Study sets matching "computer information security"

Study sets
Classes
Users

Study sets matching "computer information security"

Information Security & Computer Fraud
Goal of Information Security Management
Confidentiality
Integrity
Availability
protect the confidentiality, integrity & availability (CIA) o…
information is not accessible to unauthorised individuals or…
information is accurate & complete
information & systems are accessible on demand
Goal of Information Security Management
protect the confidentiality, integrity & availability (CIA) o…
Confidentiality
information is not accessible to unauthorised individuals or…
29 terms
Information Security and Computer Fraud
Goals of Information Security
Virus
Worm
Trojan Horse
1. confidentiality... 2. integrity: accurate & complete... 3. avail…
- modifies files or programs
- spread through networks/ email
- useful program with bad code
Goals of Information Security
1. confidentiality... 2. integrity: accurate & complete... 3. avail…
Virus
- modifies files or programs
6 terms
Information Assurance, Computer Security, and Information Operations
1. Name the threats and vulnerabilitie…
2. List virus prevention processes.
3. State unauthorized activities when…
4. Outline the incident reporting proc…
Malicious Code... Trojan Horse... Worms... Virus
• Virus detection... • Virus removal... • Preventive protection
• Unauthorized disclosure of classi ed information... • Introduc…
WM or ISSO/IAO
1. Name the threats and vulnerabilitie…
Malicious Code... Trojan Horse... Worms... Virus
2. List virus prevention processes.
• Virus detection... • Virus removal... • Preventive protection
172 terms
Security in computing and information technology
Trojan
Worm
Virus
Logic Bomb
A malicious program disguised as legitimate software; often g…
Similar to a virus, but it has the capability to travel witho…
A piece of code that is capable of copying itself and typical…
Any code that is hidden within an application and causes some…
Trojan
A malicious program disguised as legitimate software; often g…
Worm
Similar to a virus, but it has the capability to travel witho…
Information Assurance, Computer Security and Information Operations
Name the threats to information systems.
Name the vulnerabilities to informatio…
List virus prevention processes.
State unauthorized activities when per…
Any circumstance or event with the potential to cause harm to…
A weakness in an information system, cryptographic system, or…
o Virus detection... o Virus removal... o Preventive protection
o Unauthorized disclosure of classified information... o Introdu…
Name the threats to information systems.
Any circumstance or event with the potential to cause harm to…
Name the vulnerabilities to informatio…
A weakness in an information system, cryptographic system, or…
ACC - Information Security & Computer Controls
defense-in-depth
Trust Services Framework - IT controls…
preventive controls
detective controls
employing multiple layers of controls to avoid a single point…
- security: restricted access to the system... - confidentiality…
- creation of security aware culture ... - training ... - user acce…
- log analysis... - intrusion detection systems ... - penetration t…
defense-in-depth
employing multiple layers of controls to avoid a single point…
Trust Services Framework - IT controls…
- security: restricted access to the system... - confidentiality…
6 terms
Information Assurance, Computer Security, and Information Operations
Name the threats and vulnerabilities t…
List virus prevention processes
State unauthorized activities when per…
Outline the incident reporting process
Threat:... -Any circumstance or event with the potential to caus…
-virus detection ... -virus removal... -preventive protection
-Viewing or downloading pornography... -Gambling on the internet…
1) Stop using the computer so the virus doesn't spread... 2) Doc…
Name the threats and vulnerabilities t…
Threat:... -Any circumstance or event with the potential to caus…
List virus prevention processes
-virus detection ... -virus removal... -preventive protection
Information Assurance, Computer Security, and Information Operations
Threats and vulnerabilities to informa…
Virus prevention processes
Unauthorized activities when performin…
Incident reporting process
Malicious Code... Trojan horse... Worms... Virus
Anti-virus software... Stop using computer so virus doesn't spre…
Viewing or downloading porn... Gambling on the internet... Conducti…
Report any suspected or actual malicious logic event to your…
Threats and vulnerabilities to informa…
Malicious Code... Trojan horse... Worms... Virus
Virus prevention processes
Anti-virus software... Stop using computer so virus doesn't spre…
14 terms
AP Computer Principles Chapter 8 (information Security)
Malware
Virus
Worm
Trojan Horse
Malicious software arriving from the network
program embedded within another program or file, replicates i…
