***Management Information Systems Chapter 8
computer crime
"any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigation, or prosecution" -US Dept. of Justice
Antivirus and antispyware software
- Checks computers for presence of malware and can often eliminate it as well - Prevents, detects, and removes malware, viruses, worms, Trojan horses, spyware, and adware - Require continual updating
Botnet
A group of computers that have been infected with bot malware without users' knowledge, enabling a hacker to use the amassed resources of the computers to launch distributed denial-of-service attacks, phishing campaigns or spam.
unified threat management (UTM)
Comprehensive security management tool that combines multiple security tools, including firewalls, virtual private networks, intrusion detection systems, and Webcontent filtering and anti-spam software.
business continuity planning
Details how a company recovers and restores critical business operations and systems after a disaster or extended disruption.
MIS audit
Identifies all the controls that govern individual information systems and assesses their effectiveness.
click fraud
Occurs when an individual or computer program fraudulently clicks on an online ad without any intention of learning more about the advertiser or making a purchase. become a serious problem at google and other websites that feature pay-per-click online advertising
downtime
Period of time in which an information system is not operational.
disaster recovery planning
Planning for the restoration of computing and communications services after they have been disrupted.
drive-by downloads
Programs that download and install themselves without user consent when visiting websites or webpages.
application controls
Specific controls unique to each computerized application such as payroll or order processing. They include both automated and manual procedures that ensure that only authorized data are completely and accurately processed by the applications. input controls check data for accuracy and completeness when they enter the system. they are specific input controls for input authorization, data conversion, data editing, and error handling process controls establish that data are complete and accurate during updating. output controls ensure that the results of computer processing are accurate, complete, and properly distributed
cyberwarfare
State - sponsored activity designed to cripple & defeat another state or nation by penetrating its computers or networks for the purposes of causing damage and disruption. pose a threat to the infrastructure of modern society since major financial, health, govt, and industrial institutions rely on the internet daily
fault-tolerant computer systems
Systems that contain extra hardware, software, and power supply components that can back a system up and keep it running to prevent system failure.
war driving
Technique in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic.
spyware
Technology that aids in gathering information about a person or organization without their knowledge.
cybervandalism
The intentional disruption, defacement, or even destruction of a website or corporate information system
computer forensics
The scientific collection, examination, authentication, preservation, and analysis of data held on or retrieved from computer storage media in such a way that the information can be used as evidence in a court of law
evil twin
Wireless networks that pretend to be legitimate to entice participants to log on and reveal passwords or credit card numbers. phishing technique to capture passwords or credit card numbers of unwitting users who log on tothe network
smart card
a credit-card-size plastic card that stores digital information and that can be used for electronic payments in place of cash.
hacker
a person who gains unauthorized access to a computer network for profit, criminal mischief, or personal pleasure. cracker is typically used to denote a hacker with criminal intent, although in public press, the term hacker and cracker are interchangeable. gain access by finding weaknesses in the security protections employed by web sites and computer systems, often take advantage of various features over the internet that make it an open system and easy to use.
sniffer
a type of eavesdropping program that monitors information traveling over a network. used legitimately, sniffers help identify potential network trouble spots or criminal activity on networks but when used for criminal purposes, hard to detect.
authentication
ability to know that a person is who he or she claims to be. established by using passwords known to users.
digital certificate
an attachment to an electronic message to verify the identity of the sender and to provide the receiver with the means to encode a reply
SQL injection attack
attacks against a web site that take advantage of vulnerabilities in poorly coded SQL (a standard and common database software application) applications in order to introduce malicious program code into a company's systems and networks. vulnerabilities occur when a web application fails to properily validate or filter data entered by a webpage, which might occur when ordering something online.
identity management
business process and software tools for identifying the valid users of a system and controlling their access to system resources. includes policies for identifying and authorizing different categories of system users, specifying what systems or portions of systems each user is allowed to access, and the processes and technologies for authenticating users and protecting their identities
bugs
commercially distributed software that contains flaws that create security vulnerabilities
managed security service providers (MSSPs)
company that provides security management services for subscribing clients
recovery-oriented computing
computer system designed to recover rapidly when mishaps occur.
network address translation (NAT)
conceals IP addresses of the organizations internal host computers to prevent sniffer programs outside the firewall from ascertaining them and using that info to penetrate internal systems
acceptable use policy (AUP)
defines acceptable uses of the firms information resources and computing equipment, including laptop and desktop computers, wireless devices, internet. clarify company policy regarding privacy, user responsibility and personal use
risk assessment
determining the potential frequency of the occurrence of a problem and the potential damage if the problem were to occur. Used to determine the cost/benefit of a control
ambient data
electronic evidence may reside on a computer storage media in the form of computer files which are not visible to the average user. P259
secure sockets layer (SSL)
enables client and server computers to manage encryption and decryption activities as they communicate with each other during a secure Web session.
