CCDC Event

RBC Convention Center

April 16th, 2019

People are often the weakest link in a security chain, because they are not trained or generally aware of what security is all about. Employees must understand how their actions can greatly impact the overall security position of an organization

Chelsa Russell @ SANS Institute

The Challenge

The CCDC event is designed around the cyber security industry's Digital Forensic Incident Response (DFIR) process - which includes the following steps:

  • Breach discovery
  • Incident containment and remediation
  • Determining how the breach occurred
  • Analyzing the compromised and affected systems within the organization domain
  • Identifying and understanding what the attackers had access to and potentially took
  • Reporting and communicating

For this day-long challenge event, participants will be grouped into teams of four or five and immersed in a real-time security event. Participants are expected to detect the risk and the nature of the attack, isolate the attack vector and mitigate the risk.

Participants will then analyze the operation environment to determine whether any information assets have been compromised. Once the participants have assessed the information assets and the system environment, they will summarize their findings and formulate their recommendations for the organization that will include steps to implement preventive security measures designed to reduce the risk of future similar attacks from compromising the organization.

CCDC utilizes the latest in virtual technology to host and present a variety of targets for teams made up of high school students. Each target is a separate Operating System broken down between windows flavoured targets (XP to Windows Server 2008 R2) and open source Linux and Unix distributions.

Capture the Flag (CTF)

CCDC has designed a modified version of the traditional Capture the Flag (CTF) which combines the "jeopardy style" capabilities of a CTF with the offence and defence skills. Teams are awarded “points” for securing targets. Each target, open source or windows, has major security problems which can largely be identified by the following categories:

  • Services and Software that should never be found in a corporate network
  • Ridiculously bad configurations of services and software
  • Unsecured confidential information
  • Outdated highly vulnerable software

Present the Findings

The second part of the CCDC event is focused on developing leadership skills and communicating complex information to a non-technical audience – skills that industry believes are important for success. The teams have the opportunity to present their findings, recommendations in front of their peers - which in turn, helps them develop their leadership and communication skills.