MIS ch. 8

12345678910111213141516171819202122232425262728293031323334353637383940
Across
  1. 2. intentional disruption/defacement/destruction of a web site or information system
  2. 7. eavesdroppers drive by & try to intecept wireless network traffic
  3. 11. the process of transforming plain text/data inot cipher text that cannot be read by anyone other than the sender and the intended reciever
  4. 12. small peices of software to rapair software flaws without disturbing the proper operation of the software
  5. 13. uses two keys; one public to encrypt; one private to decrypt
  6. 19. conceals the ip addresses of the org's internal host computers to prevent sniffer programs (NAT)
  7. 24. hackers flood a network server with thousands of false communications to crash the network (DoS)
  8. 27. policies, procedures, and technical measures used to prevent hacking/theft
  9. 28. computer infected with bot malware that allos the hacker to manipulate and order the computer
  10. 29. authentication system that reads and interprets individual human traits
  11. 30. small programs that install themselves on computers to monitor user web surfing and servve up ads
  12. 32. examines the firm's overall security environment as well as controls governing individual info systems; trace the flow of transactions through the system
  13. 34. malicious software programs including viruses, worms, and trojan horses
  14. 36. individual who intends to gain unathorized access to a computer system
  15. 37. a hacker with criminal intent
  16. 38. intruders trick employees into revealing their passwords by prentending to be legitimate members of the company in need of info
  17. 40. computer system that helps operators pinpoint the faults in the system and easily correct their mistakes
Down
  1. 1. rogue software program that attaches itself to other software programs or data files in order to be ennacted
  2. 3. program code defects
  3. 4. bus processes and software tools for identifying the valid users of a system and controlling their access to system resources
  4. 5. monitors network activity and perform vulnerability testing and intrustion detection
  5. 6. hackers misrepresenting themselves; redirect a web link to a different address than intended
  6. 8. info system controls which are unique to each computerized application ; both automated and manual processes
  7. 9. the ability to know that a person is who they claim to be
  8. 10. full-time monitoring tools placed at the most vulnerable point of a corp network
  9. 14. examines the application content of the packets
  10. 15. methods, policies, and procedures that ensure the saftey of the org's assets; the accuracy of its records; and the adherance to mgt standards
  11. 16. attacks largest malware threat; take advantage of vulnerabilities in poorly coded web application software to introduce malware into the network
  12. 17. firewalls, virtual private networks, intrusion detection system, web content filtering and antispam software are examples of (UTM)
  13. 18. info system controls which govern the design security and use of computer programs and the security of data files in general throughout the IT infrastructure
  14. 20. examining data files and prioritizing them to decide which packet to continue processing and whcih to block or delay (DPI)
  15. 21. software program that appears to be benign but then does something other than expected
  16. 22. defines acceptable uses of the firm's info resources and computing equipment
  17. 23. computer system that has redundant components that provides continuous uninterupted service
  18. 25. act taht imposes responsibility on companies and their management to safeguard the accuracy & integrity of financial info used internally or released externally
  19. 26. attack uses numerous computers to inundate and overwhelm the netowrk from multiple launch points (with acronym)
  20. 31. independent computer programs that copy themselves from one computer to others over a network
  21. 33. eavesdropping program that monitors info traveling over a network; can be sued for good
  22. 35. a form of spoofing; setting up fake web sites or emails or text messages that look like those of legit businesses to ask users for personal data
  23. 39. outlines medical security and privacy rules and procedures for simplifying the administration of health care billing and transfer of data (acronym)