This paper discusses how new technologies can be used in a training lab for the field of information security, and how the lab can facilitate learning in the learning modes described in Kolb’s experiential learning model (concrete experience, abstract conceptualization, reflective observation, and active experimentation). While discussion of Kolb’s theory is rather sparse, and correlation to the training methodology is limited, the paper provides good value in its discussion of new technologies.

Crowley provides an excellent overview of new technologies released as open source software, which can be freely distributed, modified, and redistributed under liberal licensing terms. He provides examples of such open source security software, as well as various distributions of Linux, a prominent open source operating system (OS). He then describes how this software can be used to set up an information security training lab economically; in today’s cash-strapped environments, this can be critical. By lowering the marginal cost of setting up existing equipment, educators may be able to fully equip a sizable lab, capable of serving the needs of a typical class. Otherwise, they may have to share a limited number of workstations, provisioned with commercial software, and face a correspondingly higher cost of training per student.

Crowley provides excerpts from his training labs as an appendix. They describe how the lab exercises would invoke Kolb’s theories. It is not clear whether the lab manual is open source, in the spirit of the software used. If so, it would be useful to provide a uniform resource locator (URL) for the reader.