CT02_Basic_Nelson_2009

Computer Technology Workshop (July 2009) Standard 02: Computing Basics Lesson Plan

D. Nelson, July 2009
 * Malicious Software**


 * Purpose**: This lesson will help students understand the dangers of malware (malicious software) as part of the section on computer basics (standard 02). The focus of this lesson is identifying viruses and destructive programs (objective 0206) with specific attention to preventative measures, methods of detection, and options to repair. This will include coverage of terms like firewalls, spyware, antivirus software, and email attachments.


 * Grading**: There are 50 points available for this assignment.
 * Artifact: The student’s product will represent 30 points. The students will write a small report citing some examples and preventative steps.
 * Assessment: There will also be a quiz worth 20 points. It will test how well the student understands the concepts illustrated during the lesson. The questions for the quiz are given with the assignment to reinforce their importance.


 * Materials**: To complete this lesson plan the following resources need to be available.
 * Have this lesson available to students.
 * Enter the quiz questions into your test system.


 * Introduction**: Computers are extremely useful because they can carry out stored instructions. We call these stored instructions software or programs. Most software is designed by reputable people to help you. Some software is designed by disreputable people to hurt you. Malice is the desire to hurt someone. Malicious software is designed to harm people. If you understand the threat then you can take steps to protect yourself. This document will explain some terms you need to understand and the assignment you will need to complete.

Q. Name a type of malware that reproduces itself. A. Virus.
 * Threats**: People expect to find predators, parasites, and diseases in the Amazon jungle or on the African savanna. Are you prepared for similar threats on the internet? Malicious software can empty bank accounts, steal identities, take over computers, crash computers, and perform other harmful acts. Malware threats are increasing and blending. A **virus** is malware that spreads when an infected file is executed and it attacks the local file system. A **worm** is malware that spreads when an infected file is executed and it attacks the local network. A **trojan** is malware designed to appear helpful but also provides remote access to your computer. A **rootkit** is malware designed to secretly take over the operating system. **Adware** is malware designed to display advertisements without your consent. **Spyware** is malware designed to secretly gather information without your consent. **Crimeware** is malware designed to commit a crime.


 * Sources**: A new computer should be free of malware so it needs a point of entry. Most computers are connected to the internet while they are powered on. Some malicious software uses these open connections to probe for weak spots in your computer’s security. You can get contamination from media and devices (CD’s, DVD’s, flash drives, MP3 players, phones, etc.) You can get infected from digital communication and web sites (email, instant messaging, Facebook, etc.). You may get it from sharing files (email attachments, music, software, etc.). You may also get infections or be harmed by interacting with counterfeit emails, web links or websites that look exactly like the official ones.

Q. What is the best defense against malicious software? A. Prevention. Q. Should I click links within emails or advertisements? A. No. Q. What is the best route to an official site? A. Direct.
 * Prevention**: The best defense against malicious software is to prevent it from getting on your computer in the first place. Carefully choose what software you install, what email’s you open, what attachments you open, what web links you click, and what web sites you visit. If you download a file, insert media, or attach a device then scan it with security software before using it. Navigate directly to official sites instead of from links in other places to avoid counterfeits.

Q. What is the security center of my computer? A. Operating system. Q. What filters a computer’s network traffic? A. Firewall. Q. What detects and removes most malware? A. Anti-virus. Q. What should I do on a regular basis? A. Backup.
 * Security**: The **operating system** manages the interaction of hardware and software on your computer. It is the security center and manages other security software. (Use the internet to keep the operating system updated with the latest security patches.) You should also have the protection of a firewall and anti-virus software. A **firewall** is program or device that filters the network traffic in and out of your computer. (Use the internet to keep the firewall updated with the latest security patches.) An **anti-virus program** was designed to detect and remove viruses but has evolved to work on other malware. (Use the internet to keep the anti-virus program updated with the latest security patches.) There are also programs designed to detect and remove specific malware (like a rootkit). You may need to use some of these if your anti-virus program does not provide coverage. (Use the internet to keep the anti-malware program updated with the latest security patches.) Setup the security software perform regular **scans** of your system. Run a virus **scan** on any new files before using them. Backup your data (work) on a regular basis and backup your entire system occasionally.


 * Repair**: If your computer has been infected with malware you will need to fix it. The type of malware and the extent of damage will determine how much work is involved in repair. If hardware has been destroyed then it will need to be replaced. If the operating system or software has been infected then it will need to be re-installed and the hard drives may need to be wiped. If data (your work) has been corrupted then you will need to restore a clean backup (or do the work all over again). If account information or an identity has been stolen then you will also need to take steps to close accounts and repair the damage.


 * Final Steps**: Students are required to do some research to find four examples of malware contamination and one example of interacting with a counterfeit (phishing, spoofing, etc.). Include these examples in a small document explaining how these threats could have been avoided. Save your work and turn in a final printed copy with your name on it. Before the deadline, you must complete your work, turn it in, and take the quiz.