Computer Security Assignment 1

1. Describe the critical characteristics of information. How are they used in the study of
Computer security?

2. Why is information security a management problem? What can management do that

technology cannot?

3. Why is data the most important asset an organization possesses? What other assets in the
organization require protection?

4. What is information extortion? Describe how such an attack can cause losses, using an
example not found in the text.

5. Why does polymorphism cause greater concern than traditional malware? How does it affect
detection?

6. What methods does a social engineering hacker use to gain information about a user’s login id
and password? How would this method differ if it were targeted towards an administrator’s
assistant versus a data-entry clerk?

7. Using the Web, research Mafiaboy’s exploits. When and how did he compromise sites? How
was he caught?
8. Consider the information stored on your personal computer. For each of the terms listed, find
an example and document it: threat, threat agent, vulnerability, exposure, risk, attack, and
exploit.

9. Using the Web, find out more about Kevin Mitnick. What did he do? Who caught him? Write
a short summary of his activities and explain why he is infamous.