Unit 3. Information and the Internet
Revision Date: Jun 11, 2020 (Version 3.0)Pre-lesson Preparation
Assigning some of the research as homework will allow more in-depth research.
Summary
Reflecting on the fact that the Internet was not designed with security in mind, students will examine the devastating impact of cyber attacks. Students will study types of cyber attacks and the vulnerabilities they exploit and identify the roles of software, hardware, people, and the Internet. Students will identify potential cybersecurity concerns in systems built on the Internet.
6.3 Cybersecurity is an important concern for the Internet and the systems built on it.
The Internet was not built with security in mind, leaving computers vulnerable to cyber attacks. This makes cybersecurity an extremely important concern when designing and implementing systems that are built on the Internet. Students need to be able to identify potential problems that could arise and potential options for protecting against these problems.
Outcomes
Student computer usage for this lesson is: optional
In the Lesson Resources folder:
Journal Sample Response:
Example for Presentations:
Information to present about firewalls. (Included in the slides)
“You can protect against certain attacks. One way to protect against them is a firewall.”
(Note: There is a PowerPoint to be used with this entire lesson: "Cyber Security Lesson Slides" in the Lesson Resources folder.)
In their journals or as a class, students should discuss the following:
2a. Say: What can be done to protect our online security and privacy? Institutions can implement Multifactor and 2-factor authentication.
Show the videos: Multifactor and 2-factor authentication
Discuss: multifactor identification. Be sure all four points below are discussed. (Suggestion, play it like Family Feud, keep getting ideas until all key points below have been revealed and add other ideas as they are suggested)
2b. Say: What can we as users do?
Discuss with students what they think they can do. Be sure all six points below about what users can do are discussed.
Individuals can manage passwords, network and credit card use.
Organize the class into seven groups and assign a topic above to each. Ask students to think about what the technology is, why it is important and how it is used.
Allow students five minutes to research the topics. Allow 5 minutes to prepare a poster about each. Present and answer questions about each.
4a. Say: All real-world systems have errors or weaknesses that make the susceptible to attack. One approach to making them safe is to detect and prevent these attacks. We are going to investigate malware and virus attacks. Show the video Malware: Difference Between Computer Viruses, Worms and Trojans. Have a brief class discussion on computer viruses using the questions below as prompts.
4b. Say: Attacks come from unknown senders, or spoofed or compromised known senders. Show the What is Phishing video. Have a brief class discussion on phishing using the questions below as prompts.
4c. Say: Some attacks take advantage of keyloggers. Show the Cyber Security Minute: Keyloggers video. Have a brief class discussion on keyloggers using the questions below as prompts.
4d. Ask: Why is the danger of free downloads is a special risk to young people? Visit the site 7 Quick Sites That Let You Check If a Link Is Safe and identify two tools you could use to identify safe downloads.
4e. Ask: What is an access point to a network? (Ans: a point of connection that can communicate with the network)
Say: According to Wikipedia, A rogue access point is a wireless access point that has been installed on a secure network without explicit authorization from a local network administrator. Rogue access points can give access to the network with authorization and can be used to intercept or modify network traffic that is traveling through it.
Solicit at least 3 examples of how this could be a problem on a secure network.
4f. Ask: What does it mean if something is malicious? (Ans: it has bad intentions)
Say: According to ZDnet,"85% of all malspam sent in Q2 2019 (April, May, and June) contained a link to a malicious file download, rather than the actual malicious file attached to the email." Have a brief class discussion on malicious email using the questions below as prompts.
4g. Say: In addition to attachments and malicious links - whether in an email, message or on a web page, email from an unknown sender or a known sender whose computer has been compromised may contain active contents such as forms or videos that can be used to compromise your computer security, your privacy or both. Discuss with students ways malicious software can be installed on their computers. Be sure to address the points below.
Optional programming activity.
Visit the PyPi website keylogger 2.7.3 and read the Use cases.
Optional research activity.
Students will be grouped by the type of attack they read about. They will conduct research to answer the following questions: (some resources will be provided, but students can also search for others. If no computers are provided, it will be up to the teacher to find these additional resources)
Visit the Top 10 Malware January 2019 report.
Visit the us-cert.gov report on Ransomware.
What is ransomware?
How can you protect yourself?
Questions in the AP Classroom Question Bank may be used for summative purposes.
Sixty of the 80 questions are restricted to teacher access. The remaining 20 questions are from public resources.
Questions are identified by their initial phrases.
A certain social media Web site allows users to...
A retailer that sells footwear maintains a single
When a cellular telephone user places a call, the
Many Web browsers allow users to open anonymous...
Which of the following has the greatest potential
Which of the following is considered an unethical
Real World Connection: Protecting your Computer
Choose one of the following articles to read, based on the operating system you have running on one of your home computers, or the computer you normally use.
Answer the following questions:
If yes, answer the following questions:
If no, do the following:
Optional: Use this extended checklist to enhance the security of your computer.
The teacher will see where the students place the cyber attacks as they read about them on the impact graph and give appropriate feedback.
The teacher will monitor the research on cyber attacks and check for accurate information.
The teacher will clarify misconceptions that become evident during the group presentations.
Students will complete a journal entry by responding to questions about their personal and school related data being accessible through the Internet.