Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
25 Cards in this Set
- Front
- Back
|
The Societe Generale employee alleged to have committed fraud against the firm that resulted in a loss to the bank of some €4.9 billion was ____
|
Jerome Kerviel
|
|
|
____ is a form of security incident that first registered on the CSI Computer Crime and Security Survey in 2007
|
Instant messaging abuse
|
|
|
A(n) ____ is a term for any sort of general attack on an information system that takes advantage of a particular system vulnerability.
|
exploit
|
|
|
Often a successful attack on an information system is due to poor system design or implementation. Once such a vulnerability is discovered, software developers quickly create and issue a ____ to eliminate the problem.
|
patch
|
|
|
Some IT security experts warn that is will not be long before we see ____ aimed at smartphones to steal user’s data or turn them into remote-controlled bots
|
exploits
|
|
|
____ viruses have become a common and easily created form of virus. Attackers use an application macro language to create these programs that infect documents and templates.
|
Macro
|
|
|
____ is a form of Trojan horse which executes when it is triggered by a specific event such as a change in a particular files, by typing a specific series of keystrokes, or by a specific time or date.
|
Logic bomb
|
|
|
A ____ attack keeps the target so busy responding to a stream of automated requests that legitimate users cannot get in.
|
distributed denial-of-service
|
|
|
The ____ code portion of a rootkit gets the rootkit installation started and can be easily activated by clicking on a link to a malicious Website in an e-mail or opening an infected .pdf file
|
dropper
|
|
|
Rootkits are designed so cleverly that it is difficult to even discover if they are installed on a computer. The fundamental problem with trying to detect a rootkit is that the operating system cannot be trusted to provide ____.
|
valid test results
|
|
|
Spammers can defeat the registration process of free e-mail services by launching a coordinated ____ attack that can sign up for thousands of untraceable e-mail accounts
|
bot
|
|
|
Edward Davidson ran a spamming operation out of his home that sent hundreds of thousands of spam e-mails. The header information of these e-mails concealed the actual sender from the recipient of the e-mail, a violation of the ____ Act.
|
CAN-SPAM
|
|
|
The ____ is a type of computer crime perpetrator whose primary motive is to achieve a financial gain.
|
cybercriminal
|
|
|
____ is an annual gathering in Las Vegas of computer hackers.
|
DEFCON
|
|
|
Chinese hackers have repeatedly hacked into systems to intercept e-mails between U.S. and UK officials. This is an example of ____.
|
cyberterrorism
|
|
|
The ____ is a Federal law that primarily addresses unlawful access to stored electronic communications.
|
US Code Title 18, Part I, Chapter 121
|
|
|
A strong security program begins by ____.
|
assessing the threats to an organization’s computers and network
|
|
|
Part of a thorough security risk assessment is to determine how each threat can be ____ so that it becomes much less likely to occur or, if it does occur, has less of an impact on the organizations.
|
mitigated
|
|
|
The concept of ____ recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved.
|
reasonable assurance
|
|
|
A security policy outlines what needs to be done but not ____ to do it.
|
how
|
|
|
The ____ is a nonregulatory federal agency within the U.S. Department of Commerce whose Computer Security Division develops security standards and technology against threats to the confidentiality, integrity, and availability of information and services.
|
National Institute of Standards and Technology (NIST)
|
|
|
Installation of a(n) ____ is the most common computer security precaution taken by businesses
|
firewall
|
|
|
The ____ is a partnership between the Department of Homeland Security and the public and private sectors, established in 2003 to protect the nation’s Internet infrastructure against cyberattacks.
|
U.S. Computer Emergency Readiness Team (US_CERT)
|
|
|
A software and/or hardware device that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization is a(n) ____.
|
intrusion detection system
|
|
|
A(n) ____ works to prevent an attack by blocking viruses, malformed packets, and other threats from getting into the protected network
|
intrusion prevention system
|
