Management Information Systems IS 300 Spring 2026 Review

A comprehensive set of vocabulary flashcards covering key concepts and definitions related to Information Security and Technology as discussed in the Management Information Systems IS 300 course.

Information Security

All processes and policies designed to protect an organization’s information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction.

Social Engineering

A technique in which a perpetrator uses social skills to trick or manipulate individuals into revealing confidential information.

Tailgating

A method used by attackers to gain unauthorized access by following closely behind a legitimate employee.

Shoulder Surfing

The act of observing someone’s computer screen to obtain confidential information, typically done in public places.

Vulnerability

The possibility that a system will be harmed by a threat.

Threat

Any danger to which a system may be exposed.

Cybercrime

Illegal activities conducted over computer networks, especially the Internet.

Espionage

Unauthorized access to gain sensitive information.

Ransomware

Malicious software that blocks access to files or devices until a ransom is paid.

Firewall

A system that prevents unauthorized access to or from a private network.

VPN (Virtual Private Network)

A private network that uses a public network to connect users securely.

Encryption

The process of converting information into a coded format to prevent unauthorized access.

Public Key Infrastructure (PKI)

A framework that provides the tools needed to ensure secure information transmission through the use of public and private keys.

Ethics

Principles of right and wrong that guide behaviors and decision-making.

Digital Certificate

An electronic document used to prove the ownership of a public key.

Business Continuity Plan

Guidance for maintaining business operations after a disaster.

Audit Trail

A series of documented transactions that help trace who did what and when.

Deliberate Threats

Intentional actions meant to cause harm to an organization's information systems.

Alien Software

Clandestine software installed on your computer via deceitful methods.