click below
click below
Normal Size Small Size show me how
Principle of Banking
Chapter 10
Question | Answer |
---|---|
information security program | a plan for ensuring that data and technology systems are not accessed by unauthorized users. |
Password | an arbitrary string of 6 to 10 characters chosen by or assigned to a user to authenticate the user attempting to logon to a computer system. An example is “treebumper.” |
Passphrase | an arbitrary string of up to 100 characters similar to, and used like, a password but that provides more security. An example is “*bumping!trees963$$.” |
Authentication | (1) determination that a message comes from a source authorized to originate the message; (2) a measure designed to protect against a fraudulent transmission by establishing a validity of a transmission, message, station, or person. |
Security token | a physical device that communicates with a computer, either by direct attachment or wireless communication, to confirm a person’s identity for the purpose of preforming authorized transactions. |
Multi-factor authentication | authentication by two or more of the following: something the customer knows, has, or is. |
Biometrics | automated methods of identifying a person based on physiological or behavioral characteristic, such as a voice, fingerprint, or typing pattern. |
Spam | unsolicited junk emails sent to a large number of people to promote products or services or to spread computer viruses. |
Credit report | one of the best ways for bank customers to combat identity theft is to regularly request and review copies of their credit reports from the major credit reporting agencies (Equifax, Experian, and TransUnion) |
Pretext calling | attempts to use the phone to gain access to another’s account information by pretending to be the account holder or authorized signer on the account. |
Internal auditor | an auditor who is employed by the bank, regularly working with all levels of management. |
External auditor | an auditor who is independent of the bank, usually reporting directly to the internal auditor or the board of directors or audit committee. |
Whistleblower | an employee who reports fraud or other wrongdoing within a company. |
Civil money penalty (CMP) | a fine imposed by a civil court on an individual, business, or organization that has profited from illegal or unethical activity or has violated a law or regulation. Also known as civil monetary penalty. |
Fraud | an intentional misrepresentation made by one person to another who, believing the misrepresentation, takes some action and suffers a loss of property or a right to the first person |
Embezzlement | a crime involving the fraudulent use or keeping of money or other property that has been entrusted to one’s care. Also known in banking as misappropriation of funds. |
Insider fraud | fraud perpetrated by someone who works inside an organization. |
Malware | derived from a combination of the words “malicious” and “software,” it broadly applies to viruses, Trojan Horses, worms, and any other software programs designed to damage computers and computer systems. |
Virus | a software program capable of reproducing itself that usually causes great harm to files or other programs on some computer. |
Spyware | computer software that collects personal information about users without their informed consent. |
Keystroke tracking | the practice of monitoring the keys struck on a computer keyboard, often done covertly to obtain passwords and other protected information. |
Wi-Fi | short for wireless fidelity. Wireless fidelity is a radio frequency standard that is used to connect devices, such as computers, together using a wireless connection. |
Wi-Fi hot spot | an area that allows computers equipped with wireless fidelity(Wi-Fi) to receive Internet connection. |
Business contingency plan | a plan for maintaining or resuming business operation should unexpected events occur. Also known as business continuity plan. |
Pandemic | a disease spread over a large geographical region and effecting a large proportion of the population. |
Money laundering | moving large amounts of illegally obtained cash through many bank accounts or to other legal investments or assets in order to hide the source of money. |
Incident response program (IRP) | a comprehensive plan for reacting to threats to the security of banks data, system, employees, or facilities. |