Instructor Manual Principles of Information Security, 7th Edition by Michael E.Whitman

InstructorvgManual:vgWhitmanvgandvgMattord,vgPrinciplesvgofvgInformationvgSecurityvg7e,vgISBNvg978-0-357-50643-
1;vgModulevg1:vgIntroductionvgto
Information Security




©vg2022vgCengage.vgAllvgRightsvgReserved.vgMayvgnotvgbevgscanned,vgcopiedvgorvgduplicated,vgorvgpostedvgtovgavgpubliclyvga 1
ccessiblev g website,vginvgwholevgorvginvgpart.

, InstructorvgManual:vgWhitmanvgandvgMattord,vgPrinciplesvgofvgInformationvgSecurityvg7e,vgISBNvg978-0-357-50643-
1;vgModulevg1:vgIntroductionvgto
Information Security


Instructor Manual vg




Whitman and Mattord, Principles of Information Security 7e, ISBN 978-0-357-50643-
vg vg vg vg vg vg vg vg vg


1; Module 1: Introduction to Information Security
vg vg vg vg vg vg




Table of Contentsvg vg




Purpose and Perspective of the Module .................................................................................... 2
vg vg vg vg vg



Cengage Supplements ................................................................................................................ 2
vg



Module Objectives ...................................................................................................................... 2
vg



Complete List of Module Activities and Assessments ................................................................. 2
vg vg vg vg vg vg



Key Terms .................................................................................................................................. 3
vg



What's New in This Module ........................................................................................................ 4
vg vg vg vg



Module Outline............................................................................................................................ 4
vg



Discussion Questions ................................................................................................................ 15
vg



Suggested Usage for Lab Activities.......................................................................................... 16
vg vg vg vg



Additional Activities and Assignments ....................................................................................... 17
vg vg vg



Additional Resources ................................................................................................................ 17
vg



Cengage Video Resources ....................................................................................................................... 17
vg vg



Internet Resources .................................................................................................................................. 17
vg



Appendix ................................................................................................................................... 18
Grading Rubrics ....................................................................................................................................... 18
vg




©vg2022vgCengage.vgAllvgRightsvgReserved.vgMayvgnotvgbevgscanned,vgcopiedvgorvgduplicated,vgorvgpostedvgtovgavgpubliclyvga 2
ccessiblev g website,vginvgwholevgorvginvgpart.

, InstructorvgManual:vgWhitmanvgandvgMattord,vgPrinciplesvgofvgInformationvgSecurityvg7e,vgISBNvg978-0-357-50643-
1;vgModulevg1:vgIntroductionvgto
Information Security

Purpose and Perspective of the Module vg vg vg vg vg




The first module of the course in information security provides learners the foundational kno
vg vg vg vg vg vg vg vg vg vg vg vg vg


wledge to become well versed in the protection systems of any size need within an organiz
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


ation today. The module begins with fundamental knowledge of what information security is
vg vg vg vg vg vg vg vg vg vg v g vg v


gand the how computer security evolved into what we know now as information security toda
vg vg vg vg vg vg vg vg vg vg vg vg vg vg


y. Additionally, learners will gain knowledge on the how information security can be viewed e
vg vg vg vg vg vg vg vg vg vg vg vg vg vg


ither as an art or a science and why that is the case.
vg vg vg vg vg vg vg vg vg vg vg vg




Cengage Supplements vg




The following product-
vg vg


level supplements are available in the Instructor Resource Center and provide additional info
vg vg vg vg vg vg vg vg vg vg vg vg


rmation that may help you in preparing your course:
vg vg vg vg vg vg vg vg



 PowerPoint slides vg


 Test banks, available in Word, as LMS-ready files, and on the Cognero platform
vg vg vg vg vg vg vg vg vg vg vg vg


 MindTap Educator Guide vg vg


 Solution and Answer Guide vg vg vg


 This instructor‘s manual
vg vg




Module Objectives vg




The following objectives are addressed in this module:
vg vg vg vg vg vg vg



1.1 Define information security. vg vg



1.2 Discuss the history of computer security and explain how it evolved into informati
vg vg vg vg vg vg vg vg vg vg vg vg


on security.
vg



1.3 Define key terms and critical concepts of information security.
vg vg vg vg vg vg vg vg



1.4 Describe the information security roles of professionals within an organization.
vg vg vg vg vg vg vg vg vg




Complete List of Module Activities and Assessments vg vg vg vg vg vg




For additional guidance refer to the MindTap Educator Guide.
vg vg vg vg vg vg vg vg




Module vg PPT slide vg Activity/Assessment Duration
Objective
2 Icebreaker: Interview Simulation vg vg 10 minutes
vg


