UC Santa Cruz - Information Technology Services - IT Security Awareness - Computer Security Tutorial Module 10 (Text-Only Version)


Home About ITS Services ITS News Policies Governance ITS Staff Site Jobs Find An Answer Feedback

IT Security Awareness

UCSC | Campus Safety

Web Statistics by Google Analytics

Computer Security Tutorial Module 10 (Text-Only Version)

Home IT Security Awareness Computer Security Tutorial Module 10 (Text-Only Version)

Computer Security Tutorial (Text-Only Version)
Module 10: Security Self-Test:Questions and Scenarios

Scenario #1:

Your supervisor is very busy and asks you to log into the HR Server using her user-ID and password to retrieve some reports. What should you do?

A: It’s your boss, so it’s okay to do this.
B: Ignore the request and hope she forgets.
C: Decline the request and remind your supervisor that it is against UC policy.

Answer #1:

C - Decline the request and remind your supervisor that it is against UC policy.

User-ID's and passwords must not be shared. If pressured further, report the situation to management or to I.T.S. Security.

Scenario #2:

You receive an e-mail with an attachment from “I.T. Security.” The e-mail says that your computer has been infected with a virus and you need to open the attachment and follow the directions to get rid of the virus. What should you do? <Select all that apply>

A: Follow the instructions ASAP to avoid the virus.
B: Open the e-mail attachment to see what it says.
C: Reply to the sender and say “take me off this list”
D: Delete the message from the unknown source.
E: Contact the I.T.S. Support Center and ask about the email.

Answer #2:

D or E:

Attachments can contain viruses and other malicious programs that can infect your computer, so opening or clicking on an unexpected or unknown attachment is very risky.

If you can tell that this is spam, delete the E-mail message. If you are unsure about whether you should open the attachment, contact your local computer person or the I.T.S. Support Center (459-HELP) for further instructions.

As a general rule, don’t open, reply to, or forward suspicious e-mails or attachments.

Scenario #3:

Your sister sends you an e-mail at work with a screen saver she says you would love. What should you do? <Select all that apply>

A: Download it onto your computer, since it’s from a trusted source.
B: Forward the message to other friends to share it.
C: Call I.T. and ask them to help install it for you.
D: Delete the message.

Answer #3:

D - Delete the message:

This one has four big risks:

1. Some screen savers contain viruses or other malicious programs, so just in general, it’s risky to put unknown or unsolicited programs or software on your computer.

2. Also, in some cases just clicking on a malicious link can infect a computer, so unless you are sure a link is safe, don’t click on it.

3. Email addresses can be faked, so just because the email says it is from someone you know, you can’t be certain of this without checking.

4. Finally, some websites and links look legitimate, but they're really hoaxes designed to steal your information.

Scenario #4:

Which workstation security safeguards are YOU responsible for following and/or protecting? <Select all that apply>

A: User I.D.
B: Password
C: Log-off programs
D: Lock-up office or work area (doors, windows)
E: All of the above

Answer #4:

E - All of the above.

Scenario #5:

Real-life Scenario:
One of the staff members in ITS subscribes to a number of free IT magazines. Among the questions she was asked in order to activate her subscriptions, one magazine asked for her month of birth, a second asked for her year of birth, and a third asked for her mother's maiden name.

Question: What do you think might be going on here?

Answer #5:

Possible answer:
All three newsletters probably have the same parent company or are distributed through the same service. The parent company or service can combine individual pieces of seemingly-harmless information and use or sell it for identity theft. It is even possible that there is a fourth newsletter that asks for day of birth as one of the activation questions.

Note: Often questions about personal information are optional. In addition to being suspicious about situations like the one described here, never provide personal information when it is not legitimately necessary.

Scenario #6:

Real-life Scenario:
We saw a case a while back where someone used their yahoo account at a lab on campus. She made sure her yahoo account was no longer open in the browser window before leaving the lab. Someone came in behind her and used the same browser to re-access her account. They started sending emails from it and caused all sorts of mayhem.

Question: What do you think might be going on here?

Answer #6:

Possible answers:
The first person probably didn't log out of her account, so the new person could just go to history and access her account.

