Rules & Guidelines

This is an initial draft of guidelines and may be changed at the discretion of competition organizers. Upon acceptance into the competition, teams will be provided full rule sets.

These guidelines create an even playing field for this competition amongst all competitors. This ensures that each team participates under the same circumstances and receives an opportunity to succeed. Failure to comply with the guidelines of the competition may lead to penalization of points or disqualification based on the offense. Egregious offenses may result in ejection from the competition. If you see a breach of competition guidelines, please feel free to reach out to competition staff or email if you would like to remain anonymous. Additionally, if it is illegal in nature then it is also against the competition guidelines.


  • Each team must have 4-6 students.
  • One faculty mentor must be present at the national laboratory the day of the competition. In the case that a faculty member cannot attend, an appropriate chaperone will be discussed on a case by case basis.
  • Faculty members cannot provide any assistance to their teams on the day of the competition. Any teams receiving help from mentors will be warned and penalized points on the first offense, and disqualified after a subsequent offense.
  • Teams are required to have the following services active at all times, unless noted:
    • Website/Web Server
    • Help Desk
    • Email Server
    • File Server
    • Active Directory Server (provided)
    • Human Machine Interface (HMI), and
    • Industrial Control System (ICS).
  • Team documentation (white and green) is due to by no later than March 30, 2018. Early submission is encouraged, as teams will receive feedback. Any documentation submitted after will have a reduction in points.
  • Additional operational rules and team-related rules will be provided once a team has been selected.

Updates to Guidelines

  • Any update to guidelines and rules can be found on the Cyber Defense website under the Rules Tab. There will be periodic emails containing updated and pertinent information to the competition. It is each team’s responsibility to look for any updates or changes.

The Don’ts

  • Do not change any port numbers provided.
  • Do not change any OS that is provided unless otherwise specified by Competition Leadership.
  • Do not tamper with any other team’s hardware.
  • Do not change or delete any user information provided.
  • Do not utilize any software that requires a paid license. All software must be open source and free. Trial versions are ok.
  • Do not physically tamper with any other team’s physical boxes.
  • Do not perform offensive actions toward other teams or the network.
  • Do not touch the box or any configurations for the “Scoring” box.

The Do’s

  • Do set up and maintain DNS.
  • Do set up and maintain NTP.
  • Do create innovative defense strategies, but keep in mind the requirements of open source.
  • Do provide consistent site functionality throughout the competition.
  • Do consider adding more users/employees to your LDAP.
  • Do clearly document any changes to user passwords.
  • Do inform of any changes to IP addresses in DNS.
Rules & Guidelines Sidebar