ISTM 210 exam 3 ACTUAL UPDATED QUESTIONS AND CORRECT ANSWERS
Computer security risk management, integrity, and the availability of the electronic info that is
processed and stored within a computing system
Risk management the recognition, consequences, and assessment of risk to a computer's assets, and
developing strategies to manage and protect them
Hacker (hacktivist) someone who attempts to invade or disable a computer's security measures and
then to steal the computer resources at their leisure
The key aspect of an intranet is privacy
Firewall specialized hardware and software working together that ensures that only
authorized personnel and employees within a business can use its intranet
Proxy server a special security computer where any communications in or out of an intranet
pass through it to protect against external threats
Port like a door in a fire, used to contain and delay secuirty threats
"Default deny" firewall rule the only network connections that are permitted are the ones that have been
explicitly allowed
"default allow" firewall rule business that lack understanding allow all traffic unless it is blocked
Computer viruses computer files that reproduce by making copies of them within a computer's
memory, storage, or on a network (also called metaphoric viruses)
Malware includes programs specifically intended to penetrate or damage a computer
system w/out the end user's knowledge
Experimental malware written as a research project to further understand how to combat them while
others are pranks and vandalism
Worms self-replicating but does not need to attatch itself to an existing program to
spread
-use network to travel
Trojan horses a program that often seems harmless and possibly interesting at first until it is
executed
, Spyware a computer program that is installed covertly on a computer to capture or take
control of the system w/out the user's knowledge or consent
Adware (advertising supported software) programs that automatically display or download advertising to a computer
Spamming ( junk email) the abuse of an email system to arbitrarily send millions of unsolicited bulk
messages
Denial of service attack (DOS) an attempt to make a computer or any of its resources unavailable to its intended
users
Reverse phishing/ keylogging when a perpetrator logs on to a computer workstation and installs a program that
simply records every keystroke made
Antivirus software computer programs that attempt to identify, prevent, and eliminate computer
viruses and malware
-examine computer files and match them to known viruses stored in a database
-ex. symantec corporation's norton antivirus and mcafee's virusscan
system patches are also called online security updates
Internet fraud any fraudulent activity in an online setting
Click fraud hackers write programs into advertising network websites that automatically pass
a user to the advertiser whether they had any intention of visiting or ot, and
collecting the per click fee
Purchase scams most uncomplicated, a buyer approaches merchants via spam and asks if they can
pay for shipping with a credit card (using a stolen card), once order is shipped the
card is canceled and company loses money
Data mining when experts extract useful data and info from recorded data like a cookie
Shoulder surfing a criminal in a public place will glance over their victim's shoulder and watch them
for info
SCAM be stingy, check financial info, ask for credit report, and maintain records
5 core business functions accounting, production, research and developement, human resources, and
marketing
Collaboration two or more people working towards a common goal
Business an organized entity designed to sell goods and/or services to make a profit
Computer security risk management, integrity, and the availability of the electronic info that is
processed and stored within a computing system
Risk management the recognition, consequences, and assessment of risk to a computer's assets, and
developing strategies to manage and protect them
Hacker (hacktivist) someone who attempts to invade or disable a computer's security measures and
then to steal the computer resources at their leisure
The key aspect of an intranet is privacy
Firewall specialized hardware and software working together that ensures that only
authorized personnel and employees within a business can use its intranet
Proxy server a special security computer where any communications in or out of an intranet
pass through it to protect against external threats
Port like a door in a fire, used to contain and delay secuirty threats
"Default deny" firewall rule the only network connections that are permitted are the ones that have been
explicitly allowed
"default allow" firewall rule business that lack understanding allow all traffic unless it is blocked
Computer viruses computer files that reproduce by making copies of them within a computer's
memory, storage, or on a network (also called metaphoric viruses)
Malware includes programs specifically intended to penetrate or damage a computer
system w/out the end user's knowledge
Experimental malware written as a research project to further understand how to combat them while
others are pranks and vandalism
Worms self-replicating but does not need to attatch itself to an existing program to
spread
-use network to travel
Trojan horses a program that often seems harmless and possibly interesting at first until it is
executed
, Spyware a computer program that is installed covertly on a computer to capture or take
control of the system w/out the user's knowledge or consent
Adware (advertising supported software) programs that automatically display or download advertising to a computer
Spamming ( junk email) the abuse of an email system to arbitrarily send millions of unsolicited bulk
messages
Denial of service attack (DOS) an attempt to make a computer or any of its resources unavailable to its intended
users
Reverse phishing/ keylogging when a perpetrator logs on to a computer workstation and installs a program that
simply records every keystroke made
Antivirus software computer programs that attempt to identify, prevent, and eliminate computer
viruses and malware
-examine computer files and match them to known viruses stored in a database
-ex. symantec corporation's norton antivirus and mcafee's virusscan
system patches are also called online security updates
Internet fraud any fraudulent activity in an online setting
Click fraud hackers write programs into advertising network websites that automatically pass
a user to the advertiser whether they had any intention of visiting or ot, and
collecting the per click fee
Purchase scams most uncomplicated, a buyer approaches merchants via spam and asks if they can
pay for shipping with a credit card (using a stolen card), once order is shipped the
card is canceled and company loses money
Data mining when experts extract useful data and info from recorded data like a cookie
Shoulder surfing a criminal in a public place will glance over their victim's shoulder and watch them
for info
SCAM be stingy, check financial info, ask for credit report, and maintain records
5 core business functions accounting, production, research and developement, human resources, and
marketing
Collaboration two or more people working towards a common goal
Business an organized entity designed to sell goods and/or services to make a profit
