Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Prof Dev Sem
Chapters 1-3
| Term | Definition |
|---|---|
| Ethics | A code of behavior that is defined by the group to which an individual belongs |
| Morals | The personal principles upon which an individual bases his or her decisions about right or wrong |
| Virtue | A habit that inclines people to do what is acceptable |
| Vice | Habit of unacceptable behavior |
| Software Piracy | A form of copyright infringement that involves making copies of software or enabling others to access software to which they are not entitled |
| Integrity | A person with this acts in accordance with a personal code of principles |
| Law | A system of rules that tells is what we can and cannot do |
| Bathsheba Syndrome | A reference to a biblical story where a king was corrupt and sent a general to a task that would kill him so that he could get the generals wife |
| Corporate Social Responsibility | The concept that an organization should act ethically by taking responsibility for the impact of its actions on its shareholders, customers, employees, community, environment and suppliers |
| Supply Chain Sustainability | A component of CSR that focuses on developing and maintaining a supply chain that meets the needs of the present without compromising the ability of future generations to meet their needs |
| Stakeholder | Someone who stand to gain or lose, depending on how a particular situation is resolved |
| Code of Ethics | A statement that highlights an organization's key ethical issues and identifies the overarching values and principles that are important to the organization and its decision making |
| Social Audit | An organization reviews how well it is meeting its ethical and social responsibility goal and communicates its new goals for the upcoming year |
| Problem Statement | A clear, concise description of the issues that needs to be addressed |
| Software & Information Industry Association (SIIA) | A trade group that represents the world's largest software and hardware manufacturers |
| BSA | The Software Alliance (BSA) | A trade group that represents the world's largest software and hardware manufacturers |
| Trade Secret | Information, generally unknown to the public, that a company has taken strong measures to keep confidentiality |
| Whistle-Blowing | An effort by an employee to attract attention to a negligent, illegal, unethical, abusive or dangerous act by a company that threatens the public interest |
| Fraud | A crime of obtaining goods, services, or property through deception or trickery |
| Conflict of Interest | A conflict between the IT worker's self-interest and the client's interests |
| Misrepresentation | The misstatement or incomplete statement of a material fact |
| Breach of Contract | Occurs when one party fails to meet the terms of a contract |
| Material Breach of Contract | Occurs when a party fails to perform certain express or implied obligations, which impairs or destroys the essence of the contract |
| Bribery | The act of providing money, property, or favors to someone in business or government in order to obtain a business advantage |
| Internal Control | The process established by an organization's board of directors, managers, & IT systems people to provide reasonable assurance for the effectiveness of operations, the reliability of financial reporting, and compliance with applicable laws and regulations |
| Policies | Guidelines and standards by which the organization must abide |
| Processes | A collection of tasks designed to accomplish a stated objective |
| Procedure | Defines the exact instructions for completing each task in a process |
| Separation of Duties | A fundamental concept of good internal controls is the careful _________ associated with any process that involves the handling of financial transactions so that different aspects of the process are handled by different people |
| Foreign Corrupt Practices Act | This makes it a crime to bribe foreign official, a foreign political party official, or a candidate for foreign political office |
| Resume Inflation | This involves lying on a resume by, for example, claiming competence in an IT skill that is in high demand |
| IT User | Refers to a person who uses a hardware or software product; the term distinguishes end users from the IT worker who develop, install, service and support the product |
| Professional Code of Ethics | States the principles and core values that are essential to the work of a particular occupational group |
| Certification | Indicates that a professional possesses a particular set of skills, knowledge, or abilities, in the opinion of the certifying organization |
| Government License | A government-issued permission to engage in an activity or to operate a business |
| Body of Knowledge | A ______ for any profession outlines agreed-upon sets of skills and abilities that all licensed professionals must possess |
| Software Engineer | One who applies engineering principles and practices to the design, development, implementation, testing, and maintenance of software |
| Negligence | Not doing something that a reasonable person would do or doing something that a reasonable person would not do |
| Duty of Care | Refers to the obligation to protect people against any unreasonable harm or risk |
| Reasonable Person Standard | The courts decide whether parties owe a duty of care by applying a _______ to evaluate how an objective, careful, and conscientious person would have acted in the same circumstances |
| Reasonable Professional Standard | Defendants who have particular expertise or competence are measured against this |
| Breach of the Duty of Care | The failure to act as a reasonable personable person would act |
| Professional Malpractice | Professionals who breach the duty of care are liable for injuries that their negligence causes |
| Acceptable Use Policy | A document that stipulates restrictions and practices that a user must agree to in order to use organizational computing and network resources |
| Information Security Group's | Responsibilities include managing the processes, tools, and policies necessary to prevent, detect, document, and counter threats to digital and nondigital information, whether it is in transit, being processed, or at rest in storage |
