Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
DAC1 Comp 9 & 10
WGU DAC1 Information Systems Management Competency 9 & 10
| Term | Definition |
|---|---|
| hackers | people very knowledgeable about computers who their knowledge to invade other people's computers |
| drive-by hacking | a computer attack where an attacker accesses a wireless computer network, intercepts data, user network services, and/or sends attack instructions without entering the office or organization that owns the network |
| black-hat hackers, crackers, cyberterrorists, hactivists, script kiddies/bunnies, white-hat hackers | Types of Hackers |
| virus | software written with malicious intent to cause annoyance or damage |
| adware | software that generates ads that install themselves on a computer when a person downloads other program from the internet |
| spyware | software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer's CPU and storage for some task the user knows nothing about |
| backdoor programs, denial-of-service attack (DoS), distributed denial-of-service (DDoS) attack, polymorphic viruses and worms, trojan-horse virus, worm | Common Forms of Viruses |
| elevation of privelege, hoaxes, malicious code, pocket tampering, sniffer, spoofing, splogs (spam blogs), spyware | Hacker Weapons |
| insiders | legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident |
| socialengineering | using one's social skills to trick people into revealing access credentials or other information valuable to the attacker |
| dumpster diving | looking through people's trash, another way hackers obtain information |
| information security policy | identifies the rules required to maintain information security |
| information security plan | details how an organization will implement the information security policies |
| destructive agents | malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines |
| identity theft | the forging of someone's identity for the purpose of fraud |
| information secrecy | the category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity |
| phishing | technique to gain personal information for the purpose of identity theft, usually bu means of fraudulent email |
| phishing expedition | a masquerading attack that combines spam with spoofing |
| spear phishing | a phishing expedition in which the emails are carefully designed to target a particular person or organization |
| vishing / voice phishing | a phone scam that attempts to defraud people by asking them to call a bogus telephone number to "confirm" their account information |
| pharming | reroutes requests for legitimate websites to false websites |
| zombie | a program that secretly takes over another computer for the purpose of launching attacks on other computers |
| zombie farm | a group of computers on which a hacker has planted zombie programs |
| pharming attack | uses a zombie farm, often by an organized crime association, to launch a massive phishing attack |
| quthentication | a method for confirming users' identities |
| authorization | the process of giving someone permission to do or have something |
| tokens | small electronic devices that change passwords automatically |
| smart card | a device about the size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing |
| biometrics | the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting |
| time bombs | computer viruses that wait for a specific date before executing instructions |
| content filtering | occurs when organizations use software that filters content to prevent the transmission of unauthorized information |
| encryption | scrambles information into an alternative form that requires a key or password to decrypt the information |
| cryptography | the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them |
| advanced encryption standard (AES) | introduced by the National Institute of Standards and Technology (NIST), an encryption standard designed to keep government information secure |
| public key encryption (PKE) | encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient |
| certificate authority | a trusted third party, such as VeriSign, that validates user identities by means of digital certificates |
| digital certificate | a data file that identifies individuals or organizations online and is comparable to a digital signature |
| firewall | hardware and/or software that guards a private network by analyzing the information leaving and entering the network |
| antivirus software | scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware |
| cyberwar | an organized attempt by a country's military to disrupt or destroy information and communication systems for another country |
| cyberterrorism | seeks to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction |
| intrusion detection software (IDS) | searches out patterns in information and network traffic to indicate attacks and quickly responds to prevent any harm |
| copyright | the legal protection afforded an expression of a n idea, such as a song, video games, and some types of proprietary documents |
| intellectual property | intangible creative work that is embodied in physical form |
| patent | an exclusive to make, use, and sell an invention granted by a government to the inventor |
| ethics | the principles and standards that guide our behavior toward other people |
| privacy | the right to be left along when you want to be, to have control over your personal possessions, and not to be observed without your consent |
| confidentiality | the assurance that messages and information remain available only to those authorized to view them |
| information ethics | govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies) |
| pirated software | the unauthorized use, duplication, distribution, or sale of copyrighted software |
| counterfeit software | software that is manufactured to look like the real thing and sold as such |
| digital right management | a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution |
| information management | examines the organization resource of information and regulates its definitions, uses, value, and distribution ensuring it has the types of data/information required to function and grow effectively |
| data governance | refers to the overall management of the availability, usability, integrity, and security of company data |
| information compliance | the act of conforming, acquiescing, or yielding information |
| information property | an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged |
| ediscovery / electronic discovery | refers to the ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry |
| Child Online Protection Act (COPA) | a law that protects minors from accessing inappropriate material on the internet |
| epolicies | policies and procedures that address the ethical use of computers and Internet usage in the business environment |
| cyberbullying | includes threats, negative remarks, or defamatory comments transmitted via the Internet or posted on the website |
| threat | an act or object that poses a danger to assets |
| click-fraud | the abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser |
| competitive click-fraud | a computer crime where a competitor or disgruntled employee increases a company's search advertising costs by repeatedly clicking on the advertiser's link |
| ethical computer use policy | contains general principles to guide computer user behavior |
| information privacy policy | contains general principles regarding information privacy |
| acceptable use policy (AUP) | a policy that a user must agree to follow in order to be provided access to a network or to the Internet |
| nonrepudiation | a contractual stipulation to ensure that ebusiness participants do not deny (repudiate) their online actions |
| Internet use policy | contains general principles to guide proper use of the Internet |
| cybervandalism | the electronic defacing of an existing website |
| typosquatting | a problem that occurs when someone registers purposely misspelled variations of well-known domain names |
| website name stealing | the theft of a website's name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned to the website to another website owner |
| Internet censorship | government attempts to control Internet traffic, thus preventing some material from being viewed by a country's citizens |
| email privacy policy | details the extent to which email messages may be read by others |
| spam | unsolicited email |
| anti-spam policy | states that email users will not send spam |
| opt out | customer specifically chooses to deny permission of receiving emails |
| teergrubbing | anti-spamming approach where the receiving computer launches a return attack against the spammer, sending email messages back to the computer that originated the suspected spam |
| social media policy | outlines the corporate guidelines or principles governing employee online communications |
| physical security | tangible protection such as alarms, guards, fireproof doors, fences and vaults |
| workplace MIS monitoring | tracks people's activities by such measures as number of keystrokes, error rate, and number of transactions processed |
| employee monitoring policy | states how, when, and where the company monitors its employees |
Created by:
csmi384
Popular Business sets