Career Blade Information-Security-Analyst-Protecting-Information
INFORMATION SECURITY ANALYST:
LESSON PLAN OVERVIEW
Career: Information security analysts plan and put security measures in place to protect a company’s communications and online information from computer hackers.
Lesson: This lesson plan provides activities to introduce students to the career of information security analyst by learning the basics of data security. Students will complete an activity to demonstrate how information can be lost or changed when passed from person to person. Students will also play a game to decode messages to get to the finish line.
Grade Level: Elementary Grades
Learning Objectives:
〉 Students will explore the information security analyst career and learn how analysts protect computer systems and data from being hacked.
〉 Students will participate in an activity using a cup and beans to help understand the security concept of public key and how information is encrypted and then accessed.
〉 Students will complete an activity focused on the difference between a public key and a private key to learn how information can be sent across the internet and protected from unauthorized access.
〉 Students will gain an insight into the information security analyst profession, including common job tasks, salary, career pathway, and credentials needed for the job.
Materials Needed:
Activity #1: Responding to Cyber Attacks
〉 Student Worksheet: Responding to Cyber Attacks
Activity #2: Public & Private Keys
〉 Student Worksheet: Public & Private Keys
〉 Scissors
〉 Tape or Glue
〉 Paper Brad Fastener (one for each lockbox)
TEACHER GUIDE
Lesson Instructions: This lesson plan will help you demonstrate some of the basic skills, concepts, and procedures used by information security analysts to students. Begin the lesson by reading the Class Message below to your students, then have them watch the recommended career video. Afterwards, facilitate a discussion using the Class Questions listed below.
After the discussion, students will work on two activities. Each activity has a printable worksheet with student instructions and areas to record their work. Have students read their worksheets before beginning each activity.
You should also familiarize yourself with the student worksheets to provide assistance when needed and help facilitate the activities and the discussion that ends each activity.
Class Message: Today, we are going to explore the career of information security analyst. How many of you play games or use apps on a cell phone or tablet? Did you know that there are people who try to gain access to other people’s phone or computers? They’re called hackers because they try to hack into phones or computers to steal information or take control of a computer. Information security analysts work to keep hackers from breaking into computers.
In this lesson, we will learn more about what information security analysts do on the job. We will learn about ways security analysts work to keep hackers from stealing information. We will complete an activity to learn what a public key is and how information is protected by a process called encryption. We will also complete an activity to help you understand the difference between a public key and a private key. Public keys and private keys are used to protect information from hackers when it is sent through the internet
Let’s watch this short video to learn more about the career of information security analyst and how they work to protect us.
Class Discussion Questions:
〉 What talents or skills would make someone a good information security analyst? Possible responses: creativity, good with computers, good at solving problems, etc
〉 Why is it important to protect online information? Possible responses: so someone doesn’t steal your personal information, so someone doesn’t steal your identity, etc.
〉 What do you think the word encryption means? Possible responses: secret code, code made from letters or numbers, etc.
Activities Overview: This lesson plan includes two student activities. In Activity #1, students will perform an experiment to help them understand the concept of public key and learn how information is encrypted and then made accessible. Activity #2 demonstrates the difference between a public key and private key when encrypting information.
Read and familiarize yourself with the student worksheet for each activity.
Activity #1: Responding to Cyber Attacks
Students will identify how different types of cyber attacks can be prevented.
Activity Instructions:
〉 Hand out the worksheet.
〉 Facilitate an introduction to the activity.
〉 Walk students through the instructions for the activity.
〉 After completion, facilitate a discussion using the questions for the activity.
Activity Results: This activity shows how information security analysts are constantly protecting information from many different types of cyber attacks.
Day Type of Attack Response
Monday
Denial-of-Service (Dos) Attack Have your IT Department upgrade the Firewall software so the website ignores the fake traffic.
