Deck 1 Flashcards
(25 cards)
The process of granting or denying specific requests to: i) obtain and use information or related systems or services; or ii) enter specific physical facilities.
Access Control
A person who is responsible for managing a computer system or network.
Administrator
Unlike regular user accounts, administrator accounts have full privileges and can perform tasks such as modifying computer hardware and software settings and managing user accounts. Some systems may refer to administrators as having “root” or “elevated” access.
Administrator Account
A program designed to detect many forms of malware (e.g., viruses and spyware) and prevent them from infecting computers. It may also cleanse already-infected computers.
Antivirus/Anti-malware software
Verifying the identity of a user, process, or system, often as a prerequisite to allowing access to resources in an information system.
Authentication
Timely, reliable access to data, information, and systems by authorized users.
Availability
A copy of information, files, and programs to facilitate recovery. Backups may be stored on the same machine that contains the original information, another machine, a storage device such as a thumb drive, or “in the cloud.”
Backups
A wireless protocol that allows two similarly equipped devices to communicate with each other within a short distance (e.g., 30 ft.). “Bluetooth-enabled” means that nearby devices can communicate with each other without a physical connection. Examples of Bluetooth-enabled devices include cell phones, portable wireless speakers, and wireless headphones.
Bluetooth
A scam that targets businesses by using social engineering or computer intrusion to compromise legitimate business email accounts and conduct unauthorized fund transfers or obtain personal information.1
Business Email Scams
A scam that targets businesses by using social engineering or computer intrusion to compromise legitimate business email accounts and conduct unauthorized fund transfers or obtain personal information.1
Business Email Scams
Assurance that information is not disclosed to unauthorized individuals, processes, or devices.
Confidentiality
Criminal offenses committed on the internet or aided by the use of computer technology.2
Cyber Crime
An occurrence that actually or potentially jeopardizes the confidentiality, integrity, or availability of an information system or that constitutes a violation or imminent threat of violating security policies, security procedures, or acceptable use policies.
Cyber Incident/Cyber Breach
Cyber InsuranceInsurance that is designed to mitigate losses from a variety of cyber incidents, including data breaches, business interruption, and network damage.3
Cyber Insurance
An approach or series of steps to prevent or manage the risk of damage to, unauthorized use of, exploitation of, and—if needed—to restore electronic information and communications systems, and the information they contain, in order to strengthen the confidentiality, integrity, and availability of these systems.
Cybersecurity
An incident that involves sensitive, protected, or confidential information being copied, transmitted, viewed, stolen, or used by an individual unauthorized to do so. Exposed information may include credit card numbers, personal health information, customer data, company trade secrets, or matters of national security, for example.4
Data breach
The practice of gathering, retaining, and analyzing computer-related data for investigative purposes in a manner that maintains the integrity of the data.
Digital Forensics
A security incident that occurs when a user unknowingly visits an infected/compromised website and malware is downloaded and installed without their knowledge.5
Drive-by-Download
The transformation of data (called “plaintext”) into a form (called “ciphertext”) that conceals the data’s original meaning to prevent it from being known or used. If the transformation is reversible, the corresponding reversal process is called “decryption,” which is a transformation that restores encrypted data to its original state.
Encryption
A device or program that restricts data communication traffic to or from a network and thus protects that network’s system resources against threats from another network.
Firewall
Someone who attempts to or gains access to an information system, usually in an unauthorized manner. A “white hat” hacker is a cybersecurity specialist who breaks into systems with a goal of evaluating and ultimately improving the security of an organization’s systems.
Hacker
A common connection point for devices in a network. Hubs commonly are used to pass data from one device (or network segment) to another.
Hub
Crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, often for economic gain.6
Identity Theft
The approach to protect and manage the risk to information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability.
Information Security
