Chapter 4

Ace your homework & exams now with Quizwiz!

Privilege escalation

A network intrusion attack that takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications

What is a small file deposited on a hard drive by a website containing information about customers and their web activities?

Cookie

Workplace MIS monitoring tracks employees' activities. Organizations that are planning to engage in employee monitoring should have an employee monitoring policy. Which of the following is NOT one of the stipulations identified in the text that organizations should following when creating an employee monitoring policy?

Don't expressly communicate when and what will be monitored (as this will allow employees to work around the monitoring system).

Back-hat hackers

Hackers that break into other people's computers systems with the intention of snooping without theft, snooping with theft, or destroying information

White-hat hackers

Hackers that work at the request of the system owners to find system vulnerability and plug the holes

Firewall

Hardware and/or software that guards a private network by analyzing the information leaving and entering the network

Which trademarks apply to services?

Service Mark

Cost of downtime

financial performance, revenue, damaged reputation, other expenses

Single-factor authentication

the traditional security process, which requires a username and password

Content Filtering occurs when an organization:

uses software that filters content to prevent the transmission of unauthorized information.

Information governance

A method or system of government for information management and control

What are the 2 technologies used to prevent identity theft?

Authentication and Authorization

In terms of information security, the first line of defense is people. The second line of defense is technology. According to the textbook, this "second line" compromises three areas of information security. Which of the following IS one of these three primary information security areas?

Authentication and authorization

Which trademarks protect general phrases?

Unregistered Trademarks

When is the best time to schedule planned downtime?

Uptime is money

Pretexting

A form of social engineering in which one individual lies to obtain confidential data about another individual

Internet Censorship

A government attempts to control Internet traffic, thus preventing some material from being viewed by its citizens

Zombie

A program that secretly takes over another computer for the purpose of launching attacks on other computers

Spyware

A special class of adware that collects data about the user and transmits it over the internet without the user's knowledge or permission

Phishing

A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent email

Which of the following policies states that users agree to follow it in order to be given access to corporate email, information systems, and the internet?

Acceptable use policy

Information property

An ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged

Any unexpected downtime in today's business environment has the potential to cause both short- and long-term costs with far-reaching consequences. Which of the following is NOT one of the costs of downtime identified in the textbook?

Artificially inflated ROI

Cybervandalism

Electronic defacing of an existing website

Informed Consent

Ensures all users are informed of the rules and, by agreeing to use the system on that basis, consent to abide by the rules

EPolicies are policies and procedures that address information management along with the ethical use of computers and the Internet in the business environment. Which of the following ePolicies is NOT identified in the textbook as one that organizations should implement to protect themselves?

Equal Access Policy

Hackers

Experts in technology who use their knowledge to break into computers and computer networks, either for profit or just motivated by the challenges

Employee monitoring policy

Explicitly state how, when, and where the company monitors its employees

Information ethics

Governs the ethical and moral issues arising from the development and a use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself

What governs the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, distribution, and processing of information itself (with or without the aid of computer technologies)?

Information Ethics

_______ is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged.

Information Property

Intellectual Property

Intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents

Acting ethically and acting legally are not always the same thing. The goal of businesses is to carry out actions that are both legal and ethical. How would you classify a situation in which a company uses child labors (who suffer miserable working conditions) in foreign countries that allow such practices?

Legal, but Unethical

What are the 2 primary lines of defense for information security?

People and Technology

ePolicies

Policies and procedures that address information management along with the ethical use of computers and the internet in the business environment

What is the right not to be observed without your consent?

Privacy

Which trademarks do you apply for?

Registered Trademarks

Acceptable Use Policy (AUP)

Requires a user to agree to follow it to be provided access to corporate email, information systems, and the internet

Two-factor authentication

Requires the user to provide two means of authentication

Multi-factor authentication

Requires the user to provide two or more means of authentication

Pharming

Reroutes requests for legitimate websites to false websites

Encryption

Scrambles information into an alternative form that requires a key or password to decrypt

Adware

Software that, while purporting to serve some useful function (and often fulfilling that function) also allows internet advertisers to display advertisements without the consent of the user

Worm

Software written to spread itself only from file to file, but also from computer to computer

Virus

Software written with malicious intent to cause annoyance or damage

What are the 3 methods of authentication and authorization?

Something the user knows Something the user has Something that is part of the user

Click-fraud

The abuse of pay-per-click revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser

What is click-fraud?

The abuse of pay-per-click, pay-per-call, and pay-per conversion revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser.

Confidentiality

The assurance that messages and information are available only to those who are authorized to view them

Identity Theft

The forging of someone's identity for the purpose of fraud

Copyright

The legal protection afforded an expression of an idea, such as a song, video game, and some types of proprietary documents

Ethics

The principles and standards that guide our behavior toward other people

Information Security

The protection of information from accidental or intentional misuse by persons inside or outside an organization

Privacy

The right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent

Downtime

Time when a system is unavailable

Which of the following is NOT included in the textbooks discussion of information security threats within the area of authentication and authorization?

Viking attack

What is the primary difference between difference between worms and viruses?

Viruses must attach to something (e.g., an .exe file) in order to spread, whereas worms do not

Patent

an exclusive right to make, use, and sell an invention and is granted by a government to the inventor

Nonrepudiation is a specific contractual stipulation to ensure that eBusiness participants:

do not deny their online actions.


Related study sets

Chapter 37: Drugs Therapy for Peptic Ulcer Disease and Hyperacidity

View Set

NU371 Week 8 PrepU: Sexually Transmitted Infections (STIs)

View Set

Public Speaking Review Questions Chapters 10, 11, 13,14,15

View Set

APHG Semester Bellringers Unit 1-5

View Set

FTC1 Macro Ch 7 "CPI & Cost of Living..."

View Set