Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
158 Cards in this Set
- Front
- Back
Defense in depth
|
employing multiple layers of controls to avoid a single point of failure. So if one control fails another should start to work.
|
|
time based model of security
|
implementing a set of preventive, detective, and corrective controls that enable an organization to recognize that an attackk has occured and take several steps to thwart it
|
|
social engineering
|
using deception to obtain unauthorized access to information resourses. access obtained by fooling employee
|
|
authentication
|
verifying the identity of the person or device attempting to access the system
|
|
biometric identification
|
using unique physical characteristics such as fingerprints, voices, retinas, etc to identify a person
|
|
multifactor authentication
|
the use of two or more authentication methods to achieve greater security. Ex. id badges, biometrics, and passwords
|
|
multimodal authentication
|
the use of multiple authentication creadentials of the same bype to achieve greater security.. Ex. Fingerprints, and retina scans
|
|
authorization
|
granting and employee power to perform certain organizational functions, such as purchasing or selling
|
|
access control matrix
|
an internally maintained table specifying which portions of the system users are permitted to access, and what actions they can perform
|
|
compatibility test
|
determining where a person attempting to access an information system resource is authorzied to do so. matches access through the access control matrix
|
|
border router
|
a device that connects an organizations information system to the internet
|
|
firewall
|
a combination of security algorithms and router communications protocols that prevent outsiders from tapping into corporate databases and email systems
|
|
demilitarized zone(dmz)
|
placing the organizations web servers and email servers in a seperate network that sits outside the corporate network but is accessible from the internet
|
|
transmission control protocol
|
the protocol enabling the communications on the internet. it creates what is called a packet switching network. when a message is ready to get sent over the internet the tcp breaks it up into small packets.
|
|
internet protocol
|
The ip uses the information in the packet header from tcp to make sure they arrive at proper destination. once there tcp rearranges the packets
|
|
routers
|
special purpose device that is designed to read the destination address fields in the ip packet headers to decide where to send the packet next
|
|
access control list(acl)
|
a set of rules that determines which packets of information transmitted over a network are allowed entry and which are dropped
|
|
static packet filtering
|
a process that screens individual ip packets based solely on the contents of the source and destinations fields in the ip header
|
|
stateful packet filtering
|
a technique employed by firewalls in which a table is maintained that lists all established connections between the organization's computers and the internet. The firewall consults this table to determine whether an incoming packet is part of ongoing message initiated by internal computer
|
|
deep packet inspection
|
when the firewall examines the data in the body of an ip packet rather than looking only at the information in the ip header
|
|
intrustion prevention system
|
a new type of filter designed to identify and drop packets that are part of a attack
|
|
remote authentication dial in user service
|
a standard method for verifying the identity of users attempting to connect via dial in access.
|
|
war dialing
|
searching for an idle modem by programming a computer to dial thousands of phone lines. finding a idle modem often enables a hacker to gain access to the network in which the modem is connected
|
|
endpoints
|
collective term for the workstations, servers, printerss, and other devices that comprise a organizatins network
|
|
vulnerabilities
|
flaws in a program that can be exploited to either crash the system or take control of it
|
|
vunerability scans
|
automated tools designed to identify whether a given system possesses an well known vunerabilities
|
|
hardening
|
the process of turning off unnessary program features... to help the security of systems
|
|
log analysis
|
the process of examining logs to monitor security
|
|
intrusion detection system(ids)
|
a system that creates logs of all network traffic that was permitted to pass the firewall and then analyzes those logs for signs of attempted or successful intrusions
|
|
penetration test
|
an authorized test to break into an organizations information systems
|
|
computer incident response team(cirt)
|
a team that is responsible for dealing with major security incidents. mainly technical specialists
|
|
exploit
|
the set of instructions for taking advantage of a vunerability
|
|
patch
|
code released by software developers that fixes a particular vulnerability
|
|
patch management
|
the process of regularly applying patches and updates to software
|
|
virtualization
|
taking advantage of the power and speed of modern computers to run multiple systems simultaneously on one physical computer. This reduces the number of servers needed and thereby reduces hardware costs, etc
|
|
cloud computing
|
purchasing software, storage, infrastructure, or platforms from a thrid party on a pay for use basis. organization can cut IT costs by using cloud computing
|
|
information rights management(irm)
|
software that offers the capability not only to limit access to specific files and documents, but also to specify the actions that individuals can perform.
