IT: Chapter 7: Securing Information Systems Flashcards
Security
refers to the policies, procedures, and technical measures used to prevent unauthorized access, alternation, theft, or physical damage to information systems
Controls
methods, policies, and organizational procedures that ensure the safety of the organization’s assets, the accuracy and reliability of its records, and operational adherences to management standards
SSIDs (Service set identifiers)
identify the access points in a Wi-Fi network are broadcast multiple times and can be picked up fairly easily by intruders’ sniffer programs
War Driving
eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic
Rogue Access points
To force a user’s radio network interface controller to associate with the rogue access point.
Malware
malicious software programs include a variety of threats, such as viruses, works, and Trojan horses
Virus
rogue software program that attaches itself to other software programs or data files in order to be executed
Worms
independent computer programs that copy themselves from one computer to other computers over a network
Trojan Horses
software program that appears to be benign but then does something other than expected
SQL injection attacks
take advantage of vulnerabilities in poorly coded Web application software to introduce malicious program code into a company’s systems and networks
Spyware
small programs install themselves surreptitiously on computers to monitor user Web surfing activity and server up advertising
Key loggers
record every keystroke on computer to steal serial numbers, passwords, launch internet attack
Hacker
an individual who intends to gain unauthorized access to a computer system
Cracker
typically used to denote a hacker with criminal intent
Cybervandalism
the intentional disruption, defacement, or even destruction of a Web site or corporate information systems
Spoofing
misrepresenting oneself by using fake e-mail addresses or masquerading as someone else
Sniffer
eavesdropping program that monitors information traveling over network
Denial-of-service attacks (DoS)
flooding server with thousands of false requests to crash the network
Distributed Denial-of-service attacks ((DDoS)
uses numerous computers to inundate and overwhelm the network from numerous launch points
Botnets
networks of “zombies” PCs infiltrated by bot malware
Computer Crime
any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution
Identity theft
an imposter obtains key pieces of personal information (social security ID, driver’s license, or credit card numbers) to impersonate someone else
Phishing
setting up fake Web sites or sending e-mail messages that look like legitimate businesses to ask users for confidential personal data
Evil Twins
wireless networks that pretend to offer trustworthy Wi-Fi connections to the internet
Pharming
redirects users to a bogus Web page even when individual types correct Web page address to his or her browser
Click fraud
an individual or a computer program fraudulently clicks on an online ad without any intention of learning more about the advertiser
Cyberware
state-sponsored activity designed to cripple and defeat another state or nation by penetrating its computers or networks for the purposes of causing damage and disruption
Social engineering
tricking employees into revealing their passwords by pretending to be legitimate members of the company in need of information
hidden bugs
program code defects
patches
small pieces of software to repair flaws released by vendors
HIPPA (Health Insurance Portability and Accountability Act)
outlines medical security and privacy rules and procedures for simplifying the administration of health care billing and automating the transfer of health care data between health care providers, payers, and plans
Gramm-Leach-Biley Act
requires financial institutions to ensure the security and confidentiality of customer data
Sarbanes-Oxley Act
imposes responsibility on companies and their management to safeguard the accuracy and integrity of financial information that is used internally and released externally
Computer forensics
scientific collection, examination, authentication, preservation, and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in court of law
General Control
govern the design, security, and use of computer programs and the security of data files in general throughout the organization’s information technology infrastructure.
Application control
specific controls unique to each computerized application, such as payroll or order processing
Input Controls
check data for accuracy and completely when they enter the system
Processing Controls
establish that data are complete and accurate during updating
Output Controls
ensure that the results of computer processing are accurate, complete, and properly distributed
Risk Assessment
determines level of risk to firm if specific activity or process is not properly controlled
Security Policy
consists of statements ranking information risk, identifying acceptable security goals, and identifying the mechanisms for achieving goals
Acceptable Use Police (AUP)
defines acceptable uses of the firm’s information resources and computing equipment, including desktop and laptop computers, wireless devices, telephones, and the Internet
Identity management
consists of business processes and software tools for identifying the valid users of a system and controlling their access to system resources
Disaster recovery planning
devises plans for the restoration of computing and communications services after they have been disrupted
Business continuity planning
focuses on how the company can restore business operations after a disaster strikes
MIS Audit
examines the firm’s overall security environment as well as controls governing individual information systems
Authentication
refer to the ability to know that a person is who he or she claims to be
Tokens
physical device, similar to an identification card that is designed to prove the identity of a single user
Smart Cards
a device about the size of a credit card that contains a chip formatted with access permission and other data
Biometric authentication
uses systems that read and interpret individual human traits such as fingerprints, irises, and voices ,in order to grant or deny access
Firewall
combination of hardware and software that controls the flow of incoming and outgoing network traffic
Packet filtering
examines selected fields in the headers of data packets flowing back and forth between the trusted network and the internet
Stateful inspection
provides additional security by determining whether packets are part of an ongoing dialogue between a sender and a receiver
Network Address Translation (NAT)
conceals the IP addresses of the organizations internal host computers to prevent sniffer programs outside the firewall from ascertaining them and using that information to penetrate internal systems
Application proxy filtering
examines the application content of packets.
Intrusion detection Systems
feature full-time monitoring tools placed at the most vulnerable points or “hot spots” of corporate networks to deter intruders
Antivirus software
prevents, detects, and removes malware, and can often eliminate it as well
Unified Threat Management Systems (UTM)
security vendors combined into a single appliance various security tools, including firewalls, virtual private networks intrusion detection systems, and Web content filtering and antispam software to help businesses reduce costs and improve manageability
Encryption
the process of transforming plain text or data into cipher text that cannot be read by anyone other than the sender and the intended receiver
Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS)
enable client and server computers to manage encryption and decryption activities as they communicate with each other during a secure Web session.
Secure Hypertext Transfer Protocol (S-HTT)
used for encrypting data flowing over the Internet, but it is limited to individual messages
Symmetric Key Encryption
sender and receiver use single, shared key
Public key encryption
uses two mathematically related keys: public key or private key
Digital Certificate
data file used to establish the identity of users and electronic assets for protection of online transactions
Public Key infrastructure
use of public key cryptography working with certificate authority
Fault-tolerate Computer Systems
contain redundant hardware, software, and power supply components that create an environment that provides continuous, uninterrupted service
High-availability computing
helps recover quickly from crash, minimizes, does not eliminate, down time
Recovery-oriented computing
designing systems that recover quickly with capabilities to help operators pinpoint and correct faults in multicomponent systems
Deep packet inspected (DPI)
examines data files and sorts out low-priority online material while assigning higher priority to business-critical files
Managed security service provider (MSSPs)
monitor network activity and perform vulnerability testing and intrusion detection
Software Metrics
objective assessments of system in form of quantified measurements
Walkthrough
review of specification or design document by small group of qualified people
Debugging
process by which errors are eliminated
