Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CIS 236 > CIS EXAM 2 > Flashcards

CIS EXAM 2 Flashcards

1
Q

Topics Covered

A

Protecting Information Resources; Data Communication; The Internet, Intranets, and Extranets; HTML, E-Commerce

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Risks Associated with Information Technologies

A

Misuses of information technology Preventing and Minimizing Policies and procedures Operating system updates Antivirus and antispyware software E-mail security features Firewalls Intrusion detection systems Vulnerability scanners

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Computer Crime and Fraud

A

Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider� Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider�

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Phishing

A

Phishing Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites To capture private information Phishing Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites To capture private information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Keystroke Loggers

A

Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Sniffing

A

Capturing and recording network traffic Often used by hackers to intercept information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Spoofing

A

Attempt to gain access to a network by posing as an authorized user to find sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Viruses

A

Type of malware Estimating the dollar amount of damage viruses cause can be difficult Usually given names I Love You, Michelangelo Virus: Consists of self-propagating program code that�s triggered by a specified time or event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Worms

A

Travels from computer to computer in a network Independent programs that can spread themselves without having to be attached to a host program Replicates into a full-blown version that eats up computing resources Well-known worms Code Red, Melissa, and Sasser

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Trojan Programs

A

Named after the Trojan horse the Greeks used to enter Troy during the Trojan War Contains code intended to disrupt a computer, network, or Web site Usually hidden inside a popular program

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Logic bomb

A

Type of Trojan program used to release a virus, worm, or other destructive code Triggered at a certain time or by an event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Backdoors

A

Programming routine built into a system by its author Enables the author to bypass security and sneak back into the system later to access programs or files Users aren�t aware a backdoor has been activated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Blended threat

A

Combines the characteristics of several malicious codes with vulnerabilities on public/private networks Goal is not to just start/transmit an attack, but to spread it Multi-layer security system can guard from threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Denial-of-Service Attacks

A

Floods a network or server with service requests Prevent legitimate users� access to the system Targets Internet servers Distributed denial-of-service (DDoS) attack Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period Frequently use Botnets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Social Engineering

A

Using �people skills� to trick others into revealing private information Takes advantage of the human element of security systems Difficult to track Use the private information they�ve gathered to break into servers and networks and steal data Commonly used social-engineering techniques �Dumpster diving� and �shoulder surfing�

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Security Concepts The Triad

A

Confidentiality System must not allow disclosing information to anyone who isn�t authorized to access it Integrity Ensures the accuracy of information resources in an organization Financial transactions Availability Ensures that computers and networks are operating Authorized users can access the information they need Plus� Authentication Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Security Measures and Enforcement: An Overview

A

Biometric security measures Nonbiometric security measures Physical security measures Access controls Virtual private networks Data encryption E-commerce transaction security measures Computer Emergency Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Biometric Security Measures

A

Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Vein analysis Voice recognition

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Firewalls

A

Combination of hardware and software Acts as a filter or barrier between a private network and external computers or networks Network administrator defines rules for access Examine data passing into or out of a private network Decide whether to allow the transmission based on users� IDs, the transmission�s origin and destination, and the transmission�s contents Possible actions after examining packet Reject the incoming packet Send a warning to the network administrator Send a message to the sender that the attempt failed Allow the packet to enter (or leave) the private network Main types of firewalls Packet-filtering firewalls Application-filtering firewalls Proxy servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Intrusion Detection Systems

A

Protect against both external and internal access Usually placed in front of a firewall Prevent against DoS attacks Monitor network traffic �Prevent, detect, and react� approach Require a lot of processing power and can affect network performance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Passwords

A

The most common access control Combination of numbers, characters, and symbols that�s entered to allow access to a system Length and complexity determines its vulnerability to discovery Guidelines for effective passwords

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Virtual Private Networks

A

Provides a secure �tunnel� through the Internet For transmitting messages and data via a private network Remote users have a secure connection to the organization�s network Low cost Slow transmission speeds

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Data Encryption

A

Transforms data, called plaintext or cleartext, into a scrambled form called ciphertext Rules for encryption determine how simple or complex the transformation process should be Known as the �encryption algorithm� Protocols Secure Sockets Layer (SSL) Transport Layer Security (TLS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Asymmetric

A

Based on mathematical functions Public key � published key used to encrypt data Private key � key known only to individual user used to decrypt data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Symmetric

A

Based on transformations Same key used to encrypt and decrypt

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Business Continuity Planning

A

Outlines procedures for keeping an organization operational Prepare for disaster Plan steps for resuming normal operations as soon as possible

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Data Communication

A

Electronic transfer of data from one location to another Enables an information system to deliver information Improves the flexibility of data collection and transmission Basis of virtual organizations Enables e-collaboration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Bandwidth

