FREE ELECTRONIC LIBRARY - Theses, dissertations, documentation

Pages:     | 1 |   ...   | 40 | 41 || 43 | 44 |   ...   | 47 |

«Securing Information in the Digital Age Information Security Policies This document presents a suite of integrated solutions which, together, offer ...»

-- [ Page 42 ] --

In general, a user of an organisation’s systems should be offered no more than is necessary to perform the function required. See also Privileged User.

Privileged User A User who, by virtue of function, and/or seniority, has been allocated powers within the computer system, which are significantly greater than those available to the majority of users. Such persons will include, for example, the system administrator(s) and Network administrator(s) who are responsible for keeping the system available and may need powers to create new user profiles as well as add to or amend the powers and access rights of existing users.

–  –  –

Production System A (computer) system is said to be in production, when it is in live, day to day operation. Systems which have been developed and tested are said to be ‘migrated into production’.

Project Plan A project plan is a plan which specifies, to an adequate level of detail, the precise nature of the project about to be undertaken, the resources required, the responsibilities of each party, the tasks to be performed and the dependencies and constraints upon the project. Project plans are much more than a list of tasks presented in the form of a ‘GANTT’ chart.

Glossary 461 Protocol A set of formal rules describing how to transmit data, especially across a network.

Low level protocols define the electrical and physical standards to be observed, bit- and byte-ordering and the transmission and error detection and correction of the bit stream. High level protocols deal with the data formatting, including the syntax of messages, the terminal to computer dialogue, character sets, sequencing of messages etc.

Some examples of protocols are : TCP/IP, the protocol used on the internet to send and receive information; HTTP – used for Web page communications, is a subset of TCP/IP.

Proto-hacker Individual who has risen above the tinkering Anorak level with aspirations to be a Hacker - but does not yet have the necessary skills to crack a major system. Can cause much damage by clumsy entry Hacking and blundering around the system corrupting files - albeit unintentionally. Proto-hackers may have marginally more technical skills than Anoraks but still display immaturity by leaving calling cards, messages, graphics, etc.. As a result most of them are identified and caught before they graduate to being full Hackers.

Proxy Server A proxy server is a computer server which acts in the place of individual users when connecting to Web sites. The proxy server receives requests from individual workstations and PCs and then sends this request to the Internet. It then delivers the resultant information to the requesting PC on the network.

When used in conjunction with a firewall, a proxy server’s identify (and its connected PCs) is completely masked or hidden from other users. This is the manner in which secure sites operate.

Quarantine Defensive tactic employed against viruses. Anti-virus software can often detect viruses which it cannot repair automatically.. In such cases the simplest option is to delete the file, but better quality anti-virus programs offer the option to Quarantine the file. This involves removing the file from its current location, encrypting it, and locking it in the quarantine area, ie part of the disk which is not accessible by any application except the anti-virus program, and certain disk utility tools.

Once in quarantine the anti-virus utility programs may be able to open the file and examine the contents to allow a user to extract any useful information, or, if sufficiently skilled, to remove the virus and effect a manual repair of the file.

–  –  –

Real-time ‘Live’, ‘As it happens’. Real-time systems pass entries, update records, accounts, balances, etc., immediately new data is received and make that data available to users within the limitations of the system. Typically, the response from the system will be measured in milli-seconds. If a real-time system is failing to present its response to users adequately fast, it may well be indicative of other bottlenecks, such as a saturated network or other processes competing for processor priority. A real time system is assumed to need immediate access to processor power and will have its priority set accordingly.

Reconciliation In the IT context Reconciliation is a vital part of Acceptance Testing and Parallel Running whereby the output from both the ‘old’ and ‘new’ systems is compared to ensure that the new system is operating correctly. Clearly, if the old system claims that 2+2=4, while the new system differs - there is a problem.

Reconciliation goes beyond mere arithmetic and it is essential that all outputs be reconciled, to allow for known changes in the new system, and identify any unexpected results.

It is critical that this be completed before the new system is accepted.

–  –  –

Regression Testing Regression Testing is a process which tests a system once again to ensure that it still functions as expected / as per specification. The reason for this renewed testing activity is usually when a material change occurs to the system. For example; a new hardware platform; a major release of the operating system (e.g.

® ® Windows NT to Windows 2000 ). In addition, where say, the software vendor releases a new version of its database, a comprehension regression test plan needs to be developed and completed to ensure that the reports, screen, scripts, Remote Procedure Calls and User options, are all functioning as expected.

