Created by
Neal S. Alberson Jr
TOPIC: Microsoft Windows Security
GRADE LEVELS: 9-10 Grade
LESSON DURATION: 2 or 3 85 minute classes (includes wrap-up discussion and summative assessment review.
SOFT SKILLS: Critical Thinking, Collaboration, Communications
Learning Outcome: Students will know with high certainty how to evaluate and secure a local computer running Microsoft Windows as its operating system.
Standards of Learning:
- Verso 6302-77 Discuss how data can be compromised, corrupted, or lost.
- Verso 6302-82 – Evaluate the potential vulnerabilities, threats, and common exploits to an operating system.
- Verso 6302-84 – Describe the concept of malware & techniques to guard against it.
- Verso 6302-85 – Evaluate critical operating system security parameters
Materials: Windows 7 or 10 computer, note taking system, visual content organizer of student’s choice
Activities: Students will complete the following:
- Class will review as a group the manners in which computers and the information on them can be compromised and by whom.
- Class discussion on how a single Windows computer can have layered protection. How does layering protect against malware, viruses, data loss or corruption, etc.
- Class will review the various techniques used to hack into stand-alone computers.
- Class thoughts on the security issues in using thumb drives, CD/DVD disks, public chat rooms, WiFi packet substitutions, etc. in intrusions, data theft, virus/worm attacks, system denial, etc.
- Individual students will access the computer’s Control Panel, observe the User Account list for appropriate rights, determine the highest level of rights possible/practical for each user group. When should a user account be eliminated?
- In small groups, students will examine password parameters. For the following:
- How complex should a password be?
- How long should a password exist before it must be changed?
- Is there a minimum time between password changed?
- Is there a minimum length of a password?
- Is there a minimum complexity (caps, lowercase, numbers, special characters, etc.) for a password?
- What parameters of the computer determine the above?
- Students will got to “How Strong is My Password?” to examine the strength of their passwords.
- Select two of the programs on the computer normally used by students. Examine the properties for those programs and decide whether they are appropriate for students. These will be defended in class.
- Consider the AIC triangle (availability, integrity, confidentiality). How do the student evaluations support or deny the triangle?
- How often should virus detection be updated?
- Looking at the computer’s control panel > security; should the computer’s firewall operate on a Whitelist or Blacklist for allowed sites? What other parameters should the firewall have and why?
- How should updates for Microsoft Windows and other programs be looked for and handled?
- Students will give oral reports using worksheets displayed on classroom screen(s).
Enrichment/Follow-up: Students will transition to examining security from a network standpoint. Those wishing to do so can also examine the security provided for Apple Macs, Linux, RISC O.S., etc.
Assignment Rubric:
- (5 – 100% completed form, 4-95%, 3-90%, 2-85%, 1-80%, 0-less than 80% complete) Students will complete a minimum of the 80% of the assigned worksheet (see below) within the assigned duration. Each student shall complete their own worksheet.
- (5 – no misspellings, very readable, 4- readable with less than four misspellings, 3 readable with few problems and fewer than six misspellings, 2 – readable with comprehension difficulties and fewer than eight misspellings, 1 – barely readable or ten or less misspellings, 0 – difficult to comprehend and many misspelled words.) Students will have checked for spelling and grammar mistakes. No more than five mistakes.
- (5 -ready on time, 4 – ready during same class period called for, 3 – ready next class, 2 – ready after two class periods, 0 – not turned in as required). Students will complete the data sheet (see below) detailing their findings while investigating the local Windows environment (this will be a part of their summative assessment).
- (5 – extremely understandable and complete, 4- very understandable, 3 – understandable, 2 – understandable with few questions, 1- understandable with few incorrect answers, 0 – not understandable, incomplete, incorrect answers) Individual students will be asked to display their datasheet to the class using Interclass system for discussion purposes.
Sample of Completed Assignment (indicating mastery)
- List at least five ways computers and their data can be compromised or made unusable.
Possible responses:
- Data removed from machine,
- Access to computer denied,
- access to data denied (scrambled – ransomware),
- access to the computer denied (locked room, etc.),
- remove electrical power,
- file encrypted legitimately,
- data moved to another location,
- loss of computer credentials, etc.
