Isom 210 chapter 4
what occurs when organization use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information
content filtering
__ is the legal protection afforded an expression of an idea, such as a song, book, or video game.
copyright
___ software is software that is manufactured to look like the real thing and sold as such
counterfeit
_____ software is software that is manufactured to look like the rel thing and sold as such
counterfelt
select the two terms that refer to the ability of a company to identify, search, gather, seize or export digital information to a litigation,audit,investigation, or information inquiry
electronic discovery ediscovery
_____ scrambles information into an alternative form that requires a key or password to decrypt
encryption
select the three reasons why organizational should develop written epolicies
establish employee procedures establish organizational rules establish employee guidelines
____ are the principles and standards that guide our behavior toward other people
ethics
key logger hardware key logger cookie adware spyware web log clickstream
a program that records every keystroke and mouse click a hardware device that captures keystrokes on their journey from the keyboard to the motherboard a small file deposited on a hard drive by a website containing information about customer and their web activities software that generates ads that install themselves on a computer when a person downloads some other program from the internet software that comes hidden in free downloadable software and tracks online movement consists of one line of information for every visitor to a website and is usually stored on a web server recorded information about a customer during a web surfing session such as what websites were visited
A ______ use policy requires a user to agree to follow it to be provided access to corporate email, information systems, and internet
acceptable
three epolicies
acceptable use policy social media policy ethical computer use policy
what is software that, although purporting to serve some useful function and often fulfilling that function, also allows internet advertisements to display advertisements without the consent of the computer user
adware
a ___ authority is a trusted third party, such as veriSign, that validates user identities by means of digital certificates
certificate
The ____ online protection act was passed to protect minors form accessing inappropriate material on the internet
child
what is the abuse of pay-per-click, and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or cost for the advertiser
click-fraud
what is hardware and/ or software that guard a private network by analyzing incoming and outgoing information for the correct markings?
firewall
what is an exclusive right to make,use, and sell an invention and is granted by a government to the inventor
patent
what reroutes requests for legitimate websites to false websites
pharming
what is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses?
phishing
___ security is tangible protection such as alarms, guards, fireproof doors, fences, and vaults
physical
____ software is the unauthorized use, duplication, distribution, or sale of copyrighted software
pirated
Information ____ is a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization
security
A ___ is an act or object that passes a danger to assets
threat
bombs are computer viruses that wait for a specific data before executing their instructions
time
what are small electronic devices that change user passwords automatically
tokens
What requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token)
two-factor authentication
select two accurate statements relating to an ethical computer use policy
users need to consent to following the rules users need to be informed of the rules
A _____ is software written with malicious intent to cause annoyance or damage
virus
___ is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information
vishing
what is a set of measurable characteristics of a human voice that uniquely identifies an individual
voiceprint
___ is a program that secretly takes over another computer for the purpose of launching attacks on other computer
zombie
phishing ___ is a masquerading attack that combines spam with spoofing
expedition
Internet ___ is government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens
censorship
elevation of privilege hoaxes malicious code packet tampering sniffer spoofing splogs (spam blogs) spyware
A process by which a user misleads a system into granting unauthorized rights, usually for the purpose of compromising or destroying the system attack computer systems by transmitting a virus hoax, with a real virus attached includes a variety of threats such as viruses, worms, and Trojan Horses consists of altering the contents of packets as they travel over the internet or altering data on computer disks after penetrating a network a program or device that can monitor date traveling over a network the forging of the return address on an email so that the message appears to come from someone other than the actual sender fake blogs created solely to raise the search engine rank of affiliated websites software that comes hidden in free downloadable software that tracks online movements
to ____ information is to decode it and is the opposite of encrypt
Decrypt
____ is an antispamming approach where the receiving computer launches a return attack against the spammer, spending email messages back to the computer that originated the suspected spam
Teergrubing
What tracks people's activities by such measures as number of keystrokes, error rate, and number of transaction processed
Workplace MIS monitoring
people data attacks
authentication and authorization prevention and resistance detection and response
____ is the process of providing a user with permission including access levels and abilities such as files access, hours or access, and amount of allocated storage spaces
authorization
Black-hat hackers white-hat- hackers script kiddles Hactivist cyberterrorist cracker
break into other people's computer systems and may just look around or may steal and destroy information Work at the request of the system owners to find system vulnerabilities and plays the holes Find hacking code on the internet and click-and-point their way to systems to cause damage or spread viruses have philosophical and political reasons for breaking into systems and will often deface the website as a protest seek to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction have criminal intent when hacking
what is the user of computer and networking technologies against person or property to intimidate or coerce government any segment or society to attain political religious or ideological goals
cyberterrorism
what is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution
digital rights management
____ diving, or looking through people's trash, is another way hackers obtain information
dumpster
what is the forging of someone's identity for the purpose of fraud
identity theft
___ ethics govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself
information
what is the act of conforming, acquiescing, or yielding information
information compliance
what is a method or system of government for information management or control
information governance
what is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged
information property
what details how an organization will implement the information security policies
information security plan
___ are legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
insiders
what is intangible creative work that is embodied in physical form and includes copyrights trademarks, and patents
intellectual property
an ___ use policy contains general principles to guide he proper use of the internet
internet
what sends a massive amount of email to a specific person or system that can cause that user's server to stop functioning
mail bomb
____ factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (blometric verifaction)
multi
three items typically found in an acceptable use policy
not performing any non-repudiation not using the service as part of violating any law not attempting to break the security of any computer network or user
backdoor program worm Trojan-horse virus (DDos) plymorphic viruses denial-of-service-attack
opens a way into the network for future attacks spreads itself, not only form file to file, but also from computer to computer hides inside other software, usually as an attachment or a downloadable file attacks from multiple computers that flood a website with so many request for service that it slows down or crashes viruses and worms change their form as they propagate floods a website with so many requests for service that it slows down or crashes the site
a user can opt ___ of receiving emails by choosing to deny permission to incoming emails
out
____ is a form of social engineering in which one individual lies to obtain confidential data about another individual
pretexting
an information____ policy contains general principles regarding information privacy
privacy
what is the right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent
privacy
what is a form of malicious software that infects your computer and asks for money
ransomware
which of the following is a type of unplanned downtime
smoke damage water damage frozen pipe static electricity
what uses their social skills to trick people into revealing access credentials or other valuable information
social engineering
who is a person within the organization who is trusted to monitor, contribute, filter, and guide the social media presence of a company, individual, product, or brand
social media manager
what is the process of monitoring and responding to what is being said about a company, individual, product, or brand
social media monitoring
what policy outlines the corporate guidelines or principles governing employee online communications
social media policy
three categories or authentication and authorization
something that is part of the user, such as a fingerprint or voice signature something the user has, such as a smart card or token something the user knows, such as a user ID and password
____ is unsolicited email
spam