The 14th Annual Cyber Defense Exercise (CDX) 2014 will begin on Tuesday, 8 April, through Thursday, 10 April 2014. CDX is an annual cyber security exercise in which students from various military institutions design, build, and defend computer networks against simulated intrusions by the National Security Agency/Central Security Services (NSA/CSS) Red Team (Red Cell).

CDX is a computer security competition designed to foster education and awareness among future military leaders about the role of Information Assurance (IA) in protecting the nation’s critical information systems.

Schools are assessed on their ability to maintain network services while detecting and responding to network intrusions and compromises.

Students are graded on their ability to maintain an exchange server, chat server, web server, and domain controller. They also must submit timely and accurate incident reports as they detect Red Cell activity.

What is the purpose of the CDX?

CDX challenges teams of students from each of the service academies with designing, building, and successfully defending a real-world computer network against simulated intrusions by a team of NSA/CSS and Department of Defense (DoD) personnel over a three-day period.

CDX strives to provide students a sense of the dangers that will exist in a realistic and hostile network environment, sound and effective network defense strategies that can mitigate those dangers, and realistic strategies that can be applied even with manpower and financial resource limitations.

When and where will the exercise be held?

CDX will be headquartered at the PARSONS facility in Columbia, MD, this year. Parsons also provides VPN connectivity and assists with technical issues.

What makes up the CDX teams?

CDX headquarters (HQ) houses the Red Cell, which portrays (external) adversarial activity on the Blue Cell (schools/students) network. The students operate from their individual academy locations. White Cell: adjudicates the competition, enforces the rules and levies penalties when the Blue Cell teams suffer service outages or compromise network integrity. Gray Cell represents the common user who may knowingly or unwittingly commit egregious errors on a network.

The White and Gray cells have members stationed at school locations and at the CDX headquarters.

What is NSA’s role in the CDX?

NSA and DoD personnel act as drivers/scorers, and evaluators during the three-day exercise. The NSA IA Director awards a trophy to the team that most effectively maintains network services, while deterring and recovering from network intrusions. The CDX Red Cell consists primarily of NSA Remote and Deployed Operations personnel who lead the challenges of academy teams using only publicly available, well-documented vulnerabilities on a closed network that does not access the Internet. NSA Mission Technology Development & Deployment personnel lead the technical construction, management, and scoring of the exercise.