ITIS 2P91 Study Guide - Final Guide: Retina, Web Browsing History, Logic Bomb

Inside threats: employees, janitors, consultants, systems software, terminals, pc, databases. The higher the level of the employee, the greater the threat he poses to info security (greater access to data and greater privileges) Employees in hr and info systems pose significant threats to info security (hr has access to sensitive personal info about all employees, is have access to sensitive data and control the means to create, store, transmit, modify that data) Carelessness, opening questionable emails, poor password selection and use. Attack in which the perpetrator uses social skills to trick or manipulate a legitimate employee into providing confidential company info. Tailgating: allow perpetrator to enter restricted areas that are controlled with locks or card entry. Shoulder surfing: perpetrator watches and employee"s computer screen over their shoulder. Espionage or trespass: individual tries to gain illegal access to organizational info. Information extortion: attacker threatens to steal or actually steals info from company. Compromises to intellectual property o o o o.