Tuesday Man-in-the-Middle (MitM) Attack
Wednesday Phishing Attack
Thursday Password Attack
Friday Malware Attack
Block all computers on the network from visiting the suspicious web site.
Educate company employees to avoid suspicious emails.
Educate company employees on good password practices.
Educate company employees about the dangers of opening or installing suspicious email attachments and software.
Activity Discussion:
〉 Why is it important for information security analysts to stay informed of new types of cyber attacks? Possible response: So they can respond in the right ways.
〉 Why is it important to recognize the type of cyber attacks a hacker may be using? Possible response: So the correct response can be used.
〉 What is something you learned about protecting against cyber attacks? Possible response: To always be prepared for ways of dealing with new attacks.
Activity #2: Public & Private Keys
Students will cut out and assemble the lockbox and keys to help illustrate the difference between a public key and a private key encryption
Activity Instructions:
〉 Divide students in groups of 4-6. Assign one student in each group to be the customer. The other students will be online businesses.
〉 Give each group a worksheet of the lockbox, public and private keys, and message notes. Have them cut out the lockbox pieces, the keys, and message notes.
〉 Have the students that are the customers assemble the lockbox.
〉 Have the students that are businesses write a short message for their customer. These messages could be important account information, order histories, important documents, etc.
〉 Have the group stand in a circle. Explain to the students that on the internet, most messages are “handed” from company-to-company to get to their final destinations. So when they pass something around the circle, it must be handed to the person next to them to get somewhere.
〉 Have the customer pass out copies of the public key to each business in their group. Make sure the public keys get passed from business to business until each business has a copy of the public key.
〉 Point out that the public keys will only lock the lockbox envelopes. Public keys do not unlock the lockboxes.
〉 Have the customer pass the lockbox to one of the businesses. (As before, make sure the lockbox gets passed from person to person.)
〉 Have the business place their message into the lockbox and pretend to lock it with the public key.
〉 Now, have the business pass the lockbox back to the customer. When the lockbox is passed to another business, have them stop and examine the lockbox. Ask them if their key will open the lockbox. After their answer, have them continue to pass the lockbox back to the customer.
〉 Once the customer has the lockbox, have them pretend to unlock the lockbox with their private key. They can now remove the message and read it.
〉 Continue this process until all of the businesses have sent their messages to the customer.
〉 After completion, facilitate a discussion of the questions for the activity.
Activity Results:
In groups, students will cut out and assemble the lockbox and keys and follow the instructions to demonstrate the difference between a public key and private key
Activity Discussion:
〉 What is the difference between a public K ey and a private Key? Possible responses: anyone can access a public key, but only one person or approved persons have access to the private key.
〉 How do you think a private key keeps information safe? Possible responses: information can only be read by the key holder.
〉 What do you think would happen if a hacker got hold of a private key? Possible responses: private and personal information could be stolen.
CAREER INSIGHT
Career Highlight: This lesson plan highlights some of the skills and concepts an information security analyst uses on a daily basis to protect sensitive information. See the Employers in My Area section to contact businesses and organizations in your area about classroom demonstrations, on-site visits, or other additional career exposure opportunities.
Featured Career:
Information Security Analyst
Career Descriptions: Information security analysts plan and carry out security measures to protect an organization’s computer networks and systems. Their responsibilities are continually expanding as the number and type of cyberattacks increase.
Information security analysts typically do the following:
〉 Monitor their organization’s networks for security breaches and investigate a violation when one occurs
〉 Install and use software, such as firewalls and data encryption programs, to protect sensitive information
〉 Prepare reports that document security breaches and the extent of the damage caused by the breaches
〉 Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited
〉 Research the latest information technology (IT) security trends
〉 Develop security standards and best practices for their organization
〉 Recommend security enhancements to management or senior IT staff
〉 Help computer users install and learn new security products and procedures
Information security analysts are heavily involved with creating their organization’s disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of an organization’s IT department. The recovery plan includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore proper IT functioning after a disaster. Analysts continually test the steps in their recovery plans.
