Chapter 8: Securing Information Systems Flashcards Preview

Computer Information Systems 5620 > Chapter 8: Securing Information Systems > Flashcards

Flashcards in Chapter 8: Securing Information Systems Deck (67)
Loading flashcards...
1

Acceptable Use Policy (AUP)

Defines acceptable uses of the firm's information resources and computing equipment, including desktop and laptop computers, wireless devices, telephones, and the Internet, and specifies consequences for noncompliance.

2

Antivirus Software

Software designed to detect, and often eliminate, computer viruses from an information system.

3

Application Controls

Specific controls unique to each computerized application that ensure that only authorized data are completely and accurately processed by that application.

4

Authentication

The ability of each party in a transaction to ascertain the identity of the other party.

5

Biometric Authentication

Technology for authenticating system users that compares a person's unique characteristics such as fingerprints, face or retinal image, against a stored set profile of these characteristics.

6

Botnet

A group of computers that have been infected with bot malware without users' knowledge, enabling a hacker to use the amassed resources of the computers to launch distributed denial-of-service attacks, phishing campaigns or spam.

7

Bugs

Software program code defects.

8

Business Continuity Planning

Planning that focuses on how the company can restore business operations after a disaster strikes.

9

Click Fraud

Fraudulently clicking on an online ad in pay per click advertising to generate an improper charge per click.

10

Computer Crime

The commission of illegal acts through the use of a computer or against a computer system.

11

Computer Forensics

The scientific collection, examination, authentication, preservation, and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in a court of law.

12

Computer Virus

Rogue software programs that attaches itself to other software programs or data files in order to be executed, often causing hardware and software malfunctions.

13

Controls

All of the methods, policies, and procedures that ensure protection of the organization's assets, accuracy and reliability of its records, and operational adherence to management standards.

14

Cybervandalism

Intentional disruption, defacement, or destruction of a Web site or corporate information system.

15

Cyberwarfare

State-sponsored activity designed to cripple and defeat another state or nation by damaging or disrupting its computers or networks.

16

Deep Packet Inspection (DPI)

Technology for managing network traffic by examining data packets, sorting out low-priority data from higher priority business-critical data, and sending packets in order of priority.

17

Denial-of-Service (DoS) Attack

Flooding a network server or Web server with false communications or requests for services in order too crash the network.

18

Digital Certificates

An attachment to an electronic message to verify the identity of the sender and to provide the receiver with the means to encode a reply.

19

Disaster Recovery Planning

Planning for the restoration of computing and communications services after they have been disrupted.

20

Distributed Denial-of-Service (DDoS) Attack

Numerous computers inundating and overwhelming a network from numerous launch points.

21

Downtime

Period of time in which an information system is not operational.

22

Drive-By Download

Malware that comes with a downloaded file a user intentionally or unintentionally requests.

23

Encryption

The coding and scrambling of messages to prevent their being read or accessed without authorization.

24

Evil Twin

Wireless networks that pretend to be legitimate to entice participants to log on and reveal passwords or credit card numbers.

25

Fault-Tolerant Computer Systems

Systems that contain extra hardware, software, and power supply components that can back a system up and keep it running to prevent system failure.

26

Firewall

Hardware and software placed between an organization's internal network and an external network to prevent outsiders from invading private networks.

27

General Controls

Overal control environment governing the design, security, and use of computer programs and the security of data files in general throughout the organization's information technology infrastructure.

28

Gramm-Leach-Blilely Act

Requires financial institutions to ensure the security and confidentiality of customer data.

29

Hacker

A person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure.

30

High-Availability Computing

Tools and technologies, including backup hardware resources, to enable a system to recover quickly from a crash.