|
|
data loss prevention(dlp)
|
software which works like antivirus programs in reverse, blocking outgoing messages
|
|
digital watermark
|
code embedded in documents that enables an organization to identify confidential information that has been disclosed. a digital watermark is a detective control and organizations should investigate how a comprimise occured and take corrective actions
|
|
data masking
|
a program that protects privacy by replacing customers personal information with fake values before sending that data to the program development and testing system.
|
|
spam
|
simultaneously emailing nonsense
|
|
identity theft
|
assuming someone's identity, usually for economic gain, by illegally obtaining confidential information such as a social security number
|
|
cookie
|
a text file created by a web site and stored on the visitors hard drive. saved what the user did while on site
|
|
encryption
|
the process of transforming normal text, called plaintext, into unreadable gibberish, called ciphertext.
|
|
plaintext
|
normal text that has not been encrypted
|
|
ciphertext
|
plaintext that was transformed into unreadable gibberish using encryption
|
|
decryption
|
transforming ciphertext back into plaintext
|
|
key escrow
|
the process of storing a copy of an encryption key in a secure location
|
|
symmetric encryption systems
|
encryption systems that use the same key both to encrypt and decrypt
|
|
asymmetric encryption systems
|
encryption system that uses a different key to encrypt and decrypt
|
|
public key
|
a key that is publicly available
|
|
private key
|
private key is kept secret to only the owners of the key
|
|
hashing
|
transforming plaintext of any length into a short code called a hash
|
|
hash
|
plaintext that has been transformed into unreadable short code
|
|
nonrepudiation
|
creating legally binding agreements that cannot be unilaterally repudiated by either party. this is done by signing documents and giving both parties copies. in todays digital world, the same level of nonrepudiation is accomplished by using hashing and asymmetric encryption to create a digital signature
|
|
digital signature
|
piece of data signed on a document by a computer. A digital signature cannot be forged and is useful in tracing authorization. Information encrypted with creators private key
|
|
digital certificate
|
an electronic document, created and digitally signed by a trusted third party, that certifies the identity of the owner of the particular private key.
|
|
certificate authority
|
an independent organization that isssues public and private keys and records the public keys in a digital certificate
|
|
public key infastructure
|
uses public keys and private keys but has to be a private and public key pair to encode and decode
|
|
virtual private network(vpn)
|
a network that controls access to an extranet using encryption and authentication technology
|
|
turnaround document
|
records of company data sent to an external party and then returned to the system as input. ex. utility bill
|
|
field check
|
an edit check in which the characters in a field are examined to ensure they are of the correct field type. numeric data isnt letters... etc
|
|
sign check
|
an edit check that verfies that the data in the field have the appropriate arithemtic sign
|
|
limit check
|
an edit check to ensure that a numerical amount in a record does not exceed a predetermined amount
|
|
range check
|
an edit check designed to verify that a data item falls within a certain predetermined range
|
|
size check
|
an edit check that ensures the input data will fit into the assigned field
|
|
completeness check
|
an online data entry control in which the computer determines whether all data required for a particular transaction have been entered
|
|
validity check
|
an edit test in which an identification number or transaction code is compared with a table of valid identification numbers or codes maintained in computer memory
|
|
reasonableness test
|
an edit test of the logical correctiveness of relationships among data items.