Information security analysts must stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. Analysts need to research new security technology to decide what will most effectively protect their organization.
Most information security analysts work full time. They sometimes have to be on call outside of normal business hours in case of an emergency. Some work more than 40 hours per week.
Other Names for this Career: Data Security Administrator, Security Analyst, Information Security Officer, Systems Analyst, Information Security Specialist, Information Systems Security Analyst, Information Technology Specialist, Information Systems Security Officer, Network Security Analyst, Information Technology Security Analyst (IT Security Analyst)
STANDARDS ALIGNMENT
Activities #1 and #2
English Language Arts Standards
〉 Explain responsible uses of technology and digital information; describe possible consequences of inappropriate use such as copyright infringement and piracy.
〉 Describe the rationale for various security measures when using technology
〉 Interact with peers, experts, and others using a variety of digital tools and devices.
〉 Contribute, individually or as part of a team, to work to identify and solve authentic problems or produce original works using a variety of digital tools and devices
〉 Identify and define problems and form significant questions for investigation.
〉 Create cyphers to encrypt data that can be transferred between users.
〉 Advocate, demonstrate and routinely practice safe, legal, and responsible use of information and technology.
〉 Analyze and improve an algorithm that includes sequencing and simple patterns with or without a computing device.
〉 Demonstrate an understanding of digital security.
Science and Engineering Practices
〉 Constructing explanations and designing solutions to explain phenomena or solve problems.
School Counseling Standards
〉 Appropriately utilize social media to enhance learning, develop positive relationships, communicate, and engage in age appropriate entertainment
〉 Develop and practice effective technology skills
〉 Demonstrate critical thinking and decision-making skills to make informed decisions
〉 Communicate effectively using oral, written, and listening communications skills
〉 Exercise personal safety skills.
EDUCATOR RUBRIC
ACTIVITIES #1 AND #2
ITEM
Responding to Cyber Attacks
Does Not Meet Expectations
Student was unable to determine the types of cyber attacks.
Using the Public and Private Lock
Student was unable to follow the instructions for creating and/or using the public and private keys, thereby unable to leave and/or receive messages.
Team Work Student did not work well in their team.
Meets Expectations Exceeds Expectations
Student was able to determine the types of cyber attacks.
Student was able to quickly determine the types of cyber attacks and the correct responses.
Student successfully followed the instructions in creating the public and private keys. Student was able to use both public and private keys to leave and receive messages.
Student worked will in their team and contributed equally.
Student successfully navigated the lesson using both the public and private keys correctly. Student demonstrated leadership during the activity helping others navigate the exercise.
Student worked well in their team, contributed equally, and exhibited leadership.
Introduction: Information security analysts are always preparing for the next cyber attack. They key to being better prepared is knowing how hackers steal your data and then taking the best security measures to stop them.
In this activity, you will learn about five commons ways hackers steal important information online. After learning about them, you will pretend you are an information security analyst faced with different attacks. You must correctly identify the different types of cyber attacks and the best responses to them.
Activity Procedure:
〉 Read over the common types of cyber attacks below.
〉 Then look at the different cyber attacks that happened in the weekly calendar below and identify the type of attack that happened on each day.
〉 Then identify the correct response to each cyber attack.
Common Types of Cyber Attacks:
〉 Malware Attacks: Malware is a harmful type of software that can get accidently installed on your computer when you open emails sent from hackers. Response: Educate employees about not opening or installing suspicious email attachments and software.
〉 Password Attack: Using easy-to-guess passwords, using the same password for different websites, and writing down passwords in easy-to-find places are all ways hackers can steal passwords.
Response: Educate employees on good password practices.
〉 Denial-of-Service (DoS) Attack: A DoS Attack is when hackers bring a website’s computer system down by overloading its connection to the internet with incredibly large amounts of fake website traffic.
Response: Have your IT Department upgrade the firewall software so the website ignores the fake traffic.
