Development of Peer Instruction Questions for Cybersecurity Education

Cybersecurity classes should be focused on building practical skills along with the development of the open mindset that is essential to tackle the dynamic cybersecurity landscape. Unfortunately, traditional lecture-style teaching is a poor match for this task. Peer instruction is a non-traditional, active learning approach that has proven to be effective in many fundamental courses of computer science. The main challenge for faculty in adopting peer instruction is the development of conceptual questions. This paper presents a methodology for developing peer instruction questions systematically for cybersecurity courses. The method consists of four stages: concept identification, concept trigger, question presentation, and question development. The paper further provides an analysis of 172 questions developed over the period of ten months by the authors for two cybersecurity courses: introduction to computer security and network penetration testing. Finally, it discusses four examples of peer instruction questions in the context of the aforementioned methodology.