Chapter 7- Information Security

47 cards

Business AIS

Preview Flashcards

Front Back
time-based model of security
focuses on the relationship between preventative, detective, and corrective controls
defense in depth
to employ multiple layers of controls in order to avoid having a single point of failure
focusses on verifying the identity of the person or device attempting to access the system
biometric identifier
users authenticated by verifying some physical characteristic
multifactor authentication
the use of two or all three methods in conjunction
restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform
access control matrix
a table specifying which portions of the system users are permitted to access and what actions they can perform
compatibility test
matches the user's authentication credentials against the access control matrix to determine whether that employee should be allowed to access that resource and perform the requested action
social engineering
uses deception to obtain unauthorized access to info resources (tricks)
border router
connects an orgs info system to the internet
behind the border router
special purpose hardware device or software running on a general purpose computer
demilitarized zone (DMZ)
separate network that permits controlled access from the internet to selected resources
transmission Control Protocol (TCP)
specifies the procedures for dividing files and documents into packets to be sent over the internet and the methods for reassembly of the original document or file at the destination
Internet protocol (IP)
specifies the structure of those packets and how to route them to the proper destination.
special purpose devices designed to read the destination address fields in IP packet headers to decided where to send (route) the packet next
access control list
a set of rules that determines which packets are allowed entry and which are dropped
static packet filtering
screens individual IP packets based solely on the contents of the sources and or destination fields in the IP packet header
stateful packet filtering
maintains a table that lists all established connections between the organization's computers and the internet
deep packet inspection
when the firewall examines the data in the body of an IP packet rather than only looking at the info in the IP header
intrusion prevention systems (IPS)
designed to identify and drop packets that are part of an attack
remote authentication Dial-In user service (RADIUS)
standard method for verifying the identity of users attempting to connect via dial in access.
user connects to remote access server, which passes credentials to RADIUS server which performs compatibility tests
war dialing
calls every telephone number assigned to the organization to identify those which are connected to modems
the workstations servers, printers and other devices that comprise the organization's network
every program running on a host represents a potential point of attack because it probably contains flaws
the process of turning off unnecessary program features
process of transforming normal text (plaintext) into unreadable gibberish (ciphertext)
reverses the process of encryption
transforms ciphertext back into plaintext
key escrow
involves making copies of all encryption keys used by employees and storing those copies securely
symmetric encryption systems
use the same key both to encrypt and decrypt
asymmetric encryption systems
uses a public and private key(PKI)

public key
widely distributed and available to everyone
private key
kept secret and known only to the owner of that pair of keys
a process that takes plaintext of any length and transforms it into a short code called a hash
plaintext that has been transformed into short code
digital signature
information encrypted with the creator's private key
digital certificate
electronic document, created and digitally signed by a trusted third party, that certifies the identity of the owner of a particular public key
public key infrastructure (PKI)
the system and processes used to issue and manage asymmetric keys and digital certificates
certificate authority
an independent org that issues public and private keys and records the public key in a digital certificate
a cursive style imprint of a person's name that is applied to an electronic document
log analysis
process of examining logs to monitor security
intrusion detection systems (IDS)
create logs of network traffic that was permitted to pass the firewall and then analyze those logs for signs of attempted or successful inrusions
vulnerability scans
use automated tools designed to identify whether a given system possesses any well-known vulnerabilities
penetration test
authorized attempt by either an internal audit team or external security consulting firm to break into the orgs info system
computer emergency response team (CERT)
a team responsible for dealing with major security incidents
set of instructions for taking advantage of a vulnerability
code released by software developers that fixes a particular vulnerability
patch mgmt
process for regularly applying patches and updates to all software used by the org