search

A is an opportunity for threats to gain access to individual or organizational assets

1 anos atrás
Comentários: 0
Visualizações: 195

BIA253 Chapter 10

A person or organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge

An opportunity for threats to gain access to individual or organizational assets

Some measure that individuals or organizations take to block the threat from obtaining the asset

The asset that is desired by the threat

Accidental problems caused by both employees and non employees

Employees and former employees who seek to intentionally destroy data or other system components. Includes hackers who break into a system as well as virus and worm writers who infect computer systems.

Natural Events and Disasters

Fires, floods, hurricanes, earthquakes, and other acts of nature.

Unauthorized Data Disclosure

When a threat obtains data that is supposed to be protected

When someone deceives by pretending to be someone else.

Pretexting via email. The fisher pretends to be a legitimate company and sends an email requesting confidential data.

A term for someone pretending to be someone else. IP spoofing occurs when an intruder uses another sites IP address to masquerade as that site. Email spoofing is a synonym for phishing.

A technique for intercepting computer communication. With wired networks, this requires a physical connection to the network

A way to take computers with wireless connections through an area and search for unprotected wireless networks

Breaking into computers, servers, or networks to steal data

Problems that result because of incorrect system operation

Occurs when computer criminals invade a computer system and replace legitimate programs with their own, unauthorized ones that shut down legitimate applications and substitute their own processing to spy, steal, and manipulate data

Advanced Persistent Threat

sophisticated, possibly long-running computer hack perpetrated by large, well-funded organizations such as governments.

Intrusion Detection System

A computer program that senses when another computer is attempting to scan or access a computer or network

When a password cracker tries every possible combination of characters

Small files that your browser receives when you visit Web sites. Cookies enable you to access Websites without having to sign in every time, and they speed up the processing of some sites. Some cookies also contain sensitive security data.

Identification and Authentication

Every information system should require users to sign on with a username and password. The username identifies the user, and the password authenticates that user.

A plastic card similar to a credit card that has a microchip.

Uses personal physical characteristics such as fingerprints, facial features, and retinal scans to authenticate users.

The process of transforming clear text into coded, unintelligible text for secure storage or communication

Procedures for encrypting data. Commonly used methods include DES, 3DES, and AES

A string of bits used to encrypt the data. Called a key because it unlocks a message. It is a string of bits, expressed as letters or numbers, used with an encryption algorithm

The same key is used to encode and decode information

Two keys are used, one to encode the message and a different key to decode the message. Symmetric encryption is more simple and fast than asymmetric encryption.

A special version of asymmetric encryption that is used on the Internet. Each site has a public key for encoding messages and a private key for decoding them.

Most secure communications over the internet use a protocol called https. Data are encrypted using a protocol called the Secure Sockets Layer (also known as Transport Layer Security). SSL/TLS uses a combination of public key encryption and symmetric encry

A computing device that prevents unauthorized network access. A firewall can be a special-purpose computer or a program on a general-purpose computer or router. Essentially a filter of internet traffic.

Sits outside the organizational network and is the first device that Internet traffic encounters.

Firewall inside the organizational network

Packet-Filtering Firewall

Examines each part of a message and determines whether to let that part pass.

A category of software that includes viruses, spyware, and adware

A computer program that replicates itself. Unchecked replication is like computer cancer; ultimately, the virus consumes the computer's resources

Can delete programs or data or modify data in undetected ways

Viruses that masquerade as useful programs or files

A virus that self-propagates using the Internet or other computer network. Worms spread faster than other types of viruses because they can replicate by themselves.

Programs that are installed on the user's computer without the user's knowledge or permission. Spyware resides in the background and is unknown to the user, observing the user's actions and keystrokes, etc.

Captures keystrokes to obtain usernames, passwords, account numbers, and other sensitive information

Similar to spyware in that is installed without user's permission and resides in background and observe behavior. Most adware is benign and does not perform malicious acts or steal data. It produces pop-up ads.

Malicious software that blocks access to a system or data until money is paid to the attacker.

Patterns that exist in malware code and can be downloaded as a safeguard.

