Chp 10: DSM
Inside threats
"trusted adversaries" who operate within an organization's boundaries and are a significant danger to both private and public sectors.
time bomb
A malicious program that deletes payroll data on a certain date
Recovery time objectives
-address the issue of how soon an organization should be able to resume operations. -specify the maximum time allowed to recover from a disaster.
Recovery point objectives
-specify how current backup data should be -assert that having completely redundant systems that mirror the data helps to minimize (or even avoid) data loss in the event of a catastrophic failure.
warez
Bootleg copies of software programs
denial of service (DOS) attack
Computer worms infiltrating a network with so much artificial traffic that legitimate traffic cannot get through
Anti-Cybersquatting Consumer Protection Act
Passed in 1999, the U.S. government made it a crime to register, traffic in, or use a domain name to profit from the goodwill of a trademark belonging to someone else.
IS security
Refers to precautions taken to keep all aspects of information systems safe from destruction, manipulation, or unauthorized use or access. Because threats to information systems constantly evolve, ______ is an ongoing process.
cookies
Small text files passed to a Web browser on a user's computer by a Web server. The browser stores the message in a text file, and the message is sent back to the server each time the user's browser requests a page from that server.
Access control software
allows computer users access to only those files related to their work.
tunneling
The practice of creating an encrypted "tunnel" to send secure (private) data over the (public) Internet
virus
a destructive program that disrupts the normal functioning of computer systems. Differs from other types of malicious code in that they can reproduce themselves.
botnet
a group of destructive software robots working together on a collection of zombie computers via the Internet.
Risk analysis
a process in which you assess the value of the assets being protected, determine their probability of being compromised, and compare the probable costs of their being compromised with the estimated costs of whatever protections you might have to take.
Record keeping
a type of information systems control that helps ensure the reliability of information
worm
a type of malware that propagates through the Internet or other computer networks.
logic bomb
a variation of a Trojan horse that is set off by certain types of operations, such as entering a specific password or adding or deleting names and other information to and from certain computer files.
company's disaster recovery plan
addresses: -chain of command -which events are considered a disaster -what should be done to prepare the backup site -what hardware and software are needed to recover from a disaster.
Computer-assisted auditing tools
allow software auditors use to test applications and data using test data or simulations. Auditors use these tools because testing all controls under all possible conditions is very inefficient and often not feasible.
drive-by hacking
an attacker accesses the network, intercepts data from it, and even uses network services and/or sends attack instructions to it without having to enter the home, office, or organization that owns the network.
Stuxnet
an example of a cyberwar attack.
Cyberwar
an organized attempt by a country's military to disrupt or destroy the information and communication systems of another country. technologies can be used to electronically blind, jam, deceive, overload, and intrude into an enemy's information systems infrastructure.
crackers
another name for a black hat, Those who break into computer systems with the intention of doing damage or committing a crime
black hat
another name for a cracker, someone who breaks into computer systems with the intention of doing damage or committing a crime.
Hactivists
attempt to break into systems or deface Web sites to promote political or ideological goals (such as free speech, human rights, and antiwar campaigns).
Keyloggers
capture users' keystrokes to gather information like passwords and credit card numbers.
cold backup site
comprises all necessary connections for power and communication, but nothing else. In the case of a disaster, a company has to first set up all necessary equipment, ranging from office furniture to Web servers. -the least expensive option -takes a longer time before a company can resume working after a disaster.
Honeypots
computers, data, or network sites designed to entice crackers. Organizations and governments are increasingly utilizing _______ to proactively gather intelligence to improve their defenses or to catch cybercriminals.
Industrial espionage
covert activities, such as the theft of trade secrets, bribery, blackmail, and technological surveillance.
Reverse engineering
disassembling software to discover and understand any protection mechanisms built into the software by its original developer.
Spam
electronic junk mail or junk newsgroup postings, usually for the purpose of advertising some product and/or service.
firewall
essentially a security fence around the perimeter of an organization's information systems spots unauthorized intruders who try to penetrate a private network. generally placed between the organization's private internal networks and the Internet, although they can also be used to protect one part of a company's network from the rest of the network. can be implemented in hardware, in software, or in a combination of both.
IS risk management
gaining an understanding of the interplay among threats, vulnerabilities, and impacts.
Hot backup site
have a redundant backup of the data so that the business processes are interrupted as little as possible. -more expensive -a redundant backup of all the data -ensures that the company can resume working immediately after a disaster
IS controls
help ensure the reliability of information and can consist of different measures, such as systems security policies or record keeping, to trace actions and transactions and who is responsible for them.
Cyberterrorism
individuals and organized groups use of computer and networking technologies against persons or property to intimidate or coerce governments, civilians, or any segment of society in order to attain political, religious, or ideological goals. could damage the machines that control traffic lights, power plants, dams, or airline traffic in order to create fear and panic.
True hackers
individuals motivated by curiosity and not by a desire to do harm.
Trojan horse
infects an information system by posing as a legitimate program or file. A computer infected with a ______ appears to function normally. But in fact, the computer is performing underlying functions dictated by the _______.
Business continuity planning
ocuses on how the company can restore its IS operations after a disaster strikes. The plan identifies critical business processes and determines action plans for handling mission-critical functions if systems go down.
information systems audit
often performed by external auditors, can help organizations assess the state of their IS controls to determine necessary changes and to help ensure the information systems' availability, confidentiality, and integrity.
Shareware
refers to software that a user can access on a trial basis without paying for it.
Spyware
refers to software that covertly gathers information about a user through an Internet connection without the user's knowledge. Monitoring users' computer activity and secretly transmitting that information to someone else is done sometimes hidden within freeware or shareware programs or is embedded within a Web site and downloaded to the user's computer, without the user's knowledge, in order to track data about the user for marketing and advertisement purposes.
Phishing
setting up fake Web sites or sending e-mail messages that look like those of legitimate businesses to ask users for confidential personal data.
Malware
short for "malicious software" such as viruses, worms, and Trojan horses.
cybersquatting
the practice of registering a domain name and then trying to sell it for big bucks to the person, company, or organization most likely to want it.
Sarbanes-Oxley Act
to protect investors from fraudulent practices by organizations. It mandates that companies demonstrate compliance with accounting standards and establish controls and corporate governance.
online transaction processing
transactions entered online are immediately processed by the computer.
CAPTCHA
typically consists of a distorted image displaying a combination of letters and/or numbers that a user has to input into a form before submitting it. a way to prevent spammers from using bots to automatically submit online forms. used to prevent bots from trying to break passwords using a brute force approach.
Audit-control software
used to keep track of computer activity so that auditors can spot suspicious activity and take action.
Biometric authentication
uses systems that read and interpret individual human traits, such as fingerprints, irises, and voices, in order to grant or deny access.