Shared Flashcard Set

Details

K321
Chap 7
62
Business
Undergraduate 4
11/10/2013

Additional Business Flashcards

 


 

Cards

Term
Acceptable use policy (AUP)
Definition
Defines acceptable uses of the firm's information resources and computing equipment, including desktop and laptop computers, wireless devices, telephones, and the Internet, and specifies consequences for noncompliance.
Term
Antivirus software
Definition
Software designed to detect, and often eliminate, computer viruses from an information system.
Term
Application controls
Definition
Specific controls unique to each computerized application that ensure that only authorized data are completely and accurately processed by that application.
Term
Authentication
Definition
The ability of each party in a transaction to ascertain the identity of the other party.
Term
Biometric authentication
Definition
Technology for authenticating system users that compares a person's unique characteristics such as fingerprints, face, or retinal image, against a stored set profile of these characteristics.
Term
Botnet
Definition
A group of computers that have been infected with bot malware without users' knowledge, enabling a hacker to use the amassed resources of the computers to launch distributed denial-of-service attacks, phishing campaigns or spam.
Term
Bugs
Definition
Software program code defects.
Term
Business continuity planning
Definition
Planning that focuses on how the company can restore business operations after a disaster strikes.
Term
Click fraud
Definition
When an individual or computer program fraudulently clicks on an online ad without any intention of learning more about the advertiser or making a purchase.
Term
Computer crime
Definition
The commission of illegal acts through the use of a computer or against a computer system.
Term
Computer forensics
Definition
The scientific collection, examination, authentication, preservation, and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in a court of law.
Term
Computer virus
Definition
Rogue software program that attaches itself to other software programs or data files in order to be executed, often causing hardware and software malfunctions.
Term
Controls
Definition
All of the methods, policies, and procedures that ensure protection of the organization's assets, accuracy and reliability of its records, and operational adherence to management standards.
Term
Cybervandalism
Definition
Intentional disruption, defacement, or even destruction of a Web site or corporate information system.
Term
Cyberwarfare
Definition
State-sponsored activity designed to cripple and defeat another state or nation by damaging or disrupting its computers or networks.
Term
Deep packet inspection (DPI)
Definition
Technology for managing network traffic by examining data packets, sorting out low-priority data from higher priority business-critical data, and sending packets in order of priority.
Term
Denial-of-service attack(DoS)
Definition
Flooding a network server or Web server with false communications or requests for services in order to crash the network.
Term
Digital certificates
Definition
Attachments to an electronic message to verify the identity of the sender and to provide the receiver with the means to encode a reply.
Term
Disaster recovery planning
Definition
Planning for the restoration of computing and communications services after they have been disrupted.
Term
Distributed denial-of-service (DDoS) attack
Definition
Uses numerous computers to inundate and overwhelm a network from numerous launch points.
Term
Downtime
Definition
Period of time in which an information system in not operational.
Term
Encryption
Definition
The coding and scrambling of messages to prevent their being read or accessed without authorization.
Term
Evil twin
Definition
Wireless networks that pretend to be legitimate Wi-Fi networks to entice participants to log on and reveal passwords or credit card numbers.
Term
Fault-tolerant computer systems
Definition
Systems that contain extra hardware, software, and power supply components that can back a system up and keep it running to prevent system failure.
Term
Firewall
Definition
Hardware and software placed between an organization's internal network and an external network to prevent outsiders from invading private networks.
Term
General Controls
Definition
Overall control environment governing the design, security, and use of computer programs and the security of data files in general throughout the organization's information technology infrastructure.
Term
Gramm-Leach-Bliley Act
Definition
Requires financial institutions to ensure the security and confidentiality of customer data.
Term
Hacker
Definition
A person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure.
Term
High-availability computing
Definition
Tools and technologies, including backup hardware resources, to enable a system to recover quickly from a crash.
Term
HIPAA
Definition
Law outlining medical security and privacy rules nd procedures for simplifying the administration of healthcare billing and automating the transfer of healthcare data between healthcare providers, payers, and plans.
