SOLUTION MANUAL - Whitman and Mattord, Principles of Information Security 7th Edition, Module 1 - 12, Complete Latest Version

Instructor Manual Principles of Information Secur
n9 n9 n9 n9 n9n9




ity, 7th Edition by Michael E.Whitman
n9 n9 n9 n9 n9

,Instructor Manual n9




Whitman and Mattord, Principles of Information Security 7e, ISBN 978-0-357-50643-
n9 n9 n9 n9 n9 n9 n9 n9 n9


1; Module 1: Introduction to Information Security
n9 n9 n9 n9 n9 n9




Table of Contentsn9 n9




Purpose and Perspective of the Module .................................................................................... 2
n9 n9 n9 n9 n9



Cengage Supplements ................................................................................................................ 2
n9



Module Objectives ...................................................................................................................... 2
n9



Complete List of Module Activities and Assessments ................................................................ 2
n9 n9 n9 n9 n9 n9



Key Terms .................................................................................................................................. 3
n9



What's New in This Module........................................................................................................ 4
n9 n9 n9 n9



Module Outline............................................................................................................................ 4
n9



Discussion Questions ................................................................................................................ 15
n9



Suggested Usage for Lab Activities.......................................................................................... 16
n9 n9 n9 n9



Additional Activities and Assignments....................................................................................... 17
n9 n9 n9



Additional Resources ................................................................................................................ 17
n9



Cengage Video Resources ....................................................................................................................... 17
n9 n9



Internet Resources .................................................................................................................................. 17
n9



Appendix ................................................................................................................................... 18
Grading Rubrics ....................................................................................................................................... 18
n9

,Purpose and Perspective of the Module n9 n9 n9 n9 n9




The first module of the course in information security provides learners the foundational kno
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


wledge to become well versed in the protection systems of any size need within an organiz
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ation today. The module begins with fundamental knowledge of what information security is
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n


and the how computer security evolved into what we know now as information security tod
9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ay. Additionally, learners will gain knowledge on the how information security can be viewed
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n


either as an art or a science and why that is the case.
9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9




Cengage Supplements n9




The following product-
n9 n9


level supplements are available in the Instructor Resource Center and provide additional inf
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ormation that may help you in preparing your course:
n9 n9 n9 n9 n9 n9 n9 n9



 PowerPoint slides n9


 Test banks, available in Word, as LMS-ready files, and on the Cognero platform
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


 MindTap Educator Guide n9 n9


 Solution and Answer Guide n9 n9 n9


 This instructor‘s manual
n9 n9




Module Objectives n9




The following objectives are addressed in this module:
n9 n9 n9 n9 n9 n9 n9



1.1 Define information security. n9 n9



1.2 Discuss the history of computer security and explain how it evolved into informat
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ion security. n9



1.3 Define key terms and critical concepts of information security.
n9 n9 n9 n9 n9 n9 n9 n9



1.4 Describe the information security roles of professionals within an organization.
n9 n9 n9 n9 n9 n9 n9 n9 n9




Complete List of Module Activities and Assessments n9 n9 n9 n9 n9 n9




For additional guidance refer to the MindTap Educator Guide.
n9 n9 n9 n9 n9 n9 n9 n9




Module n9 PPT slide n9 Activity/Assessment Duration
Objective
2 Icebreaker: Interview Simulation n9 n9 10 minutes
n9


1.1–1.2 19–20 Knowledge Check Activity 1 n9 n9 n9 2 minutes
n9


1.3 34–35 Knowledge Check Activity 2 n9 n9 n9 2 minutes
n9


1.4 39–40 Knowledge Check Activity 3 n9 n9 n9 2 minutes
n9


1.1–1.4 MindTap Module 01 Review Questions n9 n9 n9 30–40 minutes n9


1.1 – 1.4
n9 n9 MindTap Module 01 Case Exercises n9 n9 n9 30 minutes
n9


1.1 – 1.4
n9 n9 MindTap Module 01 Exercises n9 n9 10–30 minutes pern9 n9


question; 1+ hour p n9 n9 n9


er module
n9


1.1 – 1.4
n9 n9 MindTap Module 01 Security for Life n9 n9 n9 n9 1+ hour
n9


1.1 – 1.4
n9 n9 MindTap Module 01 Quiz n9 n9 10–15 minutes n9



[return to top] n9 n9

, Key Terms n9




In order of use:
n9 n9 n9



computer security: In the early days of computers, this term specified the protection of th
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


e physical location and assets associated with computer technology from outside threats, bu
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


t it later came to represent all actions taken to protect computer systems from losses.
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9



security: A state of being secure and free from danger or harm as well as the actions take
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


n to make someone or something secure.
n9 n9 n9 n9 n9 n9



information security: Protection of the confidentiality, integrity, and availability of informati
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


on assets, whether in storage, processing, or transmission, via the application of policy, edu
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


cation, training and awareness, and technology.
n9 n9 n9 n9 n9



network security: A subset of communications security; the protection of voice and data ne
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


tworking components, connections, and content.
n9 n9 n9 n9



C.I.A. triad: The industry standard for computer security since the development of the mai
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


nframe; the standard is based on three characteristics that describe the attributes of informa
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


tion that are important to protect: confidentiality, integrity, and availability.
n9 n9 n9 n9 n9 n9 n9 n9 n9



confidentiality: An attribute of information that describes how data is protected from disclos
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ure or exposure to unauthorized individuals or systems.
n9 n9 n9 n9 n9 n9 n9



personally identifiable information (PII): Information about a person‘s history, background
n9 n9 n9 n9 n9 n9 n9 n9 n9


, and attributes that can be used to commit identity theft that typically includes a person‘s n
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ame, address, Social Security number, family information, employment history, and financial
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


information.
n9



integrity: An attribute of information that describes how data is whole, complete, and uncorr
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


upted.
availability: An attribute of information that describes how data is accessible and correctly f
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ormatted for use without interference or obstruction.
n9 n9 n9 n9 n9 n9



accuracy: An attribute of information that describes how data is free of errors and has the v
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


alue that the user expects.
n9 n9 n9 n9



authenticity: An attribute of information that describes how data is genuine or original rathe
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


r than reproduced or fabricated.
n9 n9 n9 n9



utility: An attribute of information that describes how data has value or usefulness for an e
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


nd purpose.
n9



possession: An attribute of information that describes how the data‘s ownership or control i
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


s legitimate or authorized.
n9 n9 n9



McCumber Cube: A graphical representation of the architectural approach used in comput
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


er and information security that is commonly shown as a cube composed of 3×3×3 cells, si
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


milar to a Rubik‘s Cube.
n9 n9 n9 n9



information system: The entire set of software, hardware, data, people, procedures, and n
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


etworks that enable the use of information resources in the organization.
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9



physical security: The protection of material items, objects, or areas from unauthorized acce
n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9 n9


ss and misuse.
n9 n9