information systems audit
examines a firms overall security environment as well as controls governing individual information systems
deep packet inspection (DPI)
examines data files and sorts out low priority online material while assigning higher priority to business-critical files
application proxy filtering
examines the applications content of packets. stops data packets originating outside the organization, inspects them, and passes a proxy to the other side of the firewall
packet filtering
examines the header of every packet of data it receives to determine whether that type of packet is authorized to continue to its destination.
phishing
form of spoofing involving setting up fake web sites or sending e-mail messages that resemble those of legitimate businesses that ask users for confidential personal data. spear phishing: messages appear to come from a trusted source, such as an individual within the recipients own company or a friend
Denial-of-service (DoS) attack
hackers flood a network server or Web server with thousands of false communications or requests for services in order to crash the network.
firewall
hardware and software placed between an organization's internal network and an external network to prevent outsiders from invading private networks
zero-day vulnerabilities
holes in the software unknown to its creator (hackers usually exploit this security hole before the vendor becomes aware of the problem and hurries to fix it)
two-factor authentication
increases security by validating users through a multistep process - users must provide 2 means of identification typically 2 = physical token (smartcard) & data (password or PIN)
worms
independent software programs that propagate themselves to disrupt the operation of computer networks or destroy data and other programs operate on their own without attaching to other computer program files and rely less on human behavior in order to spread computer to computer. destroy data and other programs as well as disrupt or halt the operation of computer networks
password
known only to authorized users - used to log onto a computer system or maybe even accessing specific systems and files (established authentication)
HIPAA
law outlining rules for medical security, privacy, and the management of health care records. requires members of the healthcare industry to retain patient info for 6 years and ensure the confidentiality of those records
Sarbanes-Oxley act
law passed in 2002 that imposes responsibility on companies and their management to protect investors by safeguarding the accuracy and integrity of financial information that is used internally and released externally. fundamentally about ensuring that internal controls are in place to govern the creation and documentation of info in financial statements
social engineering
malicious intruders seeking to trick people into revealing their passwords by pretending to be legitimate users or members of a company in need of information.
malware
malicious software such as computer viruses, worms, and trojan horses
ransomeware
malware that is proliferating on both desktop and mobile devices - tries to extort money from users by taking control of their computers or displaying annoying pop-up messages
controls
methods, policies, and organizational procedures that ensure safety of organization's assets; accuracy and reliability of its accounting records; operational adherence to management standards.
spoofing
misrepresenting one's identity on the Internet or redirecting a Web link to an address different from the intended one, with the site masquerading as the intended destination. ex; redirect customers to a fake website that looks almost exactly like the true site to collect and process orders effectively stealing business and information
distributed denial-of-service (DDoS) attack
numerous computers inundating and overwhelming a network from numerous launch points
general controls
overall control environment governing the design, security, and use of computer programs and the security of data files in general throughout the organization's information technology infrastructure
pharming
phishing technique that redirects users to a bogus Web page, even when the individual enters the correct Web page address. gain access to the internet address information stored by internet service providers to speed up web browsing and the ISP companies have flawed software on their servers that allow the fraudsters to hack in and change those addresses
token
physical device similar to an identification card that is designed to prove the identity of a single user. small gadgets that typically fit on key rings and display pass-codes that change frequently
secuirty
policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems
hidden bugs
program code defects that are virtually impossible to eliminate due to the complexity of decision-making code
secure hypertext transfer protocol (S-HTTP)
protocol used for encrypting data flowing over the Internet; limited to individual messages.
stateful inspection
provides additional security by determining whether packets are part of an ongoing dialogue between a sender and a receiver
Gramm-Leach-Bliley act
requires financial institutions to ensure the security and confidentiality of customer data. data must be stored on a secure medium, and special security measures must be enforced to protect such data on storage media and during transmittal.
computer virus
rogue software program that attaches itself to other software programs or data files in order to be executed, usually without user knowledge or permission. deliver "payload" and spread from computer to computer
patches
small pieces of software to repair the software flaws without disturbing the proper operation of the software
trojan horse
software program that appears to be legitimate but contains a second hidden function that may cause damage.not a virus because it does not replicate, but it is often a way for viruses or other malicious code to be introduced to a computer.
keyloggers
spyware that records every keystone made on a computer to steal personal information or passwords or to launch internet attacks
security policy
statements ranking information risks, identifying acceptable security goals, and identifying the mechanisms for achieving these goals.
public key infrastructure (PKI)
system for creating public and private keys using a certificate authority (CA) and digital certificates for authentication.
encryption
the coding and scrambling of messages to prevent their being read or accessed without authorization
identity theft
theft of key pieces of personal information, such as credit card or social security numbers, in order to obtain merchandise and services in the name of the victim or to obtain false credentials.
high-availability computing
tools and technologies, including backup hardware resources, to enable a system to recover quickly from a crash
intrusion detection systems
tools to monitor the most vulnerable points in a network to detect and deter unauthorized intruders.
online transaction processing
transaction processing mode in which transactions entered online are immediately processed by the computer.
biometric authentication
uses personal physical characteristics such as fingerprints, facial features, and retinal scans to authenticate users
public key encryption
uses two keys, one shared (or public) and one private
