MSCI 2130 Study Guide - Final Guide: Phishing, Trade Secret, Management System
7 May 2018
School
Department
Course
Professor
Chapter 10: Ethics, Privacy, and Security
Definitions:
• Access Controls: controls that restrict unauthorized individuals from
using information resources and are concerned with user
identification
• Accountability: a tenet of ethics that refers to determining who is
responsible for actions that were taken
• Adware: alien software designed to help pop-up advertisements
appear on your screen
• Alien Software: clandestine software that is installed on your
computer through duplicitous methods
• Anti-Malware Systems: software packages that attempt to identify
and eliminate viruses, worms, and other malicious software
• Audit: an examination of information systems, their inputs, outputs,
and processing
• Authentication: a process that determines the identity of the person
requiring access
• Authorization: a process that determines which actions, rights, or
privileges the person has, based on verified identity
• Back Door: typically, a password, known only to the attacker, that
allows the attacker to access the system without having to go through
any security procedures
• Biometrics: the science and technology of authentication by
easurig the sujet’s phsiologial or ehaioral harateristis
• Blacklisting: a process in which a company identifies certain types of
software that are not allowed to run in the company environment
• Bot: a computer that has been comprised by, and under the control
of, a hacker
• Botnet: a network of computers that have been compromised by, and
under control of, a hacker, who is called the bot master
find more resources at oneclass.com
find more resources at oneclass.com
2
• Business Continuity: the chain of events linking planning to protection
and to recovery
• Certificate Authority: a third party that acts as a trusted intermediary
between computers (and companies) by issuing digital certificates and
verifying the worth and integrity of the certificates
• Code of Ethics: a collection of principles intended to guide decision
making by members of an organization
• Communications Controls: controls that deal with the movement of
data across networks
• Controls: defense mechanisms
• Cookie: small amounts of information that Web sites store on your
computer, temporarily or more or less permanently
• Copyright: a grant that provides the creator of intellectual property
with ownership of it for a specified period of time, currently the life of
the creator plus 70 years
• Cybercrime: illegal activities executed on the Internet
• Cyberterrorism: can be defined as a premeditated, politically
motivated attack against information, computer systems, computer
programs, and data that results in violence against noncombatant
targets by subnational groups or clandestine agents
• Cyberwarfare: ar i hih a outr’s iforatio sstes ould e
paralyzed from a massive attack by destructive software
• Demilitarized Zone (DMZ): a separate organizational local area
etork that is loated etee a orgaizatio’s iteral etork
and an external network, usually the Internet
• Denial of Service Attack: a cyberattack in which an attacker sends a
flood of data packets to the target computer, with the aim of
overloading its resources
• Digital Certificate: an electronic document attached to a file certifying
that this file is from the organization it claims to be from and has not
been modified from its original format or content
• Digital Dossier: an electronic description of an individual and their
habits
find more resources at oneclass.com
find more resources at oneclass.com
3
• Distributed Denial of Service Attack: a denial of service attack that
sends a flood of data packets from many compromised computers
simultaneously
• Electronic Surveillance: tracking people’s atiities ith the aid of
computers
• Employee Monitoring Systems: sstes that oitor eploees’
computers, e-mail activities, and Internet surfing activities
• Encryption: the process of converting an original message into a form
that cannot be read by anyone except the intended receiver
• Ethics: the principles of right and wrong that individuals use to make
choices to guide their behaviors
• Exposure: the harm, loss, or damage that can result if a threat
compromises an information resource
• Firewall: a system that prevents a specific type of information from
moving between untrusted networks, such as the Internet, and private
etorks, suh as our opa’s etork
• Identity Theft: crime in which someone uses the personal information
of others to create a false identity and then uses it for some fraud
• Information Privacy: the right to determine when, and to what extent,
personal information can be gather by and/or communicated to
others
• Information Security: protetig a orgaizatio’s iforatio ad
information systems from unauthorized access, use, disclosure,
disruption, modification, or destruction
• Intellectual Property: the intangible property created by individuals or
corporations, which is protected under trade secret, patent, and
copyright laws
• Least Privilege: a principle that users be granted the privilege for some
activity only if there is a justifiable need to grant this authorization
• Liability: a legal concept that gives individuals the right to recover the
damages done to them by other individuals, organizations, or systems
• Logic Bombs: segments of computer code embedded within n
orgaizatio’s eistig oputer progras
find more resources at oneclass.com
find more resources at oneclass.com
