A _____ is a type of malware that spreads in a network without human intervention.

Information Management1.Dashboard2.My courses3.MIS62224.Week 14: Risk Security And Disaster Recovery5.Final ExamQuestion3Not yet answeredMarked out of 1.00Flag questionQuestion textA computer network within a building, or a campus of adjacent buildings, is called a

Get answer to your question and much more

Question6Not yet answeredMarked out of 1.00

Flag questionQuestion textA _____ is a type of malware that spreads in a network without human intervention.Select one:

Get answer to your question and much more

Question7Not yet answeredMarked out of 1.00Flag questionQuestion textBecause of _____, a company’s nationality is not always obvious.Select one:

Get answer to your question and much more

d.their dispersed operationsQuestion8Not yet answeredMarked out of 1.00Flag questionQuestion textWiMAX is a____ technology.The smallest piece of data is called a ___.Select one:Question9Not yet answeredMarked out of 1.00Flag questionQuestion textTrue or False: Business decisions are not affected by geographic locations.Question10Not yet answeredMarked out of 1.00Flag questionQuestion textThe smallest piece of data is called a ___.Select one:

Get answer to your question and much more

Question11Not yet answeredMarked out of 1.00Flag questionQuestion textOne of the risks of software licensing is the ____.Select one:a.difficulty in modifications to meet specific needsb.lack of after-sales supportc.increased duration for system availability and implementation

Question13Not yet answeredMarked out of 1.00Flag questionQuestion textTrue or False: Compilers and interpreters are types of programming language translators.

Get answer to your question and much more

Question14Not yet answeredMarked out of 1.00Flag questionQuestion text_______ are high-frequency radio waves that can carry signals over long distances with highaccuracy.Select one:

Get answer to your question and much more

Question15Not yet answeredMarked out of 1.00Flag questionQuestion textThe _____ available in some countries is too narrow for high-volume transmission ofgraphically and animation-rich webpages.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 17 pages?

Upload your study docs or become a

Course Hero member to access this document

Tags

relation, company s nationality

Reduce the risk of systems and organizations ceasing operations
Maintain information confidentiality
Ensure the integrity and reliability of data resources
Ensure the uninterrupted availability of data resources and online operations
Ensure compliance with policies and laws regarding security and privacy

Major goals of information security

time during which ISs or data are not available in the course of conducting business, has become a dreaded situation for almost every business worldwide

total losses of electrical power

voltage of the power decreases, or very short interruptions occur in the flow of power
power can cause irreparable damage to hardware

Uninterruptible Power Supply (UPS)

systems which provide an alternative power supply for a short time, as soon as a power network fails

Keylogging
software that records individual keystrokes

telephoning an employee from a telephone company or the organization's own IT unit, and saying they must have the employee's password to fix a problem
allows for important information to be stolen

When a criminal has a person's identifying details, such as Social Security number, driver's license number, or credit-card number, they can pretend to be this person

bogus record in a networked database that neither employees nor buinsess partners would ever access for legitimate purposes

server that contains a mirrored copy of a production database (a database that is used for business operations), or one with invalid records

so named because they act on programs and data in a fashion similar to the way viruses act on living tissue
easily spread from computer to computer

spreads in a network without human intervention
attacks computers without the need to send e-mail or open any received files

readily available on the market from companies that specialize in developing this kind of software
Kaspersky, Symantec, McAfee

analogous to the destructive gift given to the ancient Trojans, as described in Greek mythology
viruses disguised as legitimate software or useful software

software that is programmed to cause damage at a specified time to specific applications and data files
Lies dormant until a certain event takes place in the computer or until the computer's inner clock reaches the specified time; the event or time triggers the virus to start causing damage

occurs when a Web site receives an overwhelming number of information requests, such as merely logging on to a site

using some or all of the resources of a computer linked to a public network without the consent of its owner

constraints and other restrictions imposed on a user or a system, and they can be used to secure systems against the risks just discussed or to reduce damage caused to systems, applications, and data

automatic duplication of all data periodically to protect against loss of data

Redundant Arrays of Independent Disks
set of disks that is programmed to replicate stored data, providing a higher degree of reliability

measures taken to ensure that only those who are authorized have access to a computer or network, or to certain applications or data

unique physical, measurable characteristic of a human being that is used to identify a person
fingerprints, retinal scans, voiceprints

set of indivisible transactions; either all transactions are executed or none are--never only some
ensures that only full entry occurs in all the appropriate files

series of documented facts that help detect who recorded which transactions, at what time, and under whose approval
sometimes automatically created using data, such as the date and time of a transaction or the name or password of the user updating the file

Information Systems Auditor

Electronic Data Processing Auditor
professional whose job it is to find erroneous or fraudulent cases and investigate them

hardware and software that blocks access to computing resources

Demilitarized Zone
approach to security that involves a network of computers that are connected to the company;s trusted network (such as an intranet) at one end and the untrusted network--the public Internet--at the other end

represents another server for all information requests from resources inside the trusted network
Can also be placed between the Internet and the organization's trusted network when there is no DMZ

process of ensuring that the person who sends a message to or receives a message from you is indeed that person
can be accomplished by senders and receivers exchanging codes known only to them

Coding a message into a form unreadable to an interceptor

when both the sender and recipient use the same secret key
requires that the recipient have the key before the encrypted text is received
key is referred to simply as a secret key or private key

comprising two keys: one is public, and the other is private
it is clear why this type of encryption is also called "public-key" encryption

Transport Layer Security (TLS)

used for transactions on the Web
successor of Secure Socket Layer (SSL) and works following the same principles as SSL, with some additional improvements
a part of virtually all current Web browsers

secure version of HTTP
encrypts communication using SSL or TLS (all done by the browser)

way to authenticate online messages, analogous to a physical signature on a piece of paper, but implemented with public-key cryptography
authenticates the identity of the sender of a message and also guarantees that no one has altered the sent document; its as if the message were carried in an electronically sealed envelope

akin to the unique fingerprint of a file
software uses private (secret) key to encrypt the message digest
the result is a digital signature for that specific file

computer files that serve as the equivalent of ID cards by associating one's identity with one's public key

Certificate Authority (CA)

organization that serves as a trusted third party that issues digital certificates

Single Sign-on
users are required to identify themselves only once before accessing several different systems
requires special software that interacts with all the systems in an organization, and the systems must be linked through a network

Disaster Recovery Plans, Business Resumption Plans, Business Continuity Plans
well-planned programs in place that prepare for mishaps, either natural or malicious
detail what should be done and by whom if critical systems go down

Obtain management's commitment to the plan Establish a planning committee Perform risk assessment and impact analysis Prioritize recovery needs Select a recovery plan Select vendors Develop and implement the plan Test the plan Continually test and evaluate

Nine Steps to Develop a Business Recovery Plan

Mission-Critical Applications

applications without which the business cannot conduct its operations
given highest priority
categorized into classes such as: critical, vital, sensitive, noncritical

alternative sites provided by companies
IBM, Hewlett-Packard, SunGard Availability Services
provide backup and operation facilities to which a client's employees can move and continue operations in case of a disaster

Is a type of malware that spreads in a network without human intervention?

When both the sender and recipient use the same secret key the technique is called ____?

Which type of user account should be use for every day computing?

Is the process of ensuring that senders and receivers of messages are indeed who they claim to be?