1.1–1.2 19–20 Knowledge Check Activity 1 vg vg vg 2 minutes
vg


1.3 34–35 Knowledge Check Activity 2 vg vg vg 2 minutes
vg


1.4 39–40 Knowledge Check Activity 3 vg vg vg 2 minutes
vg


1.1–1.4 MindTap Module 01 Review Questions vg vg vg 30–40 minutes vg


1.1 – 1.4vg vg MindTap Module 01 Case Exercises vg vg vg 30 minutes
vg


1.1 – 1.4vg vg MindTap Module 01 Exercises vg vg 10–30 minutes per
vg vg


question; 1+ hour p vg vg vg


er module
vg


1.1 – 1.4vg vg MindTap Module 01 Security for Life vg vg vg vg 1+ hour
vg


1.1 – 1.4vg vg MindTap Module 01 Quiz vg vg 10–15 minutes vg



[return to top] vg vg




©vg2022vgCengage.vgAllvgRightsvgReserved.vgMayvgnotvgbevgscanned,vgcopiedvgorvgduplicated,vgorvgpostedvgtovgavgpubliclyvga 3
ccessiblev g website,vginvgwholevgorvginvgpart.

, InstructorvgManual:vgWhitmanvgandvgMattord,vgPrinciplesvgofvgInformationvgSecurityvg7e,vgISBNvg978-0-357-50643-
1;vgModulevg1:vgIntroductionvgto
Information Security

Key Terms vg




In order of use:
vg vg vg



computer security: In the early days of computers, this term specified the protection of the
vg vg vg vg vg vg vg vg vg vg vg vg vg vg


physical location and assets associated with computer technology from outside threats, but i
vg vg vg vg vg vg vg vg vg vg vg vg vg


t later came to represent all actions taken to protect computer systems from losses.
vg vg vg vg vg vg vg vg vg vg vg vg vg



security: A state of being secure and free from danger or harm as well as the actions taken
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


to make someone or something secure.
vg vg vg vg vg vg



information security: Protection of the confidentiality, integrity, and availability of information as
vg vg vg vg vg vg vg vg vg vg vg


sets, whether in storage, processing, or transmission, via the application of policy, education, trai
vg vg vg vg vg vg vg vg vg vg vg vg vg


ning and awareness, and technology.
vg vg vg vg



network security: A subset of communications security; the protection of voice and data ne
vg vg vg vg vg vg vg vg vg vg vg vg vg


tworking components, connections, and content.
vg vg vg vg



C.I.A. triad: The industry standard for computer security since the development of the main
vg vg vg vg vg vg vg vg vg vg vg vg vg


frame; the standard is based on three characteristics that describe the attributes of informati
vg vg vg vg vg vg vg vg vg vg vg vg vg


on that are important to protect: confidentiality, integrity, and availability.
vg vg vg vg vg vg vg vg vg



confidentiality: An attribute of information that describes how data is protected from disclos
vg vg vg vg vg vg vg vg vg vg vg vg


ure or exposure to unauthorized individuals or systems.
vg vg vg vg vg vg vg



personally identifiable information (PII): Information about a person‘s history, background
vg vg vg vg vg vg vg vg vg


, and attributes that can be used to commit identity theft that typically includes a person‘s na
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


me, address, Social Security number, family information, employment history, and financial i
vg vg vg vg vg vg vg vg vg vg vg


nformation.
integrity: An attribute of information that describes how data is whole, complete, and uncorr
vg vg vg vg vg vg vg vg vg vg vg vg vg


upted.
availability: An attribute of information that describes how data is accessible and correctly f
vg vg vg vg vg vg vg vg vg vg vg vg vg


ormatted for use without interference or obstruction.
vg vg vg vg vg vg



accuracy: An attribute of information that describes how data is free of errors and has the v
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


alue that the user expects.
vg vg vg vg



authenticity: An attribute of information that describes how data is genuine or original rather
vg vg vg vg vg vg vg vg vg vg vg vg vg


than reproduced or fabricated.
vg vg vg vg



utility: An attribute of information that describes how data has value or usefulness for an end pu
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


rpose.
possession: An attribute of information that describes how the data‘s ownership or control is leg
vg vg vg vg vg vg vg vg vg vg vg vg vg vg


itimate or authorized. vg vg



McCumber Cube: A graphical representation of the architectural approach used in compute
vg vg vg vg vg vg vg vg vg vg vg


r and information security that is commonly shown as a cube composed of 3×3×3 cells, simi
vg vg vg vg vg vg vg vg vg vg vg vg vg vg vg


lar to a Rubik‘s Cube.
vg vg vg vg



information system: The entire set of software, hardware, data, people, procedures, and n
vg vg vg vg vg vg vg vg vg vg vg vg


etworks that enable the use of information resources in the organization.
vg vg vg vg vg vg vg vg vg vg



physical security: The protection of material items, objects, or areas from unauthorized acce
vg vg vg vg vg vg vg vg vg vg vg vg


ss and misuse.
vg vg




©vg2022vgCengage.vgAllvgRightsvgReserved.vgMayvgnotvgbevgscanned,vgcopiedvgorvgduplicated,vgorvgpostedvgtovgavgpubliclyvga 4
ccessiblev g website,vginvgwholevgorvginvgpart.