| Firewall | A hardware or software that serves as the first line of defense between an organization's network and the internet |
| Compliance | Mean to be in accordance with established policies, guidelines, speciation's, or legislation |
| Audit Committee | A board of directors provides assistance to the board in fulfilling its responsibilities with respect to the oversight of the following areas of activity |
| Zero-Day Exploit | A cyberattack that takes place before the security community and/or software developers become aware of and fix a security vulnerability |
| Bring Your Own Device (BYOD) | A business policy that permits, and in some cases encourages, employees to use their own mobile devices to access company computing resources and applications, including email, corporate databases, the corporate intranet, and the internet |
| Exploit | An attack on an information system that takes advantage of a particular system vulnerability |
| Ransomware | Malware that stops you from using your computer or accessing your data until you meet certain demands, such as paying a ransom or sending photos to the attacker |
| Virus | A piece of programming code, usually disguised as something else, that causes a computer to behave in an unexpected and usually undesirable manner |
| Worm | A harmful program that resides in the active memory of the computer and duplicates itself |
| Trojan Horse | A seemly harmless program which malicious code is hidden |
| Logic Bomb | A type of trojan horse that executes when it is triggered by a specific event |
| Blended Threat | A sophisticated threat that combines the features of a virus, worm, Trojan Horse, and other malicious code into a single payload |
| Spam | The use of email systems to send unsolicited email to large numbers of people |
| Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) | States that it is illegal to spam, provided the messages meet a few basic requirements- spammer cannot disguise their identity by using a false return address, the email must include a label specifying that it is an ad or a solicitation. opt-out avail |
| CAPTCHA | Software generates and grades tests that humans can pass and all but the most sophisticated computer programs cannot |
| Distribute Denial of Service (DDOS) attack | A malicious hacker takes over computers via the internet and causes them to flood a target site with demands for data and small other tasks |
| Botnet | Used to describe a large group of such computers, which are controlled from one or more remote locations by hackers, without the knowledge or consent of their owners |
| Zombies | Go into action, each sending a simple request for access to target site |
| Rootkit | A set of programs that enables its user to gain administrator-level access to a computer without the end user's consent or knowledge |
| Advances Persistent Threat (APT) | A network attack in which an intruder gains access to a network and stays there -undetected- with the intention of stealing data over a long period of time (weeks or even months) |
| Phishing | The act of fraudulently using email to try to get the recipient to reveal personal data |
| Spear Phishing | A variation of phishing in which the phisher send fraudulent emails to a certain organization's employees |
| Smishing | Another variation of phishing that involves the use of texting |
| Vishing | Similar to smishing but the victims receive a voice-mail message telling them to call a phone number or access a website |
| Cyberespionage | Involves the deployment of malware that secretly steal data int he computer systems of organizations, such as government agencies, military contractors, political organizations, and manufacturing firms |
| Cyberterrorism | The intimidation of government of civilian population by using information technology to disable critical national infrastructure to achieve political, religious, or ideological goals |
| Department of Homeland Security (DHS) | A large federal agency whose goal is to provide for a "safer, more secure America, which is resilient against terrorism and other potential threats" |
| U.S. Computer Emergency Readiness Team (US-CERT) | A partnership between the DHS and the public and private sectors |
| CIA Security Triad | Confidentiality, integrity, and availability |
| Risk Assessment | The process of assessing security-related risks to an organization's computer and networks from both internal and external threats |
| Reasonable Assurance | In connection with IT security recognizes that managers must use their judgement to ensure that the cost of control does not exceed the systems benefits or risks involved |
| Disaster Recovery Plan | A documented process for recovering an organization's business information systems assets in the event of a disaster |
| Mission-critical processes | Some business processes are more pivotal to continued operations and goal attainment that others |
| Security policy | Defines and organization's security requirements, as well as the controls and sanctions needed to meet those requirements |
| Security Audits | This is a prevention tool that evaluates whether an organization has a well-considered security policy in place and if it is followed |
| Next-Generation Firewall (NGFW) | A hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents |
| Excryption | The process of scrambling messages or data in such a way that only authorized parties can read |
| Encryption Key | A value that is applies (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemly random characters (ciphertext) that is unreadable by those without the encryption key needed to decipher it |
| Transport Layer Security | A communications protocol or system of rules that ensures privacy between communicating applications and their users on the internet |
| Intrusion detection system (IDS) | Software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measure of a networked computer environment |
| Antivirus Software | This scans a computer memory and disk drives regularly for viruses |
| Virus Signature | A specific sequence of bits |
| Managed security service provider | A company that monitors, manages, and maintains computer and network security for other organizations |
| Computer Forensics | A discipline that combines elements of law and computer sciences to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible |
Created by:
BrooklenBlack
Popular Computers sets