ISYS 414 Chapter 8
About this set
Created by:
lanesawyer on October 11, 2011
Description:
Vocabulary for AIS Chapter 8
Classes:
ISYS Jr. Core, BYU Information Systems Junior Core
Log in to favorite or report as inappropriate.
Order by
38 terms
Terms | Definitions |
|---|---|
 defense-in-depth | Employing multiple layers of controls to avoid a single point-of-failure. |
| time-based model of security | Implementing a set of preventive, detective, and corrective controls that enable an organization to recognize that an attack is occurring and take steps to thwart it before any assets have been compromised. |
| social engineering | Using deception to obtain unauthorized access to information resources. |
| authentication | Verifying the identity of the person or device attempting to access the system. |
| biometric identification | Using unique physical characteristics such as fingerprints, voice patterns, retina prints, and signature dynamics to identify people. |
| multifactor authentication | The use of two or more authentication methods (passwords, ID badges, biometrics, etc.) in conjunction to achieve a greater level of security. |
| multimodal authentication | The use of multiple authentication credentials of the same type to achieve a greater level of security. |
| authorization | Granting an employee power to perform certain organizational functions. |
| access control matrix | An internally maintained table specifying which portions of the system users are permitted to access and what actions they can perform. |
| compatibility test | Determining whether a person attempting to access an information system resource is authorized to do so. The computer matches the user's authentication credentials against the access control matrix to determine whether the employee is allowed access to that resource or to perform the requested operation. |
| border router | A device that connects an organization's information system to the Internet. |
| firewall | A combination of security algorithms and router communications protocols that prevent outsiders from tapping into corporate databases and e-mail systems. |
| demilitarized zone (DMZ) | Placing the organization's Web servers and e-mail servers in a separate network that sits outside the corporate network but is accessible from the Internet. |
| Transmission Control Protocol (TCP) | specifies the procedures for dividing documents and files into packets to be sent over the internet and the methods for reassembly of the original docu. or file at the destination |
| Internet Protocol (IP) | Protocol that specifies the structure of the TCP packets and how to route them to the proper destination. -header (packet's origin and destination address, type of body data ) + body |
| routers | Special purpose devices that are designed to read the destination address fields in IP packet headers to decide where to send the packet next. |
| access control list (ACL) | A set of rules that determines which packets of information transmitted over a network are allowed entry and which are dropped. |
| static packet filtering | Border router, A process that screens individual IP packets based solely on the contents of the source and/or destination fields in the IP packet header. |
| stateful packet filtering | Firewall, A technique employed by firewalls in which a table is maintained that lists all established connections between the organization's computers and the Internet. The firewall consults this table to determine whether an incoming packet is part of an ongoing communication initiated by an internal computer. |
| deep packet inspection | cost of speed!/ When the firewall examines the data in the body of an IP packet rather than looking only at the information in the IP header. |
| intrusion prevention system (IPS) | new type/ monitors patterns in the traffic flow rather than only inspecting individual packets, to identify and automatically block attacks./ block + notify security admin. (real-time response to attack)/ no replacement of firewall but complementary |
| Remote Authentication Dial-In User Service (RADIUS) | A standard method for verifying the identity of users attempting to connect via dial-in access. |
| war dialing | Searching for an idle modem by programming a computer to dial thousands of phone ./ the way to control rogue modem(unauthorized modem) |
| endpoints | Collective term for the workstations, servers, printers, and other devices that comprise an organization's network. |
| vulnerabilities | Flaws in programs that can be exploited to either crash the system or take control of it. |
| vulnerability scanners | Automated tools designed to identify whether a given system possesses any well-known vulnerabilities. |
| hardening | The process of turning off unnecessary program features. |
| log analysis | The process of examining logs to monitor security. |
| intrusion detection system (IDS) | A system that creates logs of all network traffic that was permitted to pass the firewall and then analyzes those logs for signs of attempted or successful intrusions. |
| penetration test | An authorized attempt to break into the organization's information system. |
| computer incident response team (CIRT) | A team that is responsible for dealing with major security incidents. |
| exploit | The set of instructions for taking advantage of a vulnerability. |
| patch | Code released by software developers that fixes a particular vulnerability. |
| patch management | The process of regularly applying patches and updates to software. |
| virtualization | Taking advantage of the power and speed of modern computers to run multiple systems simultaneously on one physical computer. |
| cloud computing | takes advantages of the high bandwidth of the modern global telecommunication network to enable employees to use a browser to remotely access software -remotely accessed resources (Software applications,Data storage, Hardware, entire application environment) |
| Network interface card (NIC) | every workstation, printer, or other computing device needs to connect to the organization's internet network |
| Chief Information Security Officer (CISO) | independent of other information system functions and should report to either the chief operating officer(COO) or the CEO |
First Time Here?
Welcome to Quizlet, a fun, free place to study. Try these flashcards, find others to study, or make your own.
Completed “Learn” mode
wilcraig , brentjanderson , wjmerrill , joseph_kjar , court101 , EckyZero , heatherdunnigan27 , JHizzal , drewangus , lanesawyer , Izle , mackcope