Chapter 7-Exam 2
About this set
Created by:
sficken on March 9, 2009
Subjects:
accounting information systems
Log in to favorite or report as inappropriate.
Order by
86 terms
Terms | Definitions |
|---|---|
 reliability | information that is free from error or bias and accurately represents the events or activities that it measures |
| information security | foundation of system reliability |
| security | the principle contributing to system reliability that states "access to the system and its data is controlled" |
| confidentiality | the principle contributing to system reliability that state "sensitive information is protected from unauthorized disclosure" |
| privacy | the principle contributing to system reliability that states "personal information about customers is collected, used, disclosed, and maintained in an appropriate manner" |
| availability | the principle contributing to system reliability that states "the system is available to meet operational and contractual obligations |
| processing integrity | the principle contributing to system reliability that states "data is processed accurately, completely, in a timely manner, and with proper authorization" |
| management | responsible for security of the AIS |
| Section 302 of SOX 2002 | requires the CEO and CFO to verify that the financial statements fairly present the results of the company's activities and that they have evaluated the effectiveness of the organization's internal controls |
| Section 404 of SOX 2002 | management's responsibilities are annual reports to include a report on the company's internal controls in which management acknowledges its responsibility for designing and maintaining internal controls and its assessment of the effectiveness of those controls |
| time-based model of security | the model that focuses on the relationship between preventive, detective, and corrective controls |
| P | variable for the time it takes an attacker to break through the organization's preventive controls |
| D | variable for the time it takes to detect that an attack is in progress |
| C | variable for the time it takes to respond to the attack |
| role of preventative controls | purchase a new firewall that would increase the value of P by 10 minutes; to prevent security incidents from happening |
| role of detective controls | upgrade the organization's intrusion detection system in a manner that would decrease the value of D by 12 minutes; to detect intrusions in a timely manner and monitor the effectiveness of preventive controls |
| role of corrective controls | invest in new methods for responding to information security incidents so as to decrease the value of C by 30 minutes; to react to incidents and to take corrective actions on a timely basis |
| defense-in-depth method | employing multiple layers of controls in order to avoid having a single point of failure |
| reconnaissance | to learn as much as possible about the target |
| attempt social engineering | trick someone to let you in |
| scan and map the target | identify computers that can be remotely accessed |
| research | find known vulnerabilities for software being used by target and how to exploit the vulnerabilities |
| cover tracks | make back doors so you can come back in a different manner |
| preventative controls | type of control that has the objective of preventing security incidents from happening |
| authentication | the preventative control that focuses on verifying the identity of the person or device attempting to access the system |
| biometric identifier | physical characteristic such as their fingerprints or voice |
| passwords | most commonly used authentication method |
| access control matrix | when implementing authorization, the table specifying which portions of the system users are permitted to access and what actions |
| media access control (MAC) | a unique identifier; stored in a network interface card (NIC) and used to restrict access to the payroll system and payroll master files to only payroll departement employees and only when they log in from their desktop or assigned laptop computer |
| media access control | restricts access to only those devices that have recognized this address; this address and digital certificates in the access control matrix make it possible to limit access to certain users |
| controlling remote access | the preventive controls used to prevent unauthorized access from remote locations |
| demilitarized zone (DMZ) | pieces of information that travel around networks, including traveling the internet; consist of a header and a body |
| header | describes the source address and the designation address |
| body | the information being sent to another party |
| transmission control protocol (TCP) | rules and procedures that specify how to divide, and later reassemble, a file into packets to be sent over the Internet |
| Internet Protocol (IP) | rules and procedures that specify the structure of packets to be sent over the internet |
| routers | devices that tell data packets where to go |
| border router | the router that connects the info. system to the internet and outside networks |
| internal router | the router that connects various systems inside the company network |
| access control list (ACL) | a set of rules which determines which packets are allowed to be sent or received |
| static packet filtering | a process that screens whether or not to allow an individual packet to pass through solely based on a comparison of the header source and/or destination information |
