Practical Cybersecurity Education: A Course Model Using Experiential Learning TheoryGlobal
The increasing sophistication of cybersecurity threats necessitates an educational approach that blends theoretical knowledge with practical experience. Many courses focus primarily on theoretical concepts, leaving students with limited hands-on experience with real-world challenges. This paper introduces a cybersecurity course model that integrates Experiential Learning Theory to provide a comprehensive hands-on learning environment. The course covers important cybersecurity topics, including SSH, VPNs, TLS, MFA, OpenID Connect, OAuth2, web server security, high availability, replication, distributed file systems, and orchestration with Docker and Kubernetes. These topics are explored through a mix of lectures, peer presentations, and weekly hands-on team practices. Over three years, the course has been offered at a large public university with 72 students enrolled, consistently receiving high course ratings between 4.8 and 5.0. This paper discusses the course design, methodology, and outcomes, offering insights for educators to replicate and adapt the model for their own institutions.