Pearson

Higher Nationals in
Computing
SCHEME OF WORK
UNIT 5: Security
For use with the Higher National Certificate and
Higher National Diploma in Computing

First teaching from September 2017

Issue 1
Please note that Schemes of Work are for guidance and support only.

They can be customised and amended according to localised needs and requirements.
All schemes of work can be adapted to suit specific establishment time frames in line with GLH delivery.

Edexcel, BTEC and LCCI qualifications

Edexcel, BTEC and LCCI qualifications are awarded by Pearson, the UK’s largest awarding body offering
academic and vocational qualifications that are globally recognised and benchmarked. For further
information, please visit our qualification websites at www.edexcel.com, www.btec.co.uk or
www.lcci.org.uk. Alternatively, you can get in touch with us using the details on our contact us page at
qualifications. pearson.com/contactus

About Pearson

Pearson is the world’s leading learning company, with 40,000 employees in more than 70 countries
working to help people of all ages to make measurable progress in their lives through learning. We put
the learner at the centre of everything we do, because wherever learning flourishes, so do people. Find
out more about how we can help you and your learners at qualifications.pearson.com

References to third-party material made in this specification are made in good faith. We do not
endorse, approve or accept responsibility for the content of materials, which may be subject to change,
or any opinions expressed therein. (Material may include textbooks, journals, magazines and other
publications and websites.) All information in this document is correct at time of publication. All the
material in this publication is copyright © Pearson Education Limited 2016

HNC/HND Computing 2
Please note that Schemes of Work are for guidance and support only.

They can be customised and amended according to localised needs and requirements.
All schemes of work can be adapted to suit specific establishment time frames in line with GLH delivery.

SCHEME OF WORK

Programme Title: Higher Nationals in Computing Level: 4

Unit Title: Security Tutor:

Unit Number: 5 Academic Year:

Learning Outcomes (LO) Assessment 1 Assessment 2 Assessment 3 Assessment 4

LO1: Assess risks to IT security.

LO2: Describe IT security solutions.

LO3: Review mechanisms to control

LO4: Manage organisational security.

HNC/HND Computing 3
Please note that Schemes of Work are for guidance and support only.

They can be customised and amended according to localised needs and requirements.
All schemes of work can be adapted to suit specific establishment time frames in line with GLH delivery.

Learning
Sessions Session Activities
Outcome(s)
Describe the challenges of securing information and then define
information security and explain why it is important. Learners can
identify the types of attackers that are common today and describe
basic principles of defence.
Sample activity:
LO1: Introduction
• Group discussion: What is the most serious security attack
Section 1 to information
that you know in the world or in Vietnam?
security
• Group activity: analyze a case study of data leak in a
company
• Group discussion: study about some famous hacker groups
• Group activity: how to prevent hackers from attacking your
home network?
List the different types of malware attacks
• Group discussion: What is the name of a malicious program
LO1: Malware that locks up files until the user pays a “ransom” to have
Section 2
attacks them released?
• Group discussion: In what way the attackers can use your
devices such as laptops to mine cryptocurrency?
Describe social engineering attacks
LO1: Social
• Group Activity: how to create and send a phishing email?
Section 3 Engineering
• Group Activity: how to create and send a scam link through
Attacks
Facebook?
You will look at attacks that target server-side web applications and
LO1: Application
client-side applications
Section 4 attacks
Group discussion: explain how to run a SQL injection attack against
a website
You’ll explore some of the common attacks that are launched
LO1: Networking- against networks today.
Section 5
Based Attacks Group discussion: what is the different between DoS and DDoS
attacks

HNC/HND Computing 4
 Learning
Sessions Session Activities
Outcome(s)
First you will learn the basics of securing hosts and the applications
they run, then you will learn about securing data— when it is in
transit, residing on a host or storage network, or in use.
LO2. Application,  Group activity: Examine Windows Advanced Firewall to
Section 6 Data, and Host protect against illegal access
Security  Group activity: Test Antivirus Software. You will download a
virus test file to determine how your AV software reacts. The
file downloaded is not a virus but is designed to appear to
an antivirus scanner as if it were a virus.
Explores how encryption can be used to protect data. It covers what
cryptography is and how it can be used for protection, and then
LO2: Basic examines how to protect data using three common types of
Section 7
Cryptography encryption algorithms: hashing, symmetric encryption, and
asymmetric encryption
Group activity: Using Microsoft’s Encrypting File System (EFS)
You will learn the fundamental concepts of network security
through standard network devices, network security hardware, and
LO3: Network
network technology and design
Session 8 Security
Group discussion: You are an IT administrator and your boss asks
Fundamentals
you about security technologies to protect the LAN network? List
everything you know to consult him.
Introduce the principles and practices of access control by
examining access control terminology, the standard control
LO3: Access
models, and their best practices. It also covers authentication
Section 9 Control
services, which are used to verify approved users.
Fundamental
Group activity: Using Discretionary Access Control to Share Files in
Windows
Investigates the attacks on wireless devices that are common today
and explores different wireless security mechanisms that have
Section LO3: Wireless
proven to be vulnerable. It also covers several secure wireless
10 Network Security
protections.
Group activity: Configuring Access Points—WPA2 and WPS
You will looks at the different types of mobile devices and the risks
associated with these devices. It also explores how to secure these
devices and the applications running on them. Finally, it examines
Section LO3: Mobile
how users can bring their own personal mobile devices to work and
11 Device Security
connect them to the secure corporate network without
compromising that network.
Group activity: Creating and Using QR Codes

HNC/HND Computing 5
 Learning
Sessions Session Activities
Outcome(s)
Cover the importance of keeping business processes and
Session LO4: Business communications operating normally in the face of threats and
12 Continuity disruptions.
Group activity: Creating and Restoring Disk Image Backup
Look at how organizations can establish and maintain security in
the face of risk. It defines risk and the steps to control it
Group activity: Locate the security policy for your school or
Section LO4: Risk
organization. Based on what you now know about security, do you
13 Mitigation
think it is sufficient? Does it adequately address security for the
organization? Is it up-to-date and timely? What changes would you
suggest?
Explain what vulnerability assessment is and examines the tools
Section LO4: Vulnerability
and techniques associated with it.
14 Assessment
Group activity: Using Nmap to scan open ports

HNC/HND Computing 6