focuses on verifying the identity of the person or device attempting to access the system. Via passords or personal id
restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform.(employee in marketing can not access payroll)
teach employees why security measures are important and teach them to use safe computing practices
to protect entry points to the building, to rooms housing computer equipment, to wiring, and to devices such as laptops,cellphones, and PDA's.
Physical access controls
Include routers, firewalls and intrusion prevention systems to prevent unauthorized access from remote locations
Remote access controls
connects an organizations information system to the internet
works with the boader router to filter information trying to enter or leave the organization.
The ___ is a separate network that permits controlled access from the internet to certain resources (Ex: web servers & email servers are placed in the ___ because it sits outside the corporate network but is accessible from the internet).
Also known as the perimater network
DMZ (demilitarized zone)
procedure for dividing files and documents into packets to be sent over the Internet and the methods for reassembly of the original document or file at the destination.
TCP (transmission control protocol)
procedures involve the use of suppleental preventive controls on workstations, servers, printers and other devices.
Host and application hardening
The final layer of preventive controls
is the process of transforming normal text, called plaintext, into unreadable gibberish, called ciperhtext
transforms ciphertext into plain text
Encryption and decryption
Factors that determine strength of an encryption system are
length of key, key management policies and the encryption algorithm
use the same key to encrypt and decrypt
use both public and a private key
encryption that encodes data faster, mostly used by E-Businesses
encryption that safely sends the symetric key to the recipient.
key available to everyone
key kept secret and know only totheowner of that pair of keys.
it does not matter who knows the public key, because any text encrypted with it can only be decrypted by using the corresponding private key.
public key can be distributed by email or website, but only the owner of the private key can decrypt the message.
slower encryption system
Faster encryption system, but has more problems
both parties need to know the shared secret keys
seperate secret keys need to be created for use with each different party with who encryption is going to be used.
To slow to exchange lage amounts of information over the internet
encryption is used to encode most of the date being exchanged
is used to safely send the symmetric key to the recipient for use in decrypting the ciphertext
transforms plaintext into a short code
this encryption is not reversible, it throws away any information.
Asymmetric encryption and hashing are used to create this type of signature
a hashed document that has been encrypted with the sender's private key and can only be decrypted using the corresponding public key.
certifies the owner of a particular private key
provide a means to verify that the contents of a message have not been altered
Certifies the owner of a particular public key
an organization that issues publc and private keys and records the public key in a digital cerificate is a
the system and processes used to issue and manage asymmetric keys and digital certificates.
PKI (public key infrastructure)
The _______ authority hashes the information stored on a digital certificate and then encrypts that hash with its private key.
cursive style imprint of a person's name
Enhance security by monitoring the effectiveness of preventive controls and detecting incidents in which preventive controls have been successfully circumvented.