Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

COMM205 > Chapter 8: Security > Flashcards

Chapter 8: Security Flashcards

1
Q

To ensure that that the user can only access the information resources that are appropriate. It determines which users can authorized to read, modify, add, and/or delete information.

A

Access Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An acceptable usage policy or fair use policy, is a set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used.

A

Acceptable Use Policies (AUP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which identifies a list of users who have the capability to take specific actions with an information resource such as data files. Specific permissions are assigned to each user such as read, write, delete, or add. Only users with those permissions are allowed to perform those functions.

A

ACL

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Are software that can be installed on a computer or network to detect and remove known malicious programs like viruses, and spyware. While …provide some protection they are a reactive defense in that they must first understand what to look for.

A

Antivirus Programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Making sure a person is who they say they are. Three factor identification: Identifying someone: something they know, something they have, or something they are.

A

Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

That information can be accessed and modified by anyone authorized to do so in appropriate timeframe.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

The procedure for making extra copies of data in case the original is lost or damaged.

A

Backup

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

A type of system that relies on the unique biological characteristics of individuals to verify identity for secure access to electronic systems. Example, a fingerprint scan.

A

Biometric Authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Protecting information, to be able to restrict access to only those who are allowed to see it.

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

(Also referred to as computer crime) is an illegal activity that is committed with the use of a computer, or where a computer is the object of the crime.

A

Cybercrime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Attack does exactly what the term suggests: it prevents a web server from servicing authorized users.

A

Denial-of-Service (DoS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

One of the most common ways thieves steal corporate information is the theft of employee laptops while employees are traveling. Employees should be trained to secure their equipment whenever they are away from the office.

A

Employee Training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

The process of encoding data upon its transmission or storage so that only authorized individuals can read it.

A

Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

An organization’s servers and other high value equipment should always be kept in a room that is monitored for temperature, humidity, and airflow. The risk of a server failure rises when these factors exceed acceptable ranges

A

Environmental Monitoring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A software program or hardware device that is used to increase security on its network by blocking unwanted messages/data.

A

Firewall

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

When someone accesses a computer without permission.

A

Hacking

17
Q

When a criminal gains access to your personal information and uses it without your knowledge.

A

Identity Theft

18
Q

The assurance that the information being accessed has not been altered and truly represents what is intended.

A

Integrity

19
Q

Works to provide the functionality to identify if the network is being attacked.

A

Intrusion Detection System (IDS)

20
Q

It may seem obvious, but all the security in the world is useless if an intruder can simply walk in and physically remove a computing device. High value information assets should be secured in a location with limited access.

A

Locked doors

21
Q

A security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.

A

Multifactor authentication

22
Q

Occurs when a user receives an e-mail that looks as if it is from a trusted source, such as their bank or employer. In the e-mail the user is asked to click a link and log in to a website that mimics the genuine website, then enter their ID and password.

A

Phishing

23
Q

High value information assets should be monitored through the use of security cameras and other means to detect unauthorized access to the physical locations where they exist.

A

Physical Intrusion Detection

24
Q

The protection of the actual hardware and networking components that store and transmit information resources.

A

Physical Security

25
Q

which is the illegal copying and distribution or use of software

A

Piracy

26
Q

Two keys are used: a public key and a private key. To send an encrypted message, you obtain the public key, encode the message, and send it. The recipient then uses their private key to decode it. The public key can be given to anyone who wishes to send the recipient a message..

A

Public Key Encryption

27
Q

Instead of giving specific users access rights to an information resource, users are assigned to roles and then those roles are assigned the access. This allows the administrators to manage users and roles separately, simplifying administration and, by extension, improving security.

A

RBAC

28
Q

Devices should be locked down to prevent them from being stolen. One employee’s hard drive could contain all of your customer information, so it is essential that it be secured.

A

Secured Equipment

29
Q

A technique where culprits disguise their identities by modifying the address of the computer from which the scheme has been launched. Typically, the point is to make it look as if an incoming message has originated from an authorized source.(

A

Spoofing

30
Q

when criminals lure individuals into sending them personal, confidential data that can be used in crime. For example, someone phones you posing as a customer service representative asking for your banking log-on information.

A

Social Engineering

31
Q

Where both parties share the encryption key. Encryption makes information secure as the message is sent in code and appears to those without the public key as a random series of letters and numbers.

A

Symmetric Key Encryption

32
Q

A device that provides battery backup to critical components of the system, allowing they system to stay online longer and/or allowing the IT Staff to shut them down using proper procedures in order to prevent the data loss that might occur from power failure.

A

Universal Power Supply (UPS)

33
Q

A virtual private network allows user who are outside of a corporate network to take a detour around the firewall and access the internal network from the outside.

A

VPN

COMM205 (10 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions