Ch. 12 - Cybersecurity and Computer Fraud

0.0(0)
Studied by 0 people
call kaiCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/18

encourage image

There's no tags or description

Looks like no tags are added yet.

Last updated 7:31 PM on 4/26/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai

No analytics yet

Send a link to your students to track their progress

19 Terms

1
New cards

Information Security

An integrated, systematic approach that coordinates people, policies, and controls to safeguard systems from threats

2
New cards

Asymmetric-key Encryption

A method using two keys: a Public Key to encrypt data and a Private Key to decrypt it

3
New cards

Symmetric-key Encryption

A fast encryption method where both the sender and receiver use the same single key to lock and unlock data

4
New cards

Hashing

A process that passes an original document through an algorithm to generate a short, irreversible code called a Message Digest

5
New cards

Digital Signature

A message digest that is encrypted using the creator’s private key to ensure data integrity and nonrepudiation

6
New cards

Message Digest (MD)

A unique short code (often 256 bits) generated by hashing that acts as a digital fingerprint for a document

7
New cards

Vulnerability

A weakness or exposure in IT assets or processes that can be exploited by a threat to cause harm

8
New cards

SOC 1 Report

An auditor-to-auditor report focusing on controls relevant to a user entity's internal control over financial reporting

9
New cards

SOC 2 Report

An audit evaluation of controls related to security, availability, processing integrity, confidentiality, or privacy

10
New cards

SOC 3 Report

A summary-level version of a SOC 2 report designed for general use and the public

11
New cards

What are the three main factors that determine the strength of encryption?

Key length, key management, and the specific encryption algorithm used

12
New cards

How do e-businesses combine encryption methods for safety and speed?

They use Asymmetric encryption to securely send a "session key," then use Symmetric encryption for the actual data transmission because it is faster.

13
New cards

What is the primary difference between hashing and encryption?

Hashing results are irreversible (you can't "un-hash" it), while encrypted messages can be decrypted and read again

14
New cards

What are the three components of the Fraud Triangle?

Incentive (or pressure), Opportunity, and Rationalization

15
New cards

What is a Computer Fraud Risk Assessment?

A systematic process to discover where fraud might occur, who might commit it, and how controls might be bypassed

16
New cards

What is Social Engineering in the context of IT threats?

A threat where an attacker uses human interaction to trick employees into revealing sensitive information

17
New cards

What is the difference between Risk Management and Vulnerability Management?

Risk management is a complex, top-down strategic process, while vulnerability management is a tactical, short-term IT asset-based effort

18
New cards

What is Fault Tolerance?

Using redundant units (extra hardware) to allow a system to keep functioning even if a part of it fails

19
New cards

What is the difference between Disaster Recovery (DRP) and Business Continuity (BCM)?

DRP focus on procedures to resume operations after a disaster; BCM refers to the actual activities needed to keep a firm running during the interruption.