Set 10 – Networks, Systems, and Encryption

Vocabulary flashcards covering key terms from Set 10 notes on networks, systems, and privacy concepts.

Layered Security Policy

Security approach with multiple levels: high-level policy, detailed controls, and operating procedures.

Least Privilege

Principle of giving users the minimal access necessary to perform their tasks.

Linkability

Degree to which identifiers can be combined with outside information to identify a person.

Local Area Network (LAN)

Network within a local facility, managed under local operational control.

Local Shared Objects (Flash Cookies)

Data files created by Flash Player stored on a hard drive, often for user tracking.

Location-Based Service

Services using geographic location (via GPS, RFID, etc.) for applications like social networking.

Logs

Records of events by applications or operating systems for monitoring or auditing.

Mandatory Access Control (MAC)

Access control where access decisions are enforced by the operating system.

Metadata

Data that describes other data, such as file attributes or database schema.

Microdata Sets

Anonymized groups of individual-level data used for analysis.

Multi-Factor Authentication (MFA)

Using multiple authentication factors, like passwords plus biometrics.

Network Devices

Components connecting computers in networks, like routers, switches, and hubs.

Network Encryption

Encryption applied at the network transfer layer to protect data in transit.

Network-Layer Attacks

Exploits targeting core network protocols, such as spoofing or denial of service attacks.

Non-Functional System Requirements

Abstract requirements describing how a system should perform rather than its functions.

Obfuscation

Deliberately making something harder to understand to hide its true meaning.

OECD Guidelines

Eight principles: Collection Limitation, Data Quality, Purpose Specification, Use Limitation, Security Safeguards, Openness, Participation, Accountability.

Omnibus Laws

Laws covering privacy and data protection across entire economies and sectors.

Online Behavioral Advertising

Ads tailored based on tracking users’ online activity, preferences, and demographics.

Online Data Storage

Storing data via third-party internet-accessible services (cloud storage).

Opt-In

Active choice by individuals to allow collection or sharing of their data.

Opt-Out

Default choice where data is shared unless individuals take action to prevent it.

OECD

Organization for Economic Cooperation and Development, promoting global economic policies.

Passive Collection

Collecting data without the subject’s knowledge.

Perimeter Controls

Technologies protecting networks from external penetration.

PCI Security Standards Council

Body creating PCI DSS standards for payment card security.

Persistent Storage

Non-volatile storage like hard drives that retains data after power loss.

Personal Information

Data relating to an identifiable individual, called PII in the U.S.

Pharming

Redirecting traffic from valid websites to malicious sites by corrupting DNS or host files.

Plan-Driven Development Model

Software development focusing on full system design before implementation.

Phishing

Fraudulent communications designed to trick users into disclosing sensitive information.