Chapter 9 & 10 - Security Concepts and Threats/ Best Practices Flashcards
1.4, 6.1, 6.4
Data
raw values collected by a computer system. It is meaningless until placed in the correct context
Information
data that has been process into a form that has meaning and is useful
Insight
a meaningful and deep understanding
Intellectual Property (IP)
a category of property that includes creations of the human intellect
Trademark
a type of intellectual property consisting of a recognizable sign, design, or expression that uniquely identifies one product or service from others
- Nike logo, Pepsi logo
Copyright
a type of intellectual property that protects original works of authorship form publication, distribution, and sale without the author’s permission
- Books, songs, movies, software
Patent
a type of intellectual property that grants exclusive rights to an invention, which is a product or a process that provides a new way of doing something, or offers a new solution to a problem
- a machine process, formula, or product
Digital Product
a product that is sold or distributed as binary computer data
- Software Applications
- Video Downloads
- Computer games
- eBooks
Snooping
an attempt to gain access to information that you are not authorized to view
- prevent shoulder surfing, use a privacy screen
Eavesdropping
secretly listening to the private conversations or communications of others without their consent in order to gather information
Wiretapping
the practice of connection a listening device to a telephone or data line to secretly monitor a conversation
Dumpster Diving
the process of investigating a person or business’s trash to find information that can be used in an attack
Social Engineering
manipulating, influencing, or deceiving a person in order to gain control over a computer system, or acquire confidential information
Single Sign-On (SSO)
a user authentication service that permits a user to use one set of login credentials, like a username and password, to access multiple applications.
Permissions
the specific rights or privileges granted to users or software
Least Privilege
giving users or systems only the permissions they absolutely need to perform a task or job function and nothing more
Logs
are records that provide a chronological account of events in a system. They can track a wide range of activities, from user logins, file accesses, to even the smallest system errors and security breaches
Non-Repudiation
a safeguard that guarantees individuals or entities involved in a digital transaction cannot later refute or deny their participation or the legitimacy of their actions
Antivirus / Anti-Malware
software designed to detect, prevent, and remove malicious software (malware) from a computer or network, ensuring the device’s safety and integrity
- Signature-based Detection
- Behavioral-based (Heuristic) Detection
Host Firewall
software that provides protection to an individual device by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules.
Policy
a set of rules that dictate what actions should be taken under various circumstances.
Procedure
a set of step-by-step instructions to perform a task
- Standard Operating Procedure
Personal Identifiable Information (PII)
any information that can be used to identify an individual
- Name
- Social Security Number
- Date of Birth
- Email Address
- Phone Number
Protected Health Information (PHI)
any information about an individual’s health status
- Medical Records
- Healthcare Service