Final review ISM3011
What uses a zombie farm, often by an organized crime association, to launch a massive phishing attack?
A pharming attack
Records information about a customer during a web surfing session such as what websites were visited
Chick stream
What is the abused of pay per click, pay-per call, and pay per conversion revenue models by repeatedly clicking on a link to increase charges or cost of the advertiser?
Click fraud
What is a computer crime where a competitor or disgruntled employee increases a company's search advertizing costs by repeatedly on the advertiser's link?
Competitive click-fraud
What is the assurance that messages and information remain available only to those authorized to view them?
Confidentiality
A small file deposited on a hard drive by a website containing information about customers and their web activities
Cookie
What is the legal protection afforded an expression of an idea, such as a song, book, or video game?
Copyright
What software is software that is manufactured to look like the real thing and sold as such?
Counterfeit Software
What is the software that is manufactured to look like the real thing and sold as such?
Counterfeit software
What is the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them?
Cryptography
What includes threats, negative remarks, or defamatory comments transmitted via the internet or posted on the website?
Cyber-bulling
What is a computer attack where an attacker accesses a wireless computer network, intercepts data, uses network services, and/or sends attack instructions without entering the office or organization that owns the network?
Drive-by hacking
What are the principles and standard that guide our behavior toward other people?
Ethics
A hardware device that captures keystrokes on their journey from the keyboard to the motherboard
Hardware key logger
What policy details the extent to which email messages may be read by others?
email privacy policy
What govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself
Information ethics
What governs the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, and processing of information itself?
Information ethics
Typically found in an acceptable use policy
Not attempting to break the security of any computer network or user, not performance any non repudiation, not using the service as part of violating any law
What is the right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent?
Privacy
Cyberterrorist
Seeks to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction.
What phishing expedition in which the emails are carefully designed to target a particular person or organization?
Spear phishing
Software that comes hidden in free downloadable software and tracks online movements
Spyware
What is a special class of adware that collects data about the user and transmits it over the internet without the user's knowledge or permission?
Spyware
Internet use policy
States the ramifications if the policy is violated, describes user responsibility for citing sources, describes the internet services available to users
Script kiddies
find hacking code on the internet and click and point their way into systems to cause damage or spread viruses
Cracker
have criminal intent when hacking
Hactivist
have philosophical and political reasons for breaking into systems and will often deface the website as a protest
What is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate business
phishing
What is an act or object that poses a danger to assets?
threat
White hat hackers
work at the request of the system owners to find system vulnerabilities and plug the holes,
What is a program that secretly takes over another computer for the purpose of launching attacks on other computers
zombie
What is the process of providing a user with permission including access levels and abilities such as file access, hours o f access, and amount of allocated storage space?
Authorization
What is a trusted third party, such as VeriSign, that validates user identities by means of digital certificates?
Certificate authority
Which policy contains general principles to guide the proper use of the internet?
Internet use policy
What policy outlining the corporate guidelines or principles governing employee online communications?
A social media policy
What requires a user to agree to follow it to be provided access to corporate email, information systems, and the internet?
A(n) acceptable use policy
Software that generates ads that install themselves on a computer when a person downloads some other program from the internet
Adware
Two items typically contained in an employee monitoring policy
Always enforce the policy the same for everyone, State the consequences of violating the policy
In an employee monitoring policy
Always enforce the policy the same for everyone, state the consequences of violating the policy
What scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware?
Anti-virus software
A method for confirming users' identities
Authentication
what is the electronic defacing of an existing website?
Cybervandalism
What rights management is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution?
Digital rights management
Looking through people's trash, is another way hackers obtain information?
Dumpster diving
Select the two terms that refer to the ability of a company to identify search, gather, seize or export digital information in responding to a litigation, audit, investigation, or information inquiry.
Electronic discovery and E discovery
What monitoring policy stating explicitly how, when and where the company monitors its employees?
Employee monitoring policy
Three typical social media policy
Employee twitter, corporate twitter, and personal twitter policies, employee social network and personal social network policies. Employee blog and personal blog policies
What scrambles information into an alternative form that requires a key or password to decrypt?
Encryption
What are policies and procedures that address information management along with the ethical use of computers and the internet in the business environment?
