University of Michigan | ITSS | Computer Security 101

page-bannerV3HOME

Report an IT Security Incident

About ITSS

ITSS Home

Computer Security 101

Computer Security 101 Final Exam Answers

Welcome to the 2007 version of the Computer Security 101 Final Exam. Even though the contest is over for this year, you can still review your knowledge of computer security issues by taking this three-minute exam. The answers are below.

Good luck, and remember to check back next fall for the 2008 contest!

Question 1:

You’ve received an online greeting card from an unnamed friend or family member, with a .pdf attached. Do you:

A. Open it quickly, secretly hoping that it’s from the hottie you met last night.
B. Delete it.
C. Forward it to all your friends, asking if any of them sent it you.
D. Reply to the sender with an online thank you card.

Question 2:

College students are at risk for identity theft because:

A. Students may have little or no established credit.
B. Students often post personal information like birthdays and addresses on social networking sites.
C. College students receive credit card offers in the mail, which can be pulled from the trash and filled out by someone else.
D. All of the above.

Question 3:

A good password:

A. Is really easy for you to remember, like GOBLUE2007.
B. Is a long string of numbers, punctuation and upper- and lower-case letters.
C. Is the same for every single account you have so you don’t have to remember too many.
D. Is so funny that you tell everyone so they can appreciate how clever you are.

Question 4:

An easy and free way to protect your laptop from online threats is to:

A. Enable your computer to automatically receive free software updates.
B. Use a host-based firewall.
C. Install anti-virus software.
D. All of the above.

Question 5:

Which computer service does the University offer free to students?

A. Free text message every time the Wolverines score at home football games.
B. Free membership in U-Match.com.
C. Free 80s music file-sharing.
D. Free virus scanning and anti-virus software.

Question 6:

If you set up wireless access to the Internet in your off-campus apartment, it’s important to:

A. Make sure all your outlets are properly grounded.
B. Hide the router in a safe locked place, like a closet.
C. Secure your wireless access by encrypting your communication.
D. Keep the receipt in case the router doesn’t work and you have to return it.

Question 7:

If you are storing information that is personal and private or otherwise sensitive on your laptop, it’s important to:

A. First ask yourself whether it’s really necessary to store it at all, and delete what is unnecessary.
B. Store it in a file titled: “private—do not read.”
C. Use the encryption feature available on both Windows PCs and Macs to encrypt sensitive documents like your resume.
D. Write it in pig Latin.
E. A and C

Question 8:

Mac computers are:

A. Susceptible to the same kinds of online threats as PCs.
B. Programmed to automatically download and complete your FAFSA.
C. Completely immune to viruses and other online threats.
D. Obviously way cooler than PCs, like the guy on the commercial.

Question 9:

You should contact the Information Technology (IT) User Advocate if:

A. You receive harassing e-mail messages.
B. You can’t access your gmail account
C. Your landlord is jerking you around.
D. You need a job reference.

Question 10:

Which of the following is true:

A. College students are experiencing more frequent penalties for violating the Copyright Act by sharing music and movies over the Internet.
B. Last year, of the 1200 notifications of alleged illegal file-sharing activity received by U-M, 72% pertained to sharing done via the residence hall networks.
C. Last year, U-M was on the 25 “worst offenders” lists as published by the RIAA and MPAA.
D. All of the above.

Question 11:

Using peer-to-peer file-sharing software could put your computer’s security at risk because:

A. Some p2p file-sharing could secretly install spyware or adware.
B. You may be allowing your computer to act as an illegal file-sharing server without your knowledge.
C. The stuff that you download might not be what you think it is, like a program designed to hijack your system masquerading as Halo 3™.
D. You may be unknowingly sharing more than just music, for example, your tax return.
E. All of the above.

Question 12:

On average, how long before a computer connected to the Internet is attacked by malicious software or viruses?

A. 23 minutes.
B. 23 hours.
C. 23 days.
D. 23 weeks.

Question 13:

Where did you first hear about this quiz?

E-mail
Facebook
Diag boards
Dorm table tents
Bus signs
ITCS or Rescomp web site
Dorm flyers
Daily ad
Friend
Don’t remember

---------------ANSWERS---------------

Answer 1: You need to be more skeptical! Try again.

Answer 1: B Delete it

Delete it. This e-mail is fraudulent. Scam artists use social engineering techniques to trick users into opening an attachment that installs malware, or to misdirect users to malicious web sites. Others will pose as legitimate businesses or services you may use (ex. Ebay, PayPal, your bank), asking for private personal information. A legitimate organization will never ask for private personal information in this manner. If you are ever in doubt about the source of an e-mail, call 4-HELP with any questions.

Answer 2: While this answer may be true by itself, take another look at the rest of the choices and try again. Try again.

Answer 2: D All of the above

Even though someone who is just a few years out of high school might not have much money to steal, he or she has a fresh identity which can be used to obtain new lines of credit--potentially even more harmful than simply emptying your bank account. Someone with little or no established credit, who is sloppy about protecting private details about themselves is a perfect victim for an identity thieves.

Also, be careful about what you on social networking sites: use a gender-neutral nickname and don’t post any specific information that would identify yourself (high school attended + year of graduation; complete birth date; home address). Another good habit to practice is shredding credit card offers with your name pre-printed on the application.

Answer 3: Are you kidding? Try again.

Answer 3: B Is a long string of numbers, punctuation and upper- and lower-case letters

Follow these guidelines for creating a secure UMICH password:

Select a unique password — not one you are using or have used elsewhere. Do not use a PIN number or a password used for other computing accounts like AOL or hotmail.
Use at least nine characters containing a mix of upper- (capital) and lower-case letters, numbers, and common punctuation. However, do not use a forward slash (/) or a space bar.
Random capitalization, numbers, and common punctuation always improve a password. The more varied the character set, the shorter the password can be, but please use at least nine characters.
The best passwords are made up. (Of course, don't use any examples shown here.)

