Information Systems Security Flashcards

Flashcards about Information Systems Security

Confidentiality

Protecting information by restricting access to authorized individuals.

Integrity

Assurance that information has not been altered and represents its intended meaning.

Availability

Information can be accessed and modified by authorized personnel in an appropriate timeframe.

Authentication

Tools used to ensure that the person accessing information is who they claim to be.

Access Control

Ensuring users only access appropriate information resources.

Access Control List (ACL)

A list of users that have specific actions with information resources.

Role-Based Access Control (RBAC)

Users are assigned to roles, and then those roles are assigned access rights, simplifying administration and improving security.

Encryption

Encoding data so that only authorized individuals can read it.

Symmetric Key Encryption

Both parties share the same key which enables them to encode and decode each other’s messages.

Public Key Encryption

Two keys are used: a public key to encrypt and a private key to decrypt.

Blockchain

Peer-to-peer network which provides an open, distributed record of transactions between two parties, aiming to remove intermediaries.

Bitcoin

A worldwide payment system using cryptocurrency that operates without a central bank.

Uninterruptible Power Supply (UPS)

Battery backup to critical components of a system, prevents data loss from power failure.

Hot Sites

Alternate site where an exact replica of critical data is kept up to date.

Firewall

Hardware or software that filters packets based on rules.

Demilitarized Zone (DMZ)

Multiple firewalls as part of a network security configuration, creating partially secured sections.

Intrusion Detection System (IDS)

Identifies if a network is being attacked without adding security.

Virtual Private Network (VPN)

Secure pathway through an insecure network like the internet, guaranteeing secure access to an organization’s resources.

Physical Security

Protection of the actual hardware and networking components that store and transmit information resources.

Security Policy

Lays out employee responsibilities for using company resources and the internet.

Usability

users’ needs to effectively access and use these resources.

Personal Information Security 7steps

• Keep your software up to date.

• Install antivirus software and keep it up to date.

• Be smart about your connections.

• Backup your data.

• Secure your accounts with two-factor • authentication.

• Make your passwords long, strong, and unique.

• Be suspicious of strange links and attachments.

5 Physical Security measures

• Locked doors.

• Physical intrusion detection

• Secured equipment.

• Environmental monitoring

• Employee training.

Backups

a comprehensive backup plan for the entire

organization.

Governance

The banking sector, both in individual countries

Smart contracts. The

It is possible for

blockchain to automatically send payment to a vendor the instant the product is delivered to the customer.