stupidass class itm100 full final exam

Organizations address security risks through two lines of defense; the first is ______ and the second is ______.

people

technology

Mixed Reality (MR) - Combines elements of both ___ and , allowing users to interact with_______ while maintaining awareness and interaction with the _____

integrates virtual content into the user’s environment in a way that appears anchored or integrated with the physical surroundings

VR,AR

virtual objects

real world

Value creation - Refers to _____ the worth, utility, or desirability of a product, service, or business entity

increasing

Secure sockets layer (SSL) - A standard security technology for establishing an _____ ____ between a ___ ____ and a ___, ensuring that all data passed between them remain __.

encrypted link

web server

browser

private

• Secure hypertext transfer protocol (SHTTP or HTTPS) - A combination of _____ and _____ to

provide ____ and_____ ____ of an Internet server

HTTP

SSL

encryption

secure identification

• RFID reader (RFID interrogator) - A _____ that reads the contents of ____ ____ in the area

ransmitter/receiver___

RFID tags

• Geocache - A GPS technology adventure game that posts the ____ and _____ location for an item on the Internet for users to find

adventure game__

longitude

latitude

• Geocoin - A round——

is —— and ———

coin-sized object,

is uniquely numbered and hidden in geocache

Radio frequency identification (RFID) - 

Uses electronic tags and labels to identify objects wirelessly over short distances

Enterprise mobility management (EMM) - An enterprisewide ____

while enabling ——-

An enterprisewide security strategy to enforce corporate epolicies while enabling employee use of mobile devices such as smart phones and tablets

• Pervasive computing - The growing trend of ________ to make them______ in a way that _________ the user’s need to interact with computers as computers

The growing trend of embedding computer capabilities into everyday objects to make them effectively communicate and perform useful tasks in a way that minimizes the end user‘s need to interact with computers as computers

Mobile device management (MDM) -

 A security strategy comprised of ….

products and services that offer remote support for mobile devices, such as smart phones, laptops, and tablets

Mobile application management (MAM) - 

A security strategy that …..

administers and enforces corporate epolicies for applications on mobile devices

• Fast data - The application of

big data analytics to smaller data sets in near real or real time in order to solve a problem or create business value

• Digital inclusion -

Efforts to reduce the digital divide by providing equal opportunities and access to technology

ERP (Enterprise Resource Planning)

Collects data from different firms functions and stores them in a single data repository. Solves problems with fragmented data

SCM (Supply Chain Management): Manages relationship with ______.

suppliers

____ service: Charges for cloud servicing are based on the amount of resources actually used up

Measured

Program-data dependence

the coupling of data stored in files and the specific programs required to update and maintain those files such that changes in programs require changes to the data

ESS (____ ___ ____): ____ decisions,

• supports sniper management,

• requires judgment and evaluation as there is no agreed upon solution.

• Digital ____

Executive Support Systems, Non-routine, dashboard

What are the 4 main actors of MIS

1.) suppliers of hardware and software
2.) Business firms
3.) manufacturers and employees
4.) firms environment

What does behavioural approach include ? (PES)

Psychology, economics and sociology

What does Technical approach include ? (MOpC)

Management science, computer science and operations research

___management: Carries out programs and plans (scientists and knowledge worker)

Middle

_____ management: Makes long strategic decisions about products and services

senior

What are the Functions of an information system ? (IPOF)

Input, process, output, feedback

Information ____: Collects, ____, _____, and distributes information

Information _____: The ____ and ____ that a firm needs

systems: processes, stores

technology: hardware , software

What is the order fulfillment process? (steps)

1.) sales-generate and submit order
2.) accounting-check/approve credit
3.) manufacturing and production-Assemble/ship product

Evolution of IT infrastructure

General-purpose mainframe and minicomputer era: 1959 to present.
- 1958: IBM first mainframes introduced.
- 1965: Less expensive DEC minicomputers introduced.

Personal computer era: 1981 to present.
- 1981: Introduction of IBM PC.
- Proliferation in 80s, 90s resulted in growth of personal software.

Client/server era: 1983 to present.
- Desktop clients networked to servers, with processing work split between clients and servers.
- Network may be two-tiered or multitiered (N-tiered).
- Various types of servers (network, application, Web).

Enterprise computing era: 1992 to present
- Move toward integrating disparate networks, applications using Internet standards and enterprise applications.

Cloud and mobile computing: 2000 to present
- Cloud computing: computing power and software applications supplied over the Internet or other network.
- Fastest growing form of computing.

______ are legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident.

Insiders

two forms of unethical scams

dumpster diving: hacker looks through trash to get info

social engineering: hacker uses socials to trick others into revealing info

policies to prevent scams

info security plans: details how organization implements info security polices

info security polices: rules required to maintain info security (changing passwords every 30 days)

Blank______ agents are malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines.

Destructive

the three areas of information security

authentication and authorization

prevention and response

detection

Phishing Blank______ is a masquerading attack that combines spam with spoofing.

expedition

What are malicious agents designed by spammers and other Internet attackers to farm email addresses off websites or deposit spyware on machines?

Destructive agents

Authentication and authorization aligns with

People

Prevention and resistance aligns with

Data

Detection and response aligns with

Attacks

Blank______ phishing is a phishing expedition in which the emails are carefully designed to target a particular person or organization.

Spear

What is a phone scam that attempts to defraud people by asking them to call a bogus telephone number to “confirm” their account information?

vishing

What is a masquerading attack that combines spam with spoofing?

Phishing expedition

What reroutes requests for legitimate websites to false websites?

Pharming

What uses a zombie farm, often by an organized crime association, to launch a massive phishing attack?

Pharming attack

What is a program that secretly takes over another computer for the purpose of launching attacks on other computers?

