IS4550 CHAPTER 2 Flashcards
Formal written policies that describe proper and unacceptable behavior when using computer and network systems is called ___.
ACCEPTABLE USE POLICIES (AUPs)
A security control that stops behavior immediately and does not rely on human decisions is called ___.
AUTOMATED CONTROL
A confirmed event that compromises the confidentiality, integrity, or availability of information is called ___.
BREACH
Most senior leader responsible for managing risks related to data privacy is called ___.
CHIEF PRIVACY OFFICER (CPO)
Legally binding agreements on the handling and disclosure of company material is called ___.
CONFIDENTIALITY AGREEMENT (CA)
A security control that restores a system or process is called ___.
CORRECTIVE CONTROL
Level of protection based on data type is called ___.
DATA CLASSIFICATION
With ___ the actual information can be viewed only when the data is decrypted with a key.
DATA ENCRYPTION
A manual security control that identifies a behavior after it has happened is called ___.
DETECTIVE CONTROL
Any digital material owned by an organization including text, graphics, audio, video, and animations is called ___.
DIGITAL ASSETS
The concept that an individual should know what information about them is being collected. An individual should also be told how that information is being used is called ___.
FULL DISCLOSURE
Any product of human intellect that is unique and not obvious with some value in the marketplace is called ___.
INTELLECTUAL PROPERTY (IP)
A mark or comment placed inside the document itself indication a level of protection is called ___.
LABEL
A security control that does not stop behavior immediately and relies on human decisions is called ___.
MANUAL CONTROL
Legally binding agreement on the handling and disclosure of company material is called ___.
NON-DISCLOSURE AGREEMENT (NDA)