IS4550 CHAPTER 4 Flashcards
Generally any business software that an end user (including customers) touches is considered an application is called ___.
APPLICATION SOFTWARE
A formal program that reduces the likelihood of accidental or malicious loss of data is called ___.
DATA LEAKAGE PROTECTION (DLP)
A formal program that reduces the likelihood of accidental or malicious loss of data is called ___.
DATA LOSS PROTECTION (DLP)
In the context of workstation central management systems, refers to processes that determine what is installed on a workstation; it could also refer to knowing what information sits on a workstation is called ___.
DISCOVERY MANAGEMENT
A logical piece of our technology infrastructure with similar risks and business requirements is called ___.
DOMAIN
A policy that discusses what is acceptable when using the company email system is called ___.
EMAIL POLICY
A protocol used to exchange files over a LAN or WAN is called ___.
FILE TRANSFER PROTOCOL (FTP)
A device that filters the traffic in and out of a LAN is called ___.
FIREWALL
A network with little or no controls that limit network traffic is called ___.
FLAT NETWORK
In the context of workstation central management systems, provides support to the end user is called ___.
HELP DESK MANAGEMENT
Used to connect multiple devices within a local area network. it has ports and as the traffic flows through the device, the traffic is duplicated so all ports can see the traffic is called ___.
HUB
In the context of workstation central management systems, refers to tracking what workstation and related network devices exist is called ___.
INVENTORY MANAGEMENT
Refers to the organization’s local area network infrastructure is called ___.
LAN DOMAIN
Refers to the technical infrastructure that connects the organization’s local area network to a wide area network is called ___.
LAN-TO-WAN DOMAIN
In the context of workstation central management systems, refers to extracting logs from the workstation is called ___.
LOG MANAGEMENT
Refers to making sure that devices on the network, such as workstations and servers, have current patches from the vendor is called ___.
PATCH MANAGEMENT
Places importance on privacy in the business and discusses the regularity landscape and government mandates and often talks about physical security and the importance of “locking up” sensitive information is called ___.
PRIVACY POLICY
Refers to the technology that controls how end users connect to an organization’s local area network is called ___.
REMOTE ACCESS DOMAIN
Enhanced authentication over what’s typically found in the office. Usually requires more than an ID and Password, such as a security token or smart card is called ___.
REMOTE AUTHENTICATION
Connects local area networks to wide area networks is called ___.
ROUTER
Usually refers to IT security, this can include making sure end users have limited rights and access controls are in place, among many other techniques and process is called ___.
SECURITY MANAGEMENT
A network that limits how computers are able to talk to each other is called ___.
SEGMENT NETWORK
A network device that can read communications traffic on a LAN is called ___.
SNIFFER
A type of attack in which the hacker adds SQL code to a Web or application input to gain access to or alter data in the database is called ___.
STRUCTURED QUERY LANGUAGE (SQL) Injection
A piece of equipment similar to a hub but can filter traffic. It typically routes traffic only to the port where the system is connected. This reduces network traffic, thus reducing the chance of someone intercepting the traffic is called ___.
SWITCH
Rules of conduct on how and when access to systems is permitted. It covers end user credentials like IDs and passwords is called ___.
SYSTEM ACCESS POLICY
Software that supports the running of the applications is called ___.
SYSTEM SOFTWARE
This refers to the technology needed to collect, process, and store the information. It includes controls related to hardware and software is called ___.
SYSTEM/APPLICATION DOMAIN
Requires end users to authenticate their identity using at least two of three different types of credentials. The three most commonly accepted types are something you know, something you have, and something you are is called ___.
TWO-FACTOR AUTHENTICATION
This refers to any user accessing information and includes customers, employees, consultants, contractors, or any other third party is called ___.
USER DOMAIN
This is set up between two devices to create an encrypted tunnel. All communications are protected from eaves dropping and considered highly secure and is called ___.
VIRTUAL PRIVATE NETWORK (VPN)
This ___ includes wide area networks, which are networks that cover large geographical areas.
WAN DOMAIN
Alterations to a Web page that result from a site defacement attack is called ___.
WEB GRAFFITI
An attack on a Web site in which the site’s content is altered, usually in a way that embarrasses the site owner is called ___.
WEB SITE DEFACEMENT
The refers to any computing device used by end users. This usually means a desktop or laptop that is the main computer for the user is called ___.
WORKSTATION DOMAIN
- Private WANs must be encrypted at all times.
TRUE OR FALSE
FALSE
- Which of the following attempts to identify where sensitive data is currently stored?
- Data Leakage Protection Inventory
- DLP Encryption Key
- Data Loss Protection Perimeter
- DLP Trojans
Data Leakage Protection Inventory
- Voice over Internet Protocol (VoIP) can be used over which of the following?
- LAN
- WAN
- Both
- Neither
LAN
WAN
- Which of the following is not one of the seven domains of typical IT infrastructure?
- Remote Access Domain
- LAN Domain
- World Area Network Domain
- System/Application Domain
World Area Network Domain
- Which of the seven domains refers to the technical infrastructure that connects the organizations’ LAN to WAN and allows end users to surf the Internet?
LAN to WAN Domain
- Many of the business benefits of Internet access over mobile devices include which of the following?
- Competitive advantage through real-time data access
- Increased customer responsiveness
- Prevention of unauthorized access to customer private information
- 1 & 2 only
- None of the above
Competitive advantage through real-time data access
Increased customer responsiveness
- A ___ is a term that refers to a network that limits what and how computers are able to talk to each other.
Segmented network
- A LAN is efficient for connecting computers within an office or groups of buildings.
TRUE OR FALSE
TRUE
- What policy generally requires that employees lock up all documents and digital media at the end of a workday and when not in use?
- Acceptable use policy
- Clean Desk policy
- Privacy policy
- Walk out policy
Clean Desk policy
- What employees learn in awareness training influences them more than what they see within their department.
TRUE OR FALSE
FALSE
- What kink of workstation management refers to knowing what software is installed?
- Inventory management
- Patch management
- Security management
- Discovery management
Discovery management
- Always applying the most struck authentication method is the best way to protect the business and ensure achievement of goals.
TRUE OR FALSE
FALSE
- Generally, remote authentication provides which of the following?
- Fewer controls than if you were in the office
- The same controls than if you were in the office
- More controls than if you were in the office
- Less need for controls than in the office
More controls than if you were in the office
- Remote access does not have to be encrypted if strong authentication is used.
TRUE OR FALSE
FALSE
- Where is a DMZ usually located?
- Inside the private LAN
- Within the WAN
- Between the private LAN and public WAN
- Within the mail server
Between the private LAN and public WAN
