"At John Black's class at the University of Colorado, Boulder... Black structures the class like a game: students work through a series of "levels," where, after they reach a goal by hacking past defenses, they earn access to the next level. The students, meanwhile, can see what level the other students are on as they go.
Students learn the tricks they need to break past a system's defenses, but not when to use which tricks. In other words, they get the keys, not the locks. "We won't tell them exactly how to do it--they have to go and figure it out," Black says. A student might, for example, use programs to broadly search for vulnerabilities in a computer. Once they find the weak point, they dig in with the relevant tool."
To read more, click here.