Computer Science · Grade 11

Active learning ideas

Cybersecurity Threats: Malware and Social Engineering

Active learning works for cybersecurity threats because students need to experience the human and technical nuances of attacks to truly grasp their complexity. Simulations and coding labs make abstract threats concrete, while debates and case studies connect technical details to real-world consequences.

Ontario Curriculum ExpectationsCS.HS.S.2CS.HS.S.3
35–50 minPairs → Whole Class4 activities

Activity 01

Case Study Analysis45 min · Small Groups

Role-Play Simulation: Phishing Defense

Divide class into attackers and defenders. Attackers craft realistic phishing emails using templates. Defenders identify red flags, report, and suggest countermeasures. Debrief as whole class on successes and failures.

How can developers build systems that are resilient to human error?

Facilitation TipDuring the Role-Play Simulation: Phishing Defense, assign roles clearly so students experience both the attacker's tactics and the defender's hesitation.

What to look forPresent students with three short scenarios. For each, ask them to identify the primary cybersecurity threat (phishing, SQL injection, MitM) and briefly explain why. Example: 'An email asks you to click a link to verify your bank account details, or your account will be locked.' Ask: 'What threat is this, and what makes it that threat?'

AnalyzeEvaluateCreateDecision-MakingSelf-Management
Generate Complete Lesson

Activity 02

Case Study Analysis35 min · Pairs

Coding Lab: SQL Injection Fix

Provide sample web app code with SQL vulnerability. Students in pairs input malicious queries to expose risks, then implement prepared statements and input validation to secure it. Test fixes on shared demo server.

What is the balance between system security and user convenience?

Facilitation TipIn the Coding Lab: SQL Injection Fix, provide a deliberately vulnerable code snippet and guide students to patch it step-by-step.

What to look forPose the question: 'What is the most challenging aspect of balancing user convenience with robust cybersecurity measures?' Facilitate a class discussion where students share examples of security features that hinder usability and vice versa, relating it to the threats discussed.

AnalyzeEvaluateCreateDecision-MakingSelf-Management
Generate Complete Lesson

Activity 03

Case Study Analysis40 min · Small Groups

Case Study Dissection: MITM Attacks

Assign real cases like Wi-Fi spoofing incidents. Small groups map attack steps, identify weak points, and propose mitigations such as VPNs or certificate pinning. Present findings to class.

How do we define ethical hacking in the context of corporate security?

Facilitation TipFor the Case Study Dissection: MITM Attacks, use a real-world example like a public Wi-Fi eavesdropping incident to make the threat tangible.

What to look forOn an index card, have students define one of the key vocabulary terms in their own words and provide one real-world example of how that threat could impact an individual or organization. Collect and review for understanding.

AnalyzeEvaluateCreateDecision-MakingSelf-Management
Generate Complete Lesson

Activity 04

Case Study Analysis50 min · Whole Class

Debate Circle: Ethical Hacking Boundaries

Pose key questions on ethical hacking. Split class into pro and con teams for structured debate. Vote and reflect on corporate security implications.

How can developers build systems that are resilient to human error?

Facilitation TipIn the Debate Circle: Ethical Hacking Boundaries, assign positions in advance so students prepare arguments and avoid last-minute scrambling.

What to look forPresent students with three short scenarios. For each, ask them to identify the primary cybersecurity threat (phishing, SQL injection, MitM) and briefly explain why. Example: 'An email asks you to click a link to verify your bank account details, or your account will be locked.' Ask: 'What threat is this, and what makes it that threat?'

AnalyzeEvaluateCreateDecision-MakingSelf-Management
Generate Complete Lesson

A few notes on teaching this unit

Approach this topic by combining technical exercises with human-centered reflections, since many threats exploit psychology rather than code. Avoid overwhelming students with jargon; instead, focus on how threats work and why they succeed. Research shows that scenario-based learning improves retention of cybersecurity concepts by up to 30%.

Successful learning looks like students not only defining threats but also demonstrating how to recognize, prevent, and respond to them in context. They should be able to articulate the balance between security and usability and justify their reasoning with examples.

Watch Out for These Misconceptions

  • During Role-Play Simulation: Phishing Defense, watch for students assuming antivirus software detects all malware automatically.

    Use the simulation to highlight how phishing bypasses tools entirely. Have students analyze real phishing emails from the activity materials to see how behavioral cues, not technical ones, are often the first warning.

  • During Coding Lab: SQL Injection Fix, watch for students believing SQL injection only targets large websites with complex databases.

    Use the lab’s simple form example to show that any app with user input is vulnerable. Ask students to brainstorm how even a school project database could be exploited if left unprotected.

  • During Role-Play Simulation: Phishing Defense, watch for students assuming social engineering relies solely on technical tricks.

    Use the mock email exchanges to break down psychological levers like urgency and authority. Have students identify which cues they found most convincing and discuss how design can counter these tactics.

Methods used in this brief

More in Networks and Digital Security

Introduction to Computer Networks

Students will learn about the basic components of a computer network, network topologies, and different types of networks (LAN, WAN).

2 methodologies

The OSI Model and Protocols

Break down the layers of network communication from physical hardware to software applications.

2 methodologies

IP Addressing and DNS

Understand how IP addresses uniquely identify devices on a network and the function of the Domain Name System (DNS).

2 methodologies

Introduction to Cybersecurity

Students will learn about the fundamental principles of cybersecurity, including confidentiality, integrity, and availability (CIA triad).

2 methodologies

Encryption and Cryptography

Study the history and application of symmetric and asymmetric encryption in securing digital communications.

2 methodologies