slide session 12 - information security

0.0(0)
studied byStudied by 0 people
0.0(0)
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/19

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

20 Terms

1
New cards

information security

the protection of information systems and data from unauthorized (accidental or intentional) modification, destruction, or disclosure

2
New cards

the importance of information security

  • security breaches are pervasive

  • security breaches are costly

  • cybercrime has increased by 600% since the beginning of the COVID pandemic

3
New cards

sources of vulnerability in information security

  • you and me

  • operating system flaws

  • network complexity

  • inadequate security policies

  • lack of training in information security procedures

4
New cards

information security threats

  • malicious code

  • denials of service

  • social engineering

  • information theft

  • SQL injections

5
New cards

malicious code

also known as malware

  • virus

  • worm

  • trojan horse

  • ransomware

6
New cards

denials of service

  • DoS (sabotage, not theft)

  • DDoS

7
New cards

social engineering

gaining access to a network through manipulation of a legitimate user or administrator

  • confidence scheme for the digital era

  • phishing is a common form of this

8
New cards

information theft

  • packets can be intercepted by packet sniffers

  • man-in-the-middle attacks

  • builds upon other attack methods

9
New cards

SQL injections

the introduction of malicious SQL statements into a
database system, enabling illegitimate access to
organizational records

  • generally used to attack websites

  • can be used for data theft, destruction, tampering, etc

10
New cards

ways to confront threats to information security

  • people

  • policy

  • technology

11
New cards

people

  • the biggest issue surrounding info security is ___

  • 60% of security incidents originate inside the firm

  • be skeptical

  • don’t opens emails from people you don’t know

  • download + install security patches and software updates

12
New cards

information security policies

orgs should develop ___ and an information security plan to combat threats

  • identifies the rules required to maintain information security

  • info security plan details how an org will implement the info security policies

13
New cards

technology

addresses these security concerns:

  • authentication + authorization

  • prevention and resistance

  • detection and response

14
New cards

authentication

a method for confirming the user’s identities

  • involves some combination of:

  • something the user knows

  • something the user has

  • something that’s part of the user

15
New cards

authorization

the process of giving someone permission to do/have something

16
New cards

prevention and resistance

technologies that help prevent/build resistance to attacks including:

  • content filtering

  • encryption

  • firewalls

17
New cards

content filtering

preventing the transmission of sensitive information

18
New cards

encryption

scrambling information into an alternative form that requires a key or password to decrypt the information

19
New cards

firewalls

a hardware and software solution designed to create a barrier around a private network

20
New cards

detection and response

  • used to mitigate damage caused by a security breach

  • antivirus software is the most common type of ____ technology