Chapter 1 Key Concepts and Terms Flashcards

1
Q

3 tenets of information systems security

A

Confidentiality, integrity, and availability.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AUP (Acceptable Use Policy)

A

what users are allowed and not allowed to do with organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

availability

A

a mathematical calculation where A=(Total Uptime)/(Total Uptime+Total Downtime)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

availability

A

Security actions that ensure that data is accessible to authorized users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

BCP

A

Business Continuity Plan- gives priorities to the functions an organization needs to keep going.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CIPA (Children’s Internet Protection Act)

A

protects minors from inappropriate content when accessing the internet in schools and libraries

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Confidentiality

A

the act of holding information in confidence, not to be released to unauthorized individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Cryptography

A

Practice of hiding data and keeping it away from unauthorized users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Cybersecurity

A

The act of securing and protecting individuals, businesses, organizations, and governments that are connected to the Internet and the Web.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Data classification standard

A

The goal and objective of a __________ is to provide a consistent definition for how an organization should handle and secure different types of data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Downtime

A

the total amount of time the IT system, application and data are not accessible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DRP

A

Disaster Recovery Plan- how a business gets back on its feet after a major disaster such as a fire or hurricane.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Encryption

A

the process of transforming data from clear text into ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

End User License Agreement (EULA)

A

A legal contract between the author of software and the end user that defines how the software can be used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Ethernet LAN

A

LAN solution based on the IEEE 802.3 CSMA/CD standard for 10/100/1000mbps.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

FERPA (Family Educational Rights and Privacy Act)

A

Passed in 1974, protects the private data of students and their school records.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

FISMA (Federal Information Security Management Act)

A

requires federal civilian agencies to provide security controls over resources that support federal operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

GLBA (Gramm-Leach-Bliley Act)

A

Federal law enacted in 1999 to control the ways that financial institutions deal with the private information of individuals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

HIPAA (Health Insurance Portability and Accountability Act)

A

Federal law passed in 1996, requires health care organizations to have security and privacy controls implemented to ensure patient privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Hypertext Transfer Protocol Secure (HTTPS)

A

an encrypted form of information transfer on the Internet that combines HTTP and TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

information system security

A

is the collection of activities that protect the information system and the data stored in it.

22
Q

integrity

A

deals with the validity and accuracy of data.

23
Q

IoT

A

Internet of Things

24
Q

IT security policy framework

A

A set of rules for security. The framework is hierarchical and includes policies, standards, procedures, and guidelines.

25
Q

LAN Domain (Local area network)

A

is a collection of computers connected to one another or to a common connection medium.

26
Q

LAN switch

A

the device that connects workstations into a physical Ethernet LAN

27
Q

malicious code (malware)

A

is a computer program written to cause a specific action to occur, such as erasing a hard drive.

28
Q

Mean Time Between Failures (MTBF)

A

is the predicted amount of time between failures of an IT system during operations.

29
Q

Mean time to failure (MTTF)

A

The average amount of time expected until the first failure of a piece of equipment.

30
Q

Mean Time to Repair (MTTR)

A

The average amount of time a computer repair technician needs to resolve the cause of a failure through replacement or repair of a faulty unit.

31
Q

Network Interface Card (NIC)

A

the interface between the computer and the LAN physical media.

32
Q

PDA (Personal Digital Assistant)

A

A portable device that is small enough to hold in the palm of your hand. Usually contains an address book, note making features, telephone and Internet facilities. Allows data to be exchanged with computers

33
Q

Recovery Time Objective (RTO)

A

is the amount of time it takes to recover and make a system, application, and data available for use after an outage.

34
Q

risk

A

the likelihood that something bad will happen to ana asset.

35
Q

Service Level Agreement (SLA)

A

formal contract between customers and their service providers that defines the specific responsibilities of the service provider and the level of service expected by the customer

36
Q

Seven Domains of a Typical IT Infrastructure

A

User, workstation,

37
Q

SOX (Sarbanes-Oxley Act)

A

Requires companies to review internal control and take responsibility for the accuracy and completeness of their financial reports.

38
Q

system administrator

A

setup of user LAN accounts with logon ID and password access controls (that is, user logon information.

39
Q

TCP/IP

A

Transmission Control Protocol/Internet Protocol

40
Q

thin client

A

is a software or a actual computer with no hard drive that runs on a network and relies on a server to provide applications.

41
Q

threat

A

Any action that could damage an asset

42
Q

unauthorized access

A

the use of a computer or network without permission

43
Q

unified communications

A

The centralized management of multiple types of network-based communications, such as voice, video, fax, and messaging services.

44
Q

unsheilded twisted pair (UTP)

A

workstation cabling that uses RJ-45 connectors and jacks to physically connect to a 100 mbps/1gbps/10gbps ethernet LAN switch.

45
Q

Uptime

A

The total amount of time the IT system, application and data was accessible.

46
Q

User Domain

A

Defines the people who access an organization’s information system

47
Q

Virus

A

is a computer program written to cause damage to a system, an application, or data.

48
Q

vulnerability

A

is a weakness that allows a threat to be realized or to have an effect on an asset.

49
Q

WAP (Wireless Access Point)

A

A device that provides a connection between wireless devices and can connect to wired networks.

50
Q

Workstation Domain

A

can be a desktop computer, a laptop computer, a specific-purpose terminal, or any other device that connects to your network.

51
Q

WWW

A

World Wide Web