List and describe the most common threats against contemporary information systems.
Define malware and distinguish among a virus, a worm, and a Trojan horse.
Define a hacker and explain how hackers create security problems and damage systems.
Define computer crime. Provide two examples of crime in which computers are targets and two examples in which computers are used as instruments of crime.
Define identity theft and phishing and explain why identity theft is such a big problem today.
Describe the security and system reliability problems created by employees.
Explain how software defects affect system reliability and security.
What is the business value of security and control?
Explain how security and control provide value for businesses.
Describe the relationship between security and control and recent U.S. government regulatory requirements and computer forensics.
What are the components of an organizational framework for security and control?
Define general controls and describe each type of general control.
Define application controls and describe each type of application control.
Describe the function of risk assessment and explain how it is conducted for information systems.
Define and describe the following: security policy, acceptable use policy, and identity management.
Explain how MIS auditing promotes security and control.
What are the most important tools and technologies for safeguarding information resources?
Name and describe three authentication methods.
Describe the roles of firewalls, intrusion detection systems, and antivirus software in promoting security.
Explain how encryption protects information.
Describe the role of encryption and digital certificates in a public key infrastructure.
Distinguish between fault tolerance and high-availability computing, and between di saster recovery planning and business continuity planning.
Identify and describe the security problems posed by cloud computing.
Describe measures for improving software quality and reliability.