Shared Flashcard Set

Details

IT296 - Chapter 01
IT296 - Chapter 01 (Security+)
38
Computer Science
Undergraduate 2
04/23/2016

Additional Computer Science Flashcards

 


 

Cards

Term
acceptance
Definition
Acknowledging a risk but taking no action to address it.
Term
accounting
Definition
The ability that provides tracking of events.
Term
Advanced Persistent Threat (APT)
Definition
Multiyear intrusion campaign that targets highly sensitive economic, proprietary, or national security information.
Term
asset
Definition
An item that has value.
Term
authentication
Definition
The steps that ensure that the individual is who he or she claims to be.
Term
authorization
Definition
The act of providing permission or approval to technology resources.
Term
availability
Definition
Security actions that ensure that data is accessible to authorized users
Term
broker
Definition
Attacker who sells knowledge of a vulnerability to other attackers or governments.
Term
BYOD (bring your own device)
Definition
The practice of allowing users to use their own personal devices to connect to an organizational network.
Term
California's Database Security Breach Notification Act
Definition
The first state electronic privacy law, which covers any state agency, person, or company that does business in California.
Term
confidentiality
Definition
Security actions that ensure that only authorized parties can view the information.
Term
Cyber Kill Chain®
Definition
A systematic outline of the steps of a cyberattack, introduced at Lockheed Martin in 2011.
Term
cybercrime
Definition
Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information.
Term
cybercriminals
Definition
A network of attackers, identity thieves, spammers, and financial fraudsters
Term
cyberterrorism
Definition
A premeditated, politically motivated attack against information, computer
systems, computer programs, and data, which often results in violence.
Term
cyberterrorist
Definition
Attacker whose motivation may be defined as ideological, or attacking for
the sake of principles or beliefs.
Term
deterrence
Definition
e Understanding the attacker and then informing him of the consequences of the action.
Term
exploit kit
Definition
Automated attack package that can be used without an advanced knowledge of
computers.
Term
Gramm-Leach-Bliley Act (GLBA)
Definition
A U.S. law that requires banks and financial institutions
to alert customers of their policies and practices in disclosing customer information.
Term
hactivist
Definition
Attacker who attacks for ideological reasons that are generally not as welldefined
as a cyberterrorist’s motivation.
Term
Health Insurance Portability and Accountability Act (HIPAA)
Definition
A U.S. law designed to guard
protected health information and implement policies and procedures to safeguard it.
Term
identity theft
Definition
Stealing another person’s personal information, such as a Social Security
number, and then using the information to impersonate the victim, generally for financial
gain.
Term
information security
Definition
The tasks of protecting the integrity, confidentiality, and availability
of information on the devices that store, manipulate, and transmit the information through
products, people, and procedures
Term
insiders
Definition
Employees, contractors, and business partners who can be responsible for an
attack.
Term
integrity
Definition
Security actions that ensure that the information is correct and no unauthorized
person or malicious software has altered the data.
Term
mitigation
Definition
Addressing a risk by making it less serious.
Term
Payment Card Industry Data Security Standard (PCI DSS)
Definition
A set of security standards that
all U.S. companies processing, storing, or transmitting credit card information must follow
Term
risk
Definition
A situation that involves exposure to danger.
Term
risk avoidance
Definition
Identifying the risk but making the decision to not engage in the activity.
Term
Sarbanes-Oxley Act (Sarbox)
Definition
A U.S. law designed to fight corporate corruption.
Term
script kiddie
Definition
Individual who lacks advanced knowledge of computers and networks and so
uses downloaded automated attack software to attack information systems.
Term
state-sponsored attacker
Definition
Attacker commissioned by governments to attack enemies’
information systems.
Term
threat
Definition
A type of action that has the potential to cause harm.
Term
threat agent
Definition
A person or element that has the power to carry out a threat.
Term
threat likelihood
Definition
The probability that a threat will actually occur.
Term
threat vector
Definition
The means by which an attack could occur.
Term
transference
Definition
Transferring the risk to a third party.
Term
vulnerability
Definition
A flaw or weakness that allows a threat agent to bypass security.
Supporting users have an ad free experience!