Program that sends copies of itself to other nodes on the net…
program that seems beneficial, but hides malicious code withi…
Malware
Malicious software arriving from the network
Virus
program embedded within another program or file, replicates i…
20 terms
CS430 Information Security & Network Management: Computer & Network Security Concepts
Plaintext
Ciphertext
Enciphering/Encryption
Deciphering/Decrypting
Original message
Coded message
Process of converting from plaintext to ciphertext
Restoring plaintext from ciphertext
Plaintext
Original message
Ciphertext
Coded message
Information Security
Information assets
Types of Assets
Information security
Information Security Event
Data, device or component that supports information related a…
1. Property... - Physical assets e.g. buildings and contents... -…
Preservation of confidentiality, integrity and availability o…
An identified occurrence of a system, service or network stat…
Information assets
Data, device or component that supports information related a…
Types of Assets
1. Property... - Physical assets e.g. buildings and contents... -…
31 terms
Information Assurance & Computer Security Ch 4
availability, confidentiality, functio…
confidentiality
network's structure, data flowing acro…
passively monitoring traffic, sites, h…
The four broad goals to consider in securing networks are: a_…
In terms of network security, ___________________ means preve…
In terms of network security, confidentiality means preventin…
An attacker can gain valuable information by p_______________…
availability, confidentiality, functio…
The four broad goals to consider in securing networks are: a_…
confidentiality
In terms of network security, ___________________ means preve…
Chapter 11 - Information Security and Computer Fraud
Asymmetric-key encryption
Authentication
Business continuity management (BCM)
Certificate Authority (CA)
To transmit confidential information, the sender uses the rec…
A process that establishes the origin of information or deter…
The activities required to keep a firm running during a perio…
A trusted entity that issues and revokes digital certificates.
Asymmetric-key encryption
To transmit confidential information, the sender uses the rec…
Authentication
A process that establishes the origin of information or deter…
29 terms
Chapter 11: Information Security and Computer Fraud
Goals of Information Security
Virus
Worm
Trojan Horse
1. confidentiality... 2. integrity: accurate & complete... 3. avail…
- modifies files or programs
- spread through networks/ email
- useful program with bad code
Goals of Information Security
1. confidentiality... 2. integrity: accurate & complete... 3. avail…
Virus
- modifies files or programs
32 terms
Ch. 11 Information Security and Computer Fraud
Information security
Confidentiality
Integrity
Availability
an integrated, systematic approach that coordinates people, p…
information is not accessible to unauthorized individuals or…
information is accurate and complete
information and systems are accessible on demand
Information security
an integrated, systematic approach that coordinates people, p…
Confidentiality
information is not accessible to unauthorized individuals or…
Chapter 11 Computer Crime and Information Technology Security
Administrative Security Controls
Basic Principles of Information Security
CoBIT accountability framework
CoBIT Framework
One of three internal control types necessary to protect data…
Confidentiality, availability, and data integrity are the thr…
The accountability framework shows the relationships between…
The CoBIT framework (Control Objectives for Information and R…
Administrative Security Controls
One of three internal control types necessary to protect data…
Basic Principles of Information Security
Confidentiality, availability, and data integrity are the thr…
14 terms
Computer Crime and Information Technology Security Ch. 11
Taxonomy for computer crime
Risk and Threat
Fraud
Kodak 2005
Four part model developed by Carter: ... -Target... -Instrumentalit…
Fraud... Error: Kodak... Service Interruption and delays: wifi... Disc…
misrepresentation... rely on statement... suffer financial damages
spreadsheet mistake... additional 9 mil in losses
Taxonomy for computer crime
Four part model developed by Carter: ... -Target... -Instrumentalit…
Risk and Threat
Fraud... Error: Kodak... Service Interruption and delays: wifi... Disc…
21 terms
Information Security
external threats
internal threats
network sniffing
intrusion
-network sniffing... -intrusion... -social engineering/phishing... -ma…
-intentional malicious behavior... -careless behavior
-data transmitted over network in unprotected form can easily…
-unauthorized attackers gain access to organizational IT reso…
external threats
-network sniffing... -intrusion... -social engineering/phishing... -ma…
internal threats
-intentional malicious behavior... -careless behavior
