Learn More
Tech Team
Edit   |   AI Edit
Computers and Engineering IIComputers and Engineering IIUnit 6: Security
Previous
Curriculum
Next

Week 1: Logical Security Concepts & Physical Security Measures

Essential Questions

  • How do I know who you really are and that you have access to my information?
  • How can I use technology to help keep my information secure and available only to those who have a right to it?
  • How might I know that someone is trying to obtain access to my information without permission?

Big Ideas

IT support specialists must understand and implement a range of security strategies to keep their organization's devices, information, software, and network safe. Security refers to making sure only the people (or systems) that should have access to something do have access. IT specialists will use a combination of physical, procedural (operational), and logical controls to keep their resources secure. They must also follow legal and regulatory guidance, especially when it comes to using licensed resources, such as software.

IT staff use some technologies, like encryption, firewalls, and anti-virus software to keep network resources secure, but technology alone will not keep resources secure. People who use the network resources have to understand the ways people may try to obtain access to private or secure information, what is often referred to as social engineering. They then need to act in approved ways so these attacks against individuals or devices comprising the network can be avoided.

Connection to Student Lives

We all own things we want to keep secure. They can include things like a bicycle or a car, your phone or a laptop, and many other things that are either important to you or that cost you or someone in your family money, time, or effort to obtain. Some of these things might be replaceable; although, it would take more time and effort and would probably come at additional cost. There are things you own that you want to keep secure but might not be replaceable, at least not easily. These can include things you've created. Maybe you draw or write and don't want to share your creations with the world, yet. Or maybe you create digital objects, like digital art or even VR worlds in a program like Minecraft. You should be able to determine who has access to them.

We want to be in charge of who has access to the things we own and the things we create. We want to determine who can see them or use them, if we even want to allow that. The same is true when we use an IT infrastructure, including the devices, software, network, and especially the information it contains. IT support specialists take steps to ensure that all aspects of the infrastructure are available only to those people who should have access to them. Keeping the IT infrastructure secure may involve a variety of strategies, including using special software, enacting policies for the way people should behave, as well as physical strategies as simple as locks on devices. Taking steps to secure an IT network means that information and resources are not used without permission by anyone who should not have access to them.

Framing Problem

How can I create a secure IT environment? What role does technology play? What do people need to know and be able to do?

Cornerstone Assessment

Students create documentation that describe common logical and physical security concepts and how they are used. They also generate documentation that can be shared internally with the Help Desk or beyond to other students, faculty, and staff about social engineering threats and how to prevent them.

DPI Standards

  • NCCTE.2020.II22.02.02 - Explain logical security concepts.
  • NCCTE.2020.II22.02.07 - Implement security best practices to secure a workstation.
  • NCCTE.2020.II22.02.05 - Compare social engineering, threats, and vulnerabilities.
  • NCCTE.2020.II22.02.01 - Summarize the importance of physical security measures.
  • NCCTE.2020.II22.02.09 - Implement appropriate data destruction and disposal methods.

A+ Standards

TOPIC 12A: Logical Security Concepts
1002-2.2 Explain logical security concepts
1002-2.7 Given a scenario, implement security best practices to secure a workstation.
TOPIC 12B: Threats and Vulnerabilities
1002-2.5 Compare and contrast social engineering, threats, and vulnerabilities
TOPIC 12C: Physical Security Measures
1002-2.1 Summarize the importance of physical security measures
1002-2.9 Given a scenario, implement appropriate data destruction and disposal methods

Knowledge

  • The three properties of security: confidentiality, integrity, and availability
  • What hardening a system refers to
  • Classes of security controls and some examples of each
  • Three functions of logical security
  • An explanation of the principles of implicit deny and least privilege
  • How symmetric and asymmetric encryption function in terms of keys and what they are used for
  • Encryption is reversible while hashing is a one-way cryptographic process
  • What firewalls can and cannot do in terms of managing access between networks
  • Strategies for keeping networks secure, keeping physical ports secure, MAC filtering, PNAC, and MDM
  • What a VPN is and does
  • The distinctions and differences between vulnerabilities, threats, and risks
  • Social engineering attacks can occur over a variety of technologies, including phone, email, texts, and social media
  • How social networking sites and social media can expose users to social engineering threats
  • Characteristics and strategies of common social engineering threats, including impersonation, phishing and spear phishing, pharming, dumpster diving, shoulder surfing, and tailgating
  • Strategies for preparing people to recognize and avoid social engineering attacks
  • Information that can be obtained through a scanning attack
  • Strategies to prevent footprinting a network using port scanning
  • Types of eavesdropping threats and how they threaten networks
  • Characteristics of spoofing and Man-in-the-Middle attacks
  • Limitations and issues with weak passwords
  • Why it is especially important to enforce password policies in a Windows environment
  • A general description of how a DDoS attack is launched from a botnet
  • Common physical security controls for buildings and devices
  • Why remnant removal is important and how physical destruction can be accomplished

Skills

  • Configure AutoPlay settings
  • Use, or explain, the netstat tool to investigate open connections on a local computer

Vocabulary

Logical Security Concepts

Security

  • Confidentiality
  • Integrity
  • Availability

Hardening

Security controls

Logical security

  • Authentication
  • Authorization
  • Accounting
  • Principle of implicit deny
  • Principle of least privilege
  • Encryption
    • Symmetric encryption
    • Asymmetric encryption
      • Key exchange
      • RSA cipher
  • Cryptographic Hashes
    • Hash
    • Hash function
    • Secure Hash Algorithm (SHA-1 and SHA-2)
    • Message Digest (MD5)

Public Key Infrastructure (PKI)