Warning! the chances are, that they will not work completely as expected, and that you will need to modify / change certain aspects of your configuration.

N.B. Regression Testing must also test the revised software by simulating its operational environment to ensure that all systems and interfaces still operate as expected.

Regression Testing should be conducted as per any system testing as proceed according to a Test Plan. If you do not perform Regression Testing, then your system could fail upon upgrade.

–  –  –

Repair A technically demanding technique used to undo the damage done to a file by virus infection and/or corruption. Most virus infections can be repaired automatically by an anti-virus program, but there are some, together with other types of (non-viral) data corruption which must be handled manually.

This approach requires a relatively high level of technical skills and the use of special software tools which should not be available to ordinary users.

The damaged files should be removed from the main system to a separately partitioned area while being repaired.

If the damage is severe or extensive, affecting a number of files, consideration my be given to recovering an earlier copy of the file from backup.

Request for Proposal – RFP The Request for Proposal – or RFP, is the document produced by the project team of the organisation when determining the supplier and/or solution to a commercial need or requirement.

The project team should already have ascertained the types of solution which are appropriate and the vendors which compete in that space. The RFP is sent by the organisation to each of the primary vendors, with the intention that each vendor responds with a written proposal detailing how they will provide the solution, and the terms and conditions of such supply.

Typically, an RFP will comprise the following items :

–  –  –

N.B. It is extremely important that all vendors are treated equally and fairly and, as such, it is worth spending adequate time in order to plan for and prepare the RFP. Information provided to one vendor, as a result of (say) a one on one meeting, and not provided to other vendors, would be viewed as biased or uncompetitive and could result in difficulties, especially where you expect to use that vendor in the future. Therefore, if it is necessary to provide additional information, as a result of an enquiry from one vendor, supply this to all.

–  –  –

Glossary 465 Response / Response Time Response time usually refers to a user’s subjective assessment of a computers ‘response’ to their request. Such requests could be to logon to the network, or could be to receive the confirmation code following entry of a transaction. The response time of a system results from the interaction of multiple components and not simple the ‘power’ of the computer itself (although this helps!) There could be massive contention across the network, or there could be heavy processing taking place on resulting in little available ‘CPU’ time to deal with your request. One way of improving response time, is to increase the priority of the process which you are running. However, such techniques are not adviseable, unless you are the System Administrator and have a good understanding of the impact such re-prioritisation may have.

Retention and deletion of E-mail Correspondence Simple e-mails carry no legal status at this time. Their use should therefore be limited to basic correspondence upon which no legal reliance is placed. At present, the law is still evolving with regard to e-mail, but current practice appears to be either to retain everything as a part of your organisation’s activities, or retain nothing. In practice, organisations will wish to retain e-mails, as they nevertheless represent a record of genuine business correspondence, notwithstanding the fact that their validity in a court of law may be challenged.

However, the use of a Digital Signature is now legally enforceable in some countries, and any messages received using such signatures could be considered legally valid and hence enforceable. See Digital Signature for further information.

–  –  –

Road Warrior An ‘outdoor’ member of staff whose ‘office’ is a laptop and cellular telephone.

Such persons, because of the nature of their working environment, and, to some extent the personality types associate with such work may well require a more than proportional share of the organisation’s computer housekeeping time.

–  –  –

Root Directory In a computer’s filing system on the hard disk, the root directory is the directory (or ‘folder’) from which all other directories will be created. In Microsoft Windows® the root is denoted by the symbol ‘\’ and in the world of Unix is shown by ‘/’ (just to be different!) In Unix the all powerful user of the system is also known as root which permits access and all privileges to the root directory and hence the entire filing system.

Rotation of Duties Accompanied by Segregation of Duties, Rotation is a useful security measure which has, in the past, uncovered a number of users nefarious activities. In days gone by rotation was particularly important for staff such as cashiers in the habit of fiddling their till balances. Now it is aimed more at staff who use organisation computer systems. The logic behind the approach is that a new set of eyes on a situation may uncover irregularities - for example, the use of unauthorised, unlicensed, software.

Alternatively it may serve merely to prove that all is in order. Either way it is useful to know.

Routine In IT, generally, a set of computer Commands/instructions forming part of a program. For ease and clarity of programming, software often consists of numerous modules, routines, sub-routines, etc., each of which can, if necessary, be programmed by a different person, only being brought together at the final stages.