A

Amount of data that can be transferred from one point to another in a certain time period

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

�Attenuation

A

�Loss of power in a signal as it travels from device to device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

�Broadband data transmission

A

�Data are sent simultaneously to increase the transmission rate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

�Protocols

A

Rules that govern data communication, including error detection, message length, and transmission speed Help ensure compatibility between different manufacturers� devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Types of Networks

A

Three major types of networks: Local area networks Wide area networks, Metropolitan area networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Local Area Networks

A

Connects workstations and peripheral devices in close proximity Common types of local area networks: Ethernet � most common and token ring

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Wide Area

A

Span several cities, states, or even countries Owned by different parties

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

�MAN

A

Communication for multiple organizations in a city and sometimes nearby cities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Network Topologies

A

Represents a network�s physical layout Five common topologies Star Ring Bus Hierarchical Mesh

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Star Topology

A

Central computer and a series of nodes Advantages Cable layouts are easy to modify Centralized control makes detecting problems easier Nodes can be added to the network easily Better for handling heavy but short bursts of traffic Disadvantages Single point of potential failure Increased cost due to many cables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Ring Topology

A

Each computer manages its own connectivity Each node is connected to two other nodes Upstream neighbor and downstream neighbor Transmission in one direction Implementations Token ring Fiber Distributed Data Interface (FDDI) Needs less cable than star Handles heavy short bursts well

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Bus Topology

A

Connects nodes along a network segment Ends of the cable aren�t connected Terminator absorbs signal at each end A node failure has no effect on any other node Advantages Easy to extend Very reliable Wiring layout is simple and uses the least amount of cable of any topology Best for handling steady (even) traffic Disadvantages Fault diagnosis is difficult Bus cable can be a bottleneck when network traffic is heavy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Major Networking Concepts

A

Important networking concepts Protocols TCP/IP Routing Routers Client/server model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Protocols

A

Agreed-on methods and rules that electronic devices use to exchange information Deal with hardware connections Control data transmission and file transfers Specify the format of message packets Multiple protocol support is important

42
Q

Layered Network Architecture

A

The network architecture is layered Descending levels of abstraction Applications at the top Hardware at the bottom The layers do not communicate directly across to their counterparts Each layer relies on the next layer down Getting the layers right has been a subject of debate

43
Q

Transmission Control Protocol/Internet Protocol

A

Industry-standard suite of communication protocols Main advantage is that it enables interoperability Originally intended for Internet communication Major protocols in the TCP/IP suite: Transmission Control Protocol (TCP) Operates at the Transport layer Internet Protocol (IP) Operates at the Network layer

44
Q

Packet

A

Collection of binary digits, including message data and control characters for formatting and transmitting Sent from computer to computer over a network When a packet is transmitted from one network device to another, the transmission is called a hop When packets arrive at the destination computer, they need not in the proper order

45
Q

Routing

A

Process of deciding which path data takes Decisions made using routing table Centralized routing Distributed routing

46
Q

Routers

A

Network connection device containing software Connects network systems and controls traffic flow between them Must use a common routing protocol Operates at network layer Performs the same functions as a bridge More sophisticated device Chooses the best possible path for packets

47
Q

Client/Server Model

A

Software runs on the local computer (the client) Communicates with the remote server to request information or services Server Remote computer on the network that provides information or services in response to client requests Basic client/server communication Advantage: scalability Three levels of logic: presentation, application, and data management

48
Q

Two-Tier Architecture

A

Client communicates directly with the server Presentation logic is always on the client Data management logic is on the server Application logic located on either or both Effective in small workgroups Only in small workgroups?

49
Q

Wireless network

A

Uses wireless instead of wired technology Advantages Mobility, flexibility, ease of installation, and low cost Disadvantages Limited throughput and range, in-building penetration problems, vulnerability to frequency noise, and security

50
Q

Mobile network

A

Network operating on a radio frequency (RF), consisting of radio cells served by a base station Advantages Mobility, flexibility, ease of installation, and low cost Disadvantages Limited throughput and range, in-building penetration problems, vulnerability to frequency noise, and security

51
Q

Convergence

A

Integrating voice, video, and data so that multimedia information can be used for decision making required network upgrades

52
Q

Topics Covered

A

Protecting Information Resources; Data Communication; The Internet, Intranets, and Extranets; HTML, E-Commerce

53
Q

Risks Associated with Information Technologies

A

Misuses of information technology Preventing and Minimizing Policies and procedures Operating system updates Antivirus and antispyware software E-mail security features Firewalls Intrusion detection systems Vulnerability scanners

54
Q

Computer Crime and Fraud

A

Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider� Computer fraud Unauthorized use of computer data for personal gain Examples Denial-of-service attacks Identity theft Software piracy E-mail spamming Company insiders commit most computer crimes �Malicious insider�

