Skip Ribbon Commands
Skip to main content
Sign In Skip to Content

Advice for teachers -
Applied Computing

​Unit 2 Applied Computing

Area of Study 2: Network security

Outcome 2

Respond to a teacher-provided case study to examine the capabilities and vulnerabilities of a network, design a network solution, discuss the threats to data and information, and propose strategies to protect the security of data and information.

Examples of learning activities

  • Discuss the applications and capabilities of LANs, WANs and WPANs. Demonstrate how to set up a WPAN using a mobile phone or an old wireless router.
  • Students build a network using a router and other relevant devices such as laptops, tablets, smart phones, Raspberry Pi-based web servers or an Arduino wireless network to send and receive data.
  • Students conduct research and prepare a report that compares and contrasts the strengths and limitations of wired, wireless and mobile communications technology.
  • Conduct a guided tour of the school server room and network infrastructure under the supervision of the school’s IT or Network Manager. Have students develop questions to ask the IT staff regarding the internet, VPNs, school intranet, hardware and software components and any network security-related issues.
  • Create a network diagram of the school network using a software tool such as Visio, Dia, yEd Graph Editor or ThinkComposer.
  • Discuss the security threats to data and information, drawing upon various media articles over the last 12 months. Students are to analyse the articles to identify the cause of the threats.
  • Example icon for advice for teachers
    Students create a ‘How to Guide’ that contains a step-by-step process to allow them to install and/or implement a hard-drive encryption tool such as VeraCrypt or Microsoft’s BitLocker system.
  • Watch the short video ‘Malware: Difference between computer viruses, worms and trojans’ by KasperskyLab. Students research examples of malware attacks in the media. They write a report on the key technical features of the malware, the impact on the organisations that suffered them and prevention strategies that should have been used or were developed as a result of the attacks.
  • Discuss the data and network protection strategies used in the school. This discussion can be linked to a subsequent visit by the school’s IT/Network manager as part of an informal Q&A session with the students. Give students a range of examples to classify into the following categories: authentication techniques, symmetric encryption methods or asymmetric encryption methods.
  • Working in small groups, students create a comprehensive disaster recovery plan for a hypothetical organisation. The plan should include preventative practices to reduce risks to networks and staff procedures. Students present their plan to the class.
  • Discuss the technical underpinnings of intrusion detection systems (IDS) and intrusion prevention systems (IPS). Students research an IDS or IPS product and produce a marketing advertisement, such as an A4 flyer, which can (hypothetically) generate prospective sales for that company’s IDS or IPS product/tool.
  • Debate the ‘hacker ethic’. Students are allocated to one of two sides, with opposing pairs of students debating over key arguments: one argument per student pair (depending on the size of the class). Example arguments include: good vs. evil; risk vs. reward; hiring a ‘criminal’ to complete the penetration test; legitimate vs. dishonest hacking.

  • Discuss, using case study examples, the risks and benefits of using networks in a global environment. Case study examples can be drawn from media reports such as: Airlines suffer worldwide delays after global booking system fails, cyber-hacking of modern vehicles connected to the internet and Social media users freak out as Instagram and Facebook crash.

  • Analyse media articles involving data and information breaches, and debate the impact of the breaches to identify the relevant legislation affected.
  • Students research ethical issues involving data and information security practices, and discuss and debate these issues. Use authentic examples where possible, such as: the FBI-Apple encryption dispute or the alleged misuse of social media data.
Example icon for advice for teachers

Detailed example

Developing a ‘How to Guide’ for a hard-drive encryption tool

Background

When specialist IT companies create hardware and/or software products, they must give consideration to providing documentation that will allow the end-users to do any one or more of the following actions:

  • install the product
  • use the product
  • maintain the product.

The nature and type of documentation is dependent on the product and the technical ability of the typical end-user. In this ‘applied’ activity students are required to research an example of a data encryption tool, understand how the tool works, including the installation and activation of the encryption product, and produce a ‘How to Guide’ for the end-user of the data encryption tool.

Students place themselves in the position of an end-user of the encryption tool and write a ‘How to Guide’ that features suitable screenshots with annotations. The ‘How to Guide’ should take the end-user through a sequence of ‘easy to understand’ steps that should result in full-disk encryption of the end-users data disk drive.

Note: this activity can be undertaken individually or in small groups, depending on the ability level of students. Wherever possible, student collaboration is encouraged because this is a key skill.