REGISTRATION PHASE
1- All teams will act as Blue teams defending their network against vulnerabilities and attacks.
2- White Team members are also responsible for judging functions during the Challenge
3- Teams must have at least 5 but no more than 8 students (during the Final Round). Unlimited students are allowed only during the Practice Rounds.
- High School division and 1 Junior College division (1 division if there’s middle school competition. Teams will be formed based on schools (home school, charter school, private schools, and college) Student organizations such as YMCA, Boys & Girl Club, etc. Team captains will also be designated. Teams must be registered before the 2 days before practice rounds on 2nd Weekend of February.
- High School division and 1 Junior College division (1 division if there’s middle school competition. Teams will be formed based on schools (home school, charter school, private schools, and college) Student organizations such as YMCA, Boys & Girl Club, etc. Team captains will also be designated. Teams must be registered before the 2 days before practice rounds on 2nd Weekend of February.
- High School division and 1 Junior College division (1 division if there’s middle school competition. Teams will be formed based on schools (home school, charter school, private schools, and college) Student organizations such as YMCA, Boys & Girl Club, etc. Team captains will also be designated. Teams must be registered before the 2 days before practice rounds on 2nd Weekend of February.
- High School division and 1 Junior College division (1 division if there’s middle school competition. Teams will be formed based on schools (home school, charter school, private schools, and college) Student organizations such as YMCA, Boys & Girl Club, etc. Team captains will also be designated. Teams must be registered before the 2 days before practice rounds on 2nd Weekend of February.
Hardware Requirements are as follows:
1 Ghz Intel compatible processor (AMD processors are not recommended)
• 2 GB RAM
• 10 GB of free disk space
• Keyboard & Mouse
• 1024×768 or higher display
• (Optional) It is recommended to use a projector or large display to share the screen
output with the rest of the team, but not required
• Network connection from computer(s) to Internet
Software Requirements are as follows:
• Operating System (Windows 7 or newer, Linux, or Macintosh 10.4.11 or later)
• Web Browser (Chrome, Edge, Firefox, or Safari)
Internet Connectivity Requirements are as follows:
• Minimum of 256kb uplink/downlink; and,
• Network firewalls and/or Web Proxies should permit un-filtered TCP port 443 out-bound from your network from each of the computer(s) involved in the competition to Project
4- Teams will be provided one mentor and coach to ensure teams are following the rules.
Coaches/mentors will not assist or advice teams during Qualification or Finals but may be present during the Practice Rounds.
5- The goal is to access the Haiku Range via the browser and get familiarized
QUALIFICATION ROUNDS
1- 2nd and 4th weekend of March (9am – 9pm). Each team will have 4-hour time sessions. Make sure a confirmation email of a time slot to be sent to Lilian Maestas lmaestas@knowledgemade.com two days before 2nd weekend.
2- Back-up qualification rounds are on the 2nd and 4th weekend of April (if needed).
3- Each team consists of a maximum of 8 team members. No coach/mentor will assist their teams but will ensure all rules are followed.
4- During the team’s time slot, the team will complete a number of scenarios (games, battle rooms, and missions on the Project in a virtual environment. Windows and Linux virtual machines must be maintained as if there were system administrators (resolving vulnerabilities, maintaining services, and looking for any authorized activity. The rules will be provided to each team.
Scoring and Qualification to Final Round
5- Top eight teams with the highest scores will advance to the Final Round. However, more than one team (one team only) from each school or organization will not be able to participate in the Finals.
6- Scores will be kept confidential until announced. During the Challenge, each participating teams may view their progress within the Project Ares.
Hardware Requirements are as follows:
1 Ghz Intel compatible processor (AMD processors are not recommended)
• 2 GB RAM
• 10 GB of free disk space
• Keyboard & Mouse
• 1024×768 or higher display
• (Optional) It is recommended to use a projector or large display to share the screen
output with the rest of the team, but not required
• Network connection from computer(s) to Internet
Software Requirements are as follows:
• Operating System (Windows 7 or newer, Linux, or Macintosh 10.4.11 or later)
• Web Browser (Chrome, Edge, Firefox, or Safari)
Internet Connectivity Requirements are as follows:
• Minimum of 256kb uplink/downlink; and,
• Network firewalls and/or Web Proxies should permit un-filtered TCP port 443 out-bound from your network from each of the computer(s) involved in the competition to Project
FINAL ROUND
1- Finalist will take place 2nd weekend of May
2- Each team consists of a maximum of 8 team members. No coach/mentor will assist their teams but will ensure all rules are followed.
3- All teams will receive a team shirt when they sign-in at the Final Round individually identifying each team. No offensive activity against the equipment, Red Team, or other teams is allowed. Any activity of this nature will result in disqualification of the Blue Team conducting it.
4- Teams will maintain their network defenses and maintain their target systems.
- Reviewing initial system configurations to verify that machines are properly configured and patched against vulnerabilities
- Managing network and host-based systems to thwart any active threat
- Reporting computer misuse to operational staff
- Completing assigned missions in the Project Ares platform
- Adhering to all rules of engagement posted in the Project Ares platform
- Following the guidelines set forth in your appropriate network security policy for securing your network
5- The Final Round of the SoCal Cyber Cup Challenge will be conducted with eight teams from each division going head-to-head in the Circadence Project Ares platform. Participants are provided with their own complete virtual environment, including Windows and Linux operating systems, switches and router, firewalls and intrusion detection devices. At the beginning of the Challenge, the participants will log into Project Ares, assume control of their “Blue” (exercise) systems, and begin to harden them as quickly as possible. Sometime later, the “Red” team (hackers) will begin to attack their systems. Participants will also answer questions in Trivia Loot for additional points.