|
|
check digit
|
id numbers can carry a check digit computed by others... ex give nine digit numbers and have the tenth be calculated using the nine
|
|
check digit verification
|
recalculating a check digit to verify that an error has not been made. This calculation can only be made on a data item that has a check digit.
|
|
sequence check
|
an edit check that determines if a batch of input data is in the proper numerical or alphabetical sequence
|
|
batch total
|
the sum of a numerical item for a batch of documents. These totals are calculated with machine generated totals at each subsequent processing step to verify that the data was processed correctly
|
|
financial total
|
the total of a dollar field, such as total sales, in a set of records. it is usually generated manually from source documents prior to input and compared with machine generated totals at each processing step
|
|
hash total
|
a total generated from values for a field that would not usually be totaled, such as customer account numbers
|
|
record count
|
a total of the number of input documents in a process or the number of records processed at a given time
|
|
prompting
|
an online data entry control that uses th computer to control the data entry process. the system requests each required item of input data and then waits for an acceptable response before requesting the next required item
|
|
closed loop verifcation
|
an input validation method that uses data entered into the system to retrieve and display other related information so the accuracy of the input data can be verified
|
|
header record
|
type of internal label that appears at the beginning of each file and contains the file name, expiration date, and other file identification information
|
|
trailer record
|
type of internal label that appears at the end of each file and serves as an indicator that the end of the file has been reached. The trailer label contains the batch totals calculated during input
|
|
transposition error
|
an error that results when numbers in two adjacdnt columns are inadvertently exchanged. ex...64 is written as 46
|
|
cross footing balance
|
a procedure in which worksheet data are totaled both across and down. then, the total of the horizontal totals is compared to the total of the vertical totals to ensure that the worksheet balances
|
|
zero balance check
|
an internal check that requires the balance of an account to be zero after all entries to it have been made.
|
|
concurrent update controls
|
controls that lock out users to protect individual records from errors that could occur if multiple users attempted to update the same record simultaneously
|
|
parity bit
|
an extra bit added to a byte and magnetized as needed to ensure that there is always an odd or even number of magnetized bits. the computer uses the odd or even parity scheme to check the accuracy of each item of data
|
|
parity checking
|
process in which a computer, as it reads or recieves a set of characters, verifies that the proper number of magnetized is in each character received. If not, the corresponding character may contain an error
|
|
fault tolerance
|
the capability of a system to continue performing when there is a hardware failure
|
|
redundant arrays of independent drives(raid)
|
writing data to multiple disk drives simultaneously so that if one disk drives fails the data can be readily accessed from another
|
|
uninterrupted power supply(ups)
|
an alternative power supply device that protects against power loss of power and fluctuations in the power level by using battery power to enable the system to operate long enough to back up critical data and safeley shut down
|
|
backup
|
a copy of a database, file, or software program
|
|
recovery point objective(rpo)
|
the length of time between the last backup and the time that an incident occurred. the rpo represents the period of time for which management is willing to have to reenter data about past transactions
|
|
recovery time objective(rto)
|
the time by which the organizations information system must be available again following a disaster
|
|
incremental backup
|
copying data items that have changed since the last backup. This produces a set of incremental backup files, each containing the results of one days transactions
|
|
differential backup
|
copying all changes made since the last full backup. Thus, each new differential backup file contains the cumulative effects of all activity since the last full backup
|
|
archive
|
a copy of a database, masterfile, or software that is retained indefinitially as a historical record, usually to satisfy legal and regulatory requirements
|
|
disaster recovery plan
|
a plan to recover data processing capacityas smoothly and quickly as possible in the event of an emergency that disables the computer system
|
|
cold site
|
a location that provides everything necessary to quickly install computer equipment in the even of a disaster
|
|
hot site
|
completely operational data processing facility configured to meet the users requirement that can be made available to a disaster stricken organization on short notice
|
|
business continuity plan(bcp)
|
a plan that specifys how to resume all business processes in the event of a major calamity
|
|
change control
|
the process that ensures hardware, software, or process modifications do ot reduce systems reliability
|
|
revenue cycle
|
the recurring set of business activities and data processing operations associated with providing goods and services to customers and collecting cash in payment for those sales
|
|
sales order
|
the document created during sales order entry listing the item numbers, quantities, prices, and terms of the sale
|
|
electronic data interchange(edi)
|
the use of computerized communications and a stardard coding scheme to submit business documents electronically in a format that can be automatically processed by the recipient information system
|
|
credit limit
|
the maximum allowable credit account balance for each customer, based on past credit history and ability to pay
|
|
accounts recievable aging report
|
a report listing customer account balances by length of time outstanding.
