Computer Science Grade 10 20 min

10. Case Study: Securing a Small Network

Apply the concepts learned in this chapter to secure a small network from common threats.

Tutorial Preview

1

Introduction & Learning Objectives

Learning Objectives Identify at least three common vulnerabilities in a typical small office or home network. Propose a multi-layered security strategy using firewalls, strong passwords, and encryption. Explain the specific roles of a router, firewall, and antivirus software in network defense. Differentiate between the WPA3 security protocol and older, insecure protocols like WEP. Analyze a simple network diagram to spot potential security weaknesses. Outline the essential steps for securing a new wireless router out of the box. Ever used public Wi-Fi at a cafe and wondered if someone could see what you're doing? 🤔 Let's learn how to build a digital fortress for a network! In this case study, we will act as security consultants for a small, imaginary business. W...
2

Key Concepts & Vocabulary

TermDefinitionExample FirewallA network security system that acts as a barrier between a trusted internal network and an untrusted external network, like the Internet. It monitors and controls incoming and outgoing traffic based on a set of security rules.Your router's built-in firewall blocks a random computer on the internet from trying to connect to your laptop, preventing a potential hacking attempt. SSID (Service Set Identifier)The public name of a wireless network that is broadcasted by a router so that devices can find and connect to it.When you open your phone's Wi-Fi settings, the list of names like 'MyHomeWiFi' or 'Cafe_Guest' are all SSIDs. WPA3 (Wi-Fi Protected Access 3)The latest and most secure protocol for wireless networks. It provides stronge...
3

Core Syntax & Patterns

Principle of Least Privilege Grant users and systems only the minimum levels of access – or permissions – needed to perform their specific tasks. Use this principle when creating user accounts or network segments. For example, a guest Wi-Fi network should have access to the internet, but it should be blocked from accessing the main office's file server or printers. Default Deny Firewall Stance Configure a firewall to block all network traffic by default. Then, create specific rules to only allow traffic that is known to be necessary and safe. This is much more secure than a 'Default Allow' stance. You explicitly permit safe traffic (like web browsing on port 443) and everything else is automatically blocked, preventing unknown or malicious services from gettin...

4 more steps in this tutorial

Sign up free to access the complete tutorial with worked examples and practice.

Sign Up Free to Continue

Sample Practice Questions

Challenging
A small business implements a multi-layered security strategy: a firewall with a 'Default Deny' stance, WPA3 on their Wi-Fi, and a strong password policy. An attacker successfully breaches their network by exploiting a well-known, year-old vulnerability in the router's software. Which security practice from the tutorial was most likely neglected?
A.Enabling MAC Address Filtering
B.Applying regular firmware updates
C.Changing the default SSID
D.Setting up a guest network
Challenging
For a small but growing office of 15 employees with frequent new hires, which security measure offers a more robust and scalable long-term defense against unauthorized Wi-Fi access, and why?
A.MAC Address Filtering, because it physically prevents unauthorized hardware from connecting.
B.Hiding the SSID, because if attackers can't see the network, they can't attack it.
C.Using WEP encryption, because it is simple and compatible with all devices.
D.Using WPA3 with a strong, regularly changed passphrase, because it provides strong encryption and is easier to manage for new users.
Challenging
You need to add a new smart thermostat (an IoT device) to your office network. Applying the 'Defense in Depth' and 'Principle of Least Privilege' concepts, what is the most secure implementation strategy?
A.Create a separate, isolated guest network for the thermostat with no access to the main office network.
B.Connect it to the main office network and give it a high-priority bandwidth setting to ensure it works properly.
C.Connect it to the main office network but use MAC filtering to ensure only the thermostat can connect.
D.Disable the router's firewall temporarily to ensure the thermostat can connect to its cloud server without issues.

Want to practice and check your answers?

Sign up to access all questions with instant feedback, explanations, and progress tracking.

Start Practicing Free

More from IV. Network Security: Protecting Data in a Connected World

1. Introduction to Network Security: Threats, Vulnerabilities, and Risks 2. Common Network Attacks: Malware, Phishing, and Denial-of-Service 3. Network Security Protocols: TCP/IP, HTTPS, and SSH 4. Firewalls: Protecting Networks from Unauthorized Access 5. Intrusion Detection and Prevention Systems (IDS/IPS)

Ready to find your learning gaps?

Take a free diagnostic test and get a personalized learning plan in minutes.

Free Diagnostic Test Sign Up Free