Information Security Quiz Drawing:
Sonu Upadhyay Is a Winner!

Sonu Upadhyay, a Cal State L.A. senior, won a new HP Compaq 6720s Notebook PC in the Information Security Quiz Drawing. Sonu’s entry was randomly selected and his quiz answers were verified as correct by a University administrator.

Surprised and happy about his good fortune, Mr. Upadhyay commented, “When I got the notice that I was the winner, I couldn’t believe it. I’ve never won anything before! I never thought that I’d win anything, and now I’ve won something big like an HP laptop!”

An Electrical Engineering major who will graduate this summer, Sonu Upadhyay is taking 33 units this quarter. “I’m trying to manage my time,” he said, “but, it’s hard.” Despite his challenging schedule, Mr. Upadhyay will return to Cal State L.A. this fall to begin work on his master’s degree. He’s currently working on a green project to help the environment.

Sonu’s studies keep him so busy that he almost didn’t have time to enter the drawing. “I picked up my NIS account last quarter,” Sonu said, “and I check my e-mail all the time, but I didn’t have time to respond to the contest e-mail then. This quarter I had a little more time to find the quiz answers and enter the contest.”

Even before winning the HP laptop, Sonu Upadhyay realized the value of an NIS account and continues to check his campus e-mail frequently. “It might contain important campus information since it’s now being used for official communications,” he said.

Sonu Upadhyay thinks his overall experience at Cal State L.A. has been a good one, especially the service he receives from the Electrical Engineering department. “The staff in my department always have been really helpful to me,” he said.

Mr. Upadhyay is confident that the University is fully preparing him for a professional career. “There are a whole lot of resources available to me as an Electrical Engineering student. The labs have all the software needed to prepare me for what I’ll be doing when I get a job. As soon as I finish my bachelor’s degree, I will be looking for a job. But my first priority will be getting my master’s degree.”

Sonu is so positive about Cal State L.A. that he will tell his friends and associates about all the campus has to offer. “I’ll tell them that the EE department is really good,” he said. “My brother will be coming here as well.”

Participating in the quiz gave Mr. Upadhyay a chance to learn a great deal about information security. “I studied everything on the Web pages several times to get all the correct answers,” he said. “I learned a lot about security, spyware, encrypted and unencrypted files, and securing my identity. The Web site is very nice with lots of good information.”

Congratulations, Sonu Upadhyay!

All answers to the Information Security Quiz could be located on the campus Are You Secure? Web site at: http://www.calstatela.edu/itsecurity. For those of you who were wondering, the correct answers to the Information Security Quiz are listed below:

List five ways to physically protect a laptop.
Any five of the following answers are correct. (More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/phys-laptop.htm.)

1. Treat your laptop like you would a wallet or purse containing a lot of money and personal information.
2. If allowed, put a distinctive marking on your laptop.
3. Never leave your laptop unattended, even for a few seconds.
4. Never ask others, especially strangers, to watch your laptop for you.
5. Disguise your laptop’s carrying case.
6. Carry your laptop in a case with a strap worn diagonally across your body, with the laptop placed in front of your body.
7. Lock your laptop in the car trunk.
8. Do not leave your laptop unattended in your office.
9. Do not place your laptop near an exterior window.
10. Place your laptop on safe, stable surfaces.
11. Use your laptop at room temperature.

List eight items of personal information that identity thieves ask for.
(More details are available at: http://www.calstatela.edu/its/itsecurity/tips/idtheft.htm.)

1. Social Security Number
2. Bank account number and PIN
3. Credit card number and PIN
4. Driver's license number
5. Mother’s maiden name
6. Date of birth
7. Account passwords
8. Home address

List three consequences of illegally downloading copyrighted music or videos.
Any three of the following answers are correct. (More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/downloads.htm.)

1. Online infringement of copyrighted music can be punished by up to 3 years in prison
2. $250,000 in fines.
3. Repeat offenders can be imprisoned up to 6 years.
4. Individuals may also be held civilly liable, regardless of whether the activity is for profit, for actual damages or lost profits, or for statutory damages up to $150,000 per infringed copyright.
5. The student e-mail account may be locked immediately, and the student will have to meet with the IT Security and Compliance director before the account is unlocked.
6. If the University receives a copyright violation notice concerning a faculty or staff computer, the matter is immediately turned over to Human Resources Management.
7. If a second violation occurs, the matter is turned over to the Judicial Affairs Officer in the Division of Student Affairs for review and possible disciplinary action.
8. If these files were allowed to traverse the campus network, it would not only impact network traffic but also interrupt instructional programs and represent a misuse of scarce State-provided network bandwidth.

What is the risk in using emoticons?
Either of the two following answers are correct. (More details are available at: http://www.calstatela.edu/its/itsecurity/tips/emoticons.htm.)

1. Emoticons may download adware and/or spyware (defined below) to a user’s computer.
2. This type of software is often able to bypass the computer’s security settings, propagate itself across a network, and/or gather and send information from the computer or network resources.

Depending upon the password rules for the particular account, what is the minimum number of characters that a strong password should have?

1. 8 (A more detailed answer is available at: http://www.calstatela.edu/its/itsecurity/tips/passwords.htm.)

List three ways to protect a laptop’s wireless connection.
Any three of the following answers are correct. (More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/securewireless.htm.)

