Shared Flashcard Set

Details

MIS 2000 Chapter 12 Vocab
Chapter 12 Vocab
70
Management
Undergraduate 4
11/21/2013

Additional Management Flashcards

 


 

Cards

Term
Adware
Definition
Programs installed on the user's computer without the user's knowledge or permission that reside in the background and, unknown to the user, observe the user's actions and keystrokes, modify computer activity, and report the user's activities to sponsoring organizations
Term
As-is-model
Definition
A model that represents the current situation and processes
Term
Asymmetric encryption
Definition
An encryption method whereby different keys are used to encode and to decode the message; one key encodes the message, and the other key decodes the message
Term
Authentication
Definition
The process whereby an information system verifies(validates) a user
Term
Biometric authentication
Definition
The use of personal physical characteristics, such as fingerprint, facial features, and retinal scans, to verify users
Term
Bot
Definition
A computer program that is surreptitiously installed and that takes actions unknown and uncontrolled by the computer's owner or adminstrator
Term
Bot herder
Definition
The individual or organization that controls a botnet
Term
Botnet
Definition
A network of bots that is created and managed by the individual or organization that infected the network with the bot program
Term
Business analyst
Definition
Someone who is well versed in the Porter models, organizational strategy, systems alignment theory, and who understands the proper role for technology
Term
Business process management (BPM)
Definition
A systematic process of modeling, creating, implementing, and assessing business processes
Term
COBIT (Control Objectives for Information and related Technology)
Definition
A set of standard practices created by the Information System Audit and Control Association that are used in the assessment of the BPM cycle to determine how well an information system complies with an organization's strategy
Term
Code injection
Definition
A technique used to gain unauthorized access to Web pages that involves entering program code instead of data into web page text boxes
Term
Cold site
Definition
Remote processing centers that provide office space, but no computer equipment, for use by a company that needs to continue operations after a disaster
Term
Computer criminals
Definition
People who invade computer networks to obtain critical date or to manipulate the system for financial gain
Term
Cost feasibility
Definition
Whether an information system can be developed within a budget
Term
Cross-site scripting (XSS)
Definition
A technique used to compromise database data in which Web page scripting is injected into the server
Term
Denial of service (DOS)
Definition
Security problem in which users are not able to access an information system
Term
Digital certificate
Definition
A document supplied by a certificate authority (CA) that contains, among other data, an entity's name and public key
Term
Digital signature
Definition
Encrypted message that uses hashing to ensure that plaintext messages are received without alteration
Term
Drive-by sniffers
Definition
People who take computers with wireless connections through an area and search for unprotected wireless networks in an attempt to gain free Internet access or to gather unauthorized data
Term
E-mail spoofing
Definition
A synonym for phising. A technique for obtaining unauthorized data that uses pretexting via e-mail
Term
Encryption
Definition
The process of transforming clear text into coded, unintelligible text for secure storage or communication
Term
Encryption algorithm
Definition
Algorithms used to transform clear text into coded, unintelligible text for secure storage or communication
Term
Gramm-Leach Bliley Act
Definition
Protects consumer financial data stored by financial institutions, which are defined as banks, securities firms, insurance companies, and organizations that provide financial advice, prepare tax returns, and provide similar financial services
Term
Hacking
Definition
Occurs when a person gains unauthorized access to a computer system
Term
Health Insurance Portability and Accountability Act (HIPAA)
Definition
Gave individuals the right to access health data created by doctors and other healthcare provides. Sets rules and limits on who can read and receive a person's health information
Term
Hot site
Definition
A remote processing center run by a commercial disaster-recovery service that provides equipment a company would need to continue operations after a disaster
Term
HTTPS
Definition
A secure version of HTTP
Term
Identification
Definition
The process whereby an information system identifies a user by requiring the user to sign on with a user name and password
Term
Information systems security
Definition
The process of protecting information system vulnerabilities from threats by creating appropriate safeguards
Term
IP Spoofing
Definition
A type of spoofing whereby an intruder uses another site's IP address as if it were that other site
Term
Key
Definition
A number used to encrypt the data
Term
Key escrow
Definition
A control procedure whereby a trusted party is given a copy of a key used to encrypt database data
