CHAPTER 2 ITM

antivirus software

Should be installed on each user’s personal computer to scan a computer’s memory and disk drives regularly for viruses.

attack vector

The technique used to gain unauthorized access to a device or a network.

biometric authentication

The process of verifying your identity using your physiological measurements (fingerprint, shape of your face, shape of your hand, vein pattern, your iris, or retina) or behavioral measurements (voice recognition, gait, gesture, or other unique behaviors).

Botnet

A large group of computers controlled from one or more remote locations by hackers without the knowledge or consent of their owners.

bring your own device (BYOD)

A business policy that permits, and in some cases encourages, employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications.

business continuity plan

A document that includes an organization’s disaster recovery plan, occupant emergency evacuation plan, continuity of operations plan, and an incident management plan.

CIA security triad

Confidentiality, integrity, and availability form the basis of the CIA security triad

computer forensics

A discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law

Cyberespionage

The deployment of malware that secretly steals data in the computer systems of organizations.

Cyberterrorism

The intimidation of government or civilian population by using information technology to disable critical national infrastructure (e.g., energy, transportation, financial, law enforcement, emergency response) to achieve political, religious, or ideological goals.

data breach

The unintended release of sensitive data or the access of sensitive data by unauthorized individuals.

Department of Homeland Security (DHS)

A large federal agency with more than 240,000 employees and a budget of almost $65 billion whose goal is to provide for a “safer, more secure America, which is resilient against terrorism and other potential threats.”

disaster recovery plan

A documented process for recovering an organization’s business information system assets—including hardware, software, data, networks, and facilities—in the event of a disaster such as a flood, fire, or electrical outage.

distributed denial-of-service (DDoS) attack

A cyberattack in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.

Encryption

The process of scrambling messages or data in such a way that only authorized parties can read it.

encryption key

A value that is applied (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemingly random characters (ciphertext) that is unreadable by those without the encryption key needed to decipher it.

Exploit

An attack on an information system that takes advantage of a particular system vulnerability.

Failover

A backup technique that involves automatically switching applications and programs to a redundant or replicated server, network, or database to prevent interruption of service.

Firewall

A system of software, hardware, or a combination of both that stands guard between an organization’s internal network and the Internet, and limits network access based on the organization’s access policy.

intrusion detection system (IDS)

Software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.

managed security service provider (MSSP)

A company that monitors, manages, and maintains computer and network security for other organizations.

mission-critical processes

A process that plays a pivotal role in an organization’s continued operations and goal attainment.

next-generation firewall (NGFW)

A hardware- or software-based network security system that can detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.

Ransomware

Malware that stops you from using your computer or accessing your data until you meet certain demands.

reasonable assurance

The recognition that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved.

risk assessment

The process of assessing security-related risks to an organization’s computers and networks from both internal and external threats.

security audit

A process that enables the organization to identify its potential threats, establish a benchmark of where it is, determine where it needs to be, and develop a plan to meet those needs.

security policy

Defines an organization’s security requirements, as well as the controls and sanctions needed to meet those requirements.

Transport Layer Security (TLS)

A communications protocol or system of rules that ensures privacy between communicating applications and their users on the Internet.

U.S. Computer Emergency Readiness Team (US-CERT)

A partnership between the Department of Homeland Security and the public and private sectors; established to provide timely handling of security incidents as well as conducting improved analysis of such incidents.

virus signature

Code that indicates the presence of a specific virus.

zero-day attack

An attack that takes place before the security community becomes aware of and fixes a security vulnerability.