Final Round Challenge Rules
1- The Project Ares platform or in the designated forensics are the designated area for all challenges
2- All teams will have 5 laptop computers and network access
3- Teams will make no assumptions the Challenge system is properly functioning or secure
4- All teams will be connected to a central scoring system
5- Throughout the Challenge, White Team members will be responsible for maintaining the competition equipment and can troubleshoot systems that malfunction when this malfunction is not part of the Challenge itself
6- Teams must not connect any outside devices or peripherals to the Challenge devices
7- Teams are not permitted to remove or alter any labels/stickers that are present on their assigned systems
8- Teams may not modify the hardware configurations of Challenge systems. Teams must not open the case of any server, printer, PC, monitor, KVM, router, switch, firewall, or any other piece of equipment used during the Challenge. All hardware related questions and issues should be referred to the White Team
9- A Red Team will emulate the inside and outside hacker threat that exists on networks today. The type of network activity conducted by the Red Team may include:
- Enumeration, discovery, and port scanning using RFC-compliant ICMP packets and TCP and UDP connections
- Attempted logins using guessed and discovered account names and passwords
- Network sniffing, traffic monitoring, and traffic analysis
- Use of exploit code for leveraging discovered vulnerabilities
- Password cracking via capture and scanning of authentication databases
- Spoofing or deceiving servers regarding network traffic
- Alteration of running system configuration except where denial of service would result
- Denial of service attacks, directed, distributed, or otherwise
- Scanning of user file content
- Introduction of viruses, worms, Trojan horses, or other malicious code
- Alteration of system configuration stored on disk
- Changing passwords or adding user accounts
- Spoofing or deceiving servers via dynamic routing updates or name service (DNS)
10- The Challenge will be conducted over a five-hour period following the Forensic Challenge
11- The number of “Blue” Targets: Seven (see Blue Team Systems section below)
12- The Challenge will be conducted for five hours (12:30pm-5:30pm) and the Challenge will not be accessible prior to the start time
13- During the Challenge team members are forbidden from entering or attempting to enter another team’s workspace
14- Teams must compete without “outside assistance” from non-team members, which includes team coaches, mentors, and/or sponsors.
All private communications (calls, emails, chat, directed emails, forum postings, conversations, requests for assistance, etc.) with non-team members, including team sponsors that would help the team gain an unfair advantage, are not allowed and are grounds for disqualification.
15- Participants may use the Internet to search for solutions any web-sources must be
16- publicly available. Participants are strictly prohibited from pre-staging files on the Internet.
17- Open source software may be downloaded for use in the virtual environment. Commercial software and tools are not allowed
18- No PDAs, memory sticks, CDROMs, electronic media, or other similar electronic devices are allowed in the room during the Challenge unless specifically authorized by the White Team in advance.
- All cellular calls must be made and received outside of Challenge area
- Any violation of these rules will result in disqualification of the team member and a penalty assigned to the member’s team
19- Teams may not bring any computer, tablets, PDA, or other wireless device into the Challenge area
Laptop computers for accessing in the Project Ares platform that hosts the virtual environment
20- Printed reference materials (books, magazines, checklists) are permitted in Challenge area and teams may bring printed reference materials to the Final Round
21- Team sponsors and observers are not participants and are prohibited from directly assisting any participant through direct advice, “suggestions,” or hands-on assistance
Any team sponsor or observers found assisting a team will be asked to leave the Challenge area for the duration of the Challenge
22- Team members will not initiate any contact with members of the Red Team during the hours of live Challenge
Team members are free to talk to Red Team members, White Team members, other participants, etc. outside of Challenge hours
23- On occasion, White Team members may escort individuals (VIPs, press, etc.) through the Challenge area
24- Only White Team members will be allowed in competition areas outside of Challenge hours
25- Teams are free to examine their own systems but no offensive activity against the White Team, other teams, or the Red Team will be tolerated
- This includes port scans, unauthorized connection attempts, vulnerability scans, etc. Any team performing offensive activity against other teams, the White Team or the Red Team will be immediately disqualified from the Challenge
- Any questions or concerns during the Challenge about whether or not specific actions can be considered offensive in nature contact the White Team before performing those actions
26- Teams that are the most successful are those who proactively collaborate among their teammates
SCORING
1- There will be one first place team for each division declared at the completion of the Challenge; the 2018 SoCal Cyber Cup Challenge Champion will be the team with the highest overall score
2- Scores will be monitored by the White Team, but will not be shared until the Awards Dinner which will immediately follow the Final Round
3- Any team that tampers with or interferes with the scoring or with another team will be disqualified
4- Students will be evaluated in five skill areas:
- Maintenance of critical services
- Removing vulnerabilities and hardening systems
- Cybersecurity domain knowledge
- Communicating status and resource requirements
- Detecting and thwarting attacks
Extra:
- Team captains are encouraged to work with the Challenge officials to resolve any questions or disputes regarding the rules of the Challenge or scoring methods before the Challenge begins
- Protests by any team will be presented by the Team Captain to the Challenge officials as soon as possible. The Challenge officials will be the final arbitrators for any protests or questions arising before, during, or after the Challenge and rulings by the Challenge officials are final
- In the event of an individual disqualification, that team member must leave the Challenge area immediately and must not re-enter the area at any time. Disqualified individuals are ineligible for any awards
- In the event of a team disqualification, the entire team must leave the Challenge area immediately and all members are ineligible for any individual or team award
AWARDS
1- All final teams are invited to attend the Awards Dinner where scores will be announced.
Location and Time: TBD
2- 1st and 2nd place teams of each division will be invited to attend the California Cyber Innovation Challenge (CCIC), and SANS Security West events. Dates of both events TBD.
SoCal Cyber Cup Mentorship 