55
Q

Phishing

A

Phishing Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites To capture private information Phishing Sending fraudulent e-mails that seem to come from legitimate sources Direct e-mail recipients to false Web sites To capture private information

56
Q

Keystroke Loggers

A

Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses Keystroke loggers Monitor and record keystrokes Can be software or hardware devices Both legitimate and illegitimate uses

57
Q

Sniffing

A

Capturing and recording network traffic Often used by hackers to intercept information

58
Q

Spoofing

A

Attempt to gain access to a network by posing as an authorized user to find sensitive information

59
Q

Viruses

A

Type of malware Estimating the dollar amount of damage viruses cause can be difficult Usually given names I Love You, Michelangelo Virus: Consists of self-propagating program code that�s triggered by a specified time or event

60
Q

Worms

A

Travels from computer to computer in a network Independent programs that can spread themselves without having to be attached to a host program Replicates into a full-blown version that eats up computing resources Well-known worms Code Red, Melissa, and Sasser

61
Q

Trojan Programs

A

Named after the Trojan horse the Greeks used to enter Troy during the Trojan War Contains code intended to disrupt a computer, network, or Web site Usually hidden inside a popular program

62
Q

Logic bomb

A

Type of Trojan program used to release a virus, worm, or other destructive code Triggered at a certain time or by an event

63
Q

Backdoors

A

Programming routine built into a system by its author Enables the author to bypass security and sneak back into the system later to access programs or files Users aren�t aware a backdoor has been activated

64
Q

Blended threat

A

Combines the characteristics of several malicious codes with vulnerabilities on public/private networks Goal is not to just start/transmit an attack, but to spread it Multi-layer security system can guard from threats

65
Q

Denial-of-Service Attacks

A

Floods a network or server with service requests Prevent legitimate users� access to the system Targets Internet servers Distributed denial-of-service (DDoS) attack Hundreds or thousands of computers work together to bombard a Web site with thousands of requests for information in a short period Frequently use Botnets

66
Q

Social Engineering

A

Using �people skills� to trick others into revealing private information Takes advantage of the human element of security systems Difficult to track Use the private information they�ve gathered to break into servers and networks and steal data Commonly used social-engineering techniques �Dumpster diving� and �shoulder surfing�

67
Q

Security Concepts The Triad

A

Confidentiality System must not allow disclosing information to anyone who isn�t authorized to access it Integrity Ensures the accuracy of information resources in an organization Financial transactions Availability Ensures that computers and networks are operating Authorized users can access the information they need Plus� Authentication Non-repudiation

68
Q

Security Measures and Enforcement: An Overview

A

Biometric security measures Nonbiometric security measures Physical security measures Access controls Virtual private networks Data encryption E-commerce transaction security measures Computer Emergency Response Team

69
Q

Biometric Security Measures

A

Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Use a physiological element unique to a person Biometric devices and measures Facial recognition Fingerprints Hand geometry Iris analysis Palm prints Retinal scanning Signature analysis Vein analysis Voice recognition

70
Q

Firewalls

A

Combination of hardware and software Acts as a filter or barrier between a private network and external computers or networks Network administrator defines rules for access Examine data passing into or out of a private network Decide whether to allow the transmission based on users� IDs, the transmission�s origin and destination, and the transmission�s contents Possible actions after examining packet Reject the incoming packet Send a warning to the network administrator Send a message to the sender that the attempt failed Allow the packet to enter (or leave) the private network Main types of firewalls Packet-filtering firewalls Application-filtering firewalls Proxy servers

71
Q

Intrusion Detection Systems

A

Protect against both external and internal access Usually placed in front of a firewall Prevent against DoS attacks Monitor network traffic �Prevent, detect, and react� approach Require a lot of processing power and can affect network performance

72
Q

Passwords

A

The most common access control Combination of numbers, characters, and symbols that�s entered to allow access to a system Length and complexity determines its vulnerability to discovery Guidelines for effective passwords

73
Q

Virtual Private Networks

A

Provides a secure �tunnel� through the Internet For transmitting messages and data via a private network Remote users have a secure connection to the organization�s network Low cost Slow transmission speeds

74
Q

Data Encryption

A

Transforms data, called plaintext or cleartext, into a scrambled form called ciphertext Rules for encryption determine how simple or complex the transformation process should be Known as the �encryption algorithm� Protocols Secure Sockets Layer (SSL) Transport Layer Security (TLS)

75
Q

Asymmetric

A

Based on mathematical functions Public key � published key used to encrypt data Private key � key known only to individual user used to decrypt data

