Busy. Please wait.

show password
Forgot Password?

Don't have an account?  Sign up 

Username is available taken
show password


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.

Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove ads
Don't know
remaining cards
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
restart all cards

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

aplus chapter 19


security standard iso
security standard nist
security standard hippa
security goal protect resources
security goal not interfere with the functions of the system
pdsa plan do study act cycle
pdsa plan do study act
authentication proves you are who you say you are
authentication techniques user name password pin smart card biometric data
authorization determines what an individual can do in the system
plan what standards or rules do we have to follow
do implement the standards and rules
study methods to monitor the system or plan
act maintain and improve as needed
authorization is done in two ways assigning rights to users assigning permissions to folders and files
administrator account complete access to the system and can make changes that affect the security of the system and other users
adware software installed on a computer that produces pop up ads using your browser
antivirus software utility programs that prevent infection or scan a system to detect and remove viruses
backdoor a hidden way to allow malware to reach the system in secret even after the malware has been removed
backup operator can back up and restore any files on the system regardless of its access permissions to these files
bitlocker encryption used to lock down a hard drive by encrypting the entire vista volume and any other volume on the drive
boot sector virus an infectious program that can replace the boot program with a modified, infected bersion, often causing boot and data retrieval problems
browser hijacker a malicious program that infects your web browser and can change your home page or browser settings
chap a protocol used to encrypt account names and paswords that are sent to a network controller for validation
data classifications categories of data used to determione who owns the data and who needs what type of access to it
digital certificate a code used to authenticate the source of a file or document or to identify and authenticate a person or organization sending data over a network
drive lock password stored on a hard drive,must enter the password at startup before you can access data on the drive
advantage of using smart card that display a number no special equipment needed
encryption the process of putting readable data into an encoded form that can only be decoded or decrypted though use of a key
file virus inserts virus code into an executable program file and can spread whenever that program is executed
grayware a program that av software recognizes to be potentially harmful or potentially unwanted
guest account normally not activated and has very limited rights
incident report report unusual or atypical events
infestation any unwanted program that is transmitted to a computer without the users knowledge and that is designed to do varying degrees of damage to data and software
kerberos a protocol used to encrypt account names and passwords that are sne to a network controller for validation
key fob a device that fits on a key chain
key logger a type of spyware that tracks your keystrokes
limited account has read write access only on its own folders,read only access to most system folders,and no access to others users data
logic bomb malicious software that is dormant code added to software and triggered at a predetermined time
macro a small sequence of commands contained within a document that can be authomatically executed when the document is loaded,or executed later
macro viruses virus that hides in the macros of a document file
malicious software malware
malware malicious software
multiparite virus combination of a boot sector virus and a file virus
network drive map mounting a drive to the computer that is actually har drive space on another host computer on the network
pass phrase a type of password that can contain a phrase where spaces are allowed
password reset disk a device that holds a copy of the windows password
permissions refer to the user accounts or user groups allowed to access data
phishing a type of identity theft where a person is baited into giving personal data to a web site
pki public key infrastructures
pki standards used to encrypt,transport, and valiate digitial certificates over the internet
power user account can read from and write to parts of the system other than his own local drive
public key encryption encryption technology that uses a public and private key
rootkit malicious software that loads itself before the os boot is complete and can hijack internal windows components so that it masks info windows provides
scam email email intended to lure you into a scheme
script virus virus hides in a script which might execute when you click a link on a web page or in an html email message
smart card small device containing authentication information
smart card reader a device that can read a smart card used to authenticate a person onto a network
social engineering practice of tricking people into giving out private info or allowing unsafe programs into the network or on the computer
spam junk mail you dont want
spyware malicious software that installs itself on your computer to spy on you
standard account can use software and hardware and make some system changes,but cannot make changes that affect the security of thee system or other users
strong password password that is not easy to guess
tpm trusted platform module chip
trojan horse a type of infestation that hides or disguises itself as a useful program ,designed to cause damage when executed
virus a program with an incubation period ,is infectious,and is intended to caude damage
virus hoax email that does damage by tempting you to forward it to everyone in your email address book with the intent of clogging p email systems
worm an infestation designed to repeatedly copy itself into memory,on drive space or on a network until no memory or bandwith exists
zero fill utility fills every sector on the hard drive with zeros
tpm a chip on a motherboard that holds an encryption key required at startup to access encrypted data on the hard drive
advantage of a drive lock password protects the hard drive data even when removed
power on passwords assigned in bios setup and kept in cmos ram
fault tolerance limit how off you can be
strong password criteria eight or more passphrase upper and lower case one symbol
rights privilieges, tasks an account is allowed to do in the system
permissions user accounts or groups allowed to access data
data classifications guidelines follow security policies
data classifications guidelines data folder must have an owner
data classifications guidelines base on organization security needs
data classifications guidelines protect backup data as well
rights assigned to an account
permissions assigned to data
phishing sending an email message with the intent of getting the user to reveal private information
types of permissions read only write modify archive
data classification permissions assigned to folders and files
data classification as applied to security put data into categories
owner of a folder decides who gets to see it and what type of access they have
encryption puts data into code that must be translated before it can be accessed
windows explorer,encrypted files and folders names are displayed in green
network attached storage device a computer that does nothing but provide hard drive storage on a network for other computers
host computer share the folder or entire volume to which you want others to have access
vpn best practice to secure data when traveling or work from home
Created by: cgeaski