Teaching Security Unit 0

 

The Security Mindset:

Cybersecurity through Threat Modeling

About This Lesson:

Unit 0 introduces students to the basic concepts of cybersecurity and the “Security Mindset”. This perspective frames the topics in the remaining lessons.

Intended Audience: High school students or early undergraduates. Geared towards AP Computer Science Principles, but compatible with any introductory computer science course.

Delivery Format: Traditional classroom.

Duration for Whole Unit: 75 minutes (with options to shorten).

Learning Objectives
  1. Item.
Curriculum Standards Addressed

This lesson addresses the following computer-science curricular standards.

AP Computer Science Principles Curriculum Framework

The lesson substantially addresses the following Essential Knowledge under Big Idea X, NAME:

  • EK XXX. Essential knowledge statement.

The following Essential Knowledge is also touched on:

  • Under Big Idea X: NAME: XX, XXX.
CSTA K–12 Computer Science Standards (Level 3 — High School)

The lesson substantially addresses the following learning objectives under Level X, Course Y: NAME:

  • XXX. Learning objective.

The following learning objectives are also touched on:

  • Under Level X, Course Y: NAME: XX; XXX.
ACM Computer Science Curricula 2013 (CS2013) Guidelines (Undergraduate)

The lesson substantially addresses the following Learning Outcomes under NAME:

  • SUBNAME X: Learning outcome.

The following Learning Outcomes are also touched on:

  • Under NAME: SUBNAME X; SUBNAME Y.

“Engage” Activities:

Introduce the topic, probe prior knowledge, and ignite students’ interest.

Small-Group Brainstorming Activity: Defend and Attack

Estimated Time: 5-10 minutes.

What You’ll Need: Print out slips of paper with words or pictures on them (the school mascot, your state bird, a popular movie title, etc.).

In this activity, students get a taste of how cybersecurity involves thinking about possible attacks — but also the drawbacks of not taking a systematic approach.

  1. Ask your students to form groups of three or four.
  2. Label each as Group A or Group B.
  3. Give every Group A a copy of the paper. (Or ask Group B to close their eyes while you show the word or picture on a slide or the whiteboard.)
  4. Tell Group As their task is to figure out a plan for protecting the paper.
  5. Tell Group Bs their task is to figure out a plan for finding out what’s on the paper.
  6. Give groups three minutes to discuss their ideas for protecting or obtaining the piece of paper.
  7. Beginning with a Group B, ask the groups to report back. After hearing a Group B plan to get the paper, ask if any Group A has a plan to prevent that specific attack.

Key Ideas That May Emerge:

  • It’s tough to cover every possible attack.
  • It’s easier to think of attacks than it is to think of protection measures.
  • Brainstorming attacks and protections feels disorganized.
  • Both sides will have lots of open questions about what’s possible.

“Explore” Activities:

Ground students’ learning in firsthand experience and spark new ideas.

“Explain” Activities:

Introduce important facts and underlying concepts.

“Elaborate” Activities:

Go deeper into the underlying concepts and/or let students practice important cybersecurity skills.

“Evaluate” Activities:

Assess students’ understanding of the material and development of new skills.

More for Teachers

Resources and background information to help you brush up on the technical nitty-gritty and be prepared for student questions.

Other Recommended Classroom Resources for Threat Modeling and the Security Mindset
ACTIVITY TYPE: TITLE
  • Target grades: XXX
  • Summary: One or two sentences.
  • Produced by: Producer.
  • Link: LINK

Contact us and let us know what you think!

12 + 8 =