Chapter 7- Information Security

47 cards

business AIS


 
  
Created Feb 10, 2012
by
rothera

 

 
Table View
 
Download
 
Print

Flashcard Set Preview

  Side A   Side B
1
time-based model of security
 
focuses on the relationship between preventative, detective, and corrective controls
2
defense in depth
 
to employ multiple layers of controls in order to avoid having a single point of failure
3
authentication
 
focusses on verifying the identity of the person or device attempting to access the system
4
biometric identifier
 
users authenticated by verifying some physical characteristic
5
multifactor authentication
 
the use of two or all three methods in conjunction
6
authorization
 
restricts access of authenticated users to specific portions of the system and specifies what...
7
access control matrix
 
a table specifying which portions of the system users are permitted to access and what actions...
8
compatibility test
 
matches the user's authentication credentials against the access control matrix to determine...
9
social engineering
 
uses deception to obtain unauthorized access to info resources (tricks)
10
border router
 
connects an orgs info system to the internet
11
firewall
 
behind the border router
special purpose hardware device or software running on a general...
12
demilitarized zone (DMZ)
 
separate network that permits controlled access from the internet to selected resources
13
transmission Control Protocol (TCP)
 
specifies the procedures for dividing files and documents into packets to be sent over the...
14
Internet protocol (IP)
 
specifies the structure of those packets and how to route them to the proper destination.
15
routers
 
special purpose devices designed to read the destination address fields in IP packet headers...
16
access control list
 
(ACL)
a set of rules that determines which packets are allowed entry and which are dropped
17
static packet filtering
 
screens individual IP packets based solely on the contents of the sources and or destination...
18
stateful packet filtering
 
maintains a table that lists all established connections between the organization's computers...
19
deep packet inspection
 
when the firewall examines the data in the body of an IP packet rather than only...
20
intrusion prevention systems (IPS)
 
designed to identify and drop packets that are part of an attack
21
remote authentication Dial-In user service (RADIUS)
 
standard method for verifying the identity of users attempting to connect via dial in access.
user...
22
war dialing
 
calls every telephone number assigned to the organization to identify those which are connected...
23
hosts
 
the workstations servers, printers and other devices that comprise the organization's network
24
vulnerabilities
 
every program running on a host represents a potential point of attack because it probably...
25
hardening
 
the process of turning off unnecessary program features
26
encryption
 
process of transforming normal text (plaintext) into unreadable gibberish (ciphertext)
27
decryption
 
reverses the process of encryption
transforms ciphertext back into plaintext
28
key escrow
 
involves making copies of all encryption keys used by employees and storing those copies securely
29
symmetric encryption systems
 
use the same key both to encrypt and decrypt
(DES, AES)
30
asymmetric encryption systems
 
uses a public and private key(PKI)

(RSA, PGP)
31
public key
 
widely distributed and available to everyone
32
private key
 
kept secret and known only to the owner of that pair of keys
33
hashing
 
a process that takes plaintext of any length and transforms it into a short code called a hash
34
hash
 
plaintext that has been transformed into short code
35
digital signature
 
information encrypted with the creator's private key
36
digital certificate
 
electronic document, created and digitally signed by a trusted third party, that certifies...
37
public key infrastructure (PKI)
 
the system and processes used to issue and manage asymmetric keys and digital certificates
38
certificate authority
 
an independent org that issues public and private keys and records the public key in a digital...
39
e-signature
 
a cursive style imprint of a person's name that is applied to an electronic document
40
log analysis
 
process of examining logs to monitor security
41
intrusion detection systems (IDS)
 
create logs of network traffic that was permitted to pass the firewall and then analyze those...
42
vulnerability scans
 
use automated tools designed to identify whether a given system possesses any well-known vulnerabilities
43
penetration test
 
authorized attempt by either an internal audit team or external security consulting firm to...
44
computer emergency response team (CERT)
 
a team responsible for dealing with major security incidents
45
exploit
 
set of instructions for taking advantage of a vulnerability
46
patch
 
code released by software developers that fixes a particular vulnerability
47
patch mgmt
 
process for regularly applying patches and updates to all software used by the org

No comments yet! Be the first to add a comment below!

Please login to post comments.
After login, we will forward you back to this flashcard.


Upgrade and get a lot more done!
Upgrade    Cancel