Ais Chap 7

Card Set Information

Author:
blemus
ID:
17652
Filename:
Ais Chap 7
Updated:
2010-05-04 00:07:46
Tags:
Preventive controls
Folders:

Description:
Preventive Controls
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user blemus on FreezingBlue Flashcards. What would you like to do?


  1. focuses on verifying the identity of the person or device attempting to access the system. Via passords or personal id
    authentication
  2. restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform.(employee in marketing can not access payroll)
    Authorization
  3. teach employees why security measures are important and teach them to use safe computing practices
    training
  4. to protect entry points to the building, to rooms housing computer equipment, to wiring, and to devices such as laptops,cellphones, and PDA's.
    Physical access controls
  5. Include routers, firewalls and intrusion prevention systems to prevent unauthorized access from remote locations
    Remote access controls
  6. connects an organizations information system to the internet
    border router
  7. works with the boader router to filter information trying to enter or leave the organization.
    firewall
  8. The ___ is a separate network that permits controlled access from the internet to certain resources (Ex: web servers & email servers are placed in the ___ because it sits outside the corporate network but is accessible from the internet).

    Also known as the perimater network
    DMZ (demilitarized zone)
  9. procedure for dividing files and documents into packets to be sent over the Internet and the methods for reassembly of the original document or file at the destination.
    TCP (transmission control protocol)
  10. procedures involve the use of suppleental preventive controls on workstations, servers, printers and other devices.
    Host and application hardening
  11. The final layer of preventive controls
    encryption
  12. is the process of transforming normal text, called plaintext, into unreadable gibberish, called ciperhtext
    encryption
  13. transforms ciphertext into plain text
    decryption
  14. Encryption and decryption
  15. Factors that determine strength of an encryption system are
    length of key, key management policies and the encryption algorithm
  16. use the same key to encrypt and decrypt
    symmetric
  17. use both public and a private key
    Asymmetric
  18. encryption that encodes data faster, mostly used by E-Businesses
    symmetric encryption
  19. encryption that safely sends the symetric key to the recipient.
    asymmetric key
  20. key available to everyone
    public key
  21. key kept secret and know only totheowner of that pair of keys.
    private
  22. it does not matter who knows the public key, because any text encrypted with it can only be decrypted by using the corresponding private key.
    Asymmetric encryption
  23. public key can be distributed by email or website, but only the owner of the private key can decrypt the message.
    Asymmetric
  24. slower encryption system
    Asymmetric
  25. Faster encryption system, but has more problems
    symmetric
  26. both parties need to know the shared secret keys
    symmetric
  27. seperate secret keys need to be created for use with each different party with who encryption is going to be used.
    Symmetric Encryption
  28. To slow to exchange lage amounts of information over the internet
    Asymmetric
  29. encryption is used to encode most of the date being exchanged
    Symmetric
  30. is used to safely send the symmetric key to the recipient for use in decrypting the ciphertext
    Asymmetric
  31. transforms plaintext into a short code
    hashing
  32. this encryption is not reversible, it throws away any information.
    hashing
  33. Asymmetric encryption and hashing are used to create this type of signature
    Digital
  34. a hashed document that has been encrypted with the sender's private key and can only be decrypted using the corresponding public key.
    Digital signature
  35. certifies the owner of a particular private key
    digital cerificate
  36. provide a means to verify that the contents of a message have not been altered
    Hash Algorithms
  37. Certifies the owner of a particular public key
    Digital Certificate
  38. an organization that issues publc and private keys and records the public key in a digital cerificate is a
    Certificate authority
  39. the system and processes used to issue and manage asymmetric keys and digital certificates.
    PKI (public key infrastructure)
  40. The _______ authority hashes the information stored on a digital certificate and then encrypts that hash with its private key.
    Certificate
  41. cursive style imprint of a person's name
    e-signature
  42. Enhance security by monitoring the effectiveness of preventive controls and detecting incidents in which preventive controls have been successfully circumvented.
    Detective Controls

What would you like to do?

Home > Flashcards > Print Preview