| static packet filtering | border routers use this |
| firewall | software of special purpose hardware that filters which packets may pass through (or which packets may not pass-are dropped) |
| stateful packet filtering | type of filtering (determining whether or not to let a packet through) where the header source or destination information is compared to a list of ongoing connections between the system and outside networks in order to decide whether to allow the packet through |
| deep packet inspection | type of filtering (determining whether or not to let a packet through) where the body of the packet is examine to determine whether to allow a packet to pass through a firewall |
| intrusion prevention systems (IPS) | new type of filtering designed to identify and drop packets that are part of an attack; this method drops packets that show a an attack pattern or do not fit a typical packet profile |
| border router | more concerned with determining which packet to drop |
| firewall | more concerned with determining which packets to allow through |
| demilitarized zone | corporations often have a separate network between the border router and internal router |
| remote access server, mail server, web server, wireless access point | items found in a demilitarized zone (4) |
| host | the main, central computer and all the other hardware attached to the central computer |
| vulnerabilities | points at which the host computer can be attached; flaws in programs which can be exploited to either crash the system or take control of it |
| hardening | the process of turning off the unneeded host and computer applications |
| plaintext | normal readable text |
| ciphertext | unreadable by humans, gibberish |
| encryption | transforming plaintext into ciphertext |
| decryption | transforming ciphertext into plaintext |
| symmetric encryption system | the encryption method that uses the same key to encrypt and decrypt a message |
| asymmetric encryption systems | the encryption method that uses both a public and private key in the encryption/decryption of a message |
| public key | a key to encrypt/decrypt messages that is published so anyone can get it |
| private key | a key to encrypt/decrypt messages that is known only to the owner of that key |
| symmetric encryption | encryption is faster |
| asymmetric encryption | encryption that is safer |
| hashing | process of transforming plaintext into a short numeric code (called a hash) |
| digital signature | a hash at the end of a message that has been encrypted with the sender's private key |
| digital certificate | certifies the owner of a particular public key |
| certificate authority | an organziation that issues public and private keys and records the public key in a digital certificate |
| detective controls | type of control that has the objective of monitoring the effectiveness of preventive controls and detecting incidents in which preventive controls have been circumvented |
| log analysis, intrusion detection systems, managerial reports, and security testing | Four major types of detective controls used for defense-in-depth |
| log analysis | the process os examining logs which record who accesses the system and the actions |
| intrusion detection systems (IDS) | software programs used to monitor network traffic in order to create logs and identify successful and unsuccessful long-ins by unauthorized users |
| vulnerability scans | a type of security testing which uses automated tools designed to identify whether a system contains any well known vulnerabilities |
| penetration test | a type of security testing which involves an authorized attempt by either an internal audit team or external security consulting firm to break into the organization's information system |
| corrective controls | type of control that has the objective or reacting to system security breaches and other incidents and has the objective of taking corrective action on a timely basis to a system security breach |
| computer emergency response team (CERT) | team responsible for dealing with major security incidents |
| Chief Operation Officer | leads the company incident response process when a security breach happens |
| CERT, CISO, patch mgmt system | three major corrective controls used in security |
| recognition | step of the incident response process concerned with detecting security problems, most likely by alarm from the intrusion detection ssytem |
| containment | step of the incident response process concerned with reacting promptly to stop a security breach and minimizing the damage from the breach |
| recovery | step of the incident response process concerned with repairing any damage made by the security breach |
| follow-up | step of the incident response process concerned with determining how the intruder made it into the system and installing controls to prevent this type of security breach in the future |
| recognition, containment, recovery, and follow-up | 4 steps of the incident response process |
| Chief Information Security Officer (CISO) | person in charge of information system security |
| patch mgmt | process of fixing known vulnerabilities by installing the latest updates to security programs, the operating system and other application programs |
| exploit | set of instructions for taking advantage of a system vulnerability |
| patch | code released by a software developer that fixes a particular vulnerability |
First Time Here?
Welcome to Quizlet, a fun, free place to study. Try these flashcards, find others to study, or make your own.