Chapter 7- Information Security

47 cards

Business AIS

Preview Flashcards

Front Back
time-based model of security
 
focuses on the relationship between preventative, detective, and corrective controls
defense in depth
 
to employ multiple layers of controls in order to avoid having a single point of failure
authentication
 
focusses on verifying the identity of the person or device attempting to access the system
biometric identifier
 
users authenticated by verifying some physical characteristic
multifactor authentication
 
the use of two or all three methods in conjunction
authorization
 
restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform
access control matrix
 
a table specifying which portions of the system users are permitted to access and what actions they can perform
compatibility test
 
matches the user's authentication credentials against the access control matrix to determine whether that employee should be allowed to access that resource and perform the requested action
social engineering
 
uses deception to obtain unauthorized access to info resources (tricks)
border router
 
connects an orgs info system to the internet
firewall
 
behind the border router
special purpose hardware device or software running on a general purpose computer
demilitarized zone (DMZ)
 
separate network that permits controlled access from the internet to selected resources
transmission Control Protocol (TCP)
 
specifies the procedures for dividing files and documents into packets to be sent over the internet and the methods for reassembly of the original document or file at the destination
Internet protocol (IP)
 
specifies the structure of those packets and how to route them to the proper destination.
routers
 
special purpose devices designed to read the destination address fields in IP packet headers to decided where to send (route) the packet next
access control list
 
(ACL)
a set of rules that determines which packets are allowed entry and which are dropped
static packet filtering
 
screens individual IP packets based solely on the contents of the sources and or destination fields in the IP packet header
stateful packet filtering
 
maintains a table that lists all established connections between the organization's computers and the internet
deep packet inspection
 
when the firewall examines the data in the body of an IP packet rather than only looking at the info in the IP header
intrusion prevention systems (IPS)
 
designed to identify and drop packets that are part of an attack
remote authentication Dial-In user service (RADIUS)
 
standard method for verifying the identity of users attempting to connect via dial in access.
user connects to remote access server, which passes credentials to RADIUS server which performs compatibility tests
war dialing
 
calls every telephone number assigned to the organization to identify those which are connected to modems
hosts
 
the workstations servers, printers and other devices that comprise the organization's network
vulnerabilities
 
every program running on a host represents a potential point of attack because it probably contains flaws
hardening
 
the process of turning off unnecessary program features
encryption
 
process of transforming normal text (plaintext) into unreadable gibberish (ciphertext)
decryption
 
reverses the process of encryption
transforms ciphertext back into plaintext
key escrow
 
involves making copies of all encryption keys used by employees and storing those copies securely
symmetric encryption systems
 
use the same key both to encrypt and decrypt
(DES, AES)
asymmetric encryption systems
 
uses a public and private key(PKI)

(RSA, PGP)
public key
 
widely distributed and available to everyone
private key
 
kept secret and known only to the owner of that pair of keys
hashing
 
a process that takes plaintext of any length and transforms it into a short code called a hash
hash
 
plaintext that has been transformed into short code
digital signature
 
information encrypted with the creator's private key
digital certificate
 
electronic document, created and digitally signed by a trusted third party, that certifies the identity of the owner of a particular public key
public key infrastructure (PKI)
 
the system and processes used to issue and manage asymmetric keys and digital certificates
certificate authority
 
an independent org that issues public and private keys and records the public key in a digital certificate
e-signature
 
a cursive style imprint of a person's name that is applied to an electronic document
log analysis
 
process of examining logs to monitor security
intrusion detection systems (IDS)
 
create logs of network traffic that was permitted to pass the firewall and then analyze those logs for signs of attempted or successful inrusions
vulnerability scans
 
use automated tools designed to identify whether a given system possesses any well-known vulnerabilities
penetration test
 
authorized attempt by either an internal audit team or external security consulting firm to break into the orgs info system
computer emergency response team (CERT)
 
a team responsible for dealing with major security incidents
exploit
 
set of instructions for taking advantage of a vulnerability
patch
 
code released by software developers that fixes a particular vulnerability
patch mgmt
 
process for regularly applying patches and updates to all software used by the org