Zombie

______ reroutes requests for legitimate websites to false websites.

Pharming

Sock puppet marketing

use of false identity to artificially stimulate demand for somehting

astroturfing

form of sock marketing where they stimulate online conversation and positive reviews of something

A pharming __ uses a zombie farm, often by an organized crime association, to launch a massive phishing attack.

attack

A zombie ______ is a group of computers on which a hacker has planted zombie programs.

farm

______ is a program that secretly takes over another computer for the purpose of launching attacks on other computers.

Zombie

____factor authentication requires only a username and password.

single

Which authentication requires the user to provide two means of authentication, what the user knows (password) and what the user has (security token)?

two-factor authentication

______ are small electronic devices that change user passwords automatically.

Tokens

____authentication requires more than two means of authentication such as what the user knows (password), what the user has (security token), and what the user is (biometric verification).

multi-factor

Select three categories of authentication and authorization.: user ____,

Something that is part of the user, such as a fingerprint or voice signature.

Something the user knows, such as a user ID and password.

Something the user has, such as a smart card or token.

What is a device about the size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing?

smart card

What is the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting?

Biometrics

A(n) Blank______ is a set of measurable characteristics of a human voice that uniquely identifies an individual.

voiceprint

What occurs when a network intrusion attacker takes advantage of programming errors or design flaws to grant the attacker elevated access to the network and its associated data and applications?

privilege escalation

Vertical privilege escalation

occurs when attackers grant themselves a higher access level such as administrator, allowing the attacker to perform illegal actions such as running unauthorized code or deleting data.

A horizontal privilege ecalation

occurs when attackers grant themselves the same access levels they already have but assume the identity of another user.

content filtering

when organizations use software that filters content, such as emails, to prevent the accidental or malicious transmission of unauthorized information.

Time bombs

computer viruses that wait for a specific date before executing their instructions

Encryption

scrambles information into an alternative form that requires a key or password to decrypt.

Cryptography

the science that studies encryption, which is the hiding of messages so that only the sender and receiver can read them.

Personally identifiable information

any data that could potentially identify a specific individual.

Nonsensitive PII

Information transmitted without encryption and includes information collected from public records, phone books, corporate directives, and websites.

Sensitive PII

Information transmitted with encryption and when disclosed, results in a breach of an individual's privacy and can potentially cause the individual harm.

Public key encryption uses

two keys: a public key that everyone can have and a private key for only the recipient

A certificate authority is a

trusted third party, such as VeriSign, that validates user identities by means of digital certificates.

Digital certificate

a data file that identifies individuals or organizations online and is comparable to a digital signature.

Network ______ analysis gathers an organization's computer network traffic patterns to identify unusual or suspicious operations.

behavior

______ is an organized attempt by a country’s military to disrupt or destroy information and communication systems for another country.

Cyberwar

What is the use of computer and networking technologies against persons or property to intimidate or coerce governments, individuals, or any segment of society to attain political, religious, or ideological goals?

Cyberterrorism

Network behavior analysis

gathers an organization's computer network traffic patterns to identify unusual or suspicious operations

WHAT BI IS ASSOCIATED WITH:

Primary users include managers, analysts, and operational users.

Business focus is to manage daily operations and integrate BI with operational systems.

Operational BI

WHAT BI IS ASSOCIATED WITH:

Business focus is to achieve long-term organizational goals.

Time frame for analysis is months to years.

Strategic BI

WHAT BI IS ASSOCIATED WITH:

Business focus is to conduct short-term analysis to achieve strategic goals.

Time frame for analysis is day(s) to weeks to months.

Tactical BI

Affinity grouping analysis reveals the.

relationship between variables along with the nature and frequency of the relationships

…. BI Helps with planning and results in marketing campaign

Strategic BI

… BI Helps with daily analysis and results in refined campaign

Tactical BI

…. BI Helps with immediate actions and results in sales revenue

Operational BI

What is the time duration to make data ready for analysis (i.e., the time for extracting, transforming, and cleansing the data) and loading the data into the database?

Data latency

Cluster analysis: a technique used to ____ an information set into ____ _____ groups such that the members of each group are as ____ _____r as possible to one another and the different groups are as ___ ____ as possible.

a technique used to divide an information set into mutually exclusive groups such that the members of each group are as close together as possible to one another and the different groups are as far apart as possible.

Classification analysis

the process of organizing data into categories or groups for its most effective and efficient use; for example, groups of political affiliation and charity donors.

Analysis latency

the time from which data are made available to the time when analysis is complete.

______ analysis is the process of organizing data into categories or groups for its most effective and efficient use; for example, groups of political affiliation and charity donors.

Classification

______ analysis determines values for an unknown continuous variable behavior or estimated future value.

Estimation

______ latency is the time it takes a human to comprehend the analytic result and determine an appropriate action.

Decision

Data mining

the process of analyzing data to extract information not offered by the raw data alone

What is the time from which data are made available to the time when analysis is complete?

Analysis latency

the elements of data mining

Replication, Data, Discovery

What is the process of collecting statistics and information about data in an existing source?

Data profiling

What is the process of sharing information to ensure consistency between multiple data sources?

Data replication

Recommendation engine

a data mining algorithm that analyzes a customer's purchases and actions on a website and then uses the data to recommend complementary products

Market ______ analysis evaluates such items as websites and checkout scanner information to detect customers’ buying behavior and predict future behavior by identifying affinities among customers’ choices of products and services.

basket

Market basket analysis

evaluates such items as websites and checkout scanner information to detect customers’ buying behavior and predict future behavior by identifying affinities among customers’ choices of products and services.

Deployment

Process of implementing discoveries to drive success

What uses a variety of techniques to find patterns and relationships in large volumes of information that predict future behavior and guide decision making?

Data mining tools