|
|
back order
|
a document authorizing the purchase or production of items that is created when there is insuffient inventory to meet customer orders
|
|
picking ticket
|
a document authorzing the inventory control function to release merchandise to the shipping department. warehouse workers fill order
|
|
customer relationship management(crm)
|
software that organizes information about customers in a manner that facilitiates efficient and personalized service
|
|
packing slip
|
a document listing the quantity and description of each item included in a shipment
|
|
bill of lading
|
a legal contract that defines responsibility for goods while they are in transit. it identifies the carrier, source, destination, shipping instructions, and the party that must pay the carrier
|
|
sales invoice
|
a document notifying customers of the amount of a sale and where to send payment
|
|
open invoice method
|
method for maintaining accounts receivable in which customers typically pay according to each invoice. Usually, two copies of the invoice are mailed to the customer, who is requested to return one copy with the payment.
|
|
remittance advice
|
an enclosure included with a customer's payment that indicates the invoices, statements, or other items paid
|
|
balance forward method
|
method of maintaining accounts receivable in which customers typically pay according to the amount shown on a monthly statement, rather than by individual invoices. Remittances are applied against the total acount balance, rather than specific invoices
|
|
sales invoice
|
a document notifying customers of the amount of a sale and where to send payment
|
|
back order
|
a document authorizing the purchase or production of items that is created when there is insuffient inventory to meet customer orders
|
|
monthly statement
|
a docuement summarizing all the transactions that occurred in the past month
|
|
open invoice method
|
method for maintaining accounts receivable in which customers typically pay according to each invoice. Usually, two copies of the invoice are mailed to the customer, who is requested to return one copy with the payment.
|
|
remittance advice
|
an enclosure included with a customer's payment that indicates the invoices, statements, or other items paid
|
|
picking ticket
|
a document authorzing the inventory control function to release merchandise to the shipping department. warehouse workers fill order
|
|
balance forward method
|
method of maintaining accounts receivable in which customers typically pay according to the amount shown on a monthly statement, rather than by individual invoices. Remittances are applied against the total acount balance, rather than specific invoices
|
|
customer relationship management(crm)
|
software that organizes information about customers in a manner that facilitiates efficient and personalized service
|
|
packing slip
|
a document listing the quantity and description of each item included in a shipment
|
|
monthly statement
|
a docuement summarizing all the transactions that occurred in the past month
|
|
bill of lading
|
a legal contract that defines responsibility for goods while they are in transit. it identifies the carrier, source, destination, shipping instructions, and the party that must pay the carrier
|
|
sales invoice
|
a document notifying customers of the amount of a sale and where to send payment
|
|
open invoice method
|
method for maintaining accounts receivable in which customers typically pay according to each invoice. Usually, two copies of the invoice are mailed to the customer, who is requested to return one copy with the payment.