1. Disable your wireless card and WAP when not in use (offline).
2. Use the latest wireless security standard: WPA or WPA2.
3. If you cannot use WPA, transmit data using WEP with a strong key.
4. Always encrypt confidential or sensitive data that is stored on, or transmitted from, a wireless laptop.
5. Employ a personal firewall on your laptop.
6. Turn off file sharing.
7. Use SSL or SSH.
8. Use e-mail protocols that are SSL enabled.
9. Use MAC address control.
10. Faculty and Staff: Use VPN to access campus resources.
11. Harden all your laptop’s security systems.
12. Be cautious if using instant messaging (IM).
13. Hide your SSID (prohibit SSID broadcast) and change the default WAP addresses.
14. Disable DHCP or change the default address range.
15. Use a network router to close off access.

List five precautions to take when shopping online.
Any five of the following answers are correct. (More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/shopping.htm.)

1. Only deal with known and trusted vendors.
2. Get all the details. Get the name and physical address of the seller; how much the product or service costs; what is included for that price; whether there are shipping charges; the delivery time, if any; the seller’s privacy policy; and the cancellation and return policy.
3. Look for signs that online purchases are secure.
4. Pay the safest way
5. Never enter your personal information in a pop-up screen.
6. Keep documentation of your order.
7. Know your rights.
8. Be suspicious if someone contacts you unexpectedly and asks for your personal information.
9. Check your credit card and bank statements carefully.
10. Keep your computer secure for safe shopping and other online activities.
11. Beware of emails offering loans or credit, even if you have credit problems.
12. Contact the seller promptly about any problems with your order.

List five ways to protect your e-mail account from viruses and spam.
Any five of the following answers are correct. ((More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/junkmail.htm.)

1. Do not open attachments from unknown senders.
2. Do not forward messages or attachments from unknown senders.
3. Never respond to any junk mail you receive.
4. Do not use the preview feature in your e-mail program.
5. Always use caution when clicking on embedded links in e-mail messages, and never click on links in spam messages.
6. Delete unsolicited messages from unknown senders.
7. Do not make purchases from unsolicited e-mail messages.
8. Never respond to unsolicited e-mail messages that ask for any personal identifying information.
9. Use the blind copy (Bcc) field when sending e-mail messages to a large distribution list.
10. Do not provide your e-mail address to newsgroup lists, online public forums, or Web sites.
11. Never give your primary e-mail address to anyone you don't trust.
12. Use one or more secondary e-mail address.
13. Subscribe to the University's anti-spam services.
14. Configure Outlook to automatically handle junk mail in your campus e-mail account.

List five actions victims of ID theft should take.
Any five of the following answers are correct. ((More detailed answers are available at: http://www.calstatela.edu/its/itsecurity/tips/idtheft-victim.htm.)

1. First and foremost, act quickly: take the actions described in the following steps.
2. Keep detailed records of all communications regarding this incident including names, dates, and times. Send letters by certified mail and retain a copy.
3. Contact the fraud departments of each of the three major credit reporting bureaus and have a fraud alert placed on your file. Obtain copies of your credit reports. Credit Card Bureaus:
4. Check your credit reports. Call creditors for each bogus account listed on your credit report and instruct them to freeze the account immediately.
5. File a report with the police department(s) in the jurisdiction where the crime(s) occurred, as well as with your local police department. Request copies of the police report(s).
6. Mail copies of the police report(s) to the three credit bureaus listed above.
7. Contact the Federal Trade Commission (http://www.ftc.gov) and file a complaint.
8. Contact your bank and stop payment on any outstanding checks. Cancel your checking and/or savings account, and open new accounts. Report any fraud to Check Verification Companies.
9. Check all your investments for irregular activity.
10. Monitor your mail deliveries. It’s important to know the dates you normally receive credit card, bank, and investment statements so you can recognize when statements are late or missing. To report security investment or brokerage account tampering, contact the Securities and Exchange Commission:
11. If you suspect someone has changed your address or used the mail to commit identity theft, contact your local U.S. Postal Inspector and report the crime. Contact your local Postmaster to ensure your mail is sent to the correct address. Also, talk to your mail carrier to alert him or her of the problem. To locate your local U.S. Postal Service inspector, visit: http://www.usps.com/postalinspectors.
12. Contact the Social Security Administration if your Social Security Number (SSN) was used to commit identity theft. The Social Security Administration will change your SSN if you meet the agency’s fraud victim criteria.
13. If bankruptcy occurred fraudulently using your name, contact the U.S. Trustee in the region where the bankruptcy was filed at http://www.usdoj.gov/ust/.
14. Check if criminal records or arrests occurred using your name.
15. Contact your state’s Department of Motor Vehicles if driver’s license or identification card fraud occurred in your name.
16. Notify utilities and telephone companies so they can stop anyone ordering utilities in your name.
17. Notify the U.S. Department of State, Passport Services Department, of your identity theft so they can intercept anyone ordering a new passport in your name. See http://travel.state.gov/passport/ for more information.
18. If the fraud involved a business scam, contact the National Fraud Information Center at (800) 876-7060.

The University thanks Hewlett-Packard Company (HP)
for its generous donation of laptop computers for these drawings!

top

Footer