Chapter 11: Information Security and Computer Fraud
Asymmetric-Key Encryption
Authentication
Business Continuity Management
Certificate Authority
To transmit confidential information, the sender uses the rec…
A process that establishes the origin of information or deter…
The activities required to keep a firm running during a perio…
A trusted entity that issues and revokes digital certificates
Asymmetric-Key Encryption
To transmit confidential information, the sender uses the rec…
Authentication
A process that establishes the origin of information or deter…
9 terms
Information Security
data harvesters
cash-out fraudsters
Botnets
distributed denial of service (DDoS)
Cybercriminals who infiltrate systems and collect data for il…
Criminals that purchase assets from data harvesters to be use…
Hordes of surreptitiously infiltrated computers, linked and c…
An attack where a firm's computer systems are flooded with th…
data harvesters
Cybercriminals who infiltrate systems and collect data for il…
cash-out fraudsters
Criminals that purchase assets from data harvesters to be use…
25 terms
Computer Information Security System _ciss 300
complete loss of power for a moment is…
A timing attack involves the intercept…
A(n) cookie can allow an attacker to c…
Information security safeguards the te…
fault
True
True
True
complete loss of power for a moment is…
fault
A timing attack involves the intercept…
True
23 terms
Chapter 11 Computer Crime and Information Technology Security
Carter taxonomy for computer crime:
Risks and threats
-Fraud: computer fraud is people fraud…
-Error: vary depending on where the er…
-Target: criminal targets system or its data to impact confid…
...
...
...
Carter taxonomy for computer crime:
-Target: criminal targets system or its data to impact confid…
Risks and threats
...
50 terms
Computer Security
phishing
malware
virus
worm
An online scam that uses e-mail to "fish" for users' private…
Malware is software designed to infiltrate or damage a comput…
A computer program that can destroy files or make your comput…
a software program capable of reproducing itself that can spr…
phishing
An online scam that uses e-mail to "fish" for users' private…
malware
Malware is software designed to infiltrate or damage a comput…
18 terms
Computer Security
malware
virus
phishing
hacker
Short for "Malicious software"
a small piece of software that can spread from one infected c…
Fraudulent attempts by cybercriminals to obtain private infor…
A person who secretly gets access to a computer system in ord…
malware
Short for "Malicious software"
virus
a small piece of software that can spread from one infected c…
20 terms
Information Security
security risk
security precaution
malware
spyware
any threat to the data held by a company or individual, inclu…
any counter-measure to prevent a computer security threat
any software or computer based activity that poses a threat
a program that installs onto a users system without permissio…
security risk
any threat to the data held by a company or individual, inclu…
security precaution
any counter-measure to prevent a computer security threat
29 terms
Information Security
Information Security
Machine-Level Security
Authentication
Possessed Object
refers to the protection of information systems and the infor…
refers to actions taken to protect information on a computer…
is a security process in which the identity of a person is ve…
Item that you must carry to gain access to computer or facil…
Information Security
refers to the protection of information systems and the infor…
Machine-Level Security
refers to actions taken to protect information on a computer…
15 terms
Information Security
availability
biometrics
black hat hacker
confidentiality
the assurance that systems and data are accessible by authori…
technologies that measure and analyze human body characterist…
a computer criminal
prevent the disclosure of sensitive info from unauthorized pe…
availability
the assurance that systems and data are accessible by authori…
biometrics
technologies that measure and analyze human body characterist…
75 terms
Information Security
Cryptography
Describe a side-channel attack
In a cryptosystem, what properties sho…
Your company produces an encryption de…
Exam Questions 3.1.5
The attack is based on information gained from the physical i…
Unpredictable and large
Chosen plaintext
Cryptography
Exam Questions 3.1.5
Describe a side-channel attack
The attack is based on information gained from the physical i…
19 terms
CS430 Information Security & Network Management: Computer & Network Security Concepts II
If the "cipher" line can be any permut…
Monoalphabetic Ciphers
Digram
Trigram
This is 10 orders of magnitude greater than the key space for…
Easy to break because they reflect the frequency data of the…
Two-letter combination. Most common is th.
Three-letter combination. Most frequent is the.
