Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key

image

Play button

image

Play button

image

Progress

1/25

Click to flip

25 Cards in this Set

  • Front
  • Back
The Societe Generale employee alleged to have committed fraud against the firm that resulted in a loss to the bank of some €4.9 billion was ____
Jerome Kerviel
____ is a form of security incident that first registered on the CSI Computer Crime and Security Survey in 2007
Instant messaging abuse
A(n) ____ is a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability.
exploit
Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue a ____ to eliminate the problem.
patch
Some IT security experts warn that is will not be long before we see ____ aimed at smartphones to steal user’s data or turn them into remote-controlled bots
exploits
____ viruses have become a common and easily created form of virus. Attackers use an application macro language to create these programs that infect documents and templates.
Macro
____ is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular files, by typing a specific series of keystrokes, or by a specific time or date.
Logic bomb
A ____ attack keeps the target so busy responding to a stream of automated requests that legitimate users cannot get in.
distributed denial-of-service
The ____ code portion of a rootkit gets the rootkit installation started and can be easily activated by clicking on a link to a malicious Website in an e-mail or opening an infected .pdf file
dropper
Rootkits are designed so cleverly that it is difficult to even discover if they are installed on a computer. The fundamental problem with trying to detect a rootkit is that the operating system cannot be trusted to provide ____.
valid test results
Spammers can defeat the registration process of free e-mail services by launching a coordinated ____ attack that can sign up for thousands of untraceable e-mail accounts
bot
Edward Davidson ran a spamming operation out of his home that sent hundreds of thousands of spam e-mails. The header information of these e-mails concealed the actual sender from the recipient of the e-mail, a violation of the ____ Act.
CAN-SPAM
The ____ is a type of computer crime perpetrator whose primary motive is to achieve a financial gain.
cybercriminal
____ is an annual gathering in Las Vegas of computer hackers.
DEFCON
Chinese hackers have repeatedly hacked into systems to intercept e-mails between U.S. and UK officials. This is an example of ____.
cyberterrorism
The ____ is a Federal law that primarily addresses unlawful access to stored electronic communications.
US Code Title 18, Part I, Chapter 121
A strong security program begins by ____.
assessing the threats to an organization’s computers and network
Part of a thorough security risk assessment is to determine how each threat can be ____ so that it becomes much less likely to occur or, if it does occur, has less of an impact on the organizations.
mitigated
The concept of ____ recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved.
reasonable assurance
A security policy outlines what needs to be done but not ____ to do it.
how
The ____ is a nonregulatory federal agency within the U.S. Department of Commerce whose Computer Security Division develops security standards and technology against threats to the confidentiality, integrity, and availability of information and services.
National Institute of Standards and Technology (NIST)
Installation of a(n) ____ is the most common computer security precaution taken by businesses
firewall
The ____ is a partnership between the Department of Homeland Security and the public and private sectors, established in 2003 to protect the nation’s Internet infrastructure against cyberattacks.
U.S. Computer Emergency Readiness Team (US_CERT)
A software and/or hardware device that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization is a(n) ____.
intrusion detection system
A(n) ____ works to prevent an attack by blocking viruses, malformed packets, and other threats from getting into the protected network
intrusion prevention system