Lesson Plan

• Describe the main threats to data and to computer systems.
• Explain how encryption, hashing, access control, backups and secure transmission protect data.
• Explain how firewalls, patch management, IDS/IPS, physical security and hardening protect the system.
• Analyse the inter‑relationship between data security and system security.
• Apply the password‑entropy formula to evaluate password strength.

• Projector and screen
• Slide deck summarising threats and controls
• Handout with threat‑to‑area matching activity
• Worksheet for password‑entropy calculations
• Laptop with internet access for live encryption demo
• Printed diagram of a layered security model

Begin with a brief news clip of a recent data breach to capture interest. Ask students what they already know about confidentiality, integrity and availability. Explain that by the end of the lesson they will be able to identify key threats, match appropriate controls, and evaluate password strength.

1. Do‑now (5'): Students list recent security incidents they have heard about; share in pairs.
2. Mini‑lecture (10'): Present key threats to data and to systems using slides.
3. Group activity (15'): Matching worksheet – teams link each threat to either data or system and suggest a mitigation.
4. Demo (10'): Live encryption of a short text (AES) and quick calculation of password entropy with an online tool.
5. Case‑study discussion (15'): Analyse the layered security diagram; identify which controls protect data vs. system.
6. Check for understanding (5'): Quick Kahoot quiz covering terminology and relationships.

Recap the main threats and the complementary controls for data and system security. Students complete an exit ticket stating one new thing they learned and one question they still have. For homework, they research a recent security breach and write a short report describing the data and system vulnerabilities involved and the controls that could have prevented it.