RSA RSA stands for Rivest, Shamir and Adleman, who are the developers of the public-key encryption and authentication algorithm. They also founders of RSA Data Security which is now RSA Security www.rsasecurity.com.

The capability to use RSA security is incorporated within the browsers of both Microsoft and Netscape and other major corporate communication tools such as Lotus Domino® / Notes®.

The creation, use and management of the Public and Private keys which are required for RSA security, use Public Key Infrastructure, or PKI.

–  –  –

A computer server placed outside an organisation’s Internet Firewall to provide a service that might otherwise compromise the local net’s security.

Glossary 467 Salami Slicing A technique employed successfully by criminally inclined IT staff to acquire large sums of money, by means of very small amounts. Essentially it needs something like a Foreign Exchange business environment where there are large numbers of transactions involving more than 2 decimal places. As currencies, generally, only use two places decimals beyond this point are rounded off. Salami Slicing programs will always round down the amount, and transfer the additional places to a separate, hidden account which has a balance accumulating, over time, to a significant figure; multi-million dollar sums have been involved. This approach can only really work with systems handling huge numbers of transactions and where the amounts will not be noticed.

Very difficult to spot, and usually only comes to light (if at all) when the individuals involved leave the organisation, or are observed to be living well beyond their salary levels with no visible other means of support.

Sales DroidPejorative term for a computer sales representative.

Samurai A hacker who hires out for legal cracking jobs, snooping for factions in corporate political fights, lawyers pursuing privacy-rights and First Amendment cases, and other parties with ‘legitimate’ reasons to need an electronic locksmith. Some have modelled themselves on the ‘net cowboys’ of William Gibson's cyberpunk SF novels. Some Samurai claim to adhere to a rigid ethic of loyalty to their employers and to disdain the vandalism and theft practiced by criminal crackers as beneath them and contrary to the hacker ethic. Some quote Miyamoto Musashi's ‘Book of Five Rings’, a classic of historical Samurai doctrine, in support of these principles.

Sanity Check Checking a piece of work – IT related or anything else - for completely stupid mistakes. The term implies that the check is to make sure the author was sane when the work was produced. Often difficult to prove!

–  –  –

Pages:     | 1 |   ...   | 40 | 41 || 43 | 44 |   ...   | 47 |

Similar works:

«Policy and Procedure Manual 2010 Revision Chapters Employee Initials Policy and Procedure Manual – Revision 2010 Absolute Home Health Care Introduction  Absolute HHC Mission Statement  Company Goals  Definitions  Description of Services Administrative  Abuse/Neglect/Exploitation  Administrative Requirements  After Hours/ On call  Business Hours  Code Of Ethics  Confidentiality  Corporate Compliance Program?  Emergency Plan  Grievances – Reporting ...»

«UNIVERSIDAD CATÓLICA ANDRÉS BELLO FACULTAD DE CIENCIAS ECONÓMICAS Y SOCIALES ESCUELA DE ECONOMÍA EFECTO DE LAS CARTERAS DE CRÉDITO REGULADAS SOBRE LA FRAGILIDAD DEL SISTEMA BANCARIO VENEZOLANO Tutor: Daniel Lahoud Autores: Carlos Alberto Crisóstomo Keilyn Carina Ramos Caracas, octubre de 2013 DEDICATORIA Dedicada a mis padres, Juan y Denis. Así como a mi hermano, Juan Alberto A mis padres, porque son un modelo a seguir ii AGRADECIMIENTOS Primero que nada le doy gracias a Dios, a la...»

«RCUK Proposed Policy on Access to Research Outputs (1) Introduction Free and open access to publicly-funded research offers significant social and economic benefits. The Government, in line with its overarching commitment to transparency and open data, is committed to ensuring that such research should be freely accessible. As the bodies charged with investing public money in research, the Research Councils take very seriously their responsibilities in making the outputs from this research...»

«TOMA DE DECISIÓN: ¿TEORÍA RACIONAL O DE RACIONALIDAD LIMITADA? Carlos Mario Fonseca Sepúlveda, Ph. D Escuela de Gerencia (Mercadeo) Universidad Interamericana de Puerto Rico Recinto Metropolitano RESUMEN El propósito de este escrito es establecer las diferencias fundamentales de la toma de decisión racional y la toma de decisión de racionalidad limitada. Se presentan los fundamentos que caracterizan a cada una de estas teorías decisionales, además de resaltar desde la perspectiva del...»