Epolicies
Three reasons why organizations should develop written epolicies
Establish employee procedures, Establish employee guidelines, establish organizational rules
What policy contains general principles to guide computer user behavior?
Ethical computer use policy
what contains general principles to guide computer user behavior?
Ethical computer use policy
What is the experts in technology who use their knowledge to into computers and computer networks, either for profit or just motivated by the challenge
Hackers
what is the forging of someone's identity for the purpose of fraud?
Identity theft
What is the act of conforming, acquiescing, or yielding information?
Information compliance
What is a method or system of government for information management or control?
Information governance
What examines the organizational resource of information and regulates its definitions, uses, value, and distribution ensuring it has the types of data/information required to function and grow effectively?
Information management
Which epolicy contains general principles regarding information privacy?
Information privacy policy
What is an ethical issue that focuses on who owns information about individuals and how information can be sold an d exchanged?
Information property
What is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged
Information property
what is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged
Information property
What is intangible creative work that is embodied in physical from and includes copyrights, trademarks, and patents?
Intellectual property
What occurs when a government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens/
Internet censorship
What occurs when a government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens?
Internet censorship
What sends a massive amount of email to a specific person or system that can cause that user's server to stop functioning?
Mail bomb
Which institute introduced an advanced encryption standard (AES) designed to keep government information secure?
National institute of standards and technology(NIST)
Three items typically found in an acceptable use policy
Not attempting to break the security of any computer network or user, Not performing any non repudiation, Not using the service as part of violationg any law
What is tangible protection such as alarms, guards, fireproof doors, fences, and vaults?
Physical security
What is the unauthorized use, duplication, distribution, or sale of copyrighted software?
Pirated software
What device that size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?
Smart card
Which policy outlines the corporate guidelines or principles governing employee online communication?
Social media policy
Which policy outlines the corporate guidelines or principles governing employee online communications?
Social media policy
Select three epolicies
Social media policy, Ethical computer use policy, and Acceptable use policy
The number that has the most widespread unintentional information reuse
Social security number
Three categories of authentication and authorization
Something the user knows, such as a user ID and password, something the user has, such as a smart card or token, something that is part of the user, such as a fingerprint or vice signature
What is unsolicited email?
Spam
What is an anti spamming approach where the receiving computer launches a return attack against the spammer. sending email messages back to the computer that originated the suspected spam?
Teergrubing
What Act was passed to protect minors from accessing inappropriate material on the internet?
The Child Online Protection Act
what are the small electronic devices that change user passwords automatically?
Tokens
What is a problem that occurs when someone registers purposely misspelled variations of well-known domain names?
Typo-squatting
What is accurate statements relating to an ethical computer use policy?
Users need to consent to following the rules and Users need to be informed of the rules
Software written with malicious intent to cause annoyance or damage?
Virus
Consist of one line of information for every visitor to a website and is usually stored on a webs server
Web log
What is the theft of a website's name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned to the website to another website owner?
Website name stealing
What tracks people's activities by such measures as number of keystrokes, error rate, and number of transactions processed.
Workplace MIS monitoring
What tracks people's activities by such measures as number of keystrokes, error rate, and number of transactions processed?
Workplace MIS monitoring
A group of computers on which a hacker has planted zombie programs
Zombie farm
Black hat hackers
break into other people's computer systems and may just look around or may steal and destroy information.
An organized attempt by a country's military to disrupt or destroy information and communication system for another country
cyber-war
What decodes information and opposite of encrypt?
decrypt
Select three items contained in a typical internet use policy
describes the internet services available to users, describes user responsibility for citing sources, States the ramifications if the policy is violated
Three items that contained in a typical internet use policy
describes the internet services available to users, describes user responsibility for citing sources, and states the ramifications if the policy is violated
Select the statement that accurately defines the association between information and ethics
information has no ethics
what security plan details how an organization will implement the information security policies
information security plan
A program that records every keystroke and mouse click
key logger
A contractual stipulation which ensures that ebusiness participants do not deny their online actions is called a
non repudiation
Backdoor program
opens a way into the network for tuture attacks
worm
spreads itself, not only from file to fikle, but also from computer to computer