Instructor Manual Principles of Information Security, 7th Edition by Michael E.Whitman Instructor Manual Whitman and Mattord, Principles of Information Security 7e, ISBN 978 -0-357-50643 -1; Module 1: Introduction to Information Security Table of Contents Purpose and Perspective of the Module ................................ ................................ ................................ ......................... 2 Cengage Supplements ................................ ................................ ................................ ................................ ........................ 2 Module Objectives ................................ ................................ ................................ ................................ .............................. 2 Complete List of Module Activities and Assessments ................................ ................................ ................................ .. 2 Key Terms ................................ ................................ ................................ ................................ ................................ ............ 3 What's New in This Module ................................ ................................ ................................ ................................ ............. 4 Module Outline ................................ ................................ ................................ ................................ ................................ ... 4 Discussion Questions ................................ ................................ ................................ ................................ ....................... 15 Suggested Usage for Lab Activities ................................ ................................ ................................ ................................ 16 Additional Activities and Assignments ................................ ................................ ................................ .......................... 17 Additional Resources ................................ ................................ ................................ ................................ ........................ 17 Cengage Video Resources ................................ ................................ ................................ ................................ ........... 17 Internet Resources ................................ ................................ ................................ ................................ ....................... 17 Appendix ................................ ................................ ................................ ................................ ................................ ............ 18 Grading Rubrics ................................ ................................ ................................ ................................ ............................ 18 Purpose and Perspective of the Module The first module of the course in information security provides learners the foundational knowledge to become well versed in the protection systems of any size need within an organization today. The module begins with fundamental knowledge of what information security is and the how computer security evolved into what we know now as information security today. Additionally, learners will gain knowledge on the how information security can be viewed either as an art or a science and why that is the case. Cengage Supplements The following product -level supplements are available in the Instructor Resource Center and provide additional information that may help you in preparing your course: • PowerPoint slides • Test banks, available in Word, as LMS -ready files, and on the Cognero platform • MindTap Educator Guide • Solution and Answer Guide • This instructor‘s manual Module Objectives The following objectives are addressed in this module: 1.1 Define information security. 1.2 Discuss the history of computer security and explain how it evolved into information security. 1.3 Define key terms and critical concepts of information security. 1.4 Describe the information security roles of professionals within an organization. Complete List of Module Activities and Assessments For additional guidance refer to the MindTap Educator Guide. Module Objective PPT slide Activity/Assessment Duration 2 Icebreaker: Interview Simulation 10 minutes 1.1–1.2 19–20 Knowledge Check Activity 1 2 minutes 1.3 34–35 Knowledge Check Activity 2 2 minutes 1.4 39–40 Knowledge Check Activity 3 2 minutes 1.1–1.4 MindTap Module 01 Review Questions 30–40 minutes 1.1 – 1.4 MindTap Module 01 Case Exercises 30 minutes 1.1 – 1.4 MindTap Module 01 Exercises 10–30 minutes per question; 1+ hour per module 1.1 – 1.4 MindTap Module 01 Security for Life 1+ hour 1.1 – 1.4 MindTap Module 01 Quiz 10–15 minutes [return to top] Key Terms In order of use: computer security: In the early days of computers, this term specified the protection of the physical location and assets associated with computer technology from outside threats, but it later came to represent all actions taken to protect computer systems from losses. security: A state of being secure and free from danger or harm as well as the actions taken to make someone or something secure. information security: Protection of the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission, via the application of policy, education, training and awareness, and technology. network security: A subset of communications security; the protection of voice and data networking compon ents, connections, and content. C.I.A. triad: The industry standard for computer security since the development of the mainframe; the standard is based on three characteristics that describe the attributes of information that are important to protect: confidentiality, integrity, and availability. confidentiality: An attribute of information that describes how data is protected from disclosure or exposure to unauthorized individuals or systems. personally identifiable information (PII): Information about a person‘s history, background, and attributes that can be used to commit identity theft that typically includes a person‘s name, address, Social Security number, family information, employment h istory, and financial information. integrity: An attribute of information that describes how data is whole, complete, and uncorrupted. availability: An attribute of information that describes how data is accessible and correctly formatted for use without interference or obstruction. accuracy: An attribute of information that describes how data is free of errors and has the value that the user expects. authenticity: An attribute of information that describes how data is genuine or original rather than reproduced or fabricated. utility: An attribute of information that describes how data has value or usefulness for an end purpose. possession: An attribute of information that describes how the data‘s ownership or control is legitimate or authorized. McCum ber Cube: A graphical representation of the architectural approach used in computer and information security that is commonly shown as a cube composed of 3×3×3 cells, similar to a Rubik‘s Cube. information system: The entire set of software, hardware, data , people, procedures, and networks that enable the use of information resources in the organization. physical security: The protection of material items, objects, or areas from unauthorized access and misuse.