  • Certificate Authority (CA)
  • Digital certificate

Execution control

autorun.inf file and AutoPlay dialog box

Anti-malware software

  • Heuristic identification

Firewall

Defense in depth or endpoint security

Network Access Control (NAC)

Health policy

MAC filtering

Whitelisting and Blacklisting MAC addresses

Port-based Network Access Control (PNAC)

  • Supplicant
  • Authenticator
  • Extensible Authentication Protocol over LAN (EAPoL) protocol
  • EAP

Mobile Device Management (MDM)

Bring Your Own Device (BYOD)

Virtual Private Network (VPN)

Internet Protocol Security (IPSec)

Threats and Vulnerabilities

Vulnerability

Threat

  • Threat agent or Threat actor

Risk

Social Engineering Threats

  • Impersonation
  • Phishing
  • Spoofing
  • Spear phishing

Network Footprinting Threats

  • Footprinting
  • Network mapping
  • Port scanning

Eavesdropping or sniffing

  • MAC flooding
    • Content Addressable Memory (CAM) table
  • ARP poisoning

Spoofing (or impersonation or masquerade)

  • Replay attack

MITM (Man in the Middle) attack

  • Mutual authentication

Dictionary password attack

Brute force password attack

Rainbow tables

Denial of Service (DoS)

  • Distributed DoS (DDoS)
  • botnet
  • zombie device

Cyber warfare

Hacker collectives

Software exploitation

Zero-day exploit

Legacy system

Physical Security

Tailgating

Mantrap

Radio Frequence ID (RFID) badge

Entry control roster

Privacy screen

Remnant removal

  • Shredding
  • Incineration
  • Degaussing
  • Disk wiping
  • Low level format tools

Weekly Map

Monday

Introduction to problem: Keeping IT infrastructure Secure

Online Pre-assessment (available for student practice, as well)

Review content resources with whole group: 12A: Logical Security Concepts

Activity 12-1: Discussing Logical Security Concepts

Team meetings to develop project plan and goals

Tuesday

Review content resources with whole group: 12B: Threats and Vulnerabilities

Activity 12-2: Discussing Threats and Vulnerabilities

Small group and independent exploration of resources

Contribute to team project

Wednesday

Hands-on exploration with IT professionals: Logical Security Concepts

Review content resources with whole group: 12C: Physical Security Measures

Activity 12-3: Discussing Physical Security Measures

Team progress check with supervisor (using project plan)

Thursday

Hands-on exploration with IT professionals: Demonstrate/explore Wireshark, if possible

Small group and independent exploration of resources

Contribute to team project

Friday

Team progress check with supervisor or sharing of progress with whole group

Online post-assessment

Lesson Ideas

These topics contain a lot of concepts and terminology students must become familiar with but may not introduce many skills students need to practice. Whenever there is the opportunity to explore the concepts through hands-on application, consider doing so, either through discussions with IT professionals or even creating stations that allow students to simulate some of the concepts, especially encryption and the use of hashes. If possible, consider reviewing some of the tutorials available from Wireshark either as a group or in pairs or individually.

Part of the Help Desk's charge is to help others use devices safely and keep information, devices, and people secure. As students explore the threats and vulnerabilities to different parts of the infrastructure, consider whether they can create documentation that goes beyond the Help Desk team and helps other students, faculty, and staff better adhere to suggested security guidelines. These could be in the form of posters (digital or print), videos, social media campaigns, or public service announcements broadcast on campus or through a local-access television channel. Student teams could tackle different threats and create media with tools they feel comfortable with.

Potential Resources

The Official CompTIA A+ Core 1 & Core 2 Instructor Guide for Exams 220-1001 and 220-1002

  • Topic 12A: Logical Security Concepts (pp. 724-731)
    • Activity 12-1: Discussing Logical Security Concepts (p. 732-733)
  • Topic 12B: Threats and Vulnerabilities (pp. 734-743)
    • Activity 12-2: Discussing Threats and Vulnerabilities (pp. 744-745)
  • Topic 12C: Physical Security Measures (pp. 746-750)
    • Activity 12-3: Discussing Physical Security Measures (p. 751)

Professor Messer at ProfessorMesser.com and YouTube offers numerous free videos of various lengths for many of the topics for the CompTIA 220-1001 A+ Exam. They are easy to understand, narrated videos with visuals. If you are teaching a CompTIA course, the site notes "You're welcome to use them as much as you'd like, provided you embed the videos with the associated YouTube link or link directly to my site. Please click the "Contact Us" link at the top of our web page and let me know how you're using them."

Entry Level I.T. Training from Technology Gee

  • Logical Security Concepts (Article | Video – 5:34)
  • Workstation Security Best Practices (Article | Video -13:02) introduced previously
  • Social Engineering, Threats & Vulnerabilities (Article | Video – 11:43)
  • Physical Security Measures (Article | Video – 10:29)
  • Data Destruction & Disposal Methods (Article | Video – 6:57)

Microsoft Support

Wireshark tutorials: https://www.wireshark.org/#learnWS

Other Articles and Resources:

Avoiding Social Engineering and Phishing Attacks from the Cybersecurity & Infrastructure Security Agency, a division of Homeland Security

How to Enable, Disable, and Customize AutoPlay in Windows 10 by Rahul Saigal for How-to Geek

Symmetric vs. Asymmetric Encryption: What's the Difference? A thorough example with graphics by Brett Daniel for Trenton Systems (contains advertisements and popups)

What is Social Engineering? Examples & Prevention Tips from Webroot, which is a digital security company (minimal Webroot advertisements)

What is VPN? How it Works, Types of VPN for kaspersky. Thorough article with some advertisements for kaspersky products.

Previous
Curriculum
Next