If the "cipher" line can be any permut…
This is 10 orders of magnitude greater than the key space for…
Monoalphabetic Ciphers
Easy to break because they reflect the frequency data of the…
15 terms
Computer Security
maleware
virus
phishing
hacker
Short for "Malicious software"
a small piece of software that can spread from one infected c…
Fraudulent attempts by cybercriminals to obtain private infor…
A person who secretly gets access to a computer system in ord…
maleware
Short for "Malicious software"
virus
a small piece of software that can spread from one infected c…
Information Security
An Internet-based crime is referred to…
An individual who illegally downloads…
Biometrics uses a token system to auth…
Information security is implemented at…
cyber
pirate
False
Internet
An Internet-based crime is referred to…
cyber
An individual who illegally downloads…
pirate
105 terms
Information Security Chapter 5
A firewall can be a single device or a…
A(n) full backup only archives the fil…
A(n) contingency plan is prepared by t…
NIST documents can assist in the desig…
False
False
True
True
A firewall can be a single device or a…
False
A(n) full backup only archives the fil…
False
Information security
Virus
Worm
Trojan horse
Spam
is a malware program that copies itself and can e.g. damage f…
is a malware program that uses network to spread itself. Make…
is disguised as a real program to make the user install it. H…
Unwanted commercial e-mail messages
Virus
is a malware program that copies itself and can e.g. damage f…
Worm
is a malware program that uses network to spread itself. Make…
36 terms
Information Security
Proprietary Information
There are 3 broad threats to proprieta…
A trade secret is:
For trade secret protection, must prove:
Information over which the possessor asserts ownership and wh…
It can be lost through inadvertent disclosure... It can be delib…
a process or device for continuous use in the operation of th…
Secrecy... Value... Use in the owner's business
Proprietary Information
Information over which the possessor asserts ownership and wh…
There are 3 broad threats to proprieta…
It can be lost through inadvertent disclosure... It can be delib…
36 terms
Information Security
Proprietary Information
There are 3 broad threats to proprieta…
A trade secret is:
For trade secret protection, must prove:
Information over which the possessor asserts ownership and wh…
It can be lost through inadvertent disclosure... It can be delib…
a process or device for continuous use in the operation of th…
Secrecy... Value... Use in the owner's business
Proprietary Information
Information over which the possessor asserts ownership and wh…
There are 3 broad threats to proprieta…
It can be lost through inadvertent disclosure... It can be delib…
101 terms
Information Security
The principal objectives of computer s…
Security labels indicate which system…
A user may belong to multiple groups.
An access right describes the way in w…
True
False
True
True
The principal objectives of computer s…
True
Security labels indicate which system…
False
278 terms
Information Security
Information assets
Types of Assets
Information security
Information Security Event
Data, device or component that supports information related a…
1. Property... - Physical assets e.g. buildings and contents... -…
Preservation of confidentiality, integrity and availability o…
An identified occurrence of a system, service or network stat…
Information assets
Data, device or component that supports information related a…
Types of Assets
1. Property... - Physical assets e.g. buildings and contents... -…
35 terms
Information Security
biometrics
trojan
risk management
malware
physical characteristic of a user that a system stores and us…
masquerades as a useful program
plan of activities intended to minimise potential for injurie…
software designed to invade with malicious intent
biometrics
physical characteristic of a user that a system stores and us…
trojan
masquerades as a useful program
21 terms
Information Security
availability
biometrics
black hat hacker
brute-force-attack
the assurance that systems and data are accessible by authori…
technologies that measure and analyze human body characterist…
a computer criminal
...