Use the first letter of words in a phrase and include numbers and punctuation; for example, “Do you know the way to San Jose on US-12?” becomes “DyktwtSJoUS-12?”
Create a nonsense phrase like “!bunca*dinckDOc?”

Very Bad Ideas for Any Password:

Do not use any normal sequence of numbers or letters, including keyboard sequences.
Do not use words found in any dictionary, regardless of language.
Do not use simple transformations of words; for example, by:

adding a character before or after (!horrible or horrible!)
randomly capitalizing letters (HOrriBle)
doubling (horriblehorrible)
spelling backwards (elbirroh)
removing vowels (hrrbl)

Do not use anything based on personal information that someone could reasonably learn.

Answer 4: This item may provide one kind of security, but you need a more comprehensive set of tools to keep your computer safe from multiple types of threats.

Answer 4: D. All of the above.

Make sure you have the big four security tools in place:

Configure your system to automatically receive free software updates that keep your computer and operating system updated with the latest patches.
Anti-virus software will scan your system and kill viruses that could disable or destroy your operating system.
Anti-spyware software looks for evidence of malware that would allow others to watch your Internet activity or potentially even take over your system for their own use.
Firewalls protect your computer by creating a virtual barrier against hackers who can exploit security vulnerabilities to access your computer and steal your information or worse.

Easy directions for putting all these measures into place can be found at: http://www.safecomputing.umich.edu/tools/download/securityshorts_essentials_homepc.pdf

Answer 5: Nice idea, but not true. Try again.

Answer 5: D Free virus scanning and anti-virus software

For more information on the services ResComp offers, visit http://rescomp.housing.umich.edu/tech.help/cvc#services. There you can learn more about the Center for Vulnerability Control (CVC), a service center in South Quad where residents can take their computers throughout the academic year for help with computer security issues. You can also check http://virusbusters.itcs.umich.edu for free downloadable scanners.

Answer 6: Keep trying.

Answer 6: B Secure your wireless access by encrypting your communication.

Encryption is the standard technology used to protect sensitive data from unauthorized disclosure. Follow these easy instructions for securing your wireless network by encrypting your communications: http://www.safecomputing.umich.edu/tools/download/securityshorts_secure_wireless.pdf.

Answer 7: Take another look at the other options for safe ways to protect your data. Try again.

Answer 7: E A and C

If you lose your computer you still want to protect the information inside. Encryption can do that for you. Encryption is the standard technology used to protect sensitive data from unauthorized disclosure.

Directions for putting these measures into place on a Windows PC can be found at: http://www.safecomputing.umich.edu/tools/download/securityshorts_encrypt_docs_windows.pdf.

Directions for Apple’s encryption tool, FileVault, can be found here: http://docs.info.apple.com/article.html?path=Mac/10.4/en/mh1906.html.

Answer 8: Sorry, not true. Try again.

Answer 8: A B and D

Contrary to what some believe, Mac users need to be vigilant about their security in the same way that PC users should be. Every Mac user should follow these best practices: use the Mac operating system’s pre-installed firewall and update software regularly. You can check these settings on your computer under System Preferences:

the firewall settings are in Sharing (firewall tab - default is "on"), and
the OS/Software updates are in: Software Update (default is "check weekly").

Also, visit this link to download U-M licensed anti-virus software for your Mac: http://virusbusters.itcs.umich.edu/downloads/sophos.html

Answer 9: Sorry, not true. Try again.

Answer 9: A You receive harassing e-mail messages.

The User Advocate oversees responsible use of computing resources at the University. The User Advocate investigates reports of violations and works within the University community to ensure that information technology policies are followed. Users are asked to contact the User Advocate if an abuse of University computing resources is suspected, including:

• harassing messages,

• spam from within the University,

• digital copyright infringement, or

• misappropriation of computing resources for commercial use.

Policies for members of the University community regarding proper use of information technology resources can be viewed at: spg.umich.edu/pdf/601.07-0.pdf.

Answer 10: While this answer may be true by itself, take another look at the rest of the choices and try again.

Answer 10: E All of the above.

Peer-to-peer file-sharing is not unlawful. Neither, generally speaking, is the technology: it’s what you share and how you share that may be a violation of law. While it is not always the case, typically, if you are uploading someone else’s copyrighted works (e.g. songs, movies, books, software, documents, etc.), you are likely to be infringing that person’s rights as a copyright holder. That said, there are all sorts of lawful, useful, and important uses you can make of P2P technology, and it is up to you to be responsible for how you use this technology.

For more information on P2P file-sharing, please visit: www.bayu.umich.edu.

Answer 11: While this answer may be true by itself, take another look at the rest of the choices and try again. Try again.

Answer 11: E All of the above.

There is always a risk in having peer-to-peer software on your computer. Aside from opening up your computer up to adware, spyware, and Trojan worms and viruses, you might incur a legal risk as well.

Some users inadvertantly allow file-sharing software to share all files on their computer, rather than just music. This could include sensitive personal information you would like to keep protected.

To be safe, remove it or take the time to learn how to use it lawfully, and in ways that will minimize your risk. If you want access to music and movies, there are many ways to download it safely and lawfully through vendors such as iTunes™ or Real Rhapsody™, or directly from the artist’s web page.

For more information on P2P file-sharing, please visit: www.bayu.umich.edu.

Answer 12: It happens faster than that—check your options again.

Answer 12: A. 23 minutes.

Any computer that has a connection to the Internet is attractive to hackers, worms and viruses. According to studies by the Internet Storm Center (isc.sans.org) the mean time is currently approximately 23 minutes.