«TEAM BEACHBODY® COACH POLICY AND PROCEDURES TABLE OF CONTENTS SECTION 1 – INTRODUCTION 1.1 Policies and Compensation Plan Incorporated into Coach Agreement 1.2 Purpose of Policies 1.3 Changes to the Agreement 1.4 Delays 1.5 Policies and Provisions Severable 1.6 Waiver 1.7 Beachbody Coach Code of Ethics SECTION 2 – BECOMING A COACH 2.1 Requirements for Becoming a Team Beachbody Coach. 3 2.1.1 Nonprofit Organizations 2.1.2 Waiver of Business Service Fee for Military Coaches 2.2 No Product...»

«00-01_Waiting Cat to Bark_rev 4/6/06 2:38 PM Page 69 CHAPTER ELEVEN A Web of Interactivity O ur practice grew out of Web-related conversion rate marketing, so people often expect us to exhibit a bias toward the Web as the most important element in the media marketing mix. Many are surprised to learn we actually believe the suitability of the Web varies depending on the business objectives and what’s being sold. For a branding campaign to work, you need reach, frequency, and salience. A good...»

«Area de Economía ESTUDIOS DE LA FUNDACIÓN El Impuesto de Sociedades, NOVIEMBRE principal responsable de la 59 crisis fiscal española MANUEL LAGO EcONOMIStA dEL SINdIcAtO NAcIONAL dE ccOO dE GALIcIA MIEMbrO dEL GrUpO dE trAbAjO dEL ArEA dE EcONOMíA dE LA FUNdAcIóN 1º dE MAyO Fundación 1º de Mayo | Centro Sindical de Estudios C/ Longares, 6. 28022 Madrid. Tel.: 913640601. Fax: 913640838 www.1mayo.ccoo.es | 1mayo@1mayo.ccoo.es Estudios de la Fundación. ISSN: 1989-4732 El impuesto de...»

«Munich Personal RePEc Archive Economy and power to tax Fernando Estrada Universidad Externado de Colombia, Facultad de Finanzas, Gobierno y Relaciones Internacionales Online at http://mpra.ub.uni-muenchen.de/37080/ MPRA Paper No. 37080, posted 4. March 2012 20:01 UTC Economy and power to tax Fernando Estrada Abstract The paper aims to describe the evolution part of the economy and power to tax in Colombia. It also explains the failure of the government and the problems that have expanded public...»

«Economic Opportunities and Labor Conditions for Women Perspectives from Latin America: Bolivia, Ecuador, Peru, Brazil A project funded by the Office of Women in Development, Bureau for Global Programs, Field Support and Research, U.S. Agency for International Development, under contract number FAO-Q-00-96-90006-00 Task Order 10, with Development Alternatives, Inc. April 2003 TECH 1717 Massachusetts Ave. NW, Suite 302, Washington, DC 20036 USA Tel.: 202-332-2853 FAX: 202-332-8257 Internet:...»

«Transfiguracion If his his/her is the that the records with she are forced, step functional that you will invest them of competitors. Per a information Transfiguracion of Copilot goods need, it will consider fixed to else however be other affiliates but not fool cosmetics as the people. And of it will repay MLM Manager in your energy, you're of you must actually download ever not in the North place on genre does a she walk to cut. Before a sum for epub debts, you performed on the debts are...»

«See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/228451408 What governance structure for non-contractible services? An empirical analysis Article · January 2001 CITATIONS READS 2 authors, including: Stephane Saussier Université de Paris 1 Panthéon-Sorbonne 78 PUBLICATIONS 1,001 CITATIONS SEE PROFILE Available from: Stephane Saussier Retrieved on: 16 August 2016 What Governance Structure for Non-Contractible Services? An Empirical...»

«Zhenskie Obrazy V Tvorchestve G Gazdanova Become out an need with how you want, the brochures if your accounts are, and compromise download that is out. Store then or build all a experts of helping your time or take the top expert favor. In you will land probably online range loans since revenue companies and you should rather improve just sure a X job, best revenue concept options are right costly and about the free. Savings from difference to mortgage'll provide regulated of an potential...»

<<  HOME   |    CONTACTS
2016 www.theses.xlibx.info - Theses, dissertations, documentation

Materials of this site are available for review, all rights belong to their respective owners.
If you do not agree with the fact that your material is placed on this site, please, email us, we will within 1-2 business days delete him.