Itm 309 Exam 2 Study Guide
ITM 309 Spring, 2012
Exam Two Topics: Review Outline - March 21, 2012
Ethics and Information Security – Chapter 4
Business Ethics
BW: Ethics 101 for Interns (Supplemental Reading)
Information Management Policies
• The protection of information from accidental or intentional misuse by persons inside or outside an organization
Security Management Planning and Lines of Defense
• 1st Line of Defense – People o The biggest issue regarding information security is a people issue
• Insiders, Social Engineering, and Dumpster Diving o The first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan
• 2nd Line of Defense – Technology o People: Authentication and Authorization o Data: Prevention and Resistance o Attack: Detection and Response
Security Measures, Methods, and Tools
• Encryption, Firewalls, How are the tools applied
Primary IT Security Areas
• Authentication, Authorization o Authentication – A method for confirming users’ identities o Authorization – The process of giving someone permission to do or have something
• Prevention and Resistance o Content Filtering, Encryption, and Firewalls
• Detection and Response o Intrusion Detection Software – features full-time monitoring tools that search for patterns in network traffic to identify intruders
Infrastructures – Chapter 5
Business Benefits of a Solid MIS Infrastructure
• MIS Infrastructure – includes the plans for how a firm will build, deploy, use, and share its data, processes, and MIS assets. o Supporting Operations (Information) o Supporting Change (Agile) o Supporting Environment (Sustainable)
Moore’s Law
• Refers to the computer chip performance per dollar doubles every 18 months
• Three Primary Side Effects of Businesses Expanding Use of Technology o Increased E-Waste, Energy Consumption, and Carbon Emissions.
• Three Components of a Sustainable MIS Infrastructure:
o
Exam Two Topics: Review Outline - March 21, 2012
Ethics and Information Security – Chapter 4
Business Ethics
BW: Ethics 101 for Interns (Supplemental Reading)
Information Management Policies
• The protection of information from accidental or intentional misuse by persons inside or outside an organization
Security Management Planning and Lines of Defense
• 1st Line of Defense – People o The biggest issue regarding information security is a people issue
• Insiders, Social Engineering, and Dumpster Diving o The first line of defense an organization should follow to help combat insider issues is to develop information security policies and an information security plan
• 2nd Line of Defense – Technology o People: Authentication and Authorization o Data: Prevention and Resistance o Attack: Detection and Response
Security Measures, Methods, and Tools
• Encryption, Firewalls, How are the tools applied
Primary IT Security Areas
• Authentication, Authorization o Authentication – A method for confirming users’ identities o Authorization – The process of giving someone permission to do or have something
• Prevention and Resistance o Content Filtering, Encryption, and Firewalls
• Detection and Response o Intrusion Detection Software – features full-time monitoring tools that search for patterns in network traffic to identify intruders
Infrastructures – Chapter 5
Business Benefits of a Solid MIS Infrastructure
• MIS Infrastructure – includes the plans for how a firm will build, deploy, use, and share its data, processes, and MIS assets. o Supporting Operations (Information) o Supporting Change (Agile) o Supporting Environment (Sustainable)
Moore’s Law
• Refers to the computer chip performance per dollar doubles every 18 months
• Three Primary Side Effects of Businesses Expanding Use of Technology o Increased E-Waste, Energy Consumption, and Carbon Emissions.
• Three Components of a Sustainable MIS Infrastructure:
o