Test Bank for Information Technology
for Management Chapter 5 12th Edition
by Efraim Turban
explains what management has decided are acceptable and unacceptable activities, and the
consequences of noncompliance - ANSacceptable use policy (AUP)
is the management of who is and who is not authorized to use a company's hardware and
software - ANSaccess control
deal with issuing guidelines and monitoring compliance with guidelines - ANSadministrative
controls
attackers operate "under the radar" so they can continue to steal data and profit from it -
ANSadvanced persistent threat (APT)
is software that embeds advertisements in the application. It is considered a legitimate
alternative offered to consumers who do not wish to pay for software. - ANSadware
a loosely associated international network of activist and hacktivist entities - ANSAnonymous
are safeguards that are intended to protect specific applications. - ANSapplication controls
things of value that need to be protected - ANSAssets
is a path or means by which a hacker can gain access to a computer or network server in order
to deliver a malicious outcome. - ANSattack vector
Procedure of generating, recording, and reviewing a chronological record of system events to
determine their accuracy - ANSAudit
provides easy access to a system, computer, or account by creating the access that may or may
not require authentication - ANSBackdoor
is an automated method of verifying the identity of a person, based on physical or behavioral
characteristics - ANSbiometric control
Person who attempts to find computer security vulnerabilities and exploit them for personal
financial gain or other malicious reasons. - ANSblack hat
, a group of external attacking entities and is a totally different attack method/vector from malware
which is internal to the system - ANSBotnet
practices that move enterprise data and IT assets to employees' mobile devices and the cloud -
ANSbring your own apps (BYOA)
a trend driven by employees using their own devices for business purposes because they are
more powerful than those the company has provided - ANSbring your own device (BYOD)
refers to maintaining business functions or restoring them quickly when there is a major
disruption - ANSbusiness continuity plan
estimates the consequences of disruption of a business function and collects data to develop
recovery strategies. - ANSbusiness impact analysis (BIA)
is controlled by the attacker to facilitate and communicate with infected devices - ANScommand
and control (C&C) channel
users bringing their personal mobile devices and their own mobile applications to work and
connecting them to the corporate network - ANSconsumerization of information technology
(COIT)
are available for hire or complete hack attacks can be bought - ANScontract hacker
is the internationally accepted IT governance and control framework created by the International
Systems Audit and Control Association (ISACA) to align IT with business objectives, delivering
value, and manage associated risks. - ANSControl Objectives for Information and Related
Technology (COBIT) 5
An enterprise-wide approach that combines risk, security, compliance, and IT specialists greatly
increases the prevention and detection of fraud. - ANScorporate governance
is defined as, "systems and assets, whether physical or virtual, so vital to the a country that the
incapacity or destruction of such systems and assets would have a debilitating impact on
security, national economic security, national public health or safety, or any combination of those
matters" - ANScritical infrastructure
is a threat posed by means of the Internet (a.k.a. cyberspace) and the potential source of
malicious attempts to damage or disrupt a computer network, system, or application. -
ANScyberthreat
is the successful retrieval of sensitive information by an individual, group, or software system. -
ANSdata breach
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller AllLegitExams. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $10.49. You're not tied to anything after your purchase.