risk assessment
security policy
acceptable use policy (AUP)
authorization policies
disaster recovery planning
backup
hot site
cold site
business continuity planning
MIS audit
identity management systems
authentication
authorization
common types of access controls
password
passphrase
cognitive password
security profile
token
smart card
terminal resource security
biometrics
firewall
intrusion detection systems
antivirus and antispyware software
(UTM) unified threat management systems
encryption
two methods of encryption
symmetric key encryption
public key encryption
two methods/protocols for encryption on networks
TLS
S-HTTP (secure hypertext transfer protocol)
digital certificate
fault tolerant computer systems
high-availability computing
DPI (deep packet inspection)
cloud computing
mobile computing device
software metrics
walkthrough
debugging
WEP
Malware
viruses
worms
Trojan horse
SQL injection attacks
spyware
keyloggers
spoofing
sniffer
DoS (denial of service attacks)
DDoS (distributed denial of service attack)
botnets
phishing
pharming
evil twins
insiders
hackers
patches
gramm-leach-biley act
sarbanes-oxley act
computer forensics
general controls
application controls
Security
Controls
Computer crime/fraud
Identity Theft
Click fraud
Why systems are vulnerable
hardware problems
Software problems
disasters
War driving
Rogue access point