Itm 309 Exam 2 Study Guide
Exam Two Topics: Review Outline - March 21, 2012
Ethics and Information Security – Chapter 4
Business Ethics
BW: Ethics 101 for Interns (Supplemental Reading)
Information Management Policies
•The protection of information from accidental or intentional misuse by persons inside or outside an organization Security Management Planning and Lines of Defense
•1st Line of Defense – People
oThe biggest issue regarding information security is a people issue •Insiders, Social Engineering, and Dumpster Diving
oThe first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan •2nd Line of Defense – Technology
oPeople: Authentication and Authorization
oData: Prevention and Resistance
oAttack: Detection and Response
Security Measures, Methods, and Tools
•Encryption, Firewalls, How are the tools applied
Primary IT Security Areas
•Authentication, Authorization
oAuthentication – A method for confirming users’ identities oAuthorization – The process of giving someone permission to do or have something •Prevention and Resistance
oContent Filtering, Encryption, and Firewalls
•Detection and Response
oIntrusion Detection Software – features full-time monitoring tools that search for patterns in network traffic to identify intruders
Infrastructures – Chapter 5
Business Benefits of a Solid MIS Infrastructure
•MIS Infrastructure – includes the plans for how a firm will build, deploy, use, and share its data, processes, and MIS assets. oSupporting Operations (Information)
oSupporting Change (Agile)
oSupporting Environment (Sustainable)
Moore’s Law
•Refers to the computer chip performance per dollar doubles every 18 months •Three Primary Side Effects of Businesses Expanding Use of Technology oIncreased E-Waste, Energy Consumption, and Carbon Emissions. •Three Components of a Sustainable MIS Infrastructure:
oGrid...
Please join StudyMode to read the full document