INFO360

California's SB-327 for Internet of Things Security mandates that security features of internet-ready devices must be:

- Appropriate to the intended use of the device - Suitable for the type of data the device will contain and relay - Constructed to protect the device and any data it stores

Multiple-criteria decision analysis (MCDA) steps: (5)

1. Define the problem 2. Determine criteria and constraints 3. Weight the criteria by importance 4. Combine the points for each option's criteria 5. Analyze the results

What are the five steps in an ethical analysis

1. Getting all the facts 2. Determining affected stakeholders 3. Finding precedents 4. Listing options 5. Deciding & Preparing consequences

Five Principles of Ethical Conduct

1. Principle of Moral Rights 2. Principle of Virtue 3. Principle of Distributive Justice 4. Universalist Principle 5. Utilitarian Principle

Web crawler

A benign internet bot that gathers data

Infrastructure as a Service (IaaS)

A cloud computing model that provides unlimited computing, storage, and network resources that the enterprise can use to build its own virtual infrastructure in the cloud. Infrastructure can grow as usage increases

Universalist Principle

A manager must determine if a decision is fair for everyone involved

Five Whys Method

A principle of questioning which allows you to understand the root cause of a problem

What are customer delivery networks

A system that moves goods from manufactures or suppliers to customers

Stored Communications Act

Addresses voluntary compelled disclosure of stored wire and electronic communications and transactional records held by third-party Internet service providers

Direct Inquiry

Asking consumers questions about product or service experience through direct means like surveys or reviews

What cryptocurrency shares features with a previous cryptocurrency but is technologically enhanced?

Bitcoin Cash

Input validation

Checking if the input of data meets a pre-determined set of criteria and formatting

Utilitarian Principle

Choosing the option that does the greatest good for the most involved

Principle of Virtue

Considers what a highly moral person would do when faced with dilemma

What is data in transit, where is it found, how is it protected?

Data that is moving between devices, found on cellular networks, protected with encryption

Examples of unstructured decisions

Deciding whether to enter a new market Launching a completely new product line Hiring a key executive Merging with another company Adopting a new disruptive technology

Digital Millennium Copyright Act

Designed to protect copyright holders from online theft (redistribution or reproduction of online materials)

Principle of Distributive Justice

Distributing rewards equitable to individuals based on their level of effort or productivity level

What is the 2nd highest value of cryptocurrency in the market today?

Etherium

Bitcoin

First cryptocurrency; created in 2009

What actions may occur during the respond stage of the plan-protect-respond cycle?

Identifying a cybersecurity incident Containing the breach Taking immediate mitigation steps to limit damage Coordinating communication with relevant stakeholders Performing forensic analysis to understand the incident Restoring affected systems and data Improving future responses

What actions may occur during the protect stage of the plan-protect-respond cycle?

Implementing security controls Deploying firewalls Encrypting data Conducting employee security awareness training Managing access controls Performing regular system maintenance Updating security patches

LAN

Local Area Network: "Small geographic area. All the hardware for the LAN is owned by the organisation using it. Can be wired or wireless, and they typically have high bandwidth and fast internet speeds

How do software-based keyloggers most commonly infect a system?

Malicious emails or links opened by unsuspecting users

Input sanitization

Modifying the input to create a valid, in-format input

1st and 2nd stages necessary for adding a block to the blockchain

Occurence of transaction and transaction verification

PAN

Personal Area Network: Connects devices within a short range of a person, typically 10 meters or less, like bluetooth

What is the difference between production reports and forecasting reports about production?

Production reports also fully tract current levels of production

What types of data are included in the analytical hierarchy process programming model for decision making?

Qualitative data Data from enterprise systems Data from human resource systems

Examples of structured decisions

Reordering inventory Approving employee leave and hours Scheduling shifts Calculating payroll

What actions may occur during the plan stage of the plan-protect-respond cycle?

Risk assessment Threat identification Vulnerability analysis Policy Development Incident response plan creation Communications strategy planning Staff training

What does a hash/digital fingerprint/unique identifier do in the blockchain

Secures transactions and links blocks in the blockchain together

What are cookies on a website?

Small text files that websites send to a user's browser to store information about the users visit

Keylogging Software

Software which tracks keystones from a user and can glean information like passwords, account names, and credit card numbers

Principle of Moral Rights

Some decisions are either morally right or wrong; certain moral values should always be upheld

Persistent/Permanent Cookies

Stored on your device for a long time and can recognize you and remember your preferences

Session/Transient Cookies

Temporary cookies that are used to store information on a website during a single browsing session

What is an Analytical Hierarchy Process

The AHP is a multi-criteria decision analysis (MCDA) method that involves the following steps: Hierarchy formation: Break down the decision into a hierarchical structure Pairwise comparisons: Decision-makers perform a series of pairwise comparisons to score the alternatives relative to each other Verification of consistency: Use the consistency ratio (CR) to examine the consistency of the answer

What is social engineering in cybersecurity

The act of manipulating or tricking people into sharing confidential information

Third-Party Cookies

Track your behavior across different websites. also known as tracking cookies

Examples of collaboration software

Trello Slack Zoom

What is a balanced scorecard

Used to structure business plans Includes measurable outcomes like financials and internal business processes Include Key plausibility indicators Information from executive support systems is used in the second scorecard

Folksonomy

User-generated system of classifying and organizing online content into different categories by the use of metadata such as electronic tags

NIST Cybersecurity Guidelines

Voluntary guidelines designed to help organizations assess and improve their ability to prevent, detect, and respond to cybersecurity risks

WAN

Wide Area Network: Connects devices across a large geographical area, including multiple countries. WANs can be public or private, not typically owned by a single company. limited bandwidth

Process of sending a message via the internet

identify the domain name, look up the corresponding IP using DNS, assemble the data packet, add the IP address, ensure packet delivery with TCP send the message across networks

Henry Fayol's 5 Functions of Management

planning, organizing, commanding, coordinating, controlling