Below are questions relating to all of the aspects of computer security that we have discussed. There is one question per section. To examine possible solutions, click here.
Q1. Like how defenses attempt to protect their endzone or goal from their opponents, computer security protects the assets on a computer from attacks and threats. What specific assets are important to protect on your personal device? What about on a company device?
Q2. The three components of the CIA Triad work together to ensure the security and effectiveness of computer assets, such as the offense, defense, and special teams work together to win games. However, computer attacks are aimed at compromising the pillars of the CIA Triad. Can you think of a type of attack that compromises all three pillars at the same time, and explain how each pillar is affected?
Q3. Strong password security is crucial in preventing unauthorized access, just how strong defense it important in stopping the opposing team from scoring goals. What should your actions be, however, if you discover that your password for an account has been compromised?
Q4. Phishing emails attempt to trick the user into sending sensitive information or clicking dangerous links, just how the opposing team may try to trick a player into sending them their players. Knowing this, what should your immediate thoughts and actions be when receiving an email from someone claiming to be technical support urging you to download a file to protect your computer.
Q5. Social engineering is a technique similar to phishing, as it tricks users into providing sensitive information or doing harmful actions. Imagine that you are a player walking into the locker room that is accessible only to players. While you walk in, a man that you have never seen before walks up behind you and asks to be let in since he is a coach. What should you do?
Q6. Securing devices is an essential step in protecting your computer assets from threats, just like how sports team remove former players' access to the building as well as rely on cameras to monitor all actions occurring in the facility. Knowing this, what actions should you take on a brand-new personal computer to ensure that it is protected?
Q7. Using proper and safe internet practices is an essential step in protecting your computer assets. For example, deciding if you should click on a link found online is very important, as some links contain malicious content. Just as an athlete must avoid risky plays, internet users must avoid risky links. What steps should you take in determining if a link is suspicious or not?
Q8. Malware refers to harmful programs that are designed to spread through computers and cause harm, similar to how sickness can spread through a locker room. What do you think are possible signs that your device has been infected with malware?
Q9. While working remotely may create benefits, it can also create many security vulnerabilities. This is exactly why sports teams provide all their services to players in the facility instead of at each home. If provided with a company device to work with at home, should you ever allow your family members to use such device?
Q10. Preparing for and dealing with computer incidents is just as important as preventing them. For example, while it is crucial to attempt to prevent injuries in sports, it is just as important to promptly deal with them if they occur. How should you immediately respond to an incident where you have discovered you credit card information has been breached?
Q11. Many people think compliance only effects the companies the store data and have operational assets. For example, sports teams must comply and follow the rules of the game. However, compliance regulations and frameworks also effect individuals and personal device. Explain how.
Q12. One of the most important aspects of access control is the principle of least privilege, which makes sure users are given only the minimal level of access needed to perform their role. For example, workers at a sports stadium are only given access to rooms that are needed to perform their job. Explain the significance and benefit of the principle of least privilege relating to computer security.
Q13. Defense-in-depth utilizes multiple layers of security measures to most effectively protect assets from attacks. For example, football defenses utilize multiple layers of positions that cover for each other to prevent touchdowns. Describe how you could utilize defense-in-depth to protect your files on your personal computer from unauthorized access.