Isom 210 chapter 4

what occurs when organization use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information

content filtering

__ is the legal protection afforded an expression of an idea, such as a song, book, or video game.

copyright

___ software is software that is manufactured to look like the real thing and sold as such

counterfeit

_____ software is software that is manufactured to look like the rel thing and sold as such

counterfelt

select the two terms that refer to the ability of a company to identify, search, gather, seize or export digital information to a litigation,audit,investigation, or information inquiry

electronic discovery ediscovery

_____ scrambles information into an alternative form that requires a key or password to decrypt

encryption

select the three reasons why organizational should develop written epolicies

establish employee procedures establish organizational rules establish employee guidelines

____ are the principles and standards that guide our behavior toward other people

ethics

key logger hardware key logger cookie adware spyware web log clickstream

a program that records every keystroke and mouse click a hardware device that captures keystrokes on their journey from the keyboard to the motherboard a small file deposited on a hard drive by a website containing information about customer and their web activities software that generates ads that install themselves on a computer when a person downloads some other program from the internet software that comes hidden in free downloadable software and tracks online movement consists of one line of information for every visitor to a website and is usually stored on a web server recorded information about a customer during a web surfing session such as what websites were visited

A ______ use policy requires a user to agree to follow it to be provided access to corporate email, information systems, and internet

acceptable

three epolicies

acceptable use policy social media policy ethical computer use policy

what is software that, although purporting to serve some useful function and often fulfilling that function, also allows internet advertisements to display advertisements without the consent of the computer user

adware

a ___ authority is a trusted third party, such as veriSign, that validates user identities by means of digital certificates

certificate

The ____ online protection act was passed to protect minors form accessing inappropriate material on the internet

child

what is the abuse of pay-per-click, and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or cost for the advertiser

click-fraud

what is hardware and/ or software that guard a private network by analyzing incoming and outgoing information for the correct markings?

firewall

what is an exclusive right to make,use, and sell an invention and is granted by a government to the inventor

patent

what reroutes requests for legitimate websites to false websites

pharming

what is a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent emails that look as though they came from legitimate businesses?

phishing

___ security is tangible protection such as alarms, guards, fireproof doors, fences, and vaults

physical

____ software is the unauthorized use, duplication, distribution, or sale of copyrighted software

pirated

Information ____ is a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization

security

A ___ is an act or object that passes a danger to assets

threat

bombs are computer viruses that wait for a specific data before executing their instructions

time

what are small electronic devices that change user passwords automatically

tokens

What requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token)

two-factor authentication

select two accurate statements relating to an ethical computer use policy

users need to consent to following the rules users need to be informed of the rules

A _____ is software written with malicious intent to cause annoyance or damage

virus

___ is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information

vishing

what is a set of measurable characteristics of a human voice that uniquely identifies an individual

voiceprint

___ is a program that secretly takes over another computer for the purpose of launching attacks on other computer

zombie

phishing ___ is a masquerading attack that combines spam with spoofing

expedition

Internet ___ is government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens

censorship

elevation of privilege hoaxes malicious code packet tampering sniffer spoofing splogs (spam blogs) spyware

A process by which a user misleads a system into granting unauthorized rights, usually for the purpose of compromising or destroying the system attack computer systems by transmitting a virus hoax, with a real virus attached includes a variety of threats such as viruses, worms, and Trojan Horses consists of altering the contents of packets as they travel over the internet or altering data on computer disks after penetrating a network a program or device that can monitor date traveling over a network the forging of the return address on an email so that the message appears to come from someone other than the actual sender fake blogs created solely to raise the search engine rank of affiliated websites software that comes hidden in free downloadable software that tracks online movements

to ____ information is to decode it and is the opposite of encrypt

Decrypt

____ is an antispamming approach where the receiving computer launches a return attack against the spammer, spending email messages back to the computer that originated the suspected spam

Teergrubing

What tracks people's activities by such measures as number of keystrokes, error rate, and number of transaction processed

Workplace MIS monitoring

people data attacks

authentication and authorization prevention and resistance detection and response

____ is the process of providing a user with permission including access levels and abilities such as files access, hours or access, and amount of allocated storage spaces

authorization

Black-hat hackers white-hat- hackers script kiddles Hactivist cyberterrorist cracker

break into other people's computer systems and may just look around or may steal and destroy information Work at the request of the system owners to find system vulnerabilities and plays the holes Find hacking code on the internet and click-and-point their way to systems to cause damage or spread viruses have philosophical and political reasons for breaking into systems and will often deface the website as a protest seek to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction have criminal intent when hacking

what is the user of computer and networking technologies against person or property to intimidate or coerce government any segment or society to attain political religious or ideological goals

cyberterrorism

what is a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution

digital rights management

____ diving, or looking through people's trash, is another way hackers obtain information

dumpster

what is the forging of someone's identity for the purpose of fraud

identity theft

___ ethics govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation, collection, duplication, distribution, and processing of information itself

information

what is the act of conforming, acquiescing, or yielding information

information compliance

what is a method or system of government for information management or control

information governance

what is an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged

information property

what details how an organization will implement the information security policies

information security plan

___ are legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident

insiders

what is intangible creative work that is embodied in physical form and includes copyrights trademarks, and patents

intellectual property

an ___ use policy contains general principles to guide he proper use of the internet

internet

what sends a massive amount of email to a specific person or system that can cause that user's server to stop functioning

mail bomb

____ factor authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (blometric verifaction)

multi

three items typically found in an acceptable use policy

not performing any non-repudiation not using the service as part of violating any law not attempting to break the security of any computer network or user

backdoor program worm Trojan-horse virus (DDos) plymorphic viruses denial-of-service-attack

opens a way into the network for future attacks spreads itself, not only form file to file, but also from computer to computer hides inside other software, usually as an attachment or a downloadable file attacks from multiple computers that flood a website with so many request for service that it slows down or crashes viruses and worms change their form as they propagate floods a website with so many requests for service that it slows down or crashes the site

a user can opt ___ of receiving emails by choosing to deny permission to incoming emails

out

____ is a form of social engineering in which one individual lies to obtain confidential data about another individual

pretexting

an information____ policy contains general principles regarding information privacy

privacy

what is the right to be left alone when you want to be, to have control over your personal possessions, and not to be observed without your consent

privacy

what is a form of malicious software that infects your computer and asks for money

ransomware

which of the following is a type of unplanned downtime

smoke damage water damage frozen pipe static electricity

what uses their social skills to trick people into revealing access credentials or other valuable information

social engineering

who is a person within the organization who is trusted to monitor, contribute, filter, and guide the social media presence of a company, individual, product, or brand

social media manager

what is the process of monitoring and responding to what is being said about a company, individual, product, or brand

social media monitoring

what policy outlines the corporate guidelines or principles governing employee online communications

social media policy

three categories or authentication and authorization

something that is part of the user, such as a fingerprint or voice signature something the user has, such as a smart card or token something the user knows, such as a user ID and password

____ is unsolicited email

spam