MIS Chapter 4 (PART 2) Review

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Privilege

A collection of related computer system operations that can be performed by users of the system

Nonrepudiation

A contractual stipulation to ensure that e-business participants do not deny their online actions

Hot site

A fully configured computer facility, with all services, communications links, and physical plant operations

Password

A private combination of characters that only the user should know

Virtual private network (VPN)

A private network that uses a public network to connect (usually the Internet) to connect users

Blacklisting

A process in which a company allows all software to run unless it is on a blacklist

Whitelisting

A process in which a company identifies the software that it will allow to run and does not try to recognize malware

Passphrase

A series of characters that is longer than a password but can be memorized easily

Anti-malware systems

Also called antivirus software, these are software packages that attempt to identify and eliminate viruses, worms, and other malicious software; a reactive solution to a problem

Something the user is

Also known as biometrics, these access controls examine a user's innate physical characteristics (4 words)

Information privacy policy

An Information security policy that contains general principles regarding information policy

Ethical computer use policy

An Information security policy that contains general principles to guide computer user behavior; ensures all know the rules and consent to the guidelines

Email privacy policy

An Information security policy that explains the extent to which e-mail messages may be read by others

Employee monitoring policy

An Information security policy that explicitly states how,when, and where the company can monitor employees

Social media policy

An Information security policy that outlines the corporate guidelines or principles governing employee online communications

Acceptable use policy (AUP)

An Information security policy that requires a user to agree to follow it to be provided access to corporate e-mail, IS, and the Internet

Information technology monitoring

An Information security policy tracking people's activities by such measures as number of keystrokes, error rate, and number of transactions processed

Internal audit

An audit performed by corporate internal auditors

Digital certificate

An electronic document attached to a file certifying if the file is from the organization that it claims to be from and has not been modified from its original format

with the computer

Auditing __________ means using a combination of client data, auditor software and client and auditor hardware

around the computer

Auditing ____________ means verifying processing by checking for known outputs or specific inputs (3 words)

through the computer

Auditing ______________ means inputs, outputs, and processing are checked (3 words)

Internet use policy

Contains general principles to guide the proper use of the Internet

Tunneling

Encrypts each data packet that is sent and places each encrypted packet inside another packet

software

In a basic home firewall, the fire wall is implemented as _______. (1 word)

Information systems auditing

Independent or unbiased observers tasked to ensure that information systems work properly

Least Privilege

Is an ideal principle tat users be granted the privilege for some activity only if there is a justifiable need to grant this authorization

Authentication

Major objective of this is proof of identity

Secure Socket Layer (SSL)

Now called transport layer security (TLS), is an encryption standard used for secure transactions such as credit card purchases and online banking

Authorization

Permission issued to individuals and groups to do certain activities with information resources, based on verified identity

Encryption

Process of converting an original into a form that can not be read by anyone except the intended receiver

Warm site

Provides many of the same services and options of the hot site, but it typically does not include the actual applications the company runs

Cold sites

Provides only rudimentary services and facilities

External audit

Reviews internal audits as well as the inputs, processing, and outputs of information systems

Firewalls

Systems that enforce the access control policy between two networks

Employee monitoring systems

Systems that monitor employee's computers, e-mail activities, and Internet surfing

Audit

The examination of information systems their inputs, outputs, and processing

Something the user knows

These access controls include passwords and passphrases (4 words)

Something the user has

These access controls include regular ID cards, smart cards, and tokens (4 words)

Something the user does

These access controls include voice and signature recognition (4 words)

Certificate authorities

Trusted intermediaries between two organizations who issue digital certificates

Public-key encryption

Uses two different keys 1.) Public Key: anyone can access---> encrypts message 2.) Private Key: keeps it secret -----> decrypts message

Organizational firewalls

______ have 3 components (2 words) 1.) External firewall 2.) Demilitarized zone 3.) Internal firewall


Ensembles d'études connexes

Psych Quiz 5, P155 Exam 3, Psych Quiz 3-30

View Set

Organic Chemistry Lab I (CHEM 237) Experiment 11: Kinetic Study of SN1 Solvolysis

View Set

NCLEX Questions-Theories of Growth and Development

View Set