Term
Maintence
Definition
In the context of information systems, (1)to fix the system to do what it was suppose to do in the first place or (2) to adapt the system to change in requirements
Term
Malware
Definition
Viruses, worms, Trojan horses, spyware, and adware
Term
Malware definitions
Definition
Patterns that exist in malware code
Term
Organizational feasibility
Definition
Whether an information system fits within an organization's customer, culture, or legal requirements
Term
Parallel installation
Definition
A type of system conversion in which the new system runs in parallel with the old one for a while
Term
Payload
Definition
The program codes of a virus that causes unwanted or hurtful actions, such as deleting programs or data, or even worse, modifying data in ways that are undetected by the user
Term
Personal identification number (PIN)
Definition
A form of authentication whereby the user supplies a number that only he or she knows
Term
Phased installation
Definition
A type of system conversion in which the new system is installed in pieces across the organization(s)
Term
Phiser
Definition
An individual or organization that spoofs legitimate companies in an attempt to illegally capture personal data
Term
Phising
Definition
A technique for obtaining unauthorized data that uses pretexting via e-mail
Term
Pilot installation
Definition
A type of system conversion in which the organization implements the entire system on a limited portion of the business
Term
Plunge installation
Definition
A type of system conversion in which the organization shuts off the old system and starts the new system
Term
Privacy Act of 1974
Definition
Legislation that provides protections to individuals regarding records maintained by the U.S. government
Term
Public key/private key
Definition
A special version of asymmetric encryption that is popular on the Internet. With this method, each site has a public key for encoding messages and a private key for decoding them
Term
Schedule feasibility
Definition
Whether an information system will be able to be developed on the timetable needed
Term
Secure Socket Layer
Definition
A protocol that uses both asymmetric and symmetric encryption
Term
Security program
Definition
A systematic plan by which an organization addresses security issues; consists of three components: senior management involvement, safeguards of various kinds, and incident response
Term
Security vulnerability
Definition
A potential challenge to the integrity of information systems from one of three sources: human error and mistakes, malicious human activity, and natural events and disasters
Term
Smart card
Definition
A plastic card similar to a credit card
Term
Sniffing
Definition
A technique used for intercepting computer communications
Term
Social engineering
Definition
A category of threats that involve manipulating a person or group to unknowingly release confidential information
Term
Spoofing
Definition
When someone pretends to be someone else with the intent of obtaining unauthorized data
Term
Spyware
Definition
Programs installed on the user's computer without the user's knowledge or permission that reside in the background and unknown to the use, observe the user's actions and keystrokes. modify computer activity, and report the user's activity to sponsoring organizations. Malicious spyware captures keystrokes to obtain users names, passwords, account numbers, and other sensitive information.
Term
SQL injection attack
Definition
A technique used to compromise database data in which SQL code is unknowingly processed by a Web page
Term
Symmetric encryption
Definition
An encryption method whereby the same key is used to encode and to decode the message
Term
System conversion
Definition
The process of converting business activity from the old system to the new
Term
Systems analysts
Definition
IS professionals who understand both business and technology
Term
Systems development
Definition
The process of creating and maintaining information systems
Term
Systems development life cycle (SDLC)
Definition
The classical process used to develop information systems. These basic tasks of systems development are combined into the following phases: system definition, requirements analysis, component design, implementation, and system maintenance (fix or enhance)
Term
Technical feasibility
Definition
Whether existing information technology will be able to meet the needs of a new information system
Term
Technical safeguards
Definition
Safeguard that involves the hardware and software components of an information system
Term
Test plan
Definition
Groups of sequences of actions that users will take when using the new system
Term
Threat
Definition
A challenge to information systems security
Term
Transport Layer Security (TLS)
Definition
A protocol, using both asymmetric and symmetric encryption, that works between Levels 4 (transport), and 5 (application) of the TCP-OSI protocol architecture
Term
Trojan horse
Definition
Virus that masquerades as a useful program or file
Term
Virus
Definition
A computer program that replicates itself
Term
Worm
Definition
A virus that propagates itself using the Internet or some other computer network
Supporting users have an ad free experience!