ITF-Capt4-1-keyterms

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475
Across
  1. 1. A security concern regarding network devices, and other devices such a smartphones that give the option of using the device without a password.
  2. 3. An early example of encryption used by Julius Caesar to send confidential military messages.
  3. 8. Attempting to secretively discover private information about a person, company, or other entity.
  4. 9. A development model that breaks down project activities into a series of sequential or linear phases, each phase depending on the deliverables from the previous phase.
  5. 10. Regularly scheduled backups.
  6. 11. TCP session hacking and other methods where an attacker takes over the communication to a server by appearing to be the victim.
  7. 12. Backups that are stored in the same building or even the same room as the computer systems they are taken from.
  8. 14. Software that help remove unwanted, unsolicited email.
  9. 15. The passive gathering of information about a potential victim.
  10. 17. An attack that attempts to overload a system so that the services it provides are no longer available to legitimate network clients.
  11. 19. Works whose copyrights have expired and are free for anyone to reproduce, display, and make derivatives.
  12. 20. The use of deception to gain personal and/or private information for unlawful purposes.
  13. 24. The SDLC phase that involves studying existing information systems that are already in place and the requirements for new information systems.
  14. 27. A device that contains one or more hard drives that users can access over the network.
  15. 28. A form of eavesdropping that uses programs such as packet sniffers to capture data being transmitted over a network.
  16. 30. Unscheduled backups performed periodically.
  17. 31. Data that are being transported from one device to another, whether by radio, electrical, or light signals.
  18. 33. Any word, picture, or symbol that's used to distinguish a good from other similar goods.
  19. 34. The study and design of a system by examining its components and their interactions.
  20. 39. The ability to ensure that someone can't deny that they performed a certain act.
  21. 43. The various forms of information systems including transaction processing, management, and expert systems.
  22. 51. A development model that involves designing, implementing, and testing smaller pieces of the overall project, then cycling back and doing more analysis and design.
  23. 52. An attribute used to classify information based on the risk of public disclosure.
  24. 60. A scheme for classifying information based on different levels of public/private distinctions.
  25. 64. The identification, evaluation, and prioritization of risks followed by activities that minimizes, monitors, and controls the impact of the risk.
  26. 67. A device that controls the flow of network traffic to protect systems from unauthorized network connections.
  27. 68. An activity that involves integrating various computing systems and software applications to function together as a whole.
  28. 71. Exploiting a victim using email messages
  29. 72. A project management process that divides a large or complex project into smaller, more manageable projects that can be completed as part of an incremental or iterative process.
  30. 73. A reasonable belief that personal information collected by an information system is controlled and protected and not shared or used beyond its original intent.
  31. 74. The practice of initiating, planning, executing, controlling, and closing the work of a team to achieve specific goals and meet specific success criteria at the specified time.
  32. 75. A method of increasing fault tolerance by providing multiple network paths between hosts.
Down
  1. 2. The SDLC phase that involves purchasing and installing new hardware and software, integrating the various system components, and testing the operation of the new system.
  2. 4. The SDLC phase that involves gathering information about the technology and software needs of an organization, deciding which options are most feasible, and setting timelines and deliverables for the entire project.
  3. 5. A type of access control that restricts access based on the users role in an organization.
  4. 6. An attempt to connect to a server by capturing and resending of authentication information.
  5. 7. A method of increasing fault tolerance by providing power backups and power failover.
  6. 13. Tricking a victim into revealing sensitive information under false pretenses.
  7. 16. Convincing a victim that they are performing a legitimate task within their web browser window, when in fact they are being tricked into revealing sensitive information or installing malware on their computer
  8. 17. A type of access control where a user has complete control over a resource, and also determines the permissions other users have those those resources.
  9. 18. Anything that is owned by a copyright holder.
  10. 21. A scheme for classifying information based on government and military requirements.
  11. 22. combination of technology, people, and procedures used to organize, analyze, and store data.
  12. 23. The SDLC phase that involves monitoring and evaluating the new information system.
  13. 25. A methodology or framework that defines steps and tasks for developing and maintaining information systems.
  14. 26. A person who works closely with law enforcement officials to investigate security breaches, cyber-attacks, and other crimes.
  15. 29. Data in a persistent storage medium, such as a hard drive or optical disc.
  16. 32. An area of security planning with the goal of protecting an organization from the effects of a natural or human-induced disaster.
  17. 35. A type of authentication that requires the user to provide something that they are, such as a fingerprint, handprint, retinal pattern, face or voice.
  18. 36. Directions for disposing and even destroying data when it's no longer needed or when a storage device needs to be replaced.
  19. 37. A type of authentication that requires the user to provide something that they know, such as a password or PIN.
  20. 38. Authentication that requires two or more evidences of authentication, usually of different types.
  21. 40. A type of authentication that requires the user to provide something that they have, such as a key, fob, electronic chip, or smart card.
  22. 41. A method of authenticating with one system to gain access to other related systems.
  23. 42. A method of increasing fault tolerance by storing data in a way that ensures that the data is recoverable in case of hardware failures. RAID arrays and replication are two data redundancy strategies.
  24. 44. An attack where the an attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other.
  25. 45. A backup of the system software, including operating system files.
  26. 46. Concerning security, a person responsible for securing networks and responding to intrusions.
  27. 47. A backup of data stored in a database.
  28. 48. The process of creating systems of prevention and recovery to permit ongoing operation, before and during disaster recovery.
  29. 49. Software that helps protect against malicious software infections.
  30. 50. Protections granted by the federal government to creators, writers, and inventors regarding rights to reproduce, display, make derivatives, sell, rent, or lend a work.
  31. 53. Software where anyone can inspect, enhance, and modify the source code.
  32. 54. The SDLC phase that involves reviewing the system requirements document from the analysis phase and producing detailed specifications that cover all aspects of the system.
  33. 55. A person who is in charge of designing and implementing security methods to protect an organization's computer systems and networks.
  34. 56. Any software where the publisher retains intellectual property rights to the source code.
  35. 57. A systematic process for determining and addressing needs, or "gaps" between current conditions, and desired conditions or "wants".
  36. 58. The capturing and storing of computer and user events.
  37. 59. Backups that are stored at a location far enough from a possible natural disaster, while being close enough to recover the data and systems within a reasonable amount of time.
  38. 61. The process of turning data points into useful information.
  39. 62. The crime of using someone else's intellectual property in a way that should be reserved for the copyright holder.
  40. 63. An exception to copyright law that allows short excerpts of a copyrighted work to be used for purposes that benefit the public.
  41. 65. The process of keeping track of user activity while attached to a system.
  42. 66. The buying and selling of products or services electronically, typically through the Internet.
  43. 69. A license given by a government that provides inventors a temporary monopoly on their invention.
  44. 70. A type of access control that historically was associated with multilevel security and military systems and may use a security clearance to restrict access to resources. The security manager controls the security policy and users aren't able to override the policy.