Mis 309

  1. Ethics
    A branch of philosophy that deals with what is considered to be right and wrong.
  2. Code of Ethics
    a collection of principles that are intended to guide decision making by members of an organization
  3. Opt-in Model
    of informed consent means that organizations are prohibited from collecting any personal information unless the customer specifically authorizes it. (Preferred by privacy advocates.)
  4. Electronic Surveillance
    The tracking of people‘s activities, online or offline, with the aid of computers.
  5. Privacy Codes and Policies
    An organization’s guidelines with respect to protecting the privacy of customers, clients, and employees.
  6. Opt-out model
    of informed consent permits the company to collect personal information until the customer specifically requests that the data not be collected.
  7. Exposure
    of an information resources is the harm, loss or damage that can result if a threat compromises that resource.
  8. Social engineering
    an attack where the attacker uses social skills to trick a legitimate employee into providing confidential company information such as passwords.
  9. Intellectual property
  10. Property created by individuals or corporations which is protected under trade secret, patent, and copyright laws.
  11. Trade secret
    Intellectual work, such as a business plan, that is a company secret and is not based on public information
  12. Patent
    Document that grants the holder exclusive rights on an invention or process for 20 years.
  13. Copyright
    Statutory grant that provides creators of intellectual property with ownership of the property for life of the creator plus 70 years.
  14. Piracy
    Copying a software program without making payment to the owner.
  15. Virus
    is a segment of computer code that performs malicious actions by attaching to another computer program.
  16. Worm
    is a segment of computer code that performs malicious actions and will spread by itself without requiring another computer program.
  17. Trojan horse
    is a computer program that hides in another computer program and reveals its designated behavior only when it is activated.
  18. Phishing attacks
    use deception to acquire sensitive personal information by masquerading as official-looking e-mails or instant messages.
  19. Spyware
    collects personal information about users without their consent. Two types of spyware are keystroke loggers (keyloggers) and screen scrapers
  20. Keystroke loggers
    record your keystrokes and your Web browsing history.
  21. Screen scrapers
    record a continuous “movie” of what you do on a screen.
  22. Spamware
    is alien software that is designed to use your computer as a launchpad for spammers.
  23. Cookies
    are small amounts of information that Web sites store on your computer.
  24. Risk management.
    To identify, control and minimize the impact of threats.
  25. Authentication
    • - Major objective is proof of identity.
    • Something the user is, has, does, or knows
  26. Authorization
    - Permission issued to individuals and groups to do certain activities with information resources, based on verified identity.
  27. Firewalls.
    System that enforces access-control policy between two networks.
  28. Anti-malware systems
    (also called antivirus software) are software packages that attempt to identify and eliminate viruses, worms, and other malicious software.
  29. Intrusion Detection Systems
    are designed to detect all types of malicious network traffic and computer usage that cannot be detected by a firewall.
  30. Encryption.
    Process of converting an original message into a form that cannot be read by anyone except the intended receiver.
  31. Encryption.
    Process of converting an original message into a form that cannot be read by anyone except the intended receiver.
  32. Whitelisting
    is a process in which a company identifies the software that it will allow to run and does not try to recognize malware.
  33. Blacklisting
    is a process in which a company allows all software to run unless it is on the blacklist
  34. demilitarized zone (DMZ)
    located between the two firewalls; the DMZ contains company servers that typically handle Web page requests and e-mail
  35. digital certificate
    is an electronic document attached to a file certifying that the file is from the organization that it claims to be from and has not been modified from its original format.
  36. Certificate authorities,
    which are trusted intermediaries between two organizations, issue digital certificates.
  37. A virtual private network .
    is a private network that uses a public network (usually the Internet) to connect users
  38. Secure socket layer (SSL),
    Transport layer security (TLS),
    is an encryption standard used for secure transactions such as credit card purchases and online banking.
  39. Vulnerability management systems (also called security on demand)
    extend the security perimeter that exists for the organization’s managed devices, to unmanaged, remote devices.
  40. Employee monitoring systems
    monitor employees’ computers, e-mail activities, and Internet surfing activities
  41. Hot Site
    is a fully configured computer facility, with all services, communications links, and physical plant operations.
  42. byte
    is eight bits and represents a single character (e.g., a letter, number or symbol).
  43. field
    is a group of logically related characters (e.g., a word, small group of words, or identification number)
  44. record
    is a group of logically related fields (e.g., student in a university database).
  45. file
    is a group of logically related records.
  46. database
    is a group of logically related files.
  47. data model
    is a diagram that represents the entities in the database and their relationships.
  48. entity
    is a person, place, thing, or event about which information is maintained. A record generally describes an entity.
  49. attribute .
    is a particular characteristic or quality of a particular entity
  50. primary key
    is a field that uniquely identifies a record.
  51. Secondary keys
    are other field that have some identifying information but typically do not identify the file with complete accuracy.
  52. identifiers,
    which are attributes that are unique to that entity instance
  53. An instance
    • of an entity class is the representation of a particular entity.
    • Entity instances have identifiers
  54. ER diagrams .
    consists of entities, attributes and relationships
  55. database management system
    is a set of programs that provide users with tools to add, delete, access, and analyze data stored in one location.
  56. relational database model .
    is based on the concept of two-dimensional tables
  57. SQL
    Structured query language allows users to perform complicated searches by using relatively simple statements or keywords.
  58. Query by example
    allows users to fill out a grid or template to construct a sample or description of the data he or she wants.
  59. Normalization
    is a method for analyzing and reducing a relational database to its most streamlined form for
  60. data warehouse
    is a repository of historical data organized by subject to support decision makers in the organization.
  61. data cube
    has three dimensions: customer, product, and time.
  62. online transaction processing (OLTP)
    typically involves a database, where data from business transactions are processed online as soon as they occur.
  63. Online analytical processing (OLAP)
    involves the analysis of accumulated data by end users (usually in a data warehouse)
  64. A data mart
    is a small data warehouse, designed for the end-user needs in a strategic business unit (SBU) or a department.
  65. Data governance
    is an approach to managing data and information across an entire organization.
  66. Master data management
    is a method that organizations use in data governance.
  67. Master data
    are a set of core data that span all enterprise information systems.
  68. Knowledge management
    is a process that helps organizations manipulate important knowledge that is part of the organization’s memory, usually in an unstructured format.
  69. Explicit knowledge:
    objective, rational, technical knowledge that has been documented. Examples: policies, procedural guides, reports, products, strategies, goals, core competencies
  70. Tacit knowledge:
    cumulative store of subjective or experiential learning. Examples: experiences, insights, expertise, know-how, trade secrets, understanding, skill sets, and learning
  71. Knowledge management systems
    refer to the use of information technologies to systematize, enhance, and expedite intrafirm and interfirm knowledge management.

    • nCreate knowledge
    • nCapture knowledge
    • nRefine knowledge
    • nStore knowledge
    • nManage knowledge
    • nDisseminate knowledge
Card Set
Mis 309
Final terms