-
focuses on verifying the identity of the person or device attempting to access the system. Via passords or personal id
authentication
-
restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform.(employee in marketing can not access payroll)
Authorization
-
teach employees why security measures are important and teach them to use safe computing practices
training
-
to protect entry points to the building, to rooms housing computer equipment, to wiring, and to devices such as laptops,cellphones, and PDA's.
Physical access controls
-
Include routers, firewalls and intrusion prevention systems to prevent unauthorized access from remote locations
Remote access controls
-
connects an organizations information system to the internet
border router
-
works with the boader router to filter information trying to enter or leave the organization.
firewall
-
The ___ is a separate network that permits controlled access from the internet to certain resources (Ex: web servers & email servers are placed in the ___ because it sits outside the corporate network but is accessible from the internet).
Also known as the perimater network
DMZ (demilitarized zone)
-
procedure for dividing files and documents into packets to be sent over the Internet and the methods for reassembly of the original document or file at the destination.
TCP (transmission control protocol)
-
procedures involve the use of suppleental preventive controls on workstations, servers, printers and other devices.
Host and application hardening
-
The final layer of preventive controls
encryption
-
is the process of transforming normal text, called plaintext, into unreadable gibberish, called ciperhtext
encryption
-
transforms ciphertext into plain text
decryption
-
Encryption and decryption
-
Factors that determine strength of an encryption system are
length of key, key management policies and the encryption algorithm
-
use the same key to encrypt and decrypt
symmetric
-
use both public and a private key
Asymmetric
-
encryption that encodes data faster, mostly used by E-Businesses
symmetric encryption
-
encryption that safely sends the symetric key to the recipient.
asymmetric key
-
key available to everyone
public key
-
key kept secret and know only totheowner of that pair of keys.
private
-
it does not matter who knows the public key, because any text encrypted with it can only be decrypted by using the corresponding private key.
Asymmetric encryption
-
public key can be distributed by email or website, but only the owner of the private key can decrypt the message.
Asymmetric
-
slower encryption system
Asymmetric
-
Faster encryption system, but has more problems
symmetric
-
both parties need to know the shared secret keys
symmetric
-
seperate secret keys need to be created for use with each different party with who encryption is going to be used.
Symmetric Encryption
-
To slow to exchange lage amounts of information over the internet
Asymmetric
-
encryption is used to encode most of the date being exchanged
Symmetric
-
is used to safely send the symmetric key to the recipient for use in decrypting the ciphertext
Asymmetric
-
transforms plaintext into a short code
hashing
-
this encryption is not reversible, it throws away any information.
hashing
-
Asymmetric encryption and hashing are used to create this type of signature
Digital
-
a hashed document that has been encrypted with the sender's private key and can only be decrypted using the corresponding public key.
Digital signature
-
certifies the owner of a particular private key
digital cerificate
-
provide a means to verify that the contents of a message have not been altered
Hash Algorithms
-
Certifies the owner of a particular public key
Digital Certificate
-
an organization that issues publc and private keys and records the public key in a digital cerificate is a
Certificate authority
-
the system and processes used to issue and manage asymmetric keys and digital certificates.
PKI (public key infrastructure)
-
The _______ authority hashes the information stored on a digital certificate and then encrypts that hash with its private key.
Certificate
-
cursive style imprint of a person's name
e-signature
-
Enhance security by monitoring the effectiveness of preventive controls and detecting incidents in which preventive controls have been successfully circumvented.
Detective Controls
|
|