SOLUTION MANUAL - Whitman and Mattord, Principles of Information Security 7th Edition, Module 1 - 12, Complete Latest Version

Instructor Manual Principles of Information Secur
wl wl wl wl wlwl




ity, 7th Edition by Michael E.Whitman
wl wl wl wl wl

,Instructor Manual wl




Whitman and Mattord, Principles of Information Security 7e, ISBN 978-0-357-50643-
wl wl wl wl wl wl wl wl wl


1; Module 1: Introduction to Information Security
wl wl wl wl wl wl




Table of Contents wl wl




Purpose and Perspective of the Module ..................................................................................... 2
wl wl wl wl wl



Cengage Supplements ................................................................................................................ 2
wl



Module Objectives....................................................................................................................... 2
wl



Complete List of Module Activities and Assessments ................................................................. 2
wl wl wl wl wl wl



Key Terms .................................................................................................................................. 3
wl



What's New in This Module ........................................................................................................ 4
wl wl wl wl



Module Outline ............................................................................................................................ 4
wl



Discussion Questions ................................................................................................................ 15
wl



Suggested Usage for Lab Activities .......................................................................................... 16
wl wl wl wl



Additional Activities and Assignments ....................................................................................... 17
wl wl wl



Additional Resources................................................................................................................. 17
wl



Cengage Video Resources ....................................................................................................................... 17
wl wl



Internet Resources .................................................................................................................................. 17
wl



Appendix ................................................................................................................................... 18
Grading Rubrics ....................................................................................................................................... 18
wl

,Purpose and Perspective of the Module wl wl wl wl wl




The first module of the course in information security provides learners the foundational know
wl wl wl wl wl wl wl wl wl wl wl wl wl


ledge to become well versed in the protection systems of any size need within an organizatio
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


n today. The module begins with fundamental knowledge of what information security is and t
wl wl wl wl wl wl wl wl wl wl wl wl wl wl


he how computer security evolved into what we know now as information security today. Addi
wl wl wl wl wl wl wl wl wl wl wl wl wl wl


tionally, learners will gain knowledge on the how information security can be viewed either as
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


an art or a science and why that is the case.
wl wl wl wl wl wl wl wl wl wl




Cengage Supplements wl




The following product-
wl wl


level supplements are available in the Instructor Resource Center and provide additional infor
wl wl wl wl wl wl wl wl wl wl wl wl


mation that may help you in preparing your course:
wl wl wl wl wl wl wl wl



 PowerPoint slides wl


 Test banks, available in Word, as LMS-ready files, and on the Cognero platform
wl wl wl wl wl wl wl wl wl wl wl wl


 MindTap Educator Guide wl wl


 Solution and Answer Guide wl wl wl


 This instructor‘s manualwl wl




Module Objectives wl




The following objectives are addressed in this module:
wl wl wl wl wl wl wl



1.1 Define information security. wl wl



1.2 Discuss the history of computer security and explain how it evolved into informati
wl wl wl wl wl wl wl wl wl wl wl wl


on security. wl



1.3 Define key terms and critical concepts of information security.
wl wl wl wl wl wl wl wl



1.4 Describe the information security roles of professionals within an organization.
wl wl wl wl wl wl wl wl wl




Complete List of Module Activities and Assessments wl wl wl wl wl wl




For additional guidance refer to the MindTap Educator Guide.
wl wl wl wl wl wl wl wl




Module wl PPT slide wl Activity/Assessment Duration
Objective
2 Icebreaker: Interview Simulation wl wl 10 minutes wl


