IS Security and Privacy

Description

IS201 Mind Map on IS Security and Privacy, created by erocespinel on 17/10/2013.
erocespinel
Mind Map by erocespinel, updated more than 1 year ago
erocespinel
Created by erocespinel about 11 years ago
21
0

Resource summary

IS Security and Privacy
  1. Key Terms
    1. Backup scope, Frequency, and Media
      1. Information Security
        1. Encompasses the protection the protection of information from accidental or intentional misuse by person inside or outside an organization
          1. Hackers and Viruses are the two hottest threats
            1. Hacker
              1. An expert in tech who use their knowledge to break into a comp or comp network either for profit or simply for the challenge
                1. Hacker Weapons

                  Annotations:

                  • PAGE 293 in book
                  1. Hoaxes

                    Annotations:

                    • transmits a virus using a hoax virus with a real one attached
                    1. Malicious Code

                      Annotations:

                      • includes a variety of threats including viruses, worms, and Trojan horses
                      1. Denial of Service (DOS) attack

                        Annotations:

                        • Floods a website with so many requests for service that it slows down or crashes the site
                        1. Virus
                          1. Trojan-Horse Virus
                          2. Worm

                            Annotations:

                            • Spreads itself not only from file to file, but also from computer to computer. Different then a virus because a WORM does not need to attach to anything to spread and can tunnel itself into computers
                            1. distributed DOS (DDOS) attack

                              Annotations:

                              • Similar to DOS except that it attacks from multiple computers. Ping of Death-When thousands of computers try to access a website simultaneously, overloading it and causing it to shut down 
                              1. Packet Tampering

                                Annotations:

                                • altering packets of data as they travel over the internet or intercept to eavesdrop (think class example when Anderson had a kid throw a paper ball) or altering data on comp disks after penetrating a network
                                1. Sniffer

                                  Annotations:

                                  • A program or device that can monitor data as it travels over a network-Sniffer can pull all data like passwords, cc info, etc Fav weapon in Hackers arsenal
                                  1. Spoofing

                                    Annotations:

                                    • Forging the address of an email to appear to be coming from that user-NOT A VIRUS but a way to spread viruses
                                    1. Spyware

                                      Annotations:

                                      • Special class of adware that collects user data and transmits it over the web without the user knowing
                            2. CONCEPTS
                              1. What is the difference between the first and second lines of defense?
                                1. First Line: PEOPLE

                                  Annotations:

                                  • information security policies can help 
                                  1. problem is that you have careless or malicious people ,such as:
                                    1. Insider

                                      Annotations:

                                      • A real user who purposely or accidentally misuses their access to an environment and causes some sort of business-affecting incident
                                      1. Social Engineering

                                        Annotations:

                                        • Hackers use social skills to trick people into revealing access credentials or other valuable info
                                  2. Second Line: TECHNOLOGY
                                    1. DATA: Prevention and Resistance
                                      1. Content Filtering
                                        1. Encryption

                                          Annotations:

                                          • scrambles info and needs a key or password to decrypt
                                          1. Firewall

                                            Annotations:

                                            • Firewalls are like bouncers that monitors what goes in and out
                                            1. What is an example of prevention and resisitance
                                            2. 3 areas that Technology can help with information security
                                              1. People: Authentication and Authorization
                                                1. Authentication

                                                  Annotations:

                                                  • confirm user identity
                                                  1. What is an example of Authentication and Authorization
                                                    1. Biometrics

                                                      Annotations:

                                                      • ID of users based on physical characterisitics
                                                      1. Smart Card

                                                        Annotations:

                                                        • A device that can store info or small software to perform some limited processing like a key card, data storage device, form of digital cash
                                                        1. Token

                                                          Annotations:

                                                          • Small electronic devices that change user passwords automatically
                                                      2. Authorization

                                                        Annotations:

                                                        • Once you have identified yourself through authentication then the system determines what level of access privileges
                                                        1. And
                                                          1. Prevents
                                                            1. Phishing

                                                              Annotations:

                                                              • a technique used to gain personal information for the purpose of identity theft -usually done by fraudulent emails that look like they came for legit businesses asking for you to provide some sort of important info
                                                          2. Attack: Detection and Response
                                                            1. Intrusion Detection Software
                                                              1. What is an example of Detection and Response

                                                                Annotations:

                                                                • Intrusion Detection Software (IDS) Like a network policeman looking for suspicious things happening
                                                        2. What is the difference between the types of malicious code?
                                                        Show full summary Hide full summary

                                                        Similar

                                                        USING EXCEL TO MEASURE THE SUCCESS OF STRATEGIC INITIATIVES
                                                        erocespinel
                                                        Valuing and Storing Information, Intro to ER Diagrams
                                                        erocespinel
                                                        Systems Development Life Cycle
                                                        erocespinel
                                                        Untitled
                                                        erocespinel
                                                        Entity-Relationship Diagrams, Database Design
                                                        erocespinel
                                                        HARDWARE/NETWORKING
                                                        erocespinel
                                                        Paradigms
                                                        erocespinel
                                                        Identifying and Implementing Competitive Advantage
                                                        erocespinel
                                                        OPTIMIZATION MODELING WITH SOLVER
                                                        erocespinel
                                                        A2 Geography- Energy Security
                                                        sophielee0909
                                                        Kwasi Enin - College Application Essay
                                                        philip.ellis