acceptable use policy (AUP) ✔✔A document that stipulates restrictions and practices that a user
must agree in order to use organizational computing
... [Show More] and network resources.
advanced persistent threat (APT) ✔✔A network attack in which an intruder gains access to a
network and stays there—undetected— with the intention of stealing data over a long period of
time (weeks or even months).
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS) ✔✔An agreement
of the World Trade Organization that requires member governments to ensure that intellectual
property rights can be enforced under their laws and that penalties for infringement are tough
enough to deter further violations.
anonymous expression ✔✔The expression of opinions by people who do not reveal their identity.
anonymous remailer service ✔✔A service that allows anonymity on the internet by using a
computer program that strips the originating header and/or IP address from the message and then
forwards the message to its intended recipient.
anti-SLAPP laws ✔✔Laws designed to reduce frivolous SLAPPs (strategic lawsuit against public
participation [SLAPP], which is a lawsuit filed by corporations, government officials, and others
against citizens and community groups who oppose them on matters of concern).
antivirus software ✔✔Software that scans for a specific sequence of bytes, known as a virus
signature, that indicates the presence of a specific virus.
artificial intelligence systems ✔✔The people, procedures, hardware, software, data, and
knowledge needed to develop computer systems and machines that can simulate human
intelligence processes, including learning (the acquisition of information and rules for using the
information), reasoning (using rules to reach conclusions), and self-correction (using the outcome
from one scenario to improve its performance on future scenarios).
audit committee ✔✔A group that provides assistance to the board of directors in fulfilling its
responsibilities with respect to the oversight of the quality and integrity of the organization's
accounting and reporting practices and controls, including financial statements and reports; the
organization's compliance with legal and regulatory requirements; the qualifications,
independence, and performance of the company's independent auditor; and the performance of the
company's internal audit team.
Bathsheba syndrome ✔✔The moral corruption of people in power, which is often facilitated by a
tendency for people to look the other way when their leaders act inappropriately.
blended threat ✔✔A sophisticated threat that combines the features of a virus, worm, Trojan horse,
and other malicious code into a single payload.
body of knowledge ✔✔An agreed-upon sets of skills and abilities that all licensed professionals
must possess.
botnet ✔✔A large group of computers, which are controlled from one or more remote locations
by hackers, without the knowledge or consent of their owners.
breach of contract ✔✔The failure of one party to meet the terms of a contract.
breach of the duty of care ✔✔The failure to act as a reasonable person would act.
bribery ✔✔The act of providing money, property, or favors to someone in business or government
in order to obtain a business advantage.
bring your own device (BYOD) ✔✔A business policy that permits, and in some cases, encourages
employees to use their own mobile devices (smartphones, tablets, or laptops) to access company
computing resources and applications, including email, corporate databases, the corporate intranet,
and the Internet.
BSA | The Software Alliance (BSA) ✔✔A trade group that represent the world's largest software
and hardware manufacturers.
business continuity plan ✔✔A risk-based strategy that includes an occupant emergency evacuation
plan, a continuity of operations plan, and an incident management plan with an active governance
process to minimize the potential impact of any security incident and to ensure business continuity
in the event of a cyberattack or some form of disaster.
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)
✔✔Software that generates and grades tests that humans can pass and all but the most sophisticated
computer programs cannot.
certification ✔✔Indicates that a professional possesses a particular set of skills, knowledge, or
abilities, in the opinion of the certifying organization. Certification can also apply to products (e.g.,
the Wi-Fi CERTIFIED logo assures that the product has met rigorous interoperability testing to
ensure that it will work with other Wi-Fi-certified products) and is generally voluntary.
Child Online Protection Act (COPA) ✔✔An act signed into law in 1998 with the aim of prohibiting
the making of harmful material available to minors via the internet; the law was ultimately ruled
largely unconstitutional.
Children's Internet Protection Act (CIPA) ✔✔An act passed in 2000; it required federally financed
schools and libraries to use some form of technological protection (such as an internet filter) to
block computer access to obscene material, pornography, and anything else considered harmful to
minors.
CIA security triad ✔✔Refers to confidentiality, integrity, and availability.
clinical decision support (CDS) ✔✔A process and a set of tools designed to enhance healthcarerelated decision making through the use of clinical knowledge and patient-specific information to
improve healthcare delivery.
code of ethics ✔✔A statement that highlights an organization's key ethical issues and identifies
the overarching values and principles that are important to the organization and its decisionmaking.
Communications Decency Act (CDA) ✔✔Title V of the Telecommunications Act, it aimed at
protecting children from pornography, including imposing $250,000 fines and prison terms of up
to two years for the transmission of "indecent" material over the internet.
compliance ✔✔To be in accordance with established policies, guidelines, specifications, or
legislation.
computer forensics ✔✔A discipline that combines elements of law and computer science to
identify, collect, examine, and preserve data from computer systems, networks, and storage
devices in a manner that preserves the integrity of the data gathered so that it is admissible as
evidence in a court of law [Show Less]