Cambridge Technicals Level 3 in IT U01 Lesson Element 2

Lesson Element

Unit 1: Fundamentals of IT

LO5: Understand ethical and operational issues and threats to computer systems

Threats and digital security

Instructions and answers for tutors

These instructions cover the learner activity section which can be found on page 12. This Lesson Element supports Cambridge Technicals Level 3 in IT.

When distributing the activity section to the learners either as a printed copy or as a Word file you will need to remove the tutor instructions section.

The activity

This lesson element will provide learners with an opportunity to identify threats to computer systems. They will look at physical and digital security methods and justify which methods are essential to use.

Suggested timings

Activities 1, 2 and 3: 30 minutes

Activities 4, 5 and 6: 30 minutes

Version 1 1 © OCR 2016

Activity 1

Tutors should print out and cut up the images and keyword cards from the Threats Memory Game below. Tutors spread out the cards, face down, on a table in front of the learners keeping the image and keyword cards separate. Card by card the learners turn over an image card and try and match it to its keyword card. If there is no match then both cards are returned face down to their original positions. The process is repeated until all images and threats are correctly identified.

Threats Memory Game

/ PHISHING
/ HACKING
/ VIRUS
/ TROJAN
/ INTERCEPTION
/ EAVESDROPPING
/ DATA THEFT
/ SOCIAL ENGINEERING

Activity 2

Tutors should ask learners to define the different types of threats. Learners can check their understanding using the web page: http://www.itscolumn.com/2012/03/28-types-of-computer-security-threats-and-risks/.

Learners can also extend their learning by reading and discussing further threats listed on the web page.

Activity 3

Tutors should print and cut up the images and keyword cards from the Security Memory Game below. Tutors spread out the cards face down on a table in front of the learners, keeping the image and keyword cards separate. Card by card the learners turn over an image card and try and match it to its security method card. If there is no match then both cards are returned, face down, to their original positions. The process is repeated until all images and security methods are correctly identified.

Security Memory Game

/ LOCKS
/ BIOMETRICS
/ RFID
/ TOKENS
/ PRIVACY FILTER
/ SHREDDING
/ ANTI-VIRUS
/ FIREWALL
/ ANTI-SPYWARE
/ USERNAME
PASSWORD
/ PERMISSIONS
/ ENCRYPTION

Activity 4

Tutors should ask learners to organise the identified security methods into two groups: Physical security and digital security.

Expected results

Physical security / Digital security
Locks
Biometrics
RFID
Tokens
Privacy filters
Shredding / Anti-virus
Firewalls
Anti-spyware
Username/password
Permissions
Encryption

Activity 5

Tutors should ask learners to give justified reasons for security methods (identified in Activity 3) they would use to combat the threats that they have identified. This could be done as a class discussion, paired work or individually using the table provided in the learner activity.

Example answers

Threat / Security / Justification
Phishing / Anti-spyware
Privacy filters / Anti-spyware will prevent unknown applications stealing personal information.
Privacy filters will guard against personal information being read by onlookers.
Hacking / Firewalls
Biometrics / Firewalls will protect a network or system from unauthorised access.
Biometrics are more secure than usernames/ passwords as they cannot be guessed.
Virus / Anti-virus / Anti-virus software will detect and protect against known computer viruses. The anti-virus software must remain up-to-date to provide protection.
Trojan / Anti-virus / A Trojan is a computer invasion also protected against by anti-virus software. The anti-virus software must remain up to date to provide protection.
Interception / Encryption
Shredding / Encryption will prevent access to the data as a decryption key is required.
Shredding prevents unauthorised access to data no longer required.
Eavesdropping / Encryption
Locks / Encryption will prevent access to the data as a decryption key is required.
Locks, securely locked doors will prevent public (visitors) use.
Data theft / Encryption
Tokens
RFID / Encryption will prevent access to the data as a decryption key is required.
Tokens will only allow people with the token access to the data.
RFID will only allow people with RFID access to secure areas.
Social engineering / Username/password
Biometrics
RFID / Prevent a social engineering attack by using a combination of security methods in order to prevent an attacker persuading a victim to give out all security details.

Activity 6

Tutors ask learners to share one threat they have identified, and their justified reasons for using a particular security method, with the rest of the group. Tutors ask the group to vote on whether they agree or disagree with the learner’s decisions. If the group disagrees, the tutor sets up a discussion group to identify alternative methods.

Version 1 1 © OCR 2016

Lesson Element

Unit 1: Fundamentals of IT

LO5: Understand ethical and operational issues and threats to computer systems

Learner Activity

Threats and digital security

This lesson element will provide you with an opportunity to identify threats to computer systems. You will also look at physical and digital security methods and justify which methods are essential to use.

Activity 1

You will be given a number of cards face down. Do not turn them over and look at them until asked to do so. Each player in turn chooses and turns over one card from the image group and then one card from the keywords group. The aim is to match the image card with its keyword card. If there is no match return both cards face down to their original positions. Repeat the process until all images and threats are correctly identified.

Activity 2

Write a definition for each of the different types of threats. You can check your understanding using the web page: http://www.itscolumn.com/2012/03/28-types-of-computer-security-threats-and-risks/.

You can also extend your learning by reading and discussing further threats listed on the web page.

Activity 3

You will be given a number of cards face down. Do not turn them over and look at them. Spread out the cards face down on the table. Each player in turn chooses one card and turns it over, then chooses another card and turns it over. The aim is to match each image card with its security method card. If there is no match return both cards face down to their original positions. Repeat the process until all images and security methods are correctly identified.

Activity 4

Organise the identified security methods into two groups, Physical Security and Digital Security. Write your results in the table below.

Anti-spyware

Anti-virus

Biometrics

Encryption

Firewalls

Locks

Permissions

Privacy filters

RFID

Shredding

Tokens

Username/password

Physical security / Digital security

Activity 5

For each threat you have identified in Activity 3, give justifiable reasons for the security methods you would use to prevent or combat the threat. You can use the table provided below to note your answers. The web page https://www.getsafeonline.org/ may also be of assistance with your justifications.

Threats and security

Threat / Security / Justification
Phishing
Hacking
Virus
Trojan
Interception
Eavesdropping
Data theft
Social engineering

Activity 6

Share one threat you have identified and justify your reasons to the rest of the class.

Version 1 12 © OCR 2016