make sure a web server exists and is actually providing content, a mail server actually sends and receives mail, a DNS server responds to queries, etc.

Q: What kinds of tools/software can we use/bring with us?
A: You may bring into the competition rooms printed materials only.

Q: What software will we be using?
A: Each team will be provided a set of CDs with frequently used enterprise level software, e.g. Red Hat Linux, WinXP, Win2XXX, etc., as well as frequently open sourced software such as Snort, TCPView, Nessus, etc.

Q. What if we find a really useful open source, completely free program/software that is available to anyone else or was developed by one of your team members.
A: Please make it available to the CCDC sponsors so that we may distribute it to all teams. For example - you may use Nessus, Snort, or a script one of your team members wrote to automate a task (scanning through syslogs for example). If you have a question about whether or not a particular package is eligible, please ask.

Q: Will DoS attacks be used?
A: We will allow the red team limited use of DoS attacks if it permits a secondary exploitation; however use will be extremely limited. The red team is not there to simply pound on or crash servers.

Q: Will we get copies of the traffic logs?
A: The CCDC will be recording all traffic going through the master switch - this includes traffic to/from the red team. These logs will be made available to all participating teams upon request after the competition.

Q: Will the red team be attacking any of the global resources?
A: No - the red team will not be attacking any of the global resources. They will only be examining team systems.

Q: What specific equipment will be available for us during the competition?
A: At present, each room will have at least 8 computers/servers, miscellaneous networking devices, and a laser printer. The specific list will be posted by March 3, 2006 on the CCDC website.

Q: Will you provide us with a list of the specific software that will be in the CD-folder?
A: Yes, we will provide a final list of all available competition software in a future edition of this FAQ. At this juncture, the following are included:

Windows XP Professional with Service Pack 1
Windows Server Software (such as)
2000 Server
2003 Server
SQL Server
ISA Server
Exchange Server
Bind
Snort
Snort 2.1
TCPView
Ethereal 0.10.14
Nessus 3.0.1
NessusWX
SendMail
Fedora Core 4
Red Hat 9
My SQL
Radius Manager
Samba

Q: Does the competition restrict any specific IP addresses?
A: Yes, each team will be assigned a specific IP range and restricted to that block. Required services will have specified IP addresses.

Q: Can USB thumb/flash drives be brought in by competition teams?
A: USB devices will be available to each team. No outside computer related devices may be used

Q: Can musical devices be brought in by team members?
A: Music devices may be brought in as long as they are not attached to ANY competition computer.

Q: What are team membership eligibility/requirements?
A: Undergraduate students must be full-time students enrolled in at least 12 hours at the time of the competition and Graduate students must be full-time students enrolled in at least 6 hours at the time of the competition. No student may participate in the competition if they currently serve in a role similar to that of a network administrator or network security administrator for more than half of their workload.  (This puts the SW Regional rules in compliance with the National CCDC rules. )

Q: Are there local hotels giving group rates for the competition?
A: Hotels contact information is available on the competition web site at www.delmar.edu/ccdc Ask for the “state rate”. (Note: There are others available, e.g. Holiday Inns, La Quinta, Comfort Inns, Embassy Suites, etc. but those listed would honor the group/state rate.  These hotle will give state rate only on availability).

Q: Will an updated diagram of the network be posted?  The 2006 diagram has been removed!
A: Every competition room will have enough equipment to support the contest services as outlined in the team packet and site documentation.

The competition documentation identifies the current configuration and services required by Valve-X to conduct business. No additional details on the specific configuration of the network will be available until the competition orientation.

In addition each room will have three computers that will serve the infrastructure of the competition and will be OFF LIMITS to the Red Team. These computers will be:

    1. The Internet access Research Computer
    2. A “Canary Box” computer that will serve to verify the network connection to the room as a part of the scoring engine. THIS COMPUTER IS ALSO OFF LIMITS TO TEAM MEMBERS.
    3. A Pen Test computer that the team can use from outside its perimeter to assess the effectiveness of its defense strategy. This computer will be equipped with Backtrack 2.0 and team members may use the tools ONLY to test the IP range of the team’s resources. Any traffic outside the Team’s IP range will be deemed as offensive traffic and will be grounds for immediate disqualification.

Q: Will other equipment such as printers be provided? Do we need to bring anything?
A: We will provide printers to all teams as well as portable hard-drive/s, CD-R, paper, markers, pencils, notepads, etc. 

Q: How will patch management be handled? Will they be available locally?
A: Patch Management will be addressed during the Orientation.

Q: Can we bring security software?
A: If you have any programs you wish to request, please notify us by Monday, February 18, 2008 with the site to download the specific program and the version you want downloaded. We will provide the teams will ALL requested software as long as the programs are FREEWARE or open source. No trial ware or limited-use versions are permitted.

 

Please send your questions via the link on the competition web site and we will address them ASAP.