🎯 Learning Objectives
Develop the Communication and Networks Learning Strands:
- Compare security threats against their probability and their potential impact to organisations
- Explain how networks can be protected from common security threats
💬 Key Vocabulary
- encryption
- automatic software updates
- two-factor authentication (2FA)
- CAPTCHA
- Anti-malware
- firewall
- end-user authentication
- biometrics
- folder permissions/privileges
- botnet
- trojans
📖 Cyberthreats: The stats
📝 Protecting yourself from cyberattacks
Network security provision is based on risk. Often, companies will compare the impact of an attack against the probability of it happening.
This helps organisations plan how best to spend their budgets.
Copy or screenshot the graph and then plot the following risks on it:
- Viruses
- Ransomware
- DDoS
- Brute force
- Social engineering
- Internal threats (learners or staff deliberately doing damage)
Use the statistics and articles at the top of this page.
📝 Protection
You could say that you can never make yourself 100% secure against attackers.
But you can put measures in place to make it so difficult for the attackers that they give up.
You should turn the information on the forms of protection into your own words in your word document or on paper.
📖 Firewalls
A firewall checks incoming and outgoing network traffic.
It scans the data to make sure it doesn’t contain anything malicious and that it follows the rules set by the network.
For example:
A student tries to use a website full of free games. The rules of the network are set to disallow this and the firewall stops the learner from accessing the website.
📝 Anti-malware
Anti-malware is software that scans any file that is able to execute code.
The anti-malware will have a list of definitions of sequences of code that they are aware are malicious.
If the code in your files matches the definitions, the files are quarantined.
Question
What is meant by ‘quarantined’ and why is it important that this happens?
📝 Auto-updates
Auto-updates refers to software that automatically checks for available updates for the software you have on your computer.
Once it finds an update, the software can be set either to alert the user or to install it automatically.
This software is often included with an operating system.
In this case, what is meant by ‘automatically’?
Can you think of one way in which auto-updates can reduce the risk of a cyberattack?
📝 User authentication
How do you log onto the school system?
What measures are already in place to make it secure?
What could be put in place to make it even more secure?
Think/pair/share
What could be put in place to make it even more secure?
- Secure passwords (password managers)
- A maximum number of attempts to log in before an account is locked
- CAPTCHA
- Biometrics
- Two-factor authentication (2FA)
📝 User permissions
Thinking about your school network, what data should you be able to see?
What data do you think is on the system that you shouldn’t be able to see?
Should this be the same for all users of the system?
Users on a network can be put into groups, with each group having a unique set of privileges, such as:
- Which network drives they have access to
- Their read/write permissions Which printers they are able to use
- What software they can use
- Which websites they are allowed to access
How does setting user permissions increase the security of a system?
- If individual accounts are compromised, the potential damage is limited
- Users have less chance of introducing malware to the network if they can’t install software
- There is less chance users will accidentally or deliberately tamper with data they shouldn’t be able to see
📝 What privileges should the receptionists have?
Should they be able to install new software?
Should they have read/write access to the staff shared drive?
Should they have read/write access to the student shared drives?
Should they be able to see registers and pupil data?
🏅 Badge it
Upload your Word file or a photo of your paper that contains the notes and answers to questions that you have made throughout this lesson to www.bournetolearn.com.
🥈 Silver Badge
Complete the Starter Activity and answer all 3 questions and the explorer question.
🥇 Gold Badge
Complete notes on how to protect against cyberattacks.
🥉 Platinum Badge
Answer the questions on the privileges of a receptionist.
In this lesson, you…
Compared security threats against their probability and their potential impact to organisations
Identified how networks can be protected from common security threats
Next lesson, you will…
Describe different methods of identifying cybersecurity vulnerabilities, such as penetration testing, ethical hacking, network forensics, commercial analysis tools, review of network policies