Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

BEC > B4-Types of Information Systems and Technology Risks > Flashcards

B4-Types of Information Systems and Technology Risks Flashcards

1
Q

Four Categories of Risk

A

A. Strategic Risk-risk of choosing inappropriate technology

B. Operating Risk-risk of doing the right things in the wrong way. ie-Payroll. New employees. Make sure to set up employees first in system and than pay everyone. not the other way around.

C. Financial Risk-risk of having financial resources lost, wasted, or stolen.

D. Information Risk-risk of loss of data intregrity, incomplete transactions, or hackers. s

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Specific Risks

A
  1. Errors-unintentional (carelessness, failure to follow directions, ignorance due to poor training)
  2. Intentional Acts-sabotage, embezzlements, viruses, denial of service attacks, or other types of computer fraud.
  3. Disasters-fires, floods, earthquakes, high winds, terrorism, and war.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threats in a computerized environment

A
  1. Virus-piece of a computer program that inserts itself into some other program, including operating systems, to propagate and cause harm to files and programs. Requires a host program to propagate and cannot run independently.
  2. Worm-is a program (and a special type of virus) that can run independently and normally propagates itself over a network. It cannot attach itself to other programs.
  3. Trojan Horse-is a program that appears to have a useful function but contains a hidden and unintended function that presents a security risk. Normally does not replicate itself.
  4. Denial-of-Service Attack-one computer or group of computers bombards another computer with a flood of network traffic.
  5. Phishing-sending of phone e-mails to try and lure people to phony websites where they are ask for information that will allow the phisher to impersonate the user.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Risk Assessment and Control Activities

A
  1. Risk-possibility of harm or loss
  2. Threat-respresents a danger to an asset or a capability linked to hostile intent
  3. Vulnerability-a characteristic of a design, implementation, or operation that renders the system susceptible to a threat
  4. Safeguards and Controls-policies and procedures that, when effectively applied, reduce or minimize vulnerabilities.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Access Controls

A
  1. Physical Access-ids, key cards, keypads
  2. Electronic Access-built into hardware and software to prevent and restrict who can get in and who cant
    a. User identification codes
    b. File-Level Access Attributes-restrictions placed on a specific file-like read only
    c. file attributes-set to restrict writing, reading, and/or directory privileges
    d. Firewall-system of hardware and software of user identification and authentication that prevents unauthorized users from gaining access to network resources. The firewall acts as a “gatekeeper” by isolating a private network from a public network.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

BEC (18 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions