if you explicitly deny in windows then people are denied.
the obvious example should be to set deny access to everyone then allow access to the student, and then teacher.
however, as I said above in windows rthe security applying order is allow then deny, so you may allow someone but if you deny to everyone, that's applied afterwards and takes presidence.
the trick is that in windows, if you don't explicitly grant access to something then it's assumed that you mean deny access.
take the permissions for everyone, and users off of the folder, if possible only leave the folder with permissions to be viewed by the student / teach / admin if necessary, then all the other students will be restricted as well.
it's likely that the current setup is everyone can see the root folder where their individual folders are stored, and below that all the individual folders inherit directory security, (turn off inherit security as well!)