Q. User – refers to any member of the Rowan community, as well as visitors, who have been explicitly and specifically authorized to access and use the University's information systems
A. Family Edu
A. Event Categorization
This list is not comprehensive and other categories may be added to help with the reporting process. Security events must be categorized according to the potential impact or threat to the confidentiality, integrity, and availability of the University's electronic information and/or information systems. Categorization is necessary in order to assess the risk to the University's business services and operations, and to determine the appropriate response.
A significant and/or persistent attempted intrusion that stands out above the daily activity and could result in unauthorized access of the target electronic information or information system.
Denial of Service
Intentional or unintentional denial of service (successful or persistent attempts) that affects or threatens to affect a critical service or denies access to all or one or more large portions of the University's network.
All instances of successful infection or persistent attempts at infection by malicious code, such as viruses, Trojan horses, or worms.
Access or use of the university's electronic information or information systems that violates Rowan policies and may present a risk to the University's electronic information or information systems.
Instances of unauthorized port scanning, network sniffing, resourcing mapping probes and scans, and other activities that are intended to collect information about vulnerabilities in the University's network and to map network resources and available services.
An instance (or instances) where an attacker uses human interaction to obtain or compromise information about the University, its personnel, or its information systems.
All unintentional or intentional instances of system compromise or intrusion by unauthorized persons, including user-level compromises, root (administrator) compromises, and instances in which users exceed privilege levels.
Any activity that is not recognized as being related to University business or normal use.
Incident Severity Levels