〉 Phishing Attack: A phishing attack is when a hacker uses email that seems like it comes from friends, family, or trusted businesses to trick people into downloading viruses or going to websites containing viruses.
Response: Educate company employees to avoid suspicious emails.
〉 Man-in-the-Middle (MitM) Attack: A man-in-the-middle attack uses websites that look like popular websites to get people to accidentally log into them instead of the real websites. The fake site uses that information to quickly log into the real website and steal the person’s information from the real website. This keeps people from realizing the fake site is getting all their information.
Response: Block all company computers from visiting the suspicious web site.
Monday You get a text from a coworker that your company’s log-in page is taking a long time to load. You check the website records and see that traffic to your site is many, many times greater than it’s ever been before. You know this is an unusual amount of traffic.
Tuesday A company employee tells you they typed the wrong web address when they tried to log into the company website this morning, and they were taken to a website that looked almost exactly like the company website.
Wednesday A company employee forwards you a suspicious email she received. She says it looks like it came from a company customer, but the text of the email has nothing to do with the customer or your company.
Thursday You walk past a coworker’s desk and notice a post-it note on their computer that reads, “My Company Password: 1234.”
Friday An employee forwards you an email with suspicious attachments promising free software. The employee tells you they have never heard of the person who sent them the email.
Write the type of cyber attack that happened, and how the company should respond in the spaces below.
Day Type of Attack Response
Monday
Tuesday
Wednesday Thursday Friday
Activity Discussion:
〉 Why is it important for information security analysts to stay informed of new types of cyber attacks?
〉 Why is it important to recognize the type of cyber attacks a hacker may be using?
〉 What is something you learned about protecting against cyber attacks?
Introduction: The main job of an information security analyst is to help keep the company’s information safe from hackers so communications between employees and customers are safe and secure.
Communication is safe when messages are encrypted. The word, “encrypt,” means to store information with a secret key code so only the right people can read it. There are two main types of encryption key codes: private and public.
Private encryption is when you only share the key code with a few, very trusted people. Private encryption works great, but it means you have to keep track of a different key code for everyone you interact with online. That’s a lot of work.
Public encryption is a special type of key code that only encrypts a message. Public key codes don’t allow you to read encrypted messages. But a message that was encrypted with a public key code can be read by someone who has the private key code. This means you can give out lots of copies of the public key code so anyone can use it to send you an encrypted message that only your private key code can open. This way, you only have to keep the one private key code safe.
Activity Description: Students use the paper keys and lockbox to demonstrate how messages are kept secure traveling across the internet.
Activity Procedure:
〉 Your teacher will divide students into groups of 4-6. One student in each group will be the customer. The other students will pretend to be online businesses.
〉 Each group will get a worksheet of the lockbox, public and private keys, and message notes. Cut out the lockbox pieces, the keys, and message notes.
〉 The customer in each group will assemble the lockbox.
〉 The businesses in each group write a short message for their customer. These messages could be account information or order histories, important documents, etc.
〉 Each group will stand in a circle. Most messages and emails on the internet are “handed” from computer to computer until they reach their final destinations. So when things are passed in the circle, students will hand them to the next student for until they reach the right person.
〉 The customers will pass out copies of the public key to the businesses in their group.
〉 Notice that the public keys will only lock the lockbox envelopes. Public keys do not unlock the lockboxes.
〉 The customer will choose a business in their circle and pass the lockbox to the business
〉 The business will put its message into the lockbox and pretend to lock it with the public key.
〉 Then the business will pass the lockbox back to the customer.
〉 When the customer gets the lockbox back, he or she will pretend to unlock the lockbox with their private key. They can now remove the message and read it.
〉 Continue this until all of the businesses have sent their messages to the customer.
Activity Discussion:
〉 What is the difference between a public key and a private key?
〉 What would happen if the wrong person got someone’s private key?
〉 How do public keys make communicating with many different people online easier?
