Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
27 Cards in this Set
- Front
- Back
- 3rd side (hint)
Risk |
Is the possibility of loss or injury that can reduce or eliminate an organization's objectives. |
|
|
Sniffing |
The unauthorized interception of confidential information by a node on the network. |
|
|
Cookies |
Are files containing user information that are created by the web server of the site being visited. |
|
|
IP Spoofing |
Is a form of masquerading to gain unauthorized access to a web server and/or to perpetrate an unlawful act without revealing one's identity. |
|
|
Denial of service attack (Dos) |
Is an assault on a web server to prevent it from servicing its legitimate users. |
|
|
SYN Flood Attack |
It is accomplishes by not sending the final acknowledgement to the server's response which causes the server to keep signaling for acknowledgement until the server times out. |
|
|
Smurf Attack |
Is accomplished by exploiting an internet maintenance tool called a ping, which is used to test the state of network congestion and determine whether a particular host computer is connected and available on the network. |
|
|
Distributed denial of service (DDos) |
May take the form of SYN flood or smurf attack |
|
|
Internet Relay Chat (IRC) |
Is a popular interactive service on the internet that lets thousands of people from around the world engage in real-time communications via their computers. |
|
|
Botnets |
Collections of compromised computers |
|
|
Encryption |
Is the conversion of data into a secret code for storage in databases and transmission over networks. |
|
|
Caesar cipher |
Earliest encryption. A key and an alogorithm |
|
|
Key |
Is a mathematical value that the sender selects. |
|
|
Algorithm |
Is the procedure of shifting each letter in the cleartext message the number of positions that key values indicates. |
|
|
Advanced encryption standard (AES) |
Is a private key or symmetry key encryption technique. |
A.k.a. Rijndael |
|
Rivest-shamir-adleman (RSA) |
This method is computationally intensive and much slower than private key encryption. |
|
|
Digital envelope |
When both public and private encryption are used |
|
|
Digital Signature |
Is an electronic authentication technique that ensures the transmitted message originated with the authorized sender that it was not tampered with after the signature was applied. |
|
|
Digital certificate |
Is like an electronic identification card that is used in conjunction with a public key encryption system to verify the authenticity of the message sender. |
|
|
Firewall |
Is a system used to insulate an organization's intranet from the internet. |
|
|
Network-level-firewall |
Provides basic screening of low security messages and routes them to their destinations based on the source and destination address attached. |
|
|
Application-level-firewall |
Provides high level network security. |
|
|
Privacy |
Pertains to the level of confidentiality that an organization employs in managing customer and trading partner data. |
|
|
Privacy violation |
Is a factor that is detrimental to a client entity. |
|
|
Safe Harbor Agreement |
Two way agreement between the US and the European Union establishes standards for information transmittal. |
|
|
Intelligent control agents |
Embody auditor defined heuristics that search electronic transactions for anomalies. |
|
|
Mission-critical |
Defines a set of information that extends beyond the traditional financial concerns of accountants. |
|