1.1–1.2 19–20 Knowledge Check Activity 1 wl wl wl 2 minutes
wl


1.3 34–35 Knowledge Check Activity 2 wl wl wl 2 minutes
wl


1.4 39–40 Knowledge Check Activity 3 wl wl wl 2 minutes
wl


1.1–1.4 MindTap Module 01 Review Questions wl wl wl 30–40 minutes wl


1.1 – 1.4 wl wl MindTap Module 01 Case Exercises wl wl wl 30 minutes wl


1.1 – 1.4 wl wl MindTap Module 01 Exercises wl wl 10–30 minutes per wl wl


question; 1+ hour p wl wl wl


er module wl


1.1 – 1.4 wl wl MindTap Module 01 Security for Life wl wl wl wl 1+ hour wl


1.1 – 1.4 wl wl MindTap Module 01 Quiz wl wl 10–15 minutes wl



[return to top] wl wl

, Key Terms wl




In order of use:
wl wl wl



computer security: In the early days of computers, this term specified the protection of the
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


physical location and assets associated with computer technology from outside threats, but it l
wl wl wl wl wl wl wl wl wl wl wl wl wl


ater came to represent all actions taken to protect computer systems from losses.
wl wl wl wl wl wl wl wl wl wl wl wl



security: A state of being secure and free from danger or harm as well as the actions taken t
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


o make someone or something secure.
wl wl wl wl wl



information security: Protection of the confidentiality, integrity, and availability of informatio
wl wl wl wl wl wl wl wl wl wl


n assets, whether in storage, processing, or transmission, via the application of policy, educati
wl wl wl wl wl wl wl wl wl wl wl wl wl


on, training and awareness, and technology.
wl wl wl wl wl



network security: A subset of communications security; the protection of voice and data net
wl wl wl wl wl wl wl wl wl wl wl wl wl


working components, connections, and content.
wl wl wl wl



C.I.A. triad: The industry standard for computer security since the development of the mainfr
wl wl wl wl wl wl wl wl wl wl wl wl wl


ame; the standard is based on three characteristics that describe the attributes of information
wl wl wl wl wl wl wl wl wl wl wl wl wl wl


that are important to protect: confidentiality, integrity, and availability.
wl wl wl wl wl wl wl wl



confidentiality: An attribute of information that describes how data is protected from disclosur
wl wl wl wl wl wl wl wl wl wl wl wl


e or exposure to unauthorized individuals or systems.
wl wl wl wl wl wl wl



personally identifiable information (PII): Information about a person‘s history, background,
wl wl wl wl wl wl wl wl wl w


and attributes that can be used to commit identity theft that typically includes a person‘s nam
l wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


e, address, Social Security number, family information, employment history, and financial info
wl wl wl wl wl wl wl wl wl wl wl


rmation.
integrity: An attribute of information that describes how data is whole, complete, and uncorru
wl wl wl wl wl wl wl wl wl wl wl wl wl


pted.
availability: An attribute of information that describes how data is accessible and correctly for
wl wl wl wl wl wl wl wl wl wl wl wl wl


matted for use without interference or obstruction.
wl wl wl wl wl wl



accuracy: An attribute of information that describes how data is free of errors and has the val
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


ue that the user expects.
wl wl wl wl



authenticity: An attribute of information that describes how data is genuine or original rather
wl wl wl wl wl wl wl wl wl wl wl wl wl wl


than reproduced or fabricated.
wl wl wl



utility: An attribute of information that describes how data has value or usefulness for an end
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


purpose.
wl



possession: An attribute of information that describes how the data‘s ownership or control is
wl wl wl wl wl wl wl wl wl wl wl wl wl wl


legitimate or authorized. wl wl



McCumber Cube: A graphical representation of the architectural approach used in computer
wl wl wl wl wl wl wl wl wl wl wl


and information security that is commonly shown as a cube composed of 3×3×3 cells, similar
wl wl wl wl wl wl wl wl wl wl wl wl wl wl wl


to a Rubik‘s Cube.
wl wl wl wl



information system: The entire set of software, hardware, data, people, procedures, and net
wl wl wl wl wl wl wl wl wl wl wl wl


works that enable the use of information resources in the organization.
wl wl wl wl wl wl wl wl wl wl



physical security: The protection of material items, objects, or areas from unauthorized acces
wl wl wl wl wl wl wl wl wl wl wl wl


s and misuse.
wl wl