Chapter 4 – Ethics and Information Security: MIS Business Concerns – Flashcards
Unlock all answers in this set
Unlock answersquestion
copyright
answer
the legal protection afforded an expression of an idea
question
intellectual property
answer
intangible creative work that is embodies in physical form and includes copyrights, trademarks and patents
question
patent
answer
an exclusive right to make, use and sell and invention and is granted by a government to the inventor
question
ethics
answer
the principles and standards that guid our behavior toward other people
question
privacy
answer
the right to be left alone when you want to be, to have control over your personal possessions and not to be observed without your consent
question
confidentiality
answer
the assurance that messages and information remain available only to those authorized to use them
question
information ethics
answer
govern the ethical and moral issues arising from the development and use of technologies, as well as creation, collection, duplication, distribution and processing of information itself
question
pirated software
answer
unauthorized use, duplication, distribution or sale of copyrighted software
question
counterfeit software
answer
software that is manufactured to look like the real thing and sold as such
question
digital rights management
answer
technological solution that allows publishers to control their digital media to discourage, limit or prevent illegal copying and distribution
question
information management
answer
examines the organizational resource of information and regulates its definitions, uses, value and distribution ensuring it had the types of data/information required to function and grow effectively
question
information governance
answer
a method or system of government for information management or control
question
information compliance
answer
the act of conforming, acquiescing or yielding information
question
information property
answer
an ethical issue that focuses on who owns information about individuals and how information can be sold and exchanged
question
ediscovery (electronic discovery)
answer
refers to the ability of a company to identify, search, gather, seize or export digital information in responding to a litigation, audit, investigation or information inquiry
question
child online protection act
answer
passed to protect minors from accessing inappropriate material on the internet
question
epolicies
answer
policies and procedures that address information management along with the ethical use of computers and the internet in the business environment
question
cyberbulling
answer
includes threats, negative remarks or defamatory comments transmitted via the internet or posted on the website
question
threat
answer
is an act or object that poses a danger to assets
question
click-fraud
answer
the abuse of pay-per-click, pay-per-call and pay-per-conversion revenue models by repeatedly clicking on a link to increase charges or costs for the advertiser
question
competitive click-fraud
answer
a computer crime where and competitor or disgruntled employee increases a company's search advertising costs by repeatedly clicking on the advertisers link
question
ethical computer use policy
answer
contains general principles to guid computer user behavior
question
information privacy policy
answer
contains general principles regarding information privacy
question
acceptable use policy (AUP)
answer
requires a user to agree to follow it to be provided access to corporate email, information systems and the internet
question
nonrepudiation
answer
a contractual stipulation to ensure that ebusiness participants do not deny their online actions
question
internet use policy
answer
contains general principles to guid the proper use of the internet
question
cybervandalism
answer
the electronic defacing of an existing website
question
typosquatting
answer
a problem that occurs when someone registers purposely misspelled variations of well-known domain names
question
website name stealing
answer
a theft of a websites name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned to the website to another website owner
question
internet censorship
answer
governments attempt to control internet traffic, thus preventing some material from being viewed by a country's citizens
question
email privacy policy
answer
details the extent to which email messages may be read by others
question
mail bomb
answer
sends a massive amount of email to a specific person or system that can cause that users server to stop functioning
question
spam
answer
unsolicited email
question
anti-spam policy
answer
simply states that email users will not send spam emails
question
opt out
answer
choosing to deny permission to incoming emails
question
teergrubing
answer
an anti-spamming approach where the receiving computer launches an return attack against the spammer, sending email messages back to the computer that sent the original spam
question
social media policy
answer
outlines the corporate guidelines or principles governing employee online communications
question
physical security
answer
tangible protection such as alarms, guards, fireproof doors, fences and vaults
question
workplace MIS monitoring
answer
tracks peoples activities by such measures as number of keystrokes, error rate and number of transactions processed
question
employee monitoring policy
answer
stating explicitly how, when and where the company monitors its employees
question
downtime
answer
refers to a period of time when a system is unavailable
question
information security
answer
a broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization
question
hackers
answer
experts in technology who use their knowledge to break into computers and computer networks, either for profit or just motivated by the challenge
question
drive-by hacking
answer
a computer attack where an attacker accesses a wireless computer network, intercepts data, uses network services and/or sends attack instructions without entering the office or organization that owns the network
question
virus
answer
software written with malicious intent to cause annoyance or damage
question
adware
answer
software that, purporting to serve some useful function and often fulfilling that function, also allows internet advertises to display advertisements without the consent of the computer user
question
spyware
answer
a special class of adware that collects data about the user and transmits it over the internet without the users knowledge or permission
question
insiders
answer
legitimate users who purposefully or accidentally misuse their access to the environment and cause some kind of business affecting incident
question
social engineering
answer
hackers use their social skills to trick people into revealing access credentials or other valuable information
question
dumpster diving
answer
looking through peoples trash
question
information security policies
answer
identify the rules required to maintain information security
question
information security plan
answer
details how an organization will implement the information security policies
question
destructive agents
answer
malicious against designed by spammers and other internet attackers to farm email addresses off websites or deposit spyware on machines
question
identity theft
answer
the forging of someones identity for the purpose of fraud
question
information secrecy
answer
category of computer security that addresses the protection of data from unauthorized disclosure and confirmation of data source authenticity
question
phishing
answer
a technique to gain personal information for the purpose of identity theft
question
phishing expedition
answer
masquerade attack that combines spam with spoofing
question
spear phishing
answer
a phishing expedition in which the emails are carefully designed to target a specific person or organization
question
vishing (voice phishing)
answer
a phone scam that attempts to defraud people by asking them to call a bogus telephone number to confirm their account information
question
pharming
answer
reroutes requests for legitimate websites to false websites
question
zombie
answer
a program that secretly takes over another computer for the purpose of launching attacks on other computers
question
zombie farm
answer
group of computers on which a hacker has planted zombie programs
question
pharming attack
answer
uses a zombie farm to launch a massive phishing attack
question
authentication
answer
a method for confirming user identities
question
authorization
answer
the process of providing a user with permission including access levels and abilities such as file access, hours of access and amount of allocated storage space
question
tokens
answer
small electronic devices that change user passwords automatically
question
smart card
answer
device about the size of a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing
question
biometrics
answer
the identification of a user based on some physical characteristic
question
time bombs
answer
computer viruses that wait for a specific date before executing their instructions
question
content filtering
answer
occurs when organizations use software that filters content to prevent the accidental or malicious transmission of unauthorized information
question
encryption
answer
scrambles information into an alternative form that requires a key or password to decrypt
question
decrypt
answer
decode
question
cryptography
answer
science that studies encryption
question
advanced encryption standard (AES)
answer
designed to keep government information secure
question
public key encryption (PKE)
answer
uses two keys: a public key that everyone can have and a private key that only the recipient has
question
certificate authority
answer
trusted third party that validates user identities by means of digital certificates
question
digital certificate
answer
a data file that identifies individuals or organizations online and is comparable to a digital signature
question
firewall
answer
is hardware and/or software that guard a private network by analyzing incoming and outgoing information for the correct markings
question
anti-virus software
answer
scans and searches hard drives to prevent, detect and remove viruses, spyware and adware
question
cyberwar
answer
an organized attempt by a countries military to disrupt or destroy information and communications systems for another country
question
cyberterrorism
answer
the use of computer and networking technologies against persons or property to intimidate or coerce governments, individuals or any segment of society to attain political, religious or ideological goals
question
intrusion detection software (IDS)
answer
feature full time monitoring tools that search for patterns in network traffic to identify intruders