UNIT 9 Flashcards

You may prefer our related Brainscape-certified flashcards:
1
Q

the protection of computer systems and information from harm, theft, and
unauthorized use. Computer hardware is typically protected by the same means used to protect
other valuable or sensitive equipment, namely, serial numbers, doors and locks, and alarms. The
protection of information and system access, on the other hand, is achieved through other tactics,
some of them quite complex.

A

Computer security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

deals with the protection of computer systems
and information from harm, theft, and unauthorized use.

A

Computer security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

is the practice of defending computers, servers, mobile devices, electronic systems,
networks, and data from malicious attacks. It’s also known as information technology security or
electronic information security.

A

Cyber security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

CYBER SECURITY

is the practice of securing a computer network from intruders, whether
targeted attackers or opportunistic malware.

A

Network security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CYBER SECURITY

focuses on keeping software and devices free of threats. A
compromised application could provide access to the data its designed to protect. Successful security begins in the design stage, well before a program or device is deployed.

A

Application security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CYBER SECURITY

protects the integrity and privacy of data, both in storage and in
transit

A

Information security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CYBER SECURITY

includes the processes and decisions for handling and protecting data
assets. The permissions users have when accessing a network and the procedures that
determine how and where data may be stored or shared all fall under this umbrella.

A

Operational security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

CYBER SECURITY

_____ and business continuity define how an organization responds to a cybersecurity incident or any other event that causes the loss of operations or data. Disaster
recovery policies dictate how the organization restores its operations and information to
return to the same operating capacity as before the event. Business continuity is the plan
the organization falls back on while trying to operate without certain resources.

A

Disaster recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

CYBER SECURITY

addresses the most unpredictable cyber-security factor: people.
Anyone can accidentally introduce a virus to an otherwise secure system by failing to follow
good security practices. Teaching users to delete suspicious email attachments, not plug in
unidentified USB drives, and various other important lessons is vital for the security of any
organization

A

End-user education

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

CIA THREE MAIN PRINCIPLES

is ensuring that information is available only to the intended audience – An
organization obtains or creates a piece of sensitive data that will be used in the course of
its business operations. Because the data is sensitive, that data should only be able to be
seen by the people in the organization that need to see it in order to do their jobs. It should
be protected from access by unauthorized individuals.

A

Confidentiality

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

CIA THREE MAIN PRINCIPLES

is protecting information from being modified by unauthorized parties – Integrity
involves maintaining the accuracy, consistency and trustworthiness of data. Data must not
be changed whilst at rest or in transit by unauthorized individuals (which would demonstrate a breach of confidentiality). Integrity of data is commonly ensured by
implementing security measures such as file permissions and access control models.
Version controls can also be utilized to avoid changes to data made accidentally by
authorized individuals

A

Integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

CIA THREE MAIN PRINCIPLES

is protecting information from being modified by unauthorized parties – When
the individual that needs that piece of data to perform a job duty is ready to utilize it, it
must be readily accessible (i.e. online) in a timely and reliable manner so the job task can
be completed on time and the company can continue its processing. Availability means
that authorized individuals are able to access their data whenever they want.

A

Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Good Security Practices for Individuals

Software may include bugs as discussed in the previous modules. To limit the
vulnerabilities, make sure that the instructions for install of a software is followed, the
acquisition of the software is legitimate. Anti-virus and anti-malware should also be
installed and kept up to date.

A

Install anti-virus and anti-malware software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Good Security Practices for Individuals

Reusing passwords or having the same password for multiple accounts, websites, and
other systems will become more vulnerable. Do not save passwords on websites and
devices that are unsecure. Remember to change your passwords on a schedule to keep
them fresh

A

Use a strong password

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Good Security Practices for Individuals

Yes, the business centers and cybercafes that offer the use of a computer system is
convenient, but not secure. Since anyone can use them for anything, they have probably
been exposed to viruses, worms, trojans, keyloggers, and other nasty malware. Should you
use them at all? When using a public area computer, be sure to completely log off when
you are finished using it.