availability
the assurance that systems and data are accessible by authori…
biometrics
technologies that measure and analyze human body characterist…
27 terms
Ethics for information age chapter 7(Computer and Network Security)
How has the term "hacker" evolved sinc…
Describe three "low-tech" methods that…
What is the maximum penalty for violat…
Why is it dangerous to surf the Web us…
In the 1950s the term "hacker" referred to an inquisitive and…
Three "low-tech" methods that hackers have used to obtain log…
The maximum penalty for violating the Computer Fraud and Abus…
It is dangerous to surf the Web using an open WiFi network be…
How has the term "hacker" evolved sinc…
In the 1950s the term "hacker" referred to an inquisitive and…
Describe three "low-tech" methods that…
Three "low-tech" methods that hackers have used to obtain log…
49 terms
Chapter 9 Information Systems Ethics, Computer Crime, and Security
Agriculture,... Industrial Revolution,... In…
Computer Literacy
Digital Divide
Computer Ethics
Toffler's three waves of change
Knowing how to use a computer
That gap between those with computer access and those who don…
Standards of conduct as they pertain to the use of informatio…
Agriculture,... Industrial Revolution,... In…
Toffler's three waves of change
Computer Literacy
Knowing how to use a computer
7 terms
Computer security
Toolkit
Intruder
Utilization
Disguise
A set of software tools
A person entering someone's land or property without permissi…
Use, put to use
False appearence, camouflage
Toolkit
A set of software tools
Intruder
A person entering someone's land or property without permissi…
Computer Security
802.11i
access control
adware
anti-spam program
Sometimes called WPA2, a network standard developed by IEEE w…
Security measure that defines who can access a computer, when…
Program that displays an online advertisement in a banner or…
Program that attempts to remove spam before it reaches a user…
802.11i
Sometimes called WPA2, a network standard developed by IEEE w…
access control
Security measure that defines who can access a computer, when…
information security
стремительное развитие информационно-к…
нарастание угроз информационной безопа…
актуальность и острота проблем подчерк…
использование международного права при…
a rapid spread of ICTs
an escalation of threats to information security
the urgent and acute problems are exacerbated
application of international law to
стремительное развитие информационно-к…
a rapid spread of ICTs
нарастание угроз информационной безопа…
an escalation of threats to information security
181 terms
Information Security
1. Honeypots
2. Hash
3. certificate authority
4. symmetric
_____ are decoy systems designed to lure potential attackers…
____ functions are mathematical algorithms that generate a me…
3. ______issues, manages, authenticates, signs, and revokes u…
4. Encryption methodologies that require the same secret key…
1. Honeypots
_____ are decoy systems designed to lure potential attackers…
2. Hash
____ functions are mathematical algorithms that generate a me…
16 terms
Computer Security
Data Security
A computer security risk
Data integrity
Physical access restrictions
Identifying, assessing and preempting computer security risks…
An event that could lead to the loss of computer equipment an…
accuracy, completeness and internal consistency of the data
Prevents unauthorized access of persons intending to steal or…
Data Security
Identifying, assessing and preempting computer security risks…
A computer security risk
An event that could lead to the loss of computer equipment an…
Information Security
Speed of Attacks
Greater Sophistication of Attacks
Detect Vulnerabilities Quicker
Delay in Patching
Attackers can launch attacks against millions of Computers wi…
Attack tools vary their behavior so the same attack appears d…
Attackers can discover security holes in hardware or software…
Vendors are overwhelmed trying to keep pace by updating their…
Speed of Attacks
Attackers can launch attacks against millions of Computers wi…
Greater Sophistication of Attacks
Attack tools vary their behavior so the same attack appears d…
15 terms
Information Security
Three Major Areas
Chief Information Security Officer
Social engineering, information extort…
Malicious malware, virus, worms, troja…
Computer, Data, Network Security
Primary responsibility for assessment, management, and implem…
Social Engineering: Advance-fee fraud, phishing, tricking a p…
Malicious malware: used to overwhelm the processing capabilit…
Three Major Areas
Computer, Data, Network Security
Chief Information Security Officer
Primary responsibility for assessment, management, and implem…
49 terms
Computer Security
Cipher Schemes : Explain what is the d…
Block Ciphers : What is meant by a blo…
Block Ciphers : In a block cipher, exp…
Cipher Schemes : How does CFB handle e…
A symmetric-key scheme uses the same key to encrypt and to de…
A block cipher is a cipher scheme that takes a xed size of d…
ECB encrypts a sequence of blocks by encrypting each one indi…
A change in a plaintext block will change all subsequent ciph…
Cipher Schemes : Explain what is the d…
A symmetric-key scheme uses the same key to encrypt and to de…
Block Ciphers : What is meant by a blo…
A block cipher is a cipher scheme that takes a xed size of d…
39 terms
Information Security
Information Security
Machine-Level Security
Authentication
Possessed Object
refers to the protection of information systems and the infor…
refers to actions taken to protect information on a computer…
is a security process in which the identity of a person is ve…
Item that you must carry to gain access to computer or facil…
Information Security
refers to the protection of information systems and the infor…
Machine-Level Security
refers to actions taken to protect information on a computer…
1 of 10