Where High School Students Are Starting From
High school students in a CS course often arrive with fragments of networking knowledge assembled from personal experience, YouTube videos, and online communities. They may know what an IP address is without understanding how routing works. They may have heard of TCP/IP without being able to explain the difference between the two. They may be genuinely interested in cybersecurity while holding significant misconceptions about how attacks actually work.
At the high school level, the goal is technical fluency with the full vocabulary and conceptual framework of Week 4, connected to programming, to systems thinking, and to the ethical questions that arise when computing infrastructure touches every aspect of civic life. Students should leave this content not just knowing the terms but being able to reason about the systems they describe.
Protocols and the Layered Model at Depth
High school students are ready to engage with the four-layer Internet model at full technical depth — not just as a description of what each layer does, but as a design philosophy. The layered model is an example of abstraction at scale: each layer provides a service to the layer above and consumes services from the layer below, without either needing to know the implementation details of the other.
This abstraction model connects directly to software design principles students may be learning in programming courses: functions hide implementation details from callers; classes expose interfaces without revealing internal structure; APIs allow developers to use services without understanding how those services work. The Internet's layered architecture is the same principle applied to a global communications system.
TCP vs. UDP in Programming
Students who write networked programs — even simple socket programs in Python or Java — encounter the TCP/UDP choice explicitly. When opening a socket connection, the programmer specifies the protocol. Understanding why the choice exists — reliability vs. efficiency, connection overhead vs. fire-and-forget — gives students a framework for making that decision rather than just picking the default.
Packet Analysis with Wireshark
Wireshark is a free, open-source network packet analyzer that captures and displays actual network traffic in real time. Using Wireshark in a classroom or lab environment (capturing only traffic from the local machine, with appropriate guidance) shows students real packets: the source and destination IP addresses, the port numbers, the protocol flags, the payload data. This makes the four-layer model and TCP/IP vocabulary concrete in a way that no diagram can match.
Even a brief demonstration — loading a webpage while Wireshark captures traffic and identifying the DNS lookup, the TCP handshake, and the HTTP request packets — transforms abstract protocol descriptions into observable reality. Check your district's acceptable use policies before using packet capture tools in a school environment.
Cybersecurity at the High School Level
Cybersecurity is one of the fastest-growing career pathways in CS, and high school is where meaningful preparation for that pathway can begin. Week 4 provides the vocabulary and conceptual foundation; the teaching challenge is helping students develop the analytical thinking that security work requires.
Attack Trees and Threat Modeling
Security professionals use a technique called threat modeling to systematically identify how a system might be attacked before it is deployed. A simplified version of this is accessible to high school students: given a system (a school's grade management software, a personal banking app, a voting machine), identify the assets worth protecting, the possible attackers and their goals, and the possible attack vectors. Then evaluate which of the Week 4 threat types — phishing, malware, DoS — are most relevant and what defenses would address them.
This kind of structured analysis is exactly what students preparing for CS careers will do professionally, and it gives the threat classification vocabulary from Topic 4d a practical application.
Cryptography as a Bridge Topic
HTTPS appeared in Topic 4b as "the secure version of HTTP." High school students are ready to understand the mechanism behind it at a conceptual level: public-key cryptography, where two mathematically related keys allow a browser and server to establish a shared secret without ever transmitting that secret over the network. This concept — that you can agree on a secret in public — is counterintuitive and genuinely fascinating. It also connects to the broader theme of the course that computing solves hard problems through elegant abstractions.
The SEC Scenarios at Full Depth
All four Week 4 SEC scenarios are appropriate for high school at full depth and connect to issues students will face professionally:
- Scenario 1 (Net neutrality) connects to policy, equity, and the business models of ISPs. Students preparing for careers in technology will work within regulatory environments that were shaped by these debates. Understanding the technical basis — why ISPs can differentiate traffic, and what it costs them not to — makes the policy discussion more substantive.
- Scenario 2 (The phishing attack) is directly applicable to cybersecurity career preparation. Social engineering is the most common attack vector in real-world breaches. Analyzing this scenario through the lens of professional responsibility, organizational security policy, and system design connects to the mindset that security professionals need.
- Scenario 3 (School ransomware) raises questions about software liability and critical infrastructure protection that are live legal and policy debates. Students interested in CS law, policy, or ethics will find this scenario a productive starting point for deeper investigation.
- Scenario 4 (Student data) connects to FERPA (the federal law protecting student educational records), the EdTech privacy landscape, and the emerging field of data ethics. Students who plan to teach, work in EdTech, or build consumer software will all encounter these issues professionally.
Connections to the Broader 9-12 CS Curriculum
- AP Computer Science Principles: The "Networks and the Internet" big idea in AP CSP covers packet switching, protocols, TCP/IP, DNS, and cybersecurity directly. Week 4 provides the conceptual depth that AP CSP content requires but does not always provide on its own. Teachers preparing students for the AP exam will find that this week's vocabulary maps closely to assessed content.
- CTE Cybersecurity pathways: The threat taxonomy, firewall concepts, and defense strategies from Topic 4d align with content covered in CompTIA Security+ and other entry-level security certifications. Students in CTE cybersecurity programs can use Week 4 as a conceptual framework for the more procedural content they cover in those courses.
- Networked programming: Students writing server-side programs, web applications, or any software that communicates over a network will benefit from understanding what is happening beneath their code: the TCP connection their HTTP request rides on, the port number their server listens on, the DNS lookup that preceded the connection. Week 4 demystifies the infrastructure that makes networked programs possible.
- Data privacy and ethics: The legal and ethical frameworks governing data collection, use, and protection — FERPA, COPPA, GDPR, and emerging state-level privacy laws — are directly relevant to students who will build or use systems that handle personal data. Week 4's SEC content is a productive entry point for discussing these frameworks before students encounter them in professional or legal contexts.