chapter 3

avatar
Created by
Candyce

Cards (74)

  • Digital security risk
    Any event or action that could cause a loss of or damage to a computer or mobile device hardware, software, data, information, or processing capability
  • Computer crime
    Any illegal act involving the use of a computer or related devices
  • Cybercrime
    An online or Internet-based illegal act
  • Information transmitted over networks has a higher degree of security risk than information kept on an organization's premises
  • Malware
    Programs that act without a user's knowledge and deliberately alter the operations of computers and mobile devices
  • Common types of malware
    • Adware
    • Ransomware
    • Rootkit
    • Spyware
    • Trojan horse
    • Virus
    • Worm
  • Botnet
    A group of compromised computers or mobile devices connected to a network
  • Zombie
    A compromised computer or device in a botnet
  • Denial of service attack (DoS attack)

    Disrupts computer access to an Internet service
  • Distributed DoS attack (DDoS attack)
    A type of DoS attack
  • Back door
    A program or set of instructions in a program that allow users to bypass security controls
  • Spoofing
    A technique intruders use to make their network or Internet transmission appear legitimate
  • Firewall
    Hardware and/or software that protects a network's resources from intrusion
  • Organizations take several measures to help prevent unauthorized access and use
  • Acceptable use policy
    A policy that defines how a computer, device, or network can be used
  • Access controls
    Define who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it
  • Audit trail
    A file that records both successful and unsuccessful access attempts, including user name and password
  • Passphrase
    A private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources
  • PIN (personal identification number)

    A numeric password, either assigned by a company or selected by a user
  • Possessed object
    An item that you must possess, or carry with you, in order to gain access to a computer or computer facility
  • Biometric device
    Authenticates a person's identity by translating a personal characteristic into a digital code that is compared with a digital code stored in a computer or mobile device verifying a physical or behavioral characteristic
  • Two-step verification

    Uses two separate methods, one after the next, to verify the identity of a user
  • Digital forensics
    The discovery, collection, and analysis of evidence found on computers and networks
  • Many areas use digital forensics
  • Software theft
    Occurs when someone steals software media, intentionally erases programs, illegally registers and/or activates a program, or illegally copies a program
  • Product activation
    A process where users provide the software product's identification number to associate the software with the computer or mobile device on which the software is installed
  • Types of threats to information systems
    • Software theft
    • Information theft
    • Hardware theft, vandalism, and failure
  • Software theft
    1. Steals software media
    2. Intentionally erases programs
    3. Illegally registers and/or activates a program
    4. Illegally copies a program
  • Product activation
    Process to ensure software is not installed on more computers than legally licensed
  • License agreement
    The right to use software
  • Typical conditions of a single-user license agreement
    • Install on only one computer or device
    • Make one backup copy
    • Give or sell to another individual if removed from user's computer
  • Things you cannot do under a single-user license agreement
    • Install on a network
    • Give copies to friends and colleagues
    • Export the software
    • Rent or lease the software
  • Encryption
    Process of converting data that is readable by humans into encoded characters to prevent unauthorized access
  • Digital signature
    Encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender
  • Digital certificate
    Notice that guarantees a user or a website is legitimate
  • Secure site

    Website that uses encryption techniques to secure its data
  • Safeguards against hardware theft and vandalism
    • Physical access controls
    • Alarm system
    • Physical security devices
    • Device-tracking app
  • Safeguards against hardware failure
    • Surge protector
    • Uninterruptible power supply (UPS)
    • Duplicate components or duplicate computers
    • Fault-tolerant computer
  • Backup
    Duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed
  • Categories of backups
    • Full
    • Differential
    • Incremental
    • Selective
    • Continuous data protection
    • Cloud