Day 13: Network Security Measures

Learning Objectives

• CSN-1.F: Explain how the design of the Internet and the Internet protocols contribute to reliability and scalability.

Essential Questions

• What technologies and practices protect networks from security threats?
• How do organizations implement defense in depth strategies?
• How do authentication and authorization protect network resources?

Materials Needed

• Presentation slides on network security technologies
• Network security diagram templates
• Security measure comparison chart
• Case study materials
• Exit ticket templates

Vocabulary

• Firewall
• VPN (Virtual Private Network)
• IDS/IPS (Intrusion Detection/Prevention System)
• Authentication
• Authorization
• Access control
• DMZ (Demilitarized Zone)
• SSL/TLS
• Network segmentation
• Defense in depth

Procedure (50 minutes)

Opening (8 minutes)

1. Review and Connection (3 minutes)

   • Review cryptography concepts from previous lesson
   • Connect to today's focus on broader network security measures

2. Warm-up Activity (5 minutes)

   • Present a scenario: "Your school needs to protect its network. What security measures would you recommend?"
   • Have students brainstorm security technologies and practices
   • Create a class list of security measures
   • Introduce the concept of defense in depth

Main Activities (32 minutes)

3. Lecture: Network Security Technologies (12 minutes)

   • Explain key network security technologies:
     • Firewalls: Monitoring and controlling network traffic
       • Packet filtering
       • Stateful inspection
       • Application layer firewalls
     • VPNs: Creating secure connections over public networks
       • Site-to-site VPNs
       • Remote access VPNs
       • How encryption protects VPN traffic
     • IDS/IPS: Detecting and preventing intrusions
       • Signature-based detection
       • Anomaly-based detection
       • Response capabilities
     • Authentication systems:
       • Passwords and their limitations
       • Multi-factor authentication
       • Single sign-on
     • Encryption in transit:
       • SSL/TLS for web traffic
       • Encrypted protocols
   • Discuss network security architecture:
     • Network segmentation
     • DMZ for public-facing services
     • Zero trust model

4. Exploration: Firewalls, VPNs, and Authentication (8 minutes)

   • Demonstrate how firewalls filter traffic:
     • Show firewall rule examples
     • Explain how rules are processed
     • Discuss default deny vs. default allow
   • Explain how VPNs work:
     • Show VPN tunnel establishment
     • Demonstrate encrypted vs. unencrypted traffic
     • Discuss VPN use cases
   • Show authentication mechanisms:
     • Password authentication process
     • Multi-factor authentication examples
     • Biometric authentication

5. Activity: Designing Security Measures for a Network (12 minutes)

   • Divide class into small groups
   • Provide each group with a network scenario (e.g., small business, school, e-commerce site)
   • Groups design security measures for their scenario:
     • Identify assets to protect
     • Select appropriate security technologies
     • Design network security architecture
     • Create authentication and access control policies
     • Consider defense in depth strategy
   • Groups create a network security diagram
   • Share and discuss different approaches

Closing (10 minutes)

6. Discussion: Defense in Depth Strategies (5 minutes)

   • Lead a discussion on layered security approaches
   • Explain how multiple security measures work together
   • Discuss the concept that security is only as strong as the weakest link
   • Address any misconceptions about network security
   • Emphasize that security is an ongoing process, not a one-time solution

7. Exit Ticket: Security Plan (5 minutes)

   • Students create a basic security plan for a small organization
   • Plan should include:
     • Key security technologies to implement
     • Authentication requirements
     • Network architecture recommendations
     • Security policies
   • Collect plans before students leave

Assessment

• Formative: Quality of network security design activity
• Exit Ticket: Appropriateness and completeness of security plan

Differentiation

For Advanced Students

• Ask them to include more detailed security configurations
• Have them research advanced security technologies
• Challenge them to address specific attack scenarios in their designs

For Struggling Students

• Provide more structured security design templates
• Focus on the most essential security measures
• Use more visual aids and concrete examples

Homework/Extension

• Research a specific network security technology in depth
• Evaluate the security measures of their home network
• Create a security checklist for a specific type of organization

Teacher Notes

• Use analogies to help students understand security concepts (e.g., firewalls as security guards)
• Be prepared to address questions about specific security technologies
• Make connections to students' experiences with security measures
• Consider discussing recent security breaches and how proper measures might have prevented them
• Emphasize that understanding security measures helps students evaluate security claims and practices