Key Terms

Acceptable use policy (AUP)

Defines acceptable uses of firm’s information resources and computing equipment, including desktop and laptop computers, wireless devices, telephones, and the internet, and specifies consequences for noncompliance.

Access control

Policies and procedures to prevent improper access to systems by unauthorized insiders and outsiders

Antivirus software

software designed to detect, and often eliminate, computer viruses from an information system

Application controls

Specific controls unique to each computerized application that ensure that only authorized data are completely and accurately processed by that application. Such as payroll or order processing

Authentication

the ability of each party in a transaction to ascertain the identity of the other party

Authorization management systems

Allow each user access only to those portions of system that person is permitted to enter, based on information established by set of access rules, profile

Authorization policies

Determine differing levels of user access to differing levels of information assets

Biometric authentication

technology for authenticating systems users that compares a person’s unique characteristics such as fingerprints, face, or retinal image, against a stored set profile of these characteristics.

Botnet

Networks of “zombie” PCs infiltrated by bot malware

A group of computers that have been infected with bot malware without users’ knowledge, enabling a hacker to use the amassed resources of the computers to launch distributed denial-of-service attacks, phishing campaigns or spam.

Bugs

software program code defects

Businesss continuity planning

Focuses on restoring business operations after disaster

Click fraud

Computer crime

Computer forensics

Computer virus

Controls

Cybervandalism

Deep packet inspection (DPI)

Denial-of-service (DoS) attack

Digital certificates

Disaster recovery planning

Distributed denial-of-service (DDoS)...