DATA PRIVACY MIDTERMS

0.0(0)
studied byStudied by 9 people
full-widthCall with Kai
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/41

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

42 Terms

1
New cards

Security objectives

are goals and constraints that affect the confidentiality, integrity, and availability of your data

2
New cards

Confidentiality

this property means that information is not made available or disclosed to unauthorized individuals

3
New cards

Data integrity

ensures that data and programs are changed only in a specified and authorized manner

4
New cards

System integrity

ensures that a system performs its intended function in an unimpaired manner

5
New cards

Availability

ensures that systems work promptly and the service is not denied to authorized users

6
New cards

Authenticity

The property of being genuine and being able to be verified and trusted

7
New cards

Accountability

The security goal that generates the requirement for actions of an entity to be traced uniquely to that entity.

8
New cards

OSI Security Architecture

defines a general security architecture that is useful to managers as a way of organizing the task of providing security

9
New cards

Security attacks

are any action that compromises the security of information owned by an organization

10
New cards

Security attacks padin:)

attempt to gain unauthorized access to information resources or services

11
New cards

Security mechanisms

are technical tools and techniques that are used to implement security services

12
New cards

Security service

is a processing or communication service that enhances the security of the data processing systems

13
New cards

Passive attacks

are like eavesdropping or monitoring transmissions

14
New cards

Release of message contents

In this type, an attacker will monitor an unprotected communication medium like unencrypted email or telephone call 

15
New cards

Traffic analysis

In this type, an attacker monitors communication channels to collect a range of information, including human and machine identities

16
New cards

passive attack padin hehe

are very difficult to detect because they do not involve any alteration of the data

17
New cards

masquerade

takes place when one entity pretends to be a different entity.

18
New cards

Active attacks

involve some modification of stored or transmitted data or the creation of false data

19
New cards

Replay

involves the passive capture of a data unit

20
New cards

Data modification

simply means that some portion of a legitimate message is altered

21
New cards

denial-of-service attack

prevents or inhibits the normal use or management of communication facilities.

22
New cards

Authentication

ensure the recipient that the message is from the source that it claims to be from

23
New cards

Access control

is the ability to limit and control access to host systems and applications via communications links

24
New cards

Data confidentiality

is the protection of transmitted data from passive attacks.

25
New cards

Data integrity

ensures that messages are received as sent, with no duplication

26
New cards

Nonrepudiation

prevents either a sender or a receiver from denying a transmitted message.

27
New cards

Availability service

means that a system or a system resource is accessible and usable upon demand by an authorized system

28
New cards

Online privacy

refers to privacy concerns related to user interaction with Internet services through web servers

29
New cards

Data collectors

collect information directly from their customers, audience, or other types of users of their services

30
New cards

Data brokers

compile large amounts of personal data from several data collectors and other data brokers without having direct online contact

31
New cards

WWW

is fundamentally a client/server application running over the Internet

32
New cards

Web server security and privacy

are concerned with the vulnerabilities and threats associated with the platform that hosts a website

33
New cards

Web application security and privacy

are concerned with web software, including any applications accessible via the Web

34
New cards

Web browser security and privacy

are concerned with the browser used from a client system to access a web server.

35
New cards

Mobile Ecosystem

involve communication across several networks and interaction with some systems owned and operated by a variety of parties.

36
New cards

Cellular and Wi-Fi infrastructure

Modern mobile devices are typically equipped with the capability to use cellular and Wi-Fi networks to access the Internet and to place telephone calls.

37
New cards

Public application stores (public app stores)

include native app stores; these are digital distribution services operated and developed by mobile OS vendors

38
New cards

Device and OS vendor infrastructure

host servers to provide updates and patches to the OS and apps.

39
New cards

Enterprise mobility management systems

is a general term that refers to everything involved in managing mobile devices and related components

40
New cards

administrator

is a member of the organization who is responsible for deploying, maintaining, and securing the organization’s mobile devices

41
New cards

app testing facility

employs automated and/or human analyzers to evaluate the security characteristics of an app

42
New cards

auditor

the role of this is to inspect reports and risk assessments from one or more analyzers to ensure that an app meets the security requirements