MGAD10H3 Study Guide - Final Guide: Electronic Data Interchange, Intrusion Detection System, Ssae 16

81 views11 pages
Published on 24 Aug 2012
School
UTSC
Department
Financial Accounting
Course
MGAD10H3
Chapter Six
IS Network and Telecommunications Risks
Network Components
Computers and terminals
Telecommunications channels physical and wireless
Telecommunications processors
Routers and switching devices
Network Types
Local versus wide area networks
Internet, intranet, extranet
Virtual private networks (VPN)
Client/server networks
Network Configuration Types
Star-shaped centralized
Ring decentralized
Bus - decentralized
Network Protocols and Software
Open Systems Interconnect (OSI) model a standard architecture for networking that allows
different computers to communicate across networks
Network and telecommuncations software network OS, networks management software,
middleware, web browsers, e-mail software
IS Network and Telecommunications Risks
Social Engineering
Physical Infrastructure Threats the elements, natural disasters, power supply, intentional
human attacks
Programmed Threats viruses, worms, Trojan horses, hoaxes, blended threats
Denial of Service Attacks
Software Vulnerabilities
IS Network and Telecommunications Security
Network security administration
Authentication
Encryption secret key and public key
Firewalls packet filtering and stateful inspection
Intrusion Detection Systems
Penetration Testing war dialing, port scanning, sniffers, password crackers
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 11 pages and 3 million more documents.

Already have an account? Log in
Auditing Network Security
Risk assessment and best practices
Benchmark tools
IT audit programs for network security
Chapter Seven
E-Business Models
EDI (Electronic Data Exchange) Inventory Level
Web pages
The online environment
Distributed e-business and intranets
Supply chain linkage
Collaborative business
E-Business Protocols, Software, and Hardware
TCP/IP
IP addresses
Client/server architectures
The Languages of E-Business
HTML
XML
XBRL
ebXML
Privacy
Privacy vs confidentiality
Privacy and security trade-offs
Privacy policies
Internet tracking tools
Information System Security and Availability
General network and telecommunications risks and controls
Encryption SSL, SET, S-HTTP
Securing electronic payments
Securing the web server
System availability and reliability
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 11 pages and 3 million more documents.

Already have an account? Log in
Transaction Integrity and Business Policies
The integrity of transactions complete, accurate, timely, authorized
Repudiation origin and reception non-repudiation
Digital signatures and digital certificates
Electronic audit trails
Specialized E-Business Applications
Electronic Data Interchange (EDI) VAN vs web-based
Collaborative Commerce
E-Mail Security and Privacy spamming, spoofing, and e-mail policies and controls
Managing Third Party Providers
Third-party services ISP’s, ASP’s, certificate authorities, and electronic payment providers
Independent evaluations of third parties
Third Party Assurance Services
CPA Trust engagements
TRUSTe
BBB Online
Veri-Sign
Chapter Eight
Using Computer Assisted Audit Tools and Techniques (CAATs)
Two Categories of CAATTs
1) Computer Assisted Audit Tools
2) Computer Assisted Audit Techniques
Computer Assisted Audit Tools
Productivity Tools
Generalized Audit Software Tools
Productivity Tools
Include:
E-workpapers
Groupware
Time and billing software
Reference libraries
Unlock document

This preview shows pages 1-3 of the document.
Unlock all 11 pages and 3 million more documents.

Already have an account? Log in

Document Summary

Open systems interconnect (osi) model a standard architecture for networking that allows different computers to communicate across networks. Network and telecommuncations software network os, networks management software, middleware, web browsers, e-mail software. Physical infrastructure threats the elements, natural disasters, power supply, intentional human attacks. Programmed threats viruses, worms, trojan horses, hoaxes, blended threats. Encryption secret key and public key. Firewalls packet filtering and stateful inspection. Penetration testing war dialing, port scanning, sniffers, password crackers. Edi (electronic data exchange) inventory level. General network and telecommunications risks and controls. The integrity of transactions complete, accurate, timely, authorized. Electronic data interchange (edi) van vs web-based. E-mail security and privacy spamming, spoofing, and e-mail policies and controls. Third-party services isp"s, asp"s, certificate authorities, and electronic payment providers. Using computer assisted audit tools and techniques (caats) Widely used for data extraction and analysis. Allows for virtual 100% testing of client data. Use caats to verify the data import process.

Get OneClass Grade+

Unlimited access to all notes and study guides.

YearlyMost Popular
75% OFF
$9.98/m
Monthly
$39.98/m
Single doc
$39.98

or

You will be charged $119.76 upfront and auto renewed at the end of each cycle. You may cancel anytime under Payment Settings. For more information, see our Terms and Privacy.
Payments are encrypted using 256-bit SSL. Powered by Stripe.