- List at least five layers of protection a stand-alone (not attached to a LAN) computer can benefit from, including physical, electrical, and software layers.
Possible responses:
- Computer protected in a locked room,
- Electrical power switch locked (key required),
- Log-in credentials,
- Have data on an external drive that has controlled access,
- Password required to decrypt data,
- Limit rights to individual files/folders,
- List several ways a computer can have its data unethically made unavailable to the intended users.
Possible responses:
- Remove data from computer,
- deny access,
- encrypt data, scramble File Allocation Table (FAT),
- Limit rights to file.
- How could devices such as thumb drives, homemade CD/DVD disks, public hotspots, etc. be used to deny a user access to a local computer?
Possible response: Such devices could possess viruses/worms, malware to format drives, erase or manipulate specific folders, create a ransomware timebomb, disable a specific port, etc.
Access the computers Control Panel (Windows-Key + I) > Accounts and examine the rights different users have. Complete the following chart by placing an “X” in the boxes that indicate appropriate rights for the users listed. Briefly describe anything you find that you may disagree with.
Rights –>Potential Users |
Complete Control |
Change Global Settings |
Install Programs |
Control User Account Control |
Run Progs. |
Change own account |
Other? |
| Administrator | X | X | X | X | X | X | |
| Intelligent User | X | X | X | ||||
| Young Child | X |
- Consider the fact that you are in charge of ensuring the security of the computer. You must allow multiple users to have access to the data they have stored on it. Answer the following questions the way you would require them. Do NOT look at any site for recommendations until you have given your own answers.
Parameter |
Your Answer |
Recommendations |
|
| 1 | How complex should a password be? | Depends on the security level required. See below | |
| 2 | How often should you change passwords? | 4-12 changes per year | |
| 3 | What is the minimum time required between password changes? | 2 days minimum | |
| 4 | How many characters should a password have (at a minimum, at a maximum) | 8 to 24 characters | |
| 5 | What character groups should be included in a password? | Upper. Lower, numbers, symbols | |
| 6 | What elements help determine how complex a password needs to be (answer below)? |
The more critical the working environment, the more complex the password should be. Two-factor authentication including possible biometrics or RSA token for highly classified environments. A three year old need far less security than a nuclear physicist.
- Go to the following website, http://password-checker.online-domain-tools.com/, or https://random-ize.com/how-long-to-hack-pass/ and test one or more of your passwords. How long will it take to discover your password? What changes do you need to make to your passwords to make them more resistant to a brute-force or dictionary attack? (Open discussion question with a wide range of answers)
- Research the password parameter recommendations for either NIST or Microsoft. List them in the space provided below.
NIST indicates a password should be complex but easy to remember. They now recommend using the first letters of a familiar phrase or song line, etc. as the password. Furthermore, they recommend:
- Remove periodic password change requirements
- Drop the algorithmic complexity song and dance
- Require screening of new passwords against lists of commonly used or compromised passwords
Microsoft holds to the recommendations listed in number 5 above.
- Choose an icon on the Windows desktop. Right click on the icon, click on “Properties” and “General” tab then the “Security” tab. What do the following terms found there mean?
- Read Only – User can read and use but not save data or use Save-As
- Hidden – User cannot see file and will not know it exists.
- Full Control – User can use, modify, use Save-as, and delete file
- Modify – User can read, change file and use “Save-as” but not delete.
- Read and execute – User can use and execute any macro’s in file
- Read – Can read file, not use executable macro’s, can use “Save-as”.
- Write – Can generate new files, modify existing files, use “Save-as”, but not delete an existing file.
- Consider the “Availability – Integrity – Confidentiality” security triangle. Describe how the above seven questions help reinforce the triangle. (Open discussion question with a wide range of answers)
- How often should virus detection software be updated? How can you tell when your system dictionary was last updated? Virus definitions updated as soon as a new dictionary becomes available (automatic updates). Look at the virus detector’s properties to see the last dictionary update date and time
- Examine the inbound and outbound rules for the computer’s firewall. Examine the Protocol and Port parameters on the “Inbound” and “Outbound” rules. Do you see any correlations? What are the advantages of a firewall working from a “Blacklist” of sites, versus a “Whitelist” of sites?
