Exam 12: Information Security Management

__________safeguards involve the people and procedure components of information systems.

Phishing is usually initiated via a(n) __________.

If you are a manager, even if they don't tell you about it, one of your overarching concerns is about __________management.

The Privacy Act of 1974 gives individuals the right to access health data.

What is risk management? How should management make these tough decisions?

A _ ___________ is any action, device, procedure, technique, or other measure that reduces a system's security to a threat.

Unauthorized data disclosure can occur by simple human __________when someone inadvertently releases data in violation of a policy.

A hacker can launch a denial of service attack against a Web server by__________ it with millions of bogus service requests.

__________is a technique for intercepting computer communications.

A __________ is an operation that spoofs legitimate companies in an attempt to illegally capture credit card or bank account numbers.

You should never send sensitive data over the Internet unless you see https:// in the browser's address bar.

__________encryption uses the same key for both parties.

What is a denial of service security problem? How does this result from actions by the various sources of security threats?

Security programs have __________components.

Pre- texting is the same as__________ in the world of malicious computer activities.

The IT department sets the security policy for an organization.

Because encryption keys can be lost or destroyed, a copy of the key should stored with a trusted third party called a(n):

By starting a computationally intense application at the wrong time, users can inadvertently shut down a network or Web server resulting in a __________.

Technical safeguards involve the hardware and software components of an information system.

Hardened Web sites use special versions of the operating systems and functions that are not required by the application.