Chapter 1 Key Concepts and Terms Flashcards Preview

Fundamentals of Information Systems Security > Chapter 1 Key Concepts and Terms > Flashcards

Flashcards in Chapter 1 Key Concepts and Terms Deck (51)
Loading flashcards...
1

3 tenets of information systems security

Confidentiality, integrity, and availability.

2

AUP (Acceptable Use Policy)

what users are allowed and not allowed to do with organization

3

availability

a mathematical calculation where A=(Total Uptime)/(Total Uptime+Total Downtime)

4

availability

Security actions that ensure that data is accessible to authorized users.

5

BCP

Business Continuity Plan- gives priorities to the functions an organization needs to keep going.

6

CIPA (Children's Internet Protection Act)

protects minors from inappropriate content when accessing the internet in schools and libraries

7

Confidentiality

the act of holding information in confidence, not to be released to unauthorized individuals

8

Cryptography

Practice of hiding data and keeping it away from unauthorized users

9

Cybersecurity

The act of securing and protecting individuals, businesses, organizations, and governments that are connected to the Internet and the Web.

10

Data classification standard

The goal and objective of a __________ is to provide a consistent definition for how an organization should handle and secure different types of data.

11

Downtime

the total amount of time the IT system, application and data are not accessible.

12

DRP

Disaster Recovery Plan- how a business gets back on its feet after a major disaster such as a fire or hurricane.

13

Encryption

the process of transforming data from clear text into ciphertext.

14

End User License Agreement (EULA)

A legal contract between the author of software and the end user that defines how the software can be used

15

Ethernet LAN

LAN solution based on the IEEE 802.3 CSMA/CD standard for 10/100/1000mbps.

16

FERPA (Family Educational Rights and Privacy Act)

Passed in 1974, protects the private data of students and their school records.

17

FISMA (Federal Information Security Management Act)

requires federal civilian agencies to provide security controls over resources that support federal operations.

18

GLBA (Gramm-Leach-Bliley Act)

Federal law enacted in 1999 to control the ways that financial institutions deal with the private information of individuals

19

HIPAA (Health Insurance Portability and Accountability Act)

Federal law passed in 1996, requires health care organizations to have security and privacy controls implemented to ensure patient privacy.

20

Hypertext Transfer Protocol Secure (HTTPS)

an encrypted form of information transfer on the Internet that combines HTTP and TLS

21

information system security

is the collection of activities that protect the information system and the data stored in it.

22

integrity

deals with the validity and accuracy of data.

23

IoT

Internet of Things

24

IT security policy framework

A set of rules for security. The framework is hierarchical and includes policies, standards, procedures, and guidelines.

25

LAN Domain (Local area network)

is a collection of computers connected to one another or to a common connection medium.

26

LAN switch

the device that connects workstations into a physical Ethernet LAN

27

malicious code (malware)

is a computer program written to cause a specific action to occur, such as erasing a hard drive.

28

Mean Time Between Failures (MTBF)

is the predicted amount of time between failures of an IT system during operations.

29

Mean time to failure (MTTF)

The average amount of time expected until the first failure of a piece of equipment.

30

Mean Time to Repair (MTTR)

The average amount of time a computer repair technician needs to resolve the cause of a failure through replacement or repair of a faulty unit.