Study sets, textbooks, questions
Upgrade to remove ads
Chapter 8 Controls for Information Security
This set was created based on vocabulary words identified in Chapter 8 of the 13th edition of Romney and Steinbart's "Accounting Information Systems"
Terms in this set (34)
Employing multiple layers of controls to avoid a single point-of-failure.
Time-based model of security
Implementing a combination of preventive, detective and corrective controls that protect information assets long enough to enable an organization to recognize that an attack is occurring and take steps to thwart it before any information is lost or compromised.
Using deception to obtain unauthorized access to information resources.
Verifying the identity of the person or device attempting to access the system.
A physical or behavioral characteristics that is used as an authentication credential.
The use of two or more types of authentication credentials in conjunction to achieve a greater level of security.
The use of multiple authentication credentials of the same type to achieve a greater level of security.
The process of restricting access of authenticated users to specific portions of the system and limiting what actions they are permitted to perform.
Access control matrix
A table used to implement authorization controls.
Matching the user's authentication credentials against the access control matrix to determine whether that employee should be allowed to access that resource and perform the requested action.
A device that connects an organization's information system to the internet.
A special-purpose hardware device or software running a general-purpose computer that controls both inbound and outbound communication between the system behind the firewall and other networks.
Demillitarized zone (DMZ)
A separate network located outside the organization's internal information system that permits controlled access from the Internet.
Special purpose devices that are designed to read the source and destination address fields in IP packet headers to decide where to send (route) the packet next.
Access control list (ACL)
A set of IF-THEN rules used to determine what to do with arriving packets.
A process that uses various fields in a packet's IP and TCP headers to decide what to do with the packet.
Deep packet inspection
A process that examines the data in the body of a TCP packet to control traffic, rather than looking only at the information in the IP and TCP headers.
Intrusion prevention systems (IPS)
Software or hardware that monitors patterns in the traffic flow to identify and automatically block attacks.
Remote authentication dial-in user service (RADIUS)
A standard method for verifying the identity of users attempting to connect via dial-in access.
Searching for an idle modem by programming a computer to dial thousands of phone lines.
Collective term for the workstations, servers, printers, and other devices that comprise an organization's network.
Flaw in programs that can be exploited to either crash the system or take control of it.
Automated tools designed to identify whether a given system possesses any unused and unnecessary programs that represent potential security threats.
The process of modifying the default configuration of endpoints to eliminate unnecessary settings and services.
Change control and change management
The formal process used to ensure that modifications to hardware, software, or processes do not reduce systems reliability.
The process of examining lots to identify evidence of possible attacks.
Intrusion detection systems (IDS)
A system that creates logs of all network traffic that was permitted to pass the firewall and then analyzes those logs for signs of attempted or successful intrusions.
An authorized attempt to break into the organization's information system.
Computer incident response team (CIRT)
A team that is responsible for dealing with major security incidents.
A program designed to take advantage of a known vulnerability.
Code released by software developers that fixes a particular vulnerability.
The process of regularly applying patches and updates to software.
Running multiple systems simultaneously on one physical computer.
Using a browser to remotely access software, data storage, hardware, and applications.
Sets with similar terms
AIS 3303 Chapter 8 - Hurtt Cral
Accounting Information Systems-Chapter 8
Other sets by this creator
Other Quizlet sets
5000 last fight (test)
brit lit fall final
1.1 The Components of Food: Water & Dry Matter