Day 11: Introduction to Cybersecurity

Learning Objectives

• CSN-1.F: Explain how the design of the Internet and the Internet protocols contribute to reliability and scalability.

Essential Questions

• What is cybersecurity and why is it important?
• What are common security threats to computer systems and networks?
• How do we assess security vulnerabilities and risks?

Materials Needed

• Presentation slides on cybersecurity fundamentals
• Security threat cards
• Vulnerability scenario worksheets
• Risk assessment templates
• Exit ticket templates

Vocabulary

• Cybersecurity
• Threat
• Vulnerability
• Risk
• Attack
• Malware
• Phishing
• Social engineering
• Authentication
• Authorization
• Confidentiality
• Integrity
• Availability

Procedure (50 minutes)

Opening (8 minutes)

1. Review and Week 3 Introduction (3 minutes)

   • Review scaling and performance from previous lesson
   • Introduce Week 3 focus on cybersecurity and network security
   • Connect to today's focus on cybersecurity fundamentals

2. Warm-up Activity (5 minutes)

   • Ask students: "What security concerns do you have when using the Internet?"
   • Have students share personal experiences with security issues
   • Create a class list of security concerns
   • Introduce the need for cybersecurity

Main Activities (32 minutes)

3. Lecture: Cybersecurity Fundamentals (12 minutes)

   • Define cybersecurity as protecting systems, networks, and data from digital attacks
   • Explain the CIA triad of security:
     • Confidentiality: Preventing unauthorized access to information
     • Integrity: Ensuring information is not altered improperly
     • Availability: Ensuring systems and data are accessible when needed
   • Discuss common security threats:
     • Malware (viruses, worms, trojans, ransomware)
     • Phishing and social engineering
     • Man-in-the-middle attacks
     • Denial of service attacks
     • Data breaches
     • Insider threats
   • Explain key security concepts:
     • Authentication: Verifying identity
     • Authorization: Granting appropriate access
     • Accounting: Tracking actions and changes
     • Defense in depth: Multiple layers of security
   • Discuss the evolving nature of security threats

4. Exploration: Common Security Threats (8 minutes)

   • Present examples of different security threats
   • Show how each threat works:
     • Phishing email examples
     • Malware infection process
     • Social engineering techniques
     • Network attack methods
   • Discuss real-world impacts of security incidents
   • Explain how threats exploit different vulnerabilities
   • Emphasize that security is both technical and human

5. Activity: Identifying Vulnerabilities in Scenarios (12 minutes)

   • Divide class into small groups
   • Provide each group with scenario cards describing systems or situations
   • Groups identify potential vulnerabilities in each scenario
   • Groups categorize vulnerabilities by type:
     • Technical vulnerabilities
     • Physical vulnerabilities
     • Human/social vulnerabilities
     • Procedural vulnerabilities
   • Groups suggest security measures to address each vulnerability
   • Share and discuss findings as a class

Closing (10 minutes)

6. Discussion: Security Principles (5 minutes)

   • Lead a discussion on fundamental security principles:
     • Principle of least privilege
     • Defense in depth
     • Keep it simple
     • No security through obscurity
     • Fail securely
   • Discuss how these principles apply to the scenarios examined
   • Address any misconceptions about security

7. Exit Ticket: Security Risk Assessment (5 minutes)

   • Present students with a system description
   • Students complete a mini risk assessment:
     • Identify potential threats
     • Assess vulnerabilities
     • Evaluate potential impacts
     • Suggest security controls
   • Collect assessments before students leave

Assessment

• Formative: Quality of vulnerability identification in scenarios
• Exit Ticket: Completeness and accuracy of security risk assessment

Differentiation

For Advanced Students

• Ask them to analyze more complex security scenarios
• Have them research advanced threat vectors
• Challenge them to develop more detailed risk assessments

For Struggling Students

• Provide more structured vulnerability identification templates
• Focus on the most common security threats
• Use more concrete examples and visual aids

Homework/Extension

• Research a recent major security breach and analyze what went wrong
• Conduct a security assessment of their own digital practices
• Create an infographic explaining a specific type of security threat

Teacher Notes

• Use real-world examples to make security concepts concrete
• Be sensitive to students who may have experienced security incidents
• Make connections to students' everyday digital experiences
• Consider inviting a cybersecurity professional as a guest speaker
• Emphasize that understanding security helps students protect themselves online