Intro to IT Security
The Need for Security
Security Requirements
Security and you
Planning for Security
100
This term refers to someone who seeks out and exploits weaknesses in computer systems.
What is a hacker
100
Tricking or deceiving people or systems hiding a sender's identity or faking the identity of another user.
What is spoofing?
100
A well known standard that provides best practice recommendations on information security management for use by those responsible for initiating, implementing or maintaining information security management systems
What is ISO 27002
100
An acceptable email encryption method when communicating with clients.
What is TLS or Transport Layer Security?
100
A sequence of words or other text used to control access to a computer system, program or data, often used to control both access to cryptographic programs and systems.
What is a passphrase
200
____ is a type of software deriving its name from a Greek tale, containing malicious code typically designed to cause loss or theft of data, and possible system harm.
What is Trojan horse
200
A network security barrier, between a trusted/internal network and another presumed untrusted network (i.e. Internet) controlling incoming and outgoing traffic based on an applied rule set.
What is a firewall
200
A proprietary information security standard for organizations that handle, store or transmit credit / cardholder data of major card issuers
What is PCI DSS or Payment Card Industry Data Security Standard
200
A practice executed by individuals who search trash and recycling for information that could compromise a company's privacy or information security.
What is dumpster diving?
200
the process of encoding messages or information in such a way that only authorized parties can read it.
What is encryption?
300
This non-technical intrusion technique relies heavily on human interaction in order to trick people into violating their own security procedures.
What is social engineering
300
A device or software that monitors keyboard usage
What is a keyboard logger?
300
the name of a policy agreement established between the United States Department of Commerce and the European Union (E.U.) to regulate the way that U.S. companies export and handle the personal data of European citizens.
What is Safe Harbor
300
A software that will secure data copied on a device placed into your computer.
What is disk or device encryption?
300
A sub network , deriving its name from military terms, acting as add an additional layer of security that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet.
What is a demilitarized zone or DMZ?
400
____ is any technology that aids in gathering information about a person or organization and may transmit it without their knowledge or consent
What is spyware
400
Programs used to prevent, detect and remove malicious software.
What is antivirus or antimalware
400
Individuals with authorized and privileges to manage information within the organization are most likely to cause harm or damage by____
What is accident
400
The ________ is an executive-level document that outlines the organization's approach and attitude towards information security and relates its strategic value within the organization
What is the Information Security Policy
400
A network security barrier, between a trusted/internal network and another presumed untrusted network (i.e. Internet) controlling incoming and outgoing traffic based on an applied rule set.
What is a firewall?
500
Attempts to acquire personal information such as usernames, passwords, bank account or credit card information via email.
What is phishing
500
In the well-known ____ type of attack, an attacker monitors or sniffs packets from the network, modifies them, and inserts them back into the network
What is a man-in-the-middle attack.
500
Act for establishing standards to protect patients' personal health information within the United States
What is HIPAA Privacy or Health Insurance Portability and Accountability Act Privacy
500
A protocol of transmission often used that provides secure file transfer capabilities.
What is sFTP? (Or Secure File Transfer Protocol)
500
A software-based application that can detect an attack as it occurs
What is an Intrusion Detection System?
M
e
n
u