Term
Identity management
Definition
Business Processes and software tools for identifying the valid users of a system and controlling their access to system resources.
Term
Identity theft
Definition
Theft of key pieces of personal information, such as credit card or Social Security numbers, in order to obtain merchandise and services in the name of the victim or to obtain false credentials.
Term
Intrusion detection system
Definition
Tools to monitor the most vulnerable points in a network to detect and deter unauthorized intruders.
Term
Keyloggers
Definition
Spyware that records every keystroke made on a computer.
Term
Malware
Definition
Malicious software programs such as computer viruses, worms and Trojan horses.
Term
Managed security service providers (MSSPs)
Definition
Companies that provide security management services for subscribing clients.
Term
MIS audit
Definition
The study of information systems focusing on their use in business and management
Term
Online transaction processing
Definition
Transaction processing mode in which transactions entered on-line are immediately processed by the computer.
Term
Password
Definition
authentication known only to authorized user
Term
Patches
Definition
Small pieces of software that repair flaws in programs without disturbing the proper operation of the system.
Term
Pharming
Definition
Phishing technique that redirects users to a bogus Web page, even when the individual types the correct Web page address into his or her browser.
Term
Phishing
Definition
A form of spoofing involving setting up fake Web sites or sending e-mail messages that look like those of legitimate businesses to ask users for confidential personal data.
Term
Public key encryption
Definition
Uses two keys one shared (or public) and one private.
Term
Public key infrastructure (PKI)
Definition
System for creating public and private keys using a certificate authority (CA) and digital certificates for authentication.
Term
Recovery-oriented computing
Definition
Computer systems designed to recover rapidly when mishaps occur.
Term
Risk assessment
Definition
Determining the potential frequency of the occurrence of a problem and the potential damage if the problem were to occur. Used to determine the cost/benefit of a control.
Term
Sarbanes-Oxley Act
Definition
Law passed in 2002 that imposes responsibility on companies and their management to protect investors by safeguarding the accuracy and integrity of financial information that is used internally and released externally.
Term
Secure Hypertext Transfer Protocol (S-HTTP)
Definition
Protocol used for encrypting data flowing over the Internet; limited to individual messages.
Term
Secure Sockets Layer (SSL)
Definition
Enables client and server computers to manage encryption and decryption activities as they communicate with each other during a secure Web session.
Term
Security
Definition
Policies, procedures and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems.
Term
Security Policy
Definition
statements ranking inforamtion risks, identifying acceptable security goals, and identifying the mechanisms for achieving these goals.
Term
Smart card
Definition
A credit-card-sized plastic card that stores digital information and that can be used for electronic payments in place of cash.
Term
Sniffer
Definition
A type of eavesdropping program that monitors information traveling over a network.
Term
Social engineering
Definition
Tricking people into revealing their passwords by pretending to be legitimate users or members of a company in need of information.
Term
Spoofing
Definition
Misrepresenting one's identity on the Internet or redirecting a Web link to an address different from the intended one, with the site masquerading as the intended sit.
Term
Spyware
Definition
Technology that aids in gathering information about a person or organization without their knowledge.
Term
SQL injection attack
Definition
Attacks against a Web site that take advantage of vulnerabilities in poorly coded SQL (a standard and common database software application)applications in order to introduce malicious program code into a company's systems and network.
Term
Token
Definition
physical device, similar to an identification card, that is designed to prove the identity of a single user.
Term
Trojan horse
Definition
A software program that appears legitimate but contains a second hidden function that may cause damage.
Term
Unified threat management (UTM)
Definition
Comprehensive security management tool that combines multiple security tools, including firewalls, virtual private networks, intrusion detection systems, and Web content filtering and anti-spam software,
Term
War driving
Definition
An eavesdropping technique in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic.
Term
Worms
Definition
Independent software programs that propagate themselves to disrupt the operation of computer networks or destroy data and other programs.
Supporting users have an ad free experience!