Term
|
Definition
| accounts for nearly 75% of all information security breaches in business today |
|
|
Term
|
Definition
| Personally Identifiable Information |
|
|
Term
| Graham-Leach Bliley Act of 1999 |
|
Definition
GLBA protect information from financial institutions
Req notice of sharing policies and give the consumer the right to "opt-out" of the institution sharing their information |
|
|
Term
|
Definition
The GLBA protexts against this social engineering attack
its the use of fraudulent docs to get the consumer to release info |
|
|
Term
| Telephone records and privacy protection act of 2006 |
|
Definition
| Dunn pretended to be a company and got info. this act made it a federal crime for people to perform fraudulent tactics to get phone companies to release info |
|
|
Term
| Health Insurance Portability and Accountability Act of 1996 |
|
Definition
HIPPA req. hospitals and doctors to provide safeguards over their patients information.
Noncompliance fines up to 100,000 and 10yrs in jail |
|
|
Term
| Sarbanes-Oxley Act of 2002 |
|
Definition
SOX - result of scandals at enron, world come etc.
objective - corporate governance, and accurate financial disclosure
Companies have to submit andannual assesment of their financial auditing reports to the (sec) security exchange commission |
|
|
Term
| Security Exchange commission |
|
Definition
| gets audit reports from companies because of SOX |
|
|
Term
| Federal Info Management Act of 2002 |
|
Definition
ensure effectiveness of internet security
government wide oversight of information security risk |
|
|
Term
| Homeland Security Act of 2002 |
|
Definition
| fed. responsibility to work ith the private sector, state and local gov and the public to protect the nations information |
|
|
Term
| Security Breach Notification Act |
|
Definition
SB-1386 Ca's requirement for businesses to notify their customers if their personal information may have been exposed by and info sec.breach
(persons name + SS#,DL#,or financial ACCT # |
|
|
Term
|
Definition
| Sells information, gave fraud info of 163,000 people - 10million + 5million to settle the charges |
|
|
Term
| Payment Card Industry Data Security Standards |
|
Definition
|
|
Term
| The federal rules of civil procedure, rule 26 |
|
Definition
| focuses on the discovery of electronic information rather than privacy info (keep records of employees emails and ims) |
|
|
Term
|
Definition
| continuum of illicit activities that compromise of threaten the use of electronic info, is, and computer networks |
|
|
Term
|
Definition
| Mimic tones, use whistle from captain crunch, steve jobs and wozniac |
|
|
Term
|
Definition
| Malicious computer code that is software and intentionally designed to infiltrate or damage computer networks |
|
|
Term
|
Definition
| Convinced users they were attacked and offered a remedy which was actually was the storm worm. |
|
|
Term
|
Definition
| virus that propagates over network without user action to infect the computer |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Overloaded computer networks |
|
|
Term
|
Definition
| Virus that presents itself as one program but is another |
|
|
Term
|
Definition
| Example of the flashdrives |
|
|
Term
|
Definition
| Program that establishes root access to a computer. similar to admin access - used to sustain computers injected with spyware |
|
|
Term
|
Definition
| Network of computers that are all infected with a malware called a Bot |
|
|
Term
|
Definition
| Individual computer in a botnet |
|
|
Term
|
Definition
| Person controlling the botnet |
|
|
Term
|
Definition
| attack people and their weakness |
|
|
Term
|
Definition
| Might fill up the spaceandmakeacomputer unusable |
|
|
Term
| Distributed Denial of service DDoS |
|
Definition
| often carried out by zombies to attack a computer or network and overwhelm its resources |
|
|
Term
|
Definition
| Relies on spoofed emails to get information - will link to a fake website |
|
|
Term
|
Definition
| use dns cache to get the victims to a website and give their info |
|
|
Term
|
Definition
| Change their banks ip address and change it to a bogus website |
|
|
Term
|
Definition
| take control of dns server just by visiting the page (many say disable java script in browsers) |
|
|
Term
|
Definition
|
|
Term
|
Definition
| exploits that take advantage of vulnerabilities only known to hackers |
|
|
Term
|
Definition
| used to entice and watch how cyber criminals and their malware behave, disguised as a normal network |
|
|
Term
|
Definition
| 2 keys are required. info cannot be read by anyone but the receiver |
|
|
Term
|
Definition
| Example is your signature on a check allowing it to be cashed. |
|
|
Term
|
Definition
| Verify the identity of the person |
|
|
Term
|
Definition
| ID someone based on physiological or behavioral traids like fingerprints and eyes |
|
|
Term
|
Definition
|
|
Term
|
Definition
| plug into a computer, serial number and a shared secret |
|
|
Term
| Network Address Translation |
|
Definition
| used by firewalls to hide Ip addresses of LAN computers. |
|
|
