+
Related Flashcards
Related Topics
Cards In This Set
| Front | Back |
|
Information Security
|
A broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization
|
|
Insiders
|
Legitimate users who purposely or accidentally misuse their access to the environment and cause some kind of business-affecting incident
|
|
Social Engineering
|
Using one's social skills to trick people into revealing access credential or other information valuable to the attacker
|
|
Information Security Policies
|
Identify the rules required to maintain information security
|
|
Information Security Plan
|
Details how an organization will implement the information security policies
|
|
Five Steps for Creating an Information Security Plan
|
1. Develop the information security policies2. Communicate the information security policies3. Identify critical information assets and risks4. Test and reevaluate risks5. Obtain stakeholder support
|
|
Three Primary Information Security Areas
|
1. Authentication and Authorization2. Prevention and Resistance3. Detection and Response
|
|
Authentication
|
A method for confirming users' identities
|
|
Authorization
|
The process of giving someone permission to do or have something
|
|
Identity Theft
|
The forging of someone's identity for the purpose of fraud
|
|
Phishing
|
A technique to gain personal information for the purpose of identity theft, usually by means of fraudulent email
|
|
Tokens
|
Small electronic devices that change user passwords automatically
|
|
Smart Card
|
A device that is around the same size as a credit card
|
|
Biometrics
|
The identification of a user based on a physical characteristic
|
|
Content Filtering
|
Occurs when organizations use software that filters content to prevent the transmission of unauthorized information
|