(looking for the students to notice that certain program types (HTTP, mail, use specific ports – refer to https://www.webopedia.com/quick_ref/portnumbers.asp for a list of comonly used ports.
“Blacklists” are sites that are stopped by the firewall/virus software. “Whitelists” are sites that will be allowed past the firewall/virus software. Only those sites on the Whitelist will be allowed. Blacklists make not be complete at any one time allowing harmful URL material into a computer but are less frustrating to the user. Whitelists are generally safer to use but may not have all the “nice” URLs a user may need to visit and thus are much more frustrating.
- How often should you look for software updates? Is it sufficient to allow ALL programs to tell you about updates? Software – notify the user an update exists but let the user decide when/if to install it. If possible, never be a “Beta” tester for an update and it is wise to look for user comments on major upgrades due to possible “Zero-Day” and incompatibilities with other software on the system.
Blank Form Follows:
- List at least five ways computers and their data can be compromised or made unusable.
______________________________________________________________________________ ______________________________________________________________________________ ______________________________________________________________________________
______________________________________________________________________________
______________________________________________________________________________
- List at least five layers of protection a stand-alone (not attached to a LAN) computer can benefit from, including physical, electrical, and software layers.
______________________________________________________________________________
______________________________________________________________________________ ______________________________________________________________________________
______________________________________________________________________________ ______________________________________________________________________________
- List several ways a computer can have its data made unavailable to the intended users.
______________________________________________________________________________
______________________________________________________________________________ ______________________________________________________________________________ ______________________________________________________________________________ ______________________________________________________________________________
- How could devices such as thumb drives, homemade CD/DVD disks, public hotspots, etc. be used to deny a user access to a local computer?
- Access the computers Control Panel (Windows-Key + I) > Accounts and examine the rights different users have. Complete the following chart by placing an “X” in the boxes that indicate appropriate rights for the users listed. Briefly describe anything you find that you may disagree with.
Rights –>Potential Users |
Complete Control |
Change Global Settings |
Install Programs |
Control User Account Control |
Run Progs. |
Change own account |
Other? |
| Administrator | |||||||
| Intelligent User | |||||||
| Young Child |
- Consider the fact that you are in charge of ensuring the security of the computer. You must allow multiple users to have access to the data they have stored on it. Answer the following questions the way you would require them. Do NOT look at any site for recommendation until you have given your own answers.
Parameter |
Your Answer |
Recommendations |
|
| 1 | How complex should a password be? | ||
| 2 | How often should you change passwords? | ||
| 3 | What is the minimum time required between password changes? | ||
| 4 | How many characters should a password have (at a minimum, at a maximum) | ||
| 5 | What character groups should be included in a password? | ||
| 6 | What elements help determine how complex a password needs to be (answer below)? |
- Go to the following website, http://password-checker.online-domain-tools.com/, or https://random-ize.com/how-long-to-hack-pass/ and test one or more of your passwords. How long will it take to discover your password? Do you need to make any password safer against a brute-force or dictionary attack?
- Research the password parameter recommendations for either NIST or Microsoft. List them in the space provided below.
- Choose an icon on the Windows desktop. Right click on the icon, click on “Properties” and “General” tab then the “Security” tab. What do the following terms found there mean?
- Read Only
- Hidden
- Full Control
- Modify
- Read and execute
- Read
- Write
- Consider the “Availability – Integrity – Confidentiality” security triangle. Describe how theabove seven questions help reinforce the triangle.
- How often should virus detection software be updated? How can you tell when your system dictionary was last updated?
- Examine the inbound and outbound rules for the computer’s firewall. Examine the Protocol and Port parameters on the “Inbound” and “Outbound” rules. Do you see any correlations? What are the advantages of a firewall working from a “Blacklist” of sites, versus a “Whitelist” of sites?
- How often should you look for software updates? Is it sufficient to allow ALL programs to tell you about updates?
© 2018 Teach Cyber
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.