Guided Reading Exercise - CIS 211 - Management Information Systems

Independent Work Policy

On this assignment, students must work independently. Actions such as directly collaborating with students currently enrolled in the class, referring to the work students formerly enrolled in the class, and using other people to complete the assignment are all examples of violations of this policy. Students should use the instructor for any questions about completing the assignment.

Academic Integrity

Students who choose to violate the independent work policy must cite the use of other people's work by including the names of those people in a conspicuous location. By providing citations, students avoid violating the Elon Honor Code. Students who both violate the independent work policy and fail to cite the names of contributors are subject to the Elon University Academic Integrity Policy.

Format

Students must write their answers on exactly one sheet of standard letter paper (8.5 inches by 11 inches, as found in all Elon campus printers). It is recommended but not required that students use word processing software to print their work.

Directions

There are three areas of reading and six total questions for this assignment.

Respond to the following items by reading Chapter 1 of The Art of Deception by Kevin Mitnick. The reading is provided as a PDF on the class Blackboard site. Log in, hit the link to the page for this class, then click on eReserves in the left-hand navigation area. Accept the terms, then click on the PDF link to view the material.

  1. We discussed previously in class that when an information system implements some type of security procedure, efficiency suffers but effectiveness gains. Provide a specific example from the reading where the efficiency/effectiveness tradeoff is evident.
  2. What are methods that an organization can use to prevent attacks by a social engineer?

Respond to the following items by reading chapter 5 (pages 46 through 53) and Business Plug-in B6 (pages 370 through 382) of the Baltzan textbook.

  1. Suppose that Elon IT officials have observed that a number of students forget to log off after using public machines and that malicious users have done damage to computing resources by using a machine that was still logged in. Elon is considering automatically locking machines after 30 seconds of non-use. Briefly describe some of the advantages and disadvantages of this approach.
  2. Many systems (including OnTrack) allow a user to set a hint in remembering their password. Describe how an individual could use social engineering to determine the password of a legitimate user without raising the suspicion of that user.
  3. Distinguish spamming and phishing.
  4. Encryption is one method of securing data exchanged over insecure channels. Do a bit of Web research on steganography and in your own words, briefly explain what it is and how it differs from encryption.

Delivery

Students must submit their work in person and immediately at the beginning of class on the due date listed. Students may not submit their work electronically and may not have other students submit their work. Late work will not be accepted. Students are advised to print their work prior to their arrival in the classroom.