The cybersecurity skills and ingenuity of students from the U.S. service academies will be put to the test by the National Security Agency's top information assurance professionals in the 14th Annual Cyber Defense Exercise (CDX), which will be held from April 8-10 at the Parsons facility located at 7110 Samuel Morse Dr., Columbia, Md.
Participants in this year's exercise will include the U.S. Military Academy, U.S. Naval Academy, U.S. Air Force Academy, U.S. Coast Guard Academy, U.S. Merchant Marine Academy, U.S. Naval Postgraduate School, and the Royal Military College of Canada. NSA's Information Assurance Directorate sponsors this annual event.
Network specialists who help to secure the U.S. government's most sensitive communication systems will challenge the ability of service academy teams to defend computer networks that the students have designed, built, and configured at their respective schools. The entire exercise will be conducted on virtual private networks. Another group of specialists will grade each team's ability to effectively maintain network services while detecting, responding to, and recovering from security intrusions or compromises.
Credentialed journalists are invited to attend from **9 a.m. to 10 a.m.** on Wednesday, April 9, only. Journalists must register in advance by contacting NSA's Public Affairs Office: (301) 688-6524, telephone; email@example.com, e-mail.
For additional information on the Cyber Defense Exercise click on the "Watch NSA Videos" button above the red square on www.nsa.gov, and then on "Cyber Defense Exercise 2012."
What is the Cyber Defense Exercise (CDX)?
The 14th Annual Cyber Defense Exercise (CDX) 2014 will begin on Tuesday, 8 April, through Thursday, 10 April 2014. CDX is an annual cyber security exercise in which students from various military institutions design, build, and defend computer networks against simulated intrusions by the National Security Agency/Central Security Services (NSA/CSS) Red Team (Red Cell).
CDX is a computer security competition designed to foster education and awareness among future military leaders about the role of Information Assurance (IA) in protecting the nation's critical information systems.
Schools are assessed on their ability to maintain network services while detecting and responding to network intrusions and compromises.
Students are graded on their ability to maintain an exchange server, chat server, web server, and domain controller. They also must submit timely and accurate incident reports as they detect Red Cell activity.
What is the purpose of the CDX?
CDX challenges teams of students from each of the service academies with designing, building, and successfully defending a real-world computer network against simulated intrusions by a team of NSA/CSS and Department of Defense (DoD) personnel over a three-day period.
CDX strives to provide students a sense of the dangers that will exist in a realistic and hostile network environment, sound and effective network defense strategies that can mitigate those dangers, and realistic strategies that can be applied even with manpower and financial resource limitations.
When and where will the exercise be held?
CDX will be headquartered at the PARSONS facility in Columbia, MD, this year. Parsons also provides VPN connectivity and assists with technical issues.
What makes up the CDX teams?
CDX headquarters (HQ) houses the Red Cell, which portrays (external) adversarial activity on the Blue Cell (schools/students) network. The students operate from their individual academy locations. White Cell: adjudicates the competition, enforces the rules and levies penalties when the Blue Cell teams suffer service outages or compromise network integrity. Gray Cell represents the common user who may knowingly or unwittingly commit egregious errors on a network.
The White and Gray cells have members stationed at school locations and at the CDX headquarters.
What is NSA's role in the CDX?
NSA and DoD personnel act as drivers/scorers, and evaluators during the three-day exercise. The NSA IA Director awards a trophy to the team that most effectively maintains network services, while deterring and recovering from network intrusions. The CDX Red Cell consists primarily of NSA Remote and Deployed Operations personnel who lead the challenges of academy teams using only publicly available, well-documented vulnerabilities on a closed network that does not access the Internet. NSA Mission Technology Development & Deployment personnel lead the technical construction, management, and scoring of the exercise.
Which schools are participating in this year's exercise?
- United States Military Academy (USMA)
- United States Naval Academy (USNA)
- United States Air Force Academy (USAFA)
- United States Coast Guard Academy (USCGA)
- United States Merchant Marine Academy (USMMA)
- Navy Postgraduate School (NPS) - not competing for the IAD Director's trophy*
- Royal Military College of Canada (RMC) - not competing for the IAD Director's trophy*
Which schools have won the CDX trophy* in the past?
- Military Academy: 2001, 2002, 2007, 2008, 2009, 2011
- Naval Academy: 2005, 2010
- Air Force Academy: 2003, 2006, 2012, 2013
- Merchant Marine Academy: 2004
*These institutions participate in the exercise but do not compete for the CDX trophy.