Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Information Security
| Term | Definition |
|---|---|
| Individual right to privacy | PRIVACY The right to be left alone and to be free of unreasonable personal intrusion.INFORMATION PRIVACY the right to determine when, and to what extent, personal information can be gathered by and/or communicated to others |
| Public right to know | 1. The right of privacy is not absolute. Privacy must be balanced against the needs of society. 2. The public's right to know supersedes the individual's right of privacy. |
| Profiling | The process of forming a digital dossier (An electronic description of an individual and his or her habits) |
| Electronic surveillance | Tracking people's activities with the aid of computers |
| URL filtering | software to block connections to inappropriate Web sites |
| Opt-out informed consent | A model of informed consent that permits a company to collect personal information until the customer specifically requests that the data not be collected. |
| Opt-in informed consent | A model of informed consent in which a business is prohibited from collecting any personal information unless the customer specifically authorizes it. |
| Identity theft | Crime in which someone uses the personal information of others to create a false identity and then uses it for some fraud |
| Browser history | refers to the list of web pages a user has visited recently—and associated data such as page title and time of visit— |
| Personal firewall | an application which controls network traffic to and from a computer, permitting or denying communications based on a security policy |
| Anti-malware | Software packages that attempt to identify and eliminate viruses, worms, and other malicious software. |
| Antispyware | type of program designed to prevent and detect unwanted spyware program installations and to remove those programs if installed |
| Content-filtering software | software designed to restrict or control the content a reader is authorised to access, especially when utilised to restrict material delivered over the Internet via the Web, e-mail, or other means |
| Intrusion Detection Software (IDS) | device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. |
| Two-factor authentication | an extra layer of security that is known as "multi factor authentication" that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately t |
| Trusted network | any network within your organization |
| Untrusted network | any network external to your organization |
| Distributed Denial of service | A denial-of-service attack that sends a flood of data packets from many compromised computers simultaneously. |
| Zombies (bots) | A computer that has been compromised by, and under the control of, a hacker |
| Malware | Malicious software such as viruses and worms |
| Trojan horse | A software program containing a hidden function that presents a security risk |
| Virus | Malicious software that can attach itself to (or “infect”) other computer programs without the owner of the program being aware of the infection. |
| Worm | Destructive programs that replicate themselves without requiring another program to provide a safe environment for replication. |
| Phishing | An attack that uses deception to fraudulently acquire sensitive personal information by masquerading as an official-looking e-mail |
| Social engineering | Getting around security systems by tricking computer users inside a company into revealing sensitive information or gaining unauthorized access privileges |
| Physical controls | Controls that restrict unauthorized individuals from gaining access to a company's computer facilities |
| Access controls | Controls that restrict unauthorized individuals from using information resources and are concerned with user identification. |
| Authentication | A process that determines the identity of the person requiring access. |
| Password | A private combination of characters that only the user should know. |
| Passphrase | a sequence of words or other text used to control access to a computer system, program or data |
| Authorization | A process that determines which actions, rights, or privileges the person has, based on verified identity. |
| Biometrics | The science and technology of authentication (i.e., establishing the identity of an individual) by measuring the subject's physiologic or behavioral characteristics. |
| Firewall | A system (either hardware, software, or a combination of both) that prevents a specific type of information from moving between untrusted networks, such as the Internet, and private networks, such as your company's network. |
| Whitelisting | A process in which a company identifies acceptable software and permits it to run, and either prevents anything else from running or lets new software run in a quarantined environment until the company can verify its validity. |
| Blacklisting | A process in which a company identifies certain types of software that are not allowed to run in the company environment. |
| Encryption | The process of converting an original message into a form that cannot be read by anyone except the intended receiver. |
| Public-key encryption | (also called asymmetric encryption) A type of encryption that uses two different keys, a public key and a private key. |
| Digital certificate | An electronic document attached to a file certifying that this file is from the organization it claims to be from and has not been modified from its original format or content. |
Created by:
willjhg