Assignment 1

Due Wednesday January 31, 2018 6:55pm via sakai

Introduction

Please answer the questions precisely and concisely. Every question can be answered in one or at most a few sentences. I will not have the patience to read long paragraphs or essays and you may lose credit for possibly correct answers.

Note: submissions must be be plain text or pdf files – or HTML if embedded within sakai and not uploaded. Other formats, such as Microsoft Word, Apple Pages, or Adobe InDesign will NOT be accepted.

Reading

Text: Ross Anderson, Security Engineering: Chapter 1, pages 3–15; Chapter 2, pages 17–22.
Intro to security engineering, intro to psychological factors. General reading and for questions 2–3.
Bruce Schneier, Beyond Security Theater, Schneier on Security, published in New Internationalist, November 2009.
For question 4
Federal Deposit Insurance Corporation, Vacation Policies [mirror]
For question 5.
Article: Heidi N. Moore, Credit Suisse makes life a little harder for aspiring rogue traders, Marketplace, December 15, 2011. [mirror]
Also for question 5.

Questions

Question 1.

How does authenticity differ from integrity in computer security?

Question 2.

What is pretexting?

Question 3.

What is meant by assurance in the context of security?

Question 4.

What is meant by security theater?

Question 5.

Many banks require employees to take mandatory vacations each year. This policy is described in the FDIC’s Vacation Policies document. Why does the FDIC recommend that bank employees take periodic vacations?