|
|
remittance advice
|
an enclosure included with a customer's payment that indicates the invoices, statements, or other items paid
|
|
balance forward method
|
method of maintaining accounts receivable in which customers typically pay according to the amount shown on a monthly statement, rather than by individual invoices. Remittances are applied against the total acount balance, rather than specific invoices
|
|
monthly statement
|
a docuement summarizing all the transactions that occurred in the past month
|
|
cycle billing
|
producing monthly statements for subsets of customers at different times. For Example, each week monthly statements would be prepared for one-fourth of the customers
|
|
credit memo
|
a document allowing a credit to account payable or accounts receivable
|
|
remittance list
|
a document listing all checks received in the mail
|
|
lockbox
|
a postal address to which customers send their remittances. This post office is maintained by the participating bank, which picks up the checks each day and deposits them to the company's account
|
|
electronic lockbox
|
a lockbox arrangement in which the bank electronically sends the company information about the customer account number and amount remitted as soon as it receives payments.
|
|
electronic funds transfer
|
the transfer of funds between two or more organizations or individuals using computers and other automated technology.
|
|
financial electronic data interchange(fedi)
|
the combination of EFT and EDI that enables both remittance data and funds transfer instructions to be included in one electronic package
|
|
cash flow budget
|
a budget that shows projected cash inflows and outflows for a specified period so that an organization can anticipate the need for short term borrowing
|
|
expenditure cycle
|
a recurring set of business activities and related data processing operations associated with the purchase of and payment for goods or services
|
|
economic order quantity(eoq)
|
the optimal order size to minimize the sum of ordering, carrying, and stockout costs
|
|
reorder point
|
the level to which the inventory balance of an item must fall before an order to replenish stock is initiated
|
|
materials requirement planning(MRP)
|
an approach to inventory management that seeks to reduce required inventory levels by improving the accuracy of forecasting techniques to better schedule purchases to satisfy production needs
|
|
Just in time inventory systems(jit)
|
a system that minimizes or virtually eliminates manufacturing inventories by scheduling inventory deliveries at the precise times and locations needed. Instead of making infrequent bult deliveres, make frequent small deliveries.
|
|
purchase requisitions
|
a document or electronic form that identifies the requisitioner; specifies the delivery location and date needed; identifies the item numbers, descriptions, quantity, and price of each item requested, and may suggest a vendor
|
|
purchase order
|
a document that formally requests a vendor to sell and deliver specified products at designated prices. It is also a promise to pay and becomes a contract once the vendor accepts it
|
|
blanket purchase order
|
a commitment to purchase items at designated prices from a particular supplier for a set time period, often one year
|
|
vendor managed inventory(vmi)
|
practice in which manufactures and distributors manage a retail customer's inventory using EDI. the supplier accesses it customers point of sale system in order to monitor inventory and automatically replenish products when they fall to agreed upon levels
|
|
kickbacks
|
gifts given by vendors to purchasing agents for the purpose of influencing their choice of supplier
|
|
receiving report
|
a document that reports details about each delievery, including the date received, shipper, vendor, quantity received.
|
|
debit memo
|
a document that allows a debit to accounts payable or accounts receivable
|
|
voucher package
|
the set of documents used to authorize payment to a vendor. It consists of a purchase order, receiving report, and vendor invoice
|
|
nonvoucher system
|
a method of processing accounts payable in which each approved invoice is posted to individual vendor records in the accounts payable file and is then stored in an open invoice file.
|
|
voucher system
|
a method for processing accounts payable in which a disbursement voucher is prepared instead of posting invoices directly to vendor records in the accounts payable subsidiary ledger
|
|
disbursement voucher
|
a document that identifies the vendor, lists the outstanding invoices, and indicates the net amount to be paid after deducting any applicable discounts and allowances
|
|
evaulated receipt settlement(ers)
|
an invoiceless approach to accounts payable that replaces the three way matching process with a two way match of the purchase order and recieving report.. no invoice anymore...
|
|
procurement card
|
a corporate credit card that employees can use to purchase specific kinds of items
|
|
imprest fund
|
a cash account with 2 characteristics, 1. set at fixed amount(ex.100) 2. vouchers are required for every disbursement
|
|
concatenated key
|
two or more primary keys of other database tables that, together, become a unique identifier or primary key of another table. A multiple attribute primary key
|