Occurs when users enter a SQL statement into a form in which they are supposed to enter a name or other data. If the program is improperly designed, it will accept this code and make it part of the database command that it issues.

Protect databases and other organizational data.

Refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.

Protecting sensitive data by storing it in encrypted form. Such encryption uses one or more keys, and when they keys are stored and kept by a trusted party this is referred to key escrow.

Involve the people and produce components of information systems. Human safeguards result when authorized users follow appropriate procedures for system use and recovery.

Hardening a site means to take extraordinary measures to reduce a system's vulnerability. Hardened sites use special versions of the operating system and lock down or eliminate operating systems features and functions that are not required by the applicat

False targets for computer criminals to attack.

Tecnologia Oppo

Postagens relacionadas

In which of the following scenarios would enforcement of specific performance be appropriate
In which of the following scenarios would enforcement of specific performance be appropriate

Tells what elements make up a compound and the ratios of the atoms of those elements
Tells what elements make up a compound and the ratios of the atoms of those elements

You will need to customize settings in google scholar to connect to isu library resources.
You will need to customize settings in google scholar to connect to isu library resources.

Como comparar planilhas no excel
Como comparar planilhas no excel

What technology can prevent a hacker from using your computer when you don t have it with you
What technology can prevent a hacker from using your computer when you don t have it with you

Como comparar meses no excel
Como comparar meses no excel

Which parameter does the nurse monitor in a patient who is administered butorphanol during labor
Which parameter does the nurse monitor in a patient who is administered butorphanol during labor

Digestão e absorção de carboidratos, lipídios e proteínas
Digestão e absorção de carboidratos, lipídios e proteínas

Which of the following scenarios describes an advantage of a global economy?
Which of the following scenarios describes an advantage of a global economy?

Exercícios média, moda e mediana 7 ano com gabarito
Exercícios média, moda e mediana 7 ano com gabarito

Publicidade

ÚLTIMAS NOTÍCIAS

The method of programmed conflict that assigns a person to the role of critic is known as ______.
1 anos atrás . por JuvenileConfidant
Average temperature of ocean water
1 anos atrás . por SunnyPublisher
What is the term used in referring to the degree of being able to achieve the desired result based on their objective or purpose?
1 anos atrás . por DisruptiveComplexity
How does the substitution effect work on the demand for goods?
1 anos atrás . por IncompleteBowling
What impact did silver have on Spain?
1 anos atrás . por InsolentLine-up
Is executing simple harmonic motion with frequency n the frequency of its potential energy?
1 anos atrás . por ReformedEvacuation
Difference between ARMY membership and ARMY membership: Merch Pack
1 anos atrás . por DomedOrientalism
A set of programs that coordinate all the activities among computer or mobile device hardware.
1 anos atrás . por KnowledgeableStimulus
Which of the following is not a type of iteration statement in java?
1 anos atrás . por PlayingTranslation
Samsung tv set default sound output
1 anos atrás . por TartConspiracy

Toplistas

#1
Top 8 considere o conjunto a = (0, 1, 4, 5, 7, 8 utilizando os elementos desse conjunto responda) 2022
1 anos atrás
#2
Top 6 cardapio para marmitas congeladas 2022
1 anos atrás
#3
Top 8 28 semanas e 6 dias são quantos meses 2022
1 anos atrás
#4
Top 9 resultado do jogo do bicho da corujinha deu no poste 2022
1 anos atrás
#5
Top 4 palavras oxitona paroxitona proparoxitona 2022
1 anos atrás
#6
Top 8 lis significado do nome 2022
1 anos atrás
#7
Top 6 como tirar estrias branca com óleo de cozinha 2022
1 anos atrás
#8
Top 8 sonhar com nossa senhora aparecida livro dos sonhos 2022
1 anos atrás
#9
Top 7 10- a região onde se concentra a indústria de tecnologia de ponta, nos estados unidos, é: 2022
1 anos atrás
#10
Top 6 com relação ao conceito de aprendizagem colaborativa e correto afirmar que 2022
1 anos atrás

Publicidade

Populer

Publicidade

Sobre

Jurídica

Ajuda

Social

hometrjp
direito autoral © 2024 mesadeestudo Inc.