Upgrade to remove ads
BSAD 141 Ch 4
Terms in this set (77)
The legal protection afforded an expression of an idea, such as a song, book, or video game.
The intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents.
An exclusive right to make, use, and sell an invention and is granted by a government to the inventor.
The principles and standards that guide our behavior toward other people.
The right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent.
The assurance that messages and information remain available only to those authorized to view them.
Govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collections, duplication, distribution, and processing of information itself.
The unauthorized use, duplication, distribution, or sale of copyrighted software.
Software that is manufactured to look like the real thing and sold as such.
Digital Rights Management
A technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution.
The organizational resource of information and regulates its definitions, uses, value, and distribution ensuring it has the types of data/information required to function and grow effectively.
A method or system of government for information management or control.
The act of conforming, acquiescing, or yielding information.
An ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged.
Ediscovery (Electronic Discovery)
Refers to the ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry.
The Child Online Protection Act (COPA)
Passed to protect minors from accessing inappropriate material on the internet.
Policies and procedures that address information management along with the ethical use of computers and the internet in the business environment.
Threats, negative remarks, or defamatory comments transmitted via the internet or posted on the website.
An act or object that poses a danger to assets.
The abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser.
A computer crime where a competitor or disgruntled employee increases a company's search advertising costs by repeatedly clicking on the advertiser's link.
Ethical Computer Use Policy
Contains general principles to guide computer user behavior.
Contains general principles regarding information privacy.
Acceptable Use Policy (AUP)
Requires a user to agree to follow it to be provided access to corporate email, information systems, and the internet.
A contractual stipulation to ensure that ebusiness participants do not deny (repudiate) their online actions.
Internet Use Policy
Contains general principles to guide the proper use of the internet.
The electronic defacing of an existing website
A problem that occurs when someone registers purposely misspelled variations of well-known domain names.
Website Name Stealing
The theft of a website's name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned tot he website to another website owner.
Government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens.
Details the extent to which email messages may be read by others.
States that email users will not send unsolicited emails (spam)
An anti spamming approach where the receiving computer launches a return attack against the spammer, sending email messages back to the computer that originated the suspected spam.
Social Media Policy
Outlines the corporate guidelines or principles governing employee online communications.
Tangible protection such as alarms, guards, fireproof doors, fences and vaults.
Workplace MIS Monitoring
Tracks people's activities by such measures as number of keystrokes, error rate, and number of transactions processed.
Employee Monitoring Policy
States explicitly how, when, and where the company monitors its employees
Refers to a period of time when a system is unavailable
A broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization.
Experts in technology who use their knowledge to break into computers and computer networks, either for profit or just motivated by the challenge.
A computer attack where an attacker accesses a wireless computer network, intercepts data, uses network services, and/or sends attack instructions without entering the office or organization that owns the network.
A software written with malicious intent to cause annoyance or damage.
A software that, while purporting to serve some useful function and often fulfilling that function, also allows internet advertisers to display advertisements without the consent of the computer user.
A special class of adware that collects data about the user and transmits it over the internet without the user's knowledge or permission.
Legitimate users who purposely or accidentally misses their access to the environment and cause some kind of business-affecting incident
Hackers use their social skills to trick people into revealing access credentials or other valuable information.
Looking through people's trash to obtain information.
Information Security Policies
Identify the rules required to maintain information security.
Information Security Plan
Details how an organization will implement the information security policies.
The forging of someone's identity for the purpose of fraud.
The category of computer security that addresses the protection of data form unauthorized disclosure and confirmation of data source authenticity.
A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as thought they came from legitimate businesses.
A masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam emails that appear to be from a respectable company. The emails contain a link to a website designed to look exactly like the company's website.
A phishing expedition in which the emails are carefully designed to target a particular person or organization
Vishing (Voice Phishing)
A phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information.
Reroutes requests for legitimate websites to false websites. For example, if you were to type in the URL to your bank, farming could redirect to a fake site that collects your information.
A program that secretly takes over another computer for the purpose of launching attacks on other computers.
A group of computers on which a hacker has planted zombie programs.
Uses a zombie farm, often by an organized crime association, to launch a massive phishing attack
A method for confirmation users' identities
The process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space.
Small electronic devices that change user passwords automatically.
A device about the size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing.
The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting
Computer viruses that wait for a specific date before executing their instructions
Occurs when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information.
Scrambles information into an alternative form that requires a key or password to decrypt.
The science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them
Advanced Encryption Standard (AES)
Introduced by the National Institute of Standards and Technology (NIST) designed to keep government information secure.
Public Key Encryption (PKE)
Uses two keys: A public key that everyone can have and a private key for only the recipient
A trusted third party that validates user identities by means of digital certificates.
Hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings.
Scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware.
An organized attempt by a country's military to disrupt or destroy information and communication systems for another country.
The use of computer and networking technologies against persons or property to intimidate or coerce governments, individuals, or any segment of society to attain political, religious, or ideological goals.
Intrusion Detection Software (IDS)
Features full-time monitoring tools that search for patterns in network traffic to identify intruders.
You might also like...
isys ch 4
Chapter 4 - Ethics and Information Security: MIS B…
Chapter 4 - Ethics and Information Security: MIS B…
MIS CHAPTER 4
Other sets by this creator
155 Ch 10-21
HR Ch 15
HR Ch 14
EC 12-19 Terms
Other Quizlet sets
Makeup exam - ch 12, 13 & 14
Formulas that Release the Exterior
International Relations Strokanov Final Exam (Sect…