MIS CHAPTER 4 Flashcards
(24 cards)
What is an Ethical Computer Use Policy?
A policy containing general principles to guide the proper use of computers in the workplace.
What is an Acceptable Use Policy (AUP)?
A policy that defines acceptable uses of an organization’s information system and the consequences of misuse.
What is an Information Privacy Policy?
A policy that details how a company handles and protects customer and employee information.
What is an Email Privacy Policy?
A policy that governs the extent to which emails may be monitored or accessed within a company.
What is a Social Media Policy?
A policy that outlines acceptable use of social media by employees, both personally and professionally.
What is a Workplace Monitoring Policy?
A policy that explains what activities are monitored and under what circumstances, both physically and digitally.
What is the primary difference between a virus and a worm?
A virus needs to attach to an executable file to spread; a worm does not and spreads on its own.
What is a Trojan Horse virus?
Malware that disguises itself as legitimate software to trick users into installing it.
What is a Polymorphic virus or worm?
Malware that changes its code as it spreads to avoid detection.
What is Scareware?
Malware that tricks users into thinking their computer is infected to prompt them to buy or download malicious software.
What is Ransomware?
Malware that encrypts data and demands payment to restore access.
What is a White hat hacker?
A security expert who uses hacking skills to protect systems and find vulnerabilities.
What is a Black hat hacker?
A malicious hacker who breaks into systems to steal, damage, or destroy data.
What is a Script kiddie?
An unskilled individual who uses pre-written code to launch attacks.
What is a Cyberterrorist?
A hacker who uses digital means to cause physical or financial harm to people or infrastructure.
What is Elevation of privilege?
When a user gains unauthorized access to elevated permissions, such as admin rights.
What is a Distributed denial of service (DDoS) attack?
An attack that floods a network or website with traffic from multiple sources to crash it.
What are the two types of keyloggers?
Hardware keyloggers and software keyloggers.
What is an Anti-spam policy?
A policy designed to reduce the volume and risk of spam emails in an organization’s systems.
What is Spoofing?
Faking the sender’s identity in communication to trick the recipient.
What is Spear phishing?
A targeted phishing attack aimed at a specific person or role in an organization.
What is Social engineering?
Manipulating people into revealing confidential information.
What is Authentication?
The process of verifying a user’s identity.
What is Authorization?
Granting a verified user permission to perform specific actions or access certain data.
