Finals Reviewer - DCIT65 PDF

**Lesson 5** **Security Incident** - is a security event that damages network resources or data as part of an attack or security threat. **Exploit -** is a piece of code, software, or method used by attackers to take advantage of vulnerabilities or weaknesses in applications, systems, or networks. **Known exploits** - refer to vulnerabilities or attack methods that have already been discovered, documented, and made public **Unknown exploits** - also known as zero-day exploits, refer to vulnerabilities or attack methods that are not yet known or disclosed to the public. **Denial of service (DoS) attack** - A cyber attack that floods a computer or website with data to overload the system and prevent it from working properly. **Malware** - Harmful software like spyware, viruses, ransomware, and worms that can access a system\'s data. **Identity theft** - A criminal gains access to a user\'s personal information and uses it for their own benefit. **Cryptojacking** - Cybercriminals use a victim\'s computer resources without their knowledge to mine cryptocurrencies. **Cross-Site Request Forgery (CSRF)** is an attack that forces an end user to execute unwanted actions on a web application in which they\'re currently authenticated. **Disk Forensics** - It is the process where experts take data recovered from physical storage devices to recover deletions and hidden partitions. **Network forensics** simply implies the investigation of network traffic to collect evidence regarding security incidents on systems, unauthorized access, or any other malicious activity that occurred in the system. **Database Forensics** - It is the process of collection of information that is contained in a database, both data and related metadata. **Mobile Forensics** - The procedure involves using special software with functions of extracting, investigating, and recovering the data that is stored on devices. **Malware Forensics** - The aim of malware forensics is finding, examining, and tracking down the attacking malware. **Lesson 6** **Physical Security** - It is measures are designed to protect buildings, and safeguard the equipment inside. In short, they keep unwanted people out, and give access to authorized individuals. **Prevent unauthorized entry** - Providing a secure office space is the key to a successful business. **Proactive intrusion detection** - As the first line of defense for your building, the importance of physical security in preventing intrusion cannot be understated **Scalable physical security implementation** - a scalable solution that's easy to install and quick to set up will ensure a smooth transition to a new physical security system. **Seamless system integrations** - Another benefit of physical security systems that operate in the cloud is the ability to integrate with other software, applications, and systems. **Audit trails and analytics** - being able to easily and quickly detect possible weaknesses in your system enables you to implement new physical security plans **Operational Security** - also known as procedural security, is a risk management process that encourages managers to view operations from the perspective of an adversary in order to protect sensitive information from falling into the wrong hands **Lesson 7** **Information privacy** is the right of individuals to control how their personal data is collected, stored, and shared. **Data Ownership** - Individuals own their personal data and have the right to decide how it is used. **Data Collection Practices -** Companies and organizations collect data through various means, including online forms, cookies, and apps. **Consent -** Organizations must obtain clear and informed consent from individuals before collecting their data. **Tracking Technologies** - Tools such as cookies and mobile apps track user activity. **Data Breaches** - Unauthorized access to sensitive data can lead to identity theft or fraud. **Social Media** - Over-sharing and lack of privacy controls expose personal information to risk **Data Privacy Act of 2012** (RA 10173): Protects the privacy of individuals by regulating the processing of personal data. **Lesson 8** **Freedom of expression -** Refers to the ability of an individual or group of individuals to express their beliefs, thoughts, ideas, and emotions about different issues free from government censorship. **Criminal defamation laws -** are frequently abused, being used in cases which do not involve the public interest and as a first, rather than last resort **Attacks on Media Worker** - Harassment of journalists and other workers in the media industry pose a very significant threat to independent and investigative journalism. **Informal Censorship -** designed to prevent or punish the publication or broadcast of critical material. **Hate Speech** - the most insidious and pervasive ways of undermining effective enjoyment of rights for those who are their targets. **Gender Equity** - Equal access to and representation of women in the media are crucial to ensuring proper coverage of issues of concern to women and of women's perspectives. **Lesson 9** **Intellectual Property** - An intangible asset is a non-physical asset that a company or person owns. **Copyright** grants you legal rights to anything you create that expresses or embodies an idea. **Patents** are granted for new, useful inventions, and they will give you the right to prevent others from making, using, or selling your invention. **Patent Infringement** - prohibited act with respect to a patented invention without permission from the patent holder. **Trade secret** is a piece of confidential business information whose secrecy gives you an advantage over your competitors. **ENUMERATION** Lesson 6 **Enumerate Types of Security Policies** - Acceptable Use Policy - Data Classification Policy - Incident Response Policy - Access Control Policy Lesson 7 **Enumerate the key provisions of Data Privacy Act of 2012.** - Transparency in data collection. - Secure storage of personal information. - Rights of individuals to access and correct their data. Lesson 8 **List at least 5 Freedom of Speech: Key Issues** (kayo na pumili) Lesson 9 **IP key terms** 1. Confidentiality 2. Copyright 3. Indigenous Rights 4. Patents 5. Registered designs 6. Trade Marks 7. Trade Secrets **Examples of Trade Secrets** 1. Formulas 2. Patterns 3. Methods, Techniques, and processes **Examples of Patents** 1. Utility Patents 2. Design Patents 3. Plant Patents

Finals Reviewer - DCIT65 PDF

Document Details

Tags

Related

Summary

Full Transcript