IS Security and Privacy

Descripción

IS201 Mapa Mental sobre IS Security and Privacy, creado por erocespinel el 17/10/2013.
erocespinel
Mapa Mental por erocespinel, actualizado hace más de 1 año
erocespinel
Creado por erocespinel hace alrededor de 11 años
21
0

Resumen del Recurso

IS Security and Privacy
  1. Key Terms
    1. Backup scope, Frequency, and Media
      1. Information Security
        1. Encompasses the protection the protection of information from accidental or intentional misuse by person inside or outside an organization
          1. Hackers and Viruses are the two hottest threats
            1. Hacker
              1. An expert in tech who use their knowledge to break into a comp or comp network either for profit or simply for the challenge
                1. Hacker Weapons

                  Nota:

                  • PAGE 293 in book
                  1. Hoaxes

                    Nota:

                    • transmits a virus using a hoax virus with a real one attached
                    1. Malicious Code

                      Nota:

                      • includes a variety of threats including viruses, worms, and Trojan horses
                      1. Denial of Service (DOS) attack

                        Nota:

                        • Floods a website with so many requests for service that it slows down or crashes the site
                        1. Virus
                          1. Trojan-Horse Virus
                          2. Worm

                            Nota:

                            • Spreads itself not only from file to file, but also from computer to computer. Different then a virus because a WORM does not need to attach to anything to spread and can tunnel itself into computers
                            1. distributed DOS (DDOS) attack

                              Nota:

                              • Similar to DOS except that it attacks from multiple computers. Ping of Death-When thousands of computers try to access a website simultaneously, overloading it and causing it to shut down 
                              1. Packet Tampering

                                Nota:

                                • altering packets of data as they travel over the internet or intercept to eavesdrop (think class example when Anderson had a kid throw a paper ball) or altering data on comp disks after penetrating a network
                                1. Sniffer

                                  Nota:

                                  • A program or device that can monitor data as it travels over a network-Sniffer can pull all data like passwords, cc info, etc Fav weapon in Hackers arsenal
                                  1. Spoofing

                                    Nota:

                                    • Forging the address of an email to appear to be coming from that user-NOT A VIRUS but a way to spread viruses
                                    1. Spyware

                                      Nota:

                                      • Special class of adware that collects user data and transmits it over the web without the user knowing
                            2. CONCEPTS
                              1. What is the difference between the first and second lines of defense?
                                1. First Line: PEOPLE

                                  Nota:

                                  • information security policies can help 
                                  1. problem is that you have careless or malicious people ,such as:
                                    1. Insider

                                      Nota:

                                      • A real user who purposely or accidentally misuses their access to an environment and causes some sort of business-affecting incident
                                      1. Social Engineering

                                        Nota:

                                        • Hackers use social skills to trick people into revealing access credentials or other valuable info
                                  2. Second Line: TECHNOLOGY
                                    1. DATA: Prevention and Resistance
                                      1. Content Filtering
                                        1. Encryption

                                          Nota:

                                          • scrambles info and needs a key or password to decrypt
                                          1. Firewall

                                            Nota:

                                            • Firewalls are like bouncers that monitors what goes in and out
                                            1. What is an example of prevention and resisitance
                                            2. 3 areas that Technology can help with information security
                                              1. People: Authentication and Authorization
                                                1. Authentication

                                                  Nota:

                                                  • confirm user identity
                                                  1. What is an example of Authentication and Authorization
                                                    1. Biometrics

                                                      Nota:

                                                      • ID of users based on physical characterisitics
                                                      1. Smart Card

                                                        Nota:

                                                        • A device that can store info or small software to perform some limited processing like a key card, data storage device, form of digital cash
                                                        1. Token

                                                          Nota:

                                                          • Small electronic devices that change user passwords automatically
                                                      2. Authorization

                                                        Nota:

                                                        • Once you have identified yourself through authentication then the system determines what level of access privileges
                                                        1. And
                                                          1. Prevents
                                                            1. Phishing

                                                              Nota:

                                                              • a technique used to gain personal information for the purpose of identity theft -usually done by fraudulent emails that look like they came for legit businesses asking for you to provide some sort of important info
                                                          2. Attack: Detection and Response
                                                            1. Intrusion Detection Software
                                                              1. What is an example of Detection and Response

                                                                Nota:

                                                                • Intrusion Detection Software (IDS) Like a network policeman looking for suspicious things happening
                                                        2. What is the difference between the types of malicious code?
                                                        Mostrar resumen completo Ocultar resumen completo

                                                        Similar

                                                        USING EXCEL TO MEASURE THE SUCCESS OF STRATEGIC INITIATIVES
                                                        erocespinel
                                                        Valuing and Storing Information, Intro to ER Diagrams
                                                        erocespinel
                                                        Systems Development Life Cycle
                                                        erocespinel
                                                        Untitled
                                                        erocespinel
                                                        Entity-Relationship Diagrams, Database Design
                                                        erocespinel
                                                        HARDWARE/NETWORKING
                                                        erocespinel
                                                        Paradigms
                                                        erocespinel
                                                        Identifying and Implementing Competitive Advantage
                                                        erocespinel
                                                        OPTIMIZATION MODELING WITH SOLVER
                                                        erocespinel
                                                        Freud: Pasión Secreta
                                                        Cesar_Adolfo
                                                        Mapa conceptual Principios del Derecho Penal
                                                        martha lucia canizalez mera