Deck 14: Risks, Security, and Disaster Recovery

In recent years,identity theft has been more prevalent as part of phishing.

The purpose of using atomic transactions is to ensure encrypting of all appropriate files.

Unintentional damage to software occurs because of poor training,lack of adherence to simple backup procedures,or simple human error.

Companies that choose not to fully develop their own recovery plan can outsource it to companies that specialize in either disaster recovery planning or provision of alternative sites.

Symmetric encryption is also called "public­key" encryption.

Several manufacturers of computer equipment offer individual keyboard-embedded and mouse-embedded fingerprint devices.

Controls translate business policies into system features.

With single sign-on,users are required to identify themselves every time they access each of several different systems.

The best defense against unauthorized access to systems over the Internet is a firewall.

Redundancies increase expected downtime in business information systems.

The greater the number of interdependent systems,the greater the expected downtime.

Information System managers discourage users from frequently changing their passwords.

A protocol called Transport Layer Security (TLS) is used for transactions on the Web.

In blackouts,the voltage of the power decreases,or very short interruptions occur in the flow of power.

To aid in business recovery,copies of applications are usually kept in a safe place to replace those that get damaged.

Encryption slows down communication because the software must encrypt and decrypt every message.

Bots are implemented not only for access but also to implement policies and ensure that nonsensical data is not entered into corporate databases.

A digital certificate associates a user's identity with the user's public key.

Computer viruses are so named because they act on programs and data in a fashion similar to the way viruses act on living tissue.

___________are constraints and other restrictions imposed on a user or a system,and they can be used to secure systems against risks or to reduce damage caused to systems,applications,and data.

A(n)___________ characteristic is a unique physical,measurable characteristic of a human being that is used to identify a person.

Once criminals have a person's identifying details,such as a Social Security number,driver's license number,or credit-card number,they can pretend to be this person,which is a crime called___________ .

In computer terms,a(n)___________ is any virus disguised as legitimate software or useful software that contains a virus.

A(n) ___________is software that is programmed to cause damage at a specified time to specific applications and data files.

___________,the time during which ISs or data are not available in the course of conducting business,has become a dreaded situation for almost every business worldwide.

Perpetrators use other people's computers in distributed denial-of-service (DDoS) attacks.Professionals call such computers___________ .

Probably the easiest way to protect against loss of data is to automatically duplicate all data periodically,a process referred to as data _____.

To ensure against interruptions in power supply,organizations use ___________systems,which provide an alternative power supply for a short time,as soon as a power network fails.

___________are total losses of electrical power.

___________is the process of ensuring that senders and receivers of messages are indeed who they claim to be.

___________provide backup and operation facilities to which a client's employees can move and continue operations in case of a disaster.

What is a Trojan horse?

To prepare for mishaps,either natural or malicious,many organizations have well-planned programs in place,called_____.

The cost of damage is the aggregate of all the potential damages multiplied by their respective___________ .

What are the main goals of information security?

Discuss natural disasters that pose a risk to ISs.

When both the sender and recipient use the same secret key,the technique is called___________ .

A(n) ___________is a way to authenticate online messages,analogous to a physical signature on a piece of paper,but implemented with public-key cryptography.

A professional whose job it is to find erroneous or fraudulent cases and investigate them is known as a(n)___________ .

___________are computer files that serve as the equivalent of ID cards by associating one's identity with one's public key.

A(n)___________ is a series of documented facts that help detect who recorded which transactions,at what time,and under whose approval.

Hardware or software that blocks access to computing resources is called a(n) ___________.

What are honeytokens?

List common controls to protect systems from risks.