Another possibility is that she did log out, but didn't clear her web cache. (This is done through the browser menu to clear pages that the browser has saved for future use.)

Scenario #7:

Two different offices on campus are working to straighten out an error in an employee's bank account due to a direct deposit mistake. Office #1 emails the correct account and deposit information to office #2, which promptly fixes the problem. The employee confirms with the bank that everything has, indeed, been straightened out.

Question: What's wrong here?

Answer #7:

Account and deposit information is sensitive data that could be used for identity theft. Sending this or any kind of sensitive information by email is very risky because email is typically not private or secure. Anyone who knows how can access it while it is being sent.

As an alternative, the two offices could have called each other or worked with their computing people to send the information a more secure way.

Scenario #8:

Real-life Scenario:
In our computing labs and departments, print billing is often tied to the user's login. People login, they print, they (or their department) get a bill. Sometimes people call to complain about bills for printing they never did only to find out that the bills are, indeed, correct.

Question: What do you think might be going on here?

Answer #8:

Possible answer:
Sometimes they realize they loaned their account to a friend who couldn't remember his/her password, and the other person printed. Thus the charges. It's also possible that somebody came in behind them and used their account.

This is an issue with shared or public computers in general. If you don't log out of the computer properly when you leave, someone else can come in behind you and retrieve what you were doing, use your accounts, etc. Always log out of all accounts, quit programs, close browser windows before you walk away.

Scenario #9:

The mouse on your computer screen starts to move around on its own and click on things on your desktop. What do you do? <Select all that apply>

A: Call your co-workers over so they can see.
B: Disconnect your computer from the network.
C: Unplug your mouse.
D: Tell your supervisor.
E: Turn your computer off.
F: Run anti-virus.
G: All of the above.

Answer #9:

B & D.

This is definitely suspicious. Immediately report the problem to your supervisor and the ITS Support Center (459-4357, help@ucsc.edu or http://its.ucsc.edu/support_center/), or to security@ucsc.edu if neither is available.

Also, since it seems possible that someone is controlling the computer remotely, it is best if you can disconnect the computer from the network (and turn off wireless if you have it) until help arrives. If possible, don't turn off the computer.

Scenario #10:

You receive the following email:

From: tmfondly@ucsc.edu
Subject: ACTION: Key Audit
Date: January 24, 2006 9:07:02 AM PST
To: kim@ucsc.edu, peter@ucsc-extension.edu, neil@ucsc.edu, julie@ucsc.edu, mary@ucsc.edu, eric@ucsc.edu, stacey@ucsc.edu, todd@ucsc.edu, and 33 more/

Dear ITS Staff,
It's time once again to Audit everyone's University keys. Please let me know exactly what University keys you have by January 27th. As always with key Audits, simply reply to this message with the key number and location in which the key is used. If you have any questions regarding this Audit, please contact Jamie David, ITS Facilities Coordinator, at 91660.
Best,
Tom Fondly / ITS Business Office / Facilities Assistant / Comm. Bldg Rm 47 / tmfondly@ucsc.edu / 831-459-5433

Question: What should you do?

Answer #10:

You should definitely think twice before replying to the email. If you know the person who sent it, and you know that he is authorized and responsible for collecting this information, you should still verify that the "reply to" address is correct and that your reply email is addressed to the right person. (Emails can be re-directed, so it is always a good idea to double-check the address that your replies are going to.)

If you don't know the person who sent the email, or aren't sure of his role in this matter, check out the request before sending the information - but be careful: the contact information provided in the email may be a trick, so look up the phone number or email address of the person you should check with independently for verification.

Phishing and Spam Quiz

SonicWall has published a fun, informative quiz to test how well you distinguish between email schemes and legitimate email. Check it out at:

http://www.sonicwall.com/phishing/

Security Self Test Completion Cerificate

Other Training Modules:

Introduction to Computer Security
Social Engineering
Internet Privacy and Security
Practice "Safe Emailing"
Password Strength and Security
Ten Other Essential Security Measures
Protecting PII and Other Restricted Data
Reporting I.T. Security Incidents
Additional Information & Resources

Rev. January 2009