A

Log off public computers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Good Security Practices for Individuals

Some events may be inevitable like hardware failure and virus infection, so be sure to save
every now and then. Also back up important information that is important to you. Make
sure to verify if the files you’ve saved can be easily restored.

A

Save and Back up

17
Q

Good Security Practices for Individuals

Facebook, Twitter, Google+, YouTube, Pinterest, LinkedIn and other social networks have
become an integral part of our online lives. Social networks are a great way to stay
connected with others, but you should be wary about how much personal information you
post. Learn how to use the privacy and security settings to protect yourself, keep personal
information personal, know and manage your friends, know what to do if you encounter a
problem.

A

Limit social network information

18
Q

Good Security Practices for Individuals

Avoid peer-to-peer (P2P) networks and remove any file-sharing clients already installed on
your system. Since most P2P applications have worldwide sharing turned on by default
during installation, you run the risk of downloading viruses or other malware to your
computer, and having your personal and/or confidential information inadvertently shared
across the Internet, which could lead to identity theft.

A

Download files legally

19
Q

Good Security Practices for Individuals

Do not divulge personal information online if you’re not sure about the sender or the
website. A common fraud, called “phishing”, sends messages that appear to be from a
bank, shop or auction, giving a link to a fake website and asking you to follow that link and
confirm your account details.

A

Keep personal information safe

20
Q

Good Security Practices for Individuals

Whenever you leave our devices unattended, make sure that your device/s are locked.

A

Lock your computer

21
Q

Good Security Practices for Individuals

Avoid visiting unknown websites or downloading software from untrusted sources. These
sites often host malware that will automatically install (often silently) and compromise
your computer. If attachments or links in the email are unexpected or suspicious for any
reason, don’t click on it, just visit the actual sender website.

A

Do not click on suspicious links or pop-up notifications

22
Q

Good Security Practices for Individuals

Turn on automatic updating or make sure that all applications are also up to date.

A

Keep applications up to date

23
Q

Definition of terms

is a network security device that monitors incoming and outgoing
network traffic and decides whether to allow or block specific traffic based on a defined
set of security rules.

A

Firewall

24
Q

Definition of terms

is a person who breaks into a computer system. The reasons for hacking
can be many: installing malware, stealing or destroying data, disrupting service, and more.
Hacking can also be done for ethical reasons, such as trying to find software vulnerabilities
so they can be fixed.

A

Hacker/s

25
Q

Definition of terms

is any weakness in the information technology (IT)
infrastructure that hackers can exploit to gain unauthorized access to data.

A

Vulnerability

26
Q

Some of the most common threats to cybersecurity include:

This refers to malicious software such as viruses, worms, and Trojan horses that
can infect computers and devices, steal sensitive information, or damage systems

A

Malware

27
Q

Some of the most common threats to cybersecurity include:

This is the practice of sending fake emails or messages that appear to come from
a trustworthy source, such as a bank or a popular website, in order to trick people into
revealing sensitive information.

A

Phishing

28
Q

Some of the most common threats to cybersecurity include:

This is a type of malware that encrypts a victim’s files and demands a ransom
payment in exchange for the decryption key.

A

Ransomware

29
Q

Some of the most common threats to cybersecurity include:

These attacks overload a website or online
service with traffic, making it inaccessible to users.

A

Distributed Denial of Service (DDoS) attacks

30
Q

Some of the most common threats to cybersecurity include:

Refers to current or former employees, business partners, contractors, or
anyone who has had access to any systems or networks in the past. can be considered an
insider threat if they abuse their access permissions.

A

Insider threats

31
Q

Some of the most common threats to cybersecurity include:

is an eavesdropping attack, where a
hacker/intruder intercepts and relays messages between two parties in order to steal data.

A

Man-in-the-middle attacks

32
Q

Some of the most common threats to cybersecurity include:

an intruder or group of intruders sneak into
a system and remain undetected for an extended period. The intruder leaves networks and
systems intact to avoid detection so that the intruder can spy on business activity and steal
sensitive data.

A

Advanced persistent threats (APTs)

33
Q

Some of the most common threats to cybersecurity include:

refers to the processes and tools designed and
deployed to protect sensitive business information from modification, disruption,
destruction, and inspection.

A

Information security