Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

21 Cards in this Set

  • Front
  • Back
five basic principles that contribute to systems reliability
security, confidentiality, privacy, processing integrity, and availability
when access to the system and its data is controlled there is
when sensitive information is protected from unauthorized disclosure there is
when personal information about customers is collected, used, disclosed and maintained in an appropriate manner
when data is processed accurately, completely, in a timely manner and with proper authorization there is
processing integrity
when the system is available to meet operational and contractual obligations there is
four essential criteria for implementing each of the five principles that contribute to systems reliability
developing and documenting policies, effectively communicating policies to all authorized users, designing and employing appropriate control procedures to implement polices, and monitoring the system and taking corrective action to maintain compliance with policies
to employ multiple layers of controls in order to avoid having a single point of failure
defense in depth
types of preventive controls
authentication; authorization training; physical access controls; remote access controls; host and application hardening procedures, encryption
types of detection controls
log analysis, intrusion detection systems
corrective controls
patch management, computer emergency response teams
connects an organizations information system to the internet
border router
a special purpose hardware device or software running on a general purpose computer that’s behind the border router
when firewalls examine the data in the body of an IP packet
deep packet inspection
what would be involved in a multi perimeter filtering device
border router, firewall, Intrusion prevention system
the process of turning off unnecessary features is called
when an attacker sends a program more data than it can handle
buffer overflow attack
storing a copy of the encryption keys in a remote secure location
key escrow
systems that use the same key both to encrypt and decrypt
Symmetric encryption systems DES and AES
a public key is widely distributed and available to everyone, and a second key is kept secret
asymmetric encryption systems RSA and PGP
a process that takes plaintext of any length and transforms it into a sort code