76
Q

Symmetric

A

Based on transformations Same key used to encrypt and decrypt

77
Q

Business Continuity Planning

A

Outlines procedures for keeping an organization operational Prepare for disaster Plan steps for resuming normal operations as soon as possible

78
Q

Data Communication

A

Electronic transfer of data from one location to another Enables an information system to deliver information Improves the flexibility of data collection and transmission Basis of virtual organizations Enables e-collaboration

79
Q

Bandwidth

A

Amount of data that can be transferred from one point to another in a certain time period

80
Q

�Attenuation

A

�Loss of power in a signal as it travels from device to device

81
Q

�Broadband data transmission

A

�Data are sent simultaneously to increase the transmission rate

82
Q

�Protocols

A

Rules that govern data communication, including error detection, message length, and transmission speed Help ensure compatibility between different manufacturers� devices

83
Q

Types of Networks

A

Three major types of networks: Local area networks Wide area networks, Metropolitan area networks

84
Q

Local Area Networks

A

Connects workstations and peripheral devices in close proximity Common types of local area networks: Ethernet � most common and token ring

85
Q

Wide Area

A

Span several cities, states, or even countries Owned by different parties

86
Q

�MAN

A

Communication for multiple organizations in a city and sometimes nearby cities

87
Q

Network Topologies

A

Represents a network�s physical layout Five common topologies Star Ring Bus Hierarchical Mesh

88
Q

Star Topology

A

Central computer and a series of nodes Advantages Cable layouts are easy to modify Centralized control makes detecting problems easier Nodes can be added to the network easily Better for handling heavy but short bursts of traffic Disadvantages Single point of potential failure Increased cost due to many cables

89
Q

Ring Topology

A

Each computer manages its own connectivity Each node is connected to two other nodes Upstream neighbor and downstream neighbor Transmission in one direction Implementations Token ring Fiber Distributed Data Interface (FDDI) Needs less cable than star Handles heavy short bursts well

90
Q

Bus Topology

A

Connects nodes along a network segment Ends of the cable aren�t connected Terminator absorbs signal at each end A node failure has no effect on any other node Advantages Easy to extend Very reliable Wiring layout is simple and uses the least amount of cable of any topology Best for handling steady (even) traffic Disadvantages Fault diagnosis is difficult Bus cable can be a bottleneck when network traffic is heavy

91
Q

Major Networking Concepts

A

Important networking concepts Protocols TCP/IP Routing Routers Client/server model

92
Q

Protocols

A

Agreed-on methods and rules that electronic devices use to exchange information Deal with hardware connections Control data transmission and file transfers Specify the format of message packets Multiple protocol support is important

93
Q

Layered Network Architecture

A

The network architecture is layered Descending levels of abstraction Applications at the top Hardware at the bottom The layers do not communicate directly across to their counterparts Each layer relies on the next layer down Getting the layers right has been a subject of debate

94
Q

Transmission Control Protocol/Internet Protocol

A

Industry-standard suite of communication protocols Main advantage is that it enables interoperability Originally intended for Internet communication Major protocols in the TCP/IP suite: Transmission Control Protocol (TCP) Operates at the Transport layer Internet Protocol (IP) Operates at the Network layer

95
Q

Packet

A

Collection of binary digits, including message data and control characters for formatting and transmitting Sent from computer to computer over a network When a packet is transmitted from one network device to another, the transmission is called a hop When packets arrive at the destination computer, they need not in the proper order

96
Q

Routing

A

Process of deciding which path data takes Decisions made using routing table Centralized routing Distributed routing

97
Q

Routers

A

Network connection device containing software Connects network systems and controls traffic flow between them Must use a common routing protocol Operates at network layer Performs the same functions as a bridge More sophisticated device Chooses the best possible path for packets

98
Q

Client/Server Model

A

Software runs on the local computer (the client) Communicates with the remote server to request information or services Server Remote computer on the network that provides information or services in response to client requests Basic client/server communication Advantage: scalability Three levels of logic: presentation, application, and data management

99
Q

Two-Tier Architecture

A

Client communicates directly with the server Presentation logic is always on the client Data management logic is on the server Application logic located on either or both Effective in small workgroups Only in small workgroups?

100
Q

Wireless network

A

Uses wireless instead of wired technology Advantages Mobility, flexibility, ease of installation, and low cost Disadvantages Limited throughput and range, in-building penetration problems, vulnerability to frequency noise, and security

101
Q

Mobile network

A

Network operating on a radio frequency (RF), consisting of radio cells served by a base station Advantages Mobility, flexibility, ease of installation, and low cost Disadvantages Limited throughput and range, in-building penetration problems, vulnerability to frequency noise, and security

102
Q

Convergence

A

Integrating voice, video, and data so that multimedia information can be used for decision making required network upgrades

CIS 236 (3 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions