MIS Activity 5

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

The key attributes of __________ include: have plan in place; centralized reporting; determine cause; specific responses - speed, preparation pays; don't make problem worse; and practice.

a disaster and incident response plan

hardening

__________ is the process of reducing the vulnerabilities of a computer by restricting the functions and actions it is willing to perform.

Human safeguards

__________ relate to the procedures and people components of an information system.

A virus

a computer program that replicates itself.

In the context of information security management, __________ occurs when someone deceives by pretending to be someone else.

pretexting

The three critical organizational security fundamentals

security policy, risk management, and defense in layers.

Risk

simply the chance of loss

cookies

small files that your browser receives when you visit web sites

Cookies

small files that your browser stores on your computer when you visit Web sites

safeguard

some measure that individuals or organizations take to block the threat from obtaining the asset

In this​ video, Agent Macey explains how a​ _____ pretends to be a legitimate company and sends email requesting users to update their confidential information such as passwords or account numbers.

spoofer

All of the following are recommended personal security safeguards EXCEPT __________.

enable cookies so you have greater end user freedom

According to the information provided in this​ video, any business that has an online presence is at risk for all of the following EXCEPT​ _____.

hiring unqualified employee

SQL injection attack

is when an attacker enters a SQL statement into a form on a Web page in which a client is supposed to enter a name or other data.

__________ is a safety procedure where a trusted party has a copy of the encryption key.

key escrow

Good smartphone security practices

lock the phone, turn off Bluetooth, monitor app access requests, turn on data erase, and turn on automatic updates.

According to the DHS agent portrayed in this​ video, the Secret Service has responded to network intrusions at businesses throughout the United States that have been impacted by​ _____ through their​ point-of-sale systems.

malware

Based on the information provided in this​ video, which of the following usually happens in a​ denial-of-service attack?

A hacker floods a Web server with so many requests that it becomes unavailable to its intended users.

computer forensics

After the initial response to the disaster or incident, __________ can help determine the cause of the event.

Trojan horse.

An individual posing as an online gamer accesses information stored in an unsuspecting user's computer by placing a program in his hard disk that appears to be legitimate. The system functions normally with the program performing underlying functions. The malware used by the individual is referred to as a _________

A CAPTCHA

Completely Automated Public Turing Test To Tell Computers and Humans Apart

The recommended personal security safeguards are:

Create strong and multiple passwords. Send no valuable data via email or messaging. Use https to buy from trusted Web sites. Clear browser history, temp files, and cookies. Regularly update antivirus software. Use caution when using public machines or hot spots. Log out after high-value activities. Do not use USB drives. Use your smartphone securely

__________ is the process of reducing the vulnerabilities of a computer by restricting the functions and actions it is willing to perform.

Hardening

Pretexting

In the context of information security management, which of the following occurs when someone deceives by pretending to be someone else?

__________ is the process of preventing unauthorized access to an IS or modification of its data.

Information systems security

Firewall

a part of a computer system or network that is designed to block unauthorized access while permitting outward communication.

A worm,

a software program capable of reproducing itself that can spread from one computer to the next over a network

An Advanced Persistent Threat (APT)

a sophisticated, possibly long-running computer hack that is perpetrated by large, well-funded organizations such as governments.

Ransomware

blocks access to a com

When your security is compromised, the first indication you receive will be

bogus charges on your credit card or messages from friends complaining about the disgusting email they just received from your email account.

data safeguards

data rights and responsibilities, passwords, encryption, backup and recovery, physical security

__________ include: define data policies, specify data rights and responsibilities; access only when authenticated; encrypt data; practice backup and recovery procedures; and ensure physical security

data safeguards

A(n) __________ is where a malicious hacker, or computer criminal, floods a Web server with millions of bogus service requests that so occupy the server that it cannot service legitimate requests.

denial of service (DoS) attack

A(n) __________ is where a malicious hacker, or computer criminal, floods a Web server with millions of bogus service requests that so occupy the server that it cannot service legitimate requests.

denial-of service (DoS) attack

In this​ video, Special Agent Macey says the single largest threat to the Internet is​ _____.

denial-of-service attacks

technical safeguards

identification and authorization, encryption, firewalls, malware protection, application design

A virus

is a destructive program that disrupts the normal functioning of computer systems.

A key

is a number used to encrypt data. It is called a key because it locks and unlocks a message.

threat

is a person or organization that seeks to obtain or alter data or other IS assets illegally, without the owners permission and often without the owners knowledge

smart card

is a plastic card similar to a credit card. Unlike credit, debit, and ATM cards, which have a magnetic strip, smart cards have a microchip. The microchip, which holds far more data than a magnetic strip, is loaded with identifying data.

Phishing

is a similar technique for obtaining unauthorized data that uses pretexting via email.

Sniffing

is a technique for intercepting computer communications.

Cross-Site Scripting (XSS)

is a technique used by criminals to infect target machines with malware. In a typical XSS attack, the criminal posts a reply to a discussion board but along with the plaintext reply adds malicious code invisible to the discussion board. Then, when you click on the criminal's reply to participate in the discussion, the criminal's plaintext reply and the malicious invisible code are downloaded to your machine.

Encryption

is the process of transforming clear text into coded, unintelligible text for secure storage or communication.

Hijacking

occurs when a hacker steals an encryption key that client is using to access a secure site and reuses that key to impersonate the legitimate user.

IP spoofing

occurs when an intruder uses another site's IP address to masquerade as that other site

Social engineering

occurs when employees are manipulated into divulging data or bypassing security on behalf of others. These others are typically hackers or criminals, but employees are unaware of that.

pretexting

occurs when someone deceives by pretending to be someone else.

Information systems security

the process of preventing unauthorized access to an IS or modification of its data

A __________ is a person or organization that seeks to obtain or alter data or other assets illegally, without the owner's permission and often without the owner's knowledge.

threat

virtual private network, or VPN

uses software or a dedicated computer to create a private network over the public internet

authentication

verifies the credentials of the individual seeking access to a computer resource


Set pelajaran terkait

Intro to supply chain and logistics test 2

View Set

Chapter 7: Students Who Are Gifted & Talented

View Set

Understanding Cash Flow Statement

View Set

Air Quality Terms and Definitions

View Set

ECEn 487 Intro to Digital Signal Processing

View Set

WGU C232: Introduction to Human Resource Management-ALL

View Set

Motivation, Emotion, and Stress Ch 11 and 12

View Set