Ais Chap 7

focuses on verifying the identity of the person or device attempting to access the system. Via passords or personal id

restricts access of authenticated users to specific portions of the system and specifies what actions they are permitted to perform.(employee in marketing can not access payroll)

teach employees why security measures are important and teach them to use safe computing practices

to protect entry points to the building, to rooms housing computer equipment, to wiring, and to devices such as laptops,cellphones, and PDA's.

Include routers, firewalls and intrusion prevention systems to prevent unauthorized access from remote locations

connects an organizations information system to the internet

works with the boader router to filter information trying to enter or leave the organization.

The ___ is a separate network that permits controlled access from the internet to certain resources (Ex: web servers & email servers are placed in the ___ because it sits outside the corporate network but is accessible from the internet).

Also known as the perimater network

procedure for dividing files and documents into packets to be sent over the Internet and the methods for reassembly of the original document or file at the destination.

procedures involve the use of suppleental preventive controls on workstations, servers, printers and other devices.

The final layer of preventive controls

is the process of transforming normal text, called plaintext, into unreadable gibberish, called ciperhtext

transforms ciphertext into plain text

Factors that determine strength of an encryption system are

use the same key to encrypt and decrypt

use both public and a private key

encryption that encodes data faster, mostly used by E-Businesses

encryption that safely sends the symetric key to the recipient.

key available to everyone

key kept secret and know only totheowner of that pair of keys.

it does not matter who knows the public key, because any text encrypted with it can only be decrypted by using the corresponding private key.

public key can be distributed by email or website, but only the owner of the private key can decrypt the message.

slower encryption system

Faster encryption system, but has more problems

both parties need to know the shared secret keys

seperate secret keys need to be created for use with each different party with who encryption is going to be used.

To slow to exchange lage amounts of information over the internet

encryption is used to encode most of the date being exchanged

is used to safely send the symmetric key to the recipient for use in decrypting the ciphertext

transforms plaintext into a short code

this encryption is not reversible, it throws away any information.

Asymmetric encryption and hashing are used to create this type of signature

a hashed document that has been encrypted with the sender's private key and can only be decrypted using the corresponding public key.

certifies the owner of a particular private key

provide a means to verify that the contents of a message have not been altered

Certifies the owner of a particular public key

an organization that issues publc and private keys and records the public key in a digital cerificate is a

the system and processes used to issue and manage asymmetric keys and digital certificates.

The _______ authority hashes the information stored on a digital certificate and then encrypts that hash with its private key.

cursive style imprint of a person's name

Enhance security by monitoring the effectiveness of preventive controls and detecting incidents in which preventive controls have been successfully circumvented.