Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Data and Privacy
| Question | Answer |
|---|---|
| Information security | a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization |
| What is the first line of security? | People |
| What is the second line of security | Technology |
| What are the three primary information security areas | 1. Authentication and authorization 2. Prevention and resistance 3. Detection and response |
| Authentication | a method for confirming users’ identities |
| Authorization | the process of giving someone permission to do or have something |
| The most secure type of authentication involves a combination of the following: | 1. Something the user knows such as a user ID and password 2. Something the user has such as a smart card or token 3. Something that is part of the user such as a fingerprint or voice signature |
| What is the most common way to identify individual users? | User ID and passwords |
| What are the most ineffective form of authentication? | User ID and passwords |
| Identity theft | the forging of someone’s identity for the purpose of fraud |
| Phishing | a technique to gain personal information for the purpose of identity theft |
| Identity Thefts are expected to increase anywhere from ___% to ____% over the next two years. | 900% to 2250% |
| Smart Card | a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing |
| Token | small electronic devices that change user passwords automatically |
| What are more effective than a user ID and a password? | Smart cards and tokens |
| What is by far the best and most effective way to manage authentication? | Something That Is Part of the User such as a Fingerprint or Voice Signature |
| Encryption and decryption | Tend to slow down computer slightly when opening and saving files |
| Spam | a form of unsolicited e-mail |
| Content filtering | occurs when organizations use software that filters content to prevent the transmission of unauthorized information |
| Spyware | software that comes hidden in free download-able software and tracks online movements, mines the information stored no a computer, or use a computer's CPU and storage for some task the user knows nothing about. |
| Back Up Principles 1 | 1. Keep copy of backup files “off site” 2. Test back ups before deleting prior version 3. Protect hardware from natural disasters. |
| Back Up Principles 2 | 4. Maintain redundant or backup systems for critical functions. 5. Make plans for ongoing processing in the event of hardware/software/data disaster. (Consider 9/11) |
| What is tape? | a sequential media – not suitable for real time processing |
| What is tape mainly used for? | backup and archive |
| What are advantages of magnetic tape? | Relatively inexpensive & compact |
| What is a disadvantage of biometrics? | Costly and intrusive |
| What can cost an organization anywhere from $100 to $1 million per hour? | Downtime |
| Biometrics | the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting |
| Technologies available to help prevent and build resistance to attacks include: | 1. Content filtering 2. Encryption 3. Firewalls |
| Encryption | Uses high-level mathematical functions and computer algorithms to encode data |
| Files | Can be encrypted “on the fly” as they are being saved, and decrypted as they are opened |
| Organizations can use what to filter e-mail and prevent e-mails containing sensitive information from transmitting and stop spam and viruses from spreading? | content filtering technologies |
| One of the most common defenses for preventing a security breach | firewall |
| If prevention and resistance strategies fail and there is a security breach, an organization can use what to mitigate the damage? | detection and response technologies |
| What is the most common type of detection and response technology? | Antivirus software |
| Hacker | people very knowledgeable about computers who use their knowledge to invade other people’s computers |
| hactivist | person with philosophical political reasons for breaking into systems who will often deface website as a protest. |
| white-hat hacker | works at request of the system owner to find system vulnerabilities and plug the holes. |
| Worm | a type of virus that spreads itself, not only from file to file, but also from computer to computer. |
| black-hat hacker | breaks into other people's computer systems and may just look around or steal and destroy information. |
| cracker | a hacker with criminal intent |
| cyberterrorist | seeks to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction. |
| script kiddies or script bunnies | find hacking code on the internet and click-and-point their way into systems to cause damage or spread viruses. |
| white-hat hacker | works at the request of the system owners to find system vulnerabilities and plug the holes. |
| Backdoor program | viruses that open a way into the network for future attacks. |
| denial-of-service attacks | floods a website with so many requests for service that it slows down or crashes the site. |
| distributed denial-of-service attack | attacks from multiple computers that flood a website with so many requests for service that it slows down or crashes. |
| polymorphic virus and worm | change their form as they propagate |
| Trojan horse virus | hides inside other software, usually as an attachment or a downloadable file. |
| Trojan horse virus | hides inside other software, usually as an attachment or a downloadable file. |
| elevation of privilege | process by which a user misleads a system into granting unauthorized rights, usually for the purpose of compromising or destroying the system. |
| Hoaxes | attack computer systems by transmitting a virus hoax, with a real virus attached. |
| malicious code | includes a variety of threats such as viruses, worms, and Trojan horses. |
| packet tampering | altering the contents of packets as they travel over the internet or altering data on computer disks after penetrating a network |
| sniffer | a program or device that can monitor data traveling over a network. |
| spyware | software that comes hidden in free downloadable software and tracks online movements, mines and information stored on a computer, or uses a computer's CPU and storage for some task the user knows nothing about. |
| spoofing | the forging of the return address on an email so that the email message appears to come from someone other than the actual sender. |
| Back up Media – Hard Drives | 1. High capacity 2. Relatively fast back up 3. Internal vs. external 4. Internal is less expensive 5. External is portable 6. Relatively inexpensive |
| Record once | CD-R |
| Records many times | CD-RW |
| Flash Drive | 1. Very portable 2. Damaged by electric pulses 3. High cost/GB |
| Software Patches | 1. Set it to update automatically 2. Can seriously reduce viral vulnerability 3. Blaster example |
| Which of the following authentication methods is 100 percent accurate? | None of the above |
| Where do organizations typically place firewalls? | Between the server and the Internet |
| Which of the following does a firewall perform? | 1. Examines each message that wants entrance to the network 2. Blocks messages without the correct markings from entering the network 3. Detects computers communicating with the Internet without approval |
| What includes a variety of threats such as viruses, worms, and Trojan horses? | Malicious code |
| How often should you back up your computer? | It depends |
| In the movie Minority Report Tom Cruise’s character, John Anderton, gets an eye transplant, but keeps his original eyes in order to access his former workplace. This is an example of what technology? | Biometrics |
| In the movie Sneakers, Dr. Werner Brandes works in the office that Marty and the team need to break into. Marty and the team learned all about Werner by examining his trash. This “dumpster diving” is one form of | Social engineering |
| Again, from the movie Sneakers, Marty and the team enlist their friend Liz to get Werner’s ID card for the break-in. She also needs to record his voice saying a phrase: “My voice is my passport—verify me.” This company uses what type of authentication? | Something the user knows such as a user ID and password Something the user has such as a smart card or token Something that is part of the user such as a fingerprint or voice signature |
| Social Engineering | Using one's social skills to trick people into revealing access credentials or other information valuable to the attacker. |
| Intrusion detection software | searches out patterns in information and network traffic to indicate attacks and quickly responds to prevent any harm. |
| insider | legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business affecting incident. |
| Scope | The breadth of your backup |
| Frequency | how often you perform your backups. 1.how frequently you produce important information. 2.the cost of losing that information. 3. the cost of backups, including time, effort, and money. |
Created by:
rach3711