MIS 111 Lecture Notes - Lecture 5: Systems Development Life Cycle, Payment Card, Passphrase

Understanding security risks: an attack, a deliberate act that exploits a vulnerability, an exploit, a technique used to compromise a system, a vulnerability, an identified weakness in which necessary controls are not present or effective. Common attacks: password crack/dictionaries/sniffer, distributed denial-of-service (ddos) Security systems development life cycle: secsdlc methodology. Identifies specific threats and the risks: designs and implements controls to counter those threats and manage risks, performs feasibility analyses, assesses legal issues. Investigation - analysis - loyal design - physical design - implementation - maintenance. Seta program elements (security, education, training, and awareness: design controls and safeguards, technical controls, complements policy, education, training, and awareness efforts. Information about an individual that is requesting access: each individual must have a unique identifier within the security domain, ex: name, ssn, employee id, authentication, validation of your identification. Sequence of characters: "p@ssw*ord: a passphrase, password derived from a plain-language phrase: "a cat in the hat" =