Shared Flashcard Set

Details

Chapter 16_Key Terms
General IT Controls Part 2: Security and Access
50
Accounting
Undergraduate 4
05/01/2017

Additional Accounting Flashcards

 


 

Cards

Term
Access Control List
Definition
Lists containing information that defines the access privileges for all valid users of the resource. An access control list assigned to each resource controls access to system resources such as directories, files, programs, and printers.
Term
Access Controls
Definition
Controls that ensure that only authorized personnel have access to the firm's assets.
Term
Access Token
Definition
These contain key information about the user, including user ID, password, user group, and privileges granted to the user.
Term
Advanced Encryption Standard (AES)
Definition
Also known as Rijndael, a private key (or symmetric key) encryption technique.
Term
Application-Level Firewalls
Definition
Provides high-level network security.
Term
Backup Controls
Definition
Ensure that in the event of data loss due to unauthorized access, equipment failure, or physical disaster, the organization can recover its files and databases.
Term
Biometric Devices
Definition
Devices that measure various personal characteristics, such as finger, voice, or retina prints, or other signature characteristics.
Term
Call-Back Device
Definition
Hardware component that asks the caller to enter a password and then breaks the connection to perform a security check.
Term
Certification Authority (CA)
Definition
Trusted third parties that issue digital certificates.
Term
Checkpoint Feature
Definition
Feature that suspends all data processing while the system reconciles the transaction log and the database change log against the database.
Term
Compliers
Definition
Language translation modules of the operation system.
Term
Data Encryption
Definition
Use of an algorithm to scramble selected data, making it unreadable to an intruder browsing the database.
Term
Database Authorization Table
Definition
Table containing rules that limit the actions a user can take.
Term
Deep Packet Inspection (DPI)
Definition
Program used to determine when a DOS attack is in progress through a variety of analytical and statistical techniques that evaluate the contents of message packets.
Term
Digest
Definition
Mathematical value calculated from the text content of the message.
Term
Digital Certificate
Definition
Sender's public key that has been digitally signed by trusted third parties.
Term
Digital Envelope
Definition
Encryption method in which both DES and RSA are used together.
Term
Digital Signature
Definition
Electronic authentication technique that ensures the transmitted message originated with the authorized sender and that it was not tampered with after the signature was applied.
Term
Discretionary Access Privileges
Definition
Grants access privileges to other users. For example, the controller, who is the owner of the general ledger, may grant read-only privileges to a manager in the budgeting department.
Term
Echo Check
Definition
Technique that involves the receiver of the message returning the message to the sender.
Term
EDE3
Definition
Encryption that uses one key to encrypt the message.
Term
EEE3
Definition
Encryption that uses three different keys to encrypt the message three times.
Term
Encryption
Definition
Use of a computer program to transform a standard message being transmitted into a coded (cipher text) form.
Term
Event Monitoring
Definition
Summarizes key activities related to system resources.
Term
Firewall
Definition
Software and hardware that provide a focal point for security by channeling all network connections through a control gateway.
Term
Interpreters
Definition
Language translation modules of the operation system that convert one line of logic at a time.
Term
Intrusion Prevention Systems (IPS)
Definition
Use of deep packet inspection (DPI) to determine when an attack is in progress.
Term
Keystroke Monitoring
Definition
Recording both the user's keystrokes and the system's responses.
Term
Line Error
Definition
Errors caused when the bit structure of the message is corrupted through noise on the communications lines.
Term
Log-On Procedure
Definition
Operating system's first line of defense against unauthorized access.
Term
Message Sequence Numbering
Definition
Sequence number inserted in each message to foil any attempt by an intruder in the communications channel to delete a message from a stream of messages, change the order of messages received, or duplicate a message.
Term
Message Transaction Log
Definition
Log in which all incoming and outgoing messages, as well as attempted (failed) access, should be recorded.
Term
Network-Level Firewalls
Definition
System that provides basic screening of low-security messages (for example, e-mail) and routes them to their destinations based on the source and destination addresses attached.
Term
One-Time Password
Definition
Network passwords that constantly change.
Term
Operating System
Definition
A computer's control program.
Term
Operating System Security
Definition
Controls the system in an ever-expanding user community sharing more and more computer resources.
Term
Parity Check
Definition
Technique that incorporates an extra bit into the structure of a bit string when it is created or transmitted.
Term
Password
Definition
Code, usually kept secret, entered by the user to gain access to data files.
Term
Private Key
Definition
One method of encryption.
Term
Public Key Encryption
Definition
Technique that uses two encryption keys: one for encoding the message, the other for decoding it.
Term
Recovery Module
Definition
Uses the logs and backup files to restart the system after a failure.
Term
Request-Response Technique
Definition
Technique in which a control message from the sender and a response from the sender are sent at periodic synchronized intervals.
Term
Reusable Password
Definition
Network password that can be used more than one time.
Term
RSA (Rivest-Shamir-Adleman)
Definition
One of the most trusted public key encryption methods. This method, however, is computationally intensive and much slower than private key encryption.
Term
Screening Router
Definition
Firewall that examines the source and destination addresses attached to incoming message packets.
Term
System Audit Trails
Definition
Logs that record activity at the system, application, and user level.
Term
Transaction Log
Definition
Listing of transactions that provides an audit trail of all processed events.
Term
Triple-DES encryption
Definition
Enhancement to an older encryption technique for transmitting transactions.
Term
User View (Subschema)
Definition
Set of data that a particular user needs to achieve his or her assigned tasks.
Term
User-Defined Procedure
Definition
Procedure that allows the user to create a personal security program. It provides more positive user identification than a password.
Supporting users have an ad free experience!