Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
69 Cards in this Set
- Front
- Back
|
Adware
|
Software that collects and forwards data to advertising companies or causes banner ads to pop up as the internet is surfed.
|
|
|
Dictionary Attack
|
Using software to guess company addresses, send employees blank emails, and add unreturned messages to spammer email list.
|
|
|
DoS
|
Denial of service attack. An attack designed to make computer resources unavailable to its users. Ex, send so many emails that the Internet service providers network overloads.
|
|
|
Email Spoofing
|
Making a sender address and other parts of email header appear as though the email originated from a different source.
|
|
|
Hacking
|
Unauthorized access, modification, or use of computer systems, usually by means of a PC and a communications network.
|
|
|
Identity Theft
|
Assuming someone's identity by illegally obtaining confidential information such as a social securing number.
|
|
|
IP address spoofing
|
Creating internet protocol packets with a forged IP address to hide the sender's identity or to impersonate another computer system.
|
|
|
Key Logger
|
Using spyware to record a user's keystrokes.
|
|
|
Malware
|
Software that can be used to cause harm.
|
|
|
Packet sniffing
|
Inspecting information packets as they travel the internet and other networks.
|
|
|
Password cracking
|
Penetrating system defenses, stealing passwords, and decrypting them to access system programs, files, and data.
|
|
|
Phishing
|
Communications that request recipients to disclose confidential information by responding to an email or visiting a web site.
|
|
|
Round-down
|
Truncating interest calculations at two decimal places and placing truncated amounts in the perpetrator's account.
|
|
|
Social Engineering
|
Techniques that trick a person into disclosing confidential info.
|
|
|
Software piracy
|
Unauthorized copying or distribution of copyrighted software.
|
|
|
Stenography
|
Hiding data from one file inside a host file, such as a large image or sound file.
|
|
|
Superzapping
|
Using special software to bypass system controls and perform illegal acts.
|
|
|
Trojan Horse
|
Unauthorized code in an authorized and properly functioning program.
|
|
|
Virus
|
Executable code that attaches itself to software, replicates itself, and spreads to other systems or files. Triggered by a predefined event, it damages system resources or displays messages.
|
|
|
Worm
|
Similar to a virus; a program rather than a code segment hidden in a host program. Actively transmits itself to other systems. It usually does not live long but is quite destructive while alive.
|
|
|
Botnet, bot herders
|
A network of hijacked computers. bot herders use the hijacked computers, called zombies, in a variety of Internet attacks.
|
|
|
Click Fraud
|
A type of Internet crime that occurs in pay per click online advertising when a person, automated script, or computer program imitates legitimate clicks.
|
|
|
Cyber extortion
|
Requiring a company to pay money to keep an extortionist from harming a computer or a person.
|
|
|
Eavesdropping
|
Listening to a private voice or data transmission.
|
|
|
Evil Twin
|
A wireless network with the same name as another wireless access point. Users unknowingly connect to the evil twin; hackers monitor the traffic looking for useful information.
|
|
|
Hijacking
|
Gaining control of someone else's computer for illicit activities.
|
|
|
Man-in-the-middle (MITM) attack
|
A hacker placing himself between a client and a host to intercept network traffic; also called session hijacking.
|
|
|
Masquerading/impersonation
|
Accessing a system by pretending to be an authorized user. The impersonator enjoys the same privileges as the legitimate user.
|
|
|
Pharming
|
Redirecting traffic to a spoofed Web sit to obtain confidential information.
|
|
|
Piggybacking
|
Clandestine use of someone's Wi-Fi network. Tapping into a communications line and entering a system by latching onto a legitimate user. Bypassing physical security controls by entering a secure door when an unauthorized person opens it.
|
|
|
Posing
|
Creating a seemingly legitimate business, collecting personal data while making a sale, and never delivering items sold.
|
|
|
Pretexting
|
Acting under false pretenses to gain confidential information.
|
|
|
Rootkit
|
Software that conceals processes, files, network connections, and system data from the operating system and other programs.
|
|
|
Salami Technique
|
Stealing tiny slices of money over time.
|
|
|
Scareware
|
Malicious software of no benefit that is sold using scare tactics.
|
|
|
Scavenging/ dumpster diving
|
Searching for confidential information byt searching for documents and records in garbage cants, communal trash bins, and city dumps.
|
|
|
Shoulder surfing
|
Watching or listening to people enter or disclose confidential data
|
|
|
Skimming
|
Double-swiping a credit card or covertly swiping it in a card reader that records the data for later use.
|
|
|
SQL injection
|
Inserting a malicious SQL query in input in such a way that it is passed to and executed by an application program.
|
|
|
Trap Door
|
A back door into a system that bypasses normal system controls.
|
|
|
War driving
|
Looking for unprotected wireless networks in a car or with a rocket.
|
|
|
XSS attack
|
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications, such as web browsers through breaches of browser security, that enables attackers to inject client-side script into Web pages viewed by other users.
|
|
|
Zero-day attack
|
Attack between the time a software vulnerability is discovered and a patch to fix the problem is released.
|
|
|
Address Resolution Protocol (ARP)
|
Sending fake ARP messages to an ethernet LAN. ARP is a computer networking protocol for determining a network host's hardware address when only its IP or network address is known.
|
|
|
Bluebugging
|
Taking control of a phone to make calls, send text messages, listen to calls, or read text messages.
|
|
|
Bluesnarfing
|
Stealing contact lists, images, and other data using Bluetooth.
|
|
|
Buffer overflow attack
|
Inputting so much data that the input buffer overflows. The overflow contains code that takes control of the computer.
|
|
|
Caller ID spoofing
|
Displaying an incorrect number on the recipient's caller ID display to hide the identity of the caller.
|
|
|
Carding
|
Verifying credit card validity; buying and selling stolen credit cards.
|
|
|
Chipping
|
Planting a chip that records transaction data in a legitimate credit card reader.
|
|
|
Cyber bullying
|
Using computer technology to bully other people.
|
|
|
Data diddling
|
Changing data before, during, or after it is entered into the system.
|
|
|
Data leakage
|
Unauthorized copying of company data.
|
|
|
Economic espionage
|
The theft of information, trade secrets, and intellectual property.
|
|
|
E-mail threats
|
Sending a threatening message asking recipients to do something that makes it possible to defraud them
|
|
|
Internet auction fraud
|
Using an internet auction site to commit fraud.
|
|
|
Internet misinformation
|
Using the internet to spread false or misleading information.
|
|
|
Internet pump-and-dump fraud
|
Using the internet to pump the price of stock and then resale it.
|
|
|
Internet terrorism
|
Using the internet to disrupt communications and ecommerce.
|
|
|
Lebanese looping
|
Inserting a sleeve into an ATM so that it will not eject the victim's card, pretending to help the victim as a means to discover his or her PIN, and then using the card and PIN to drain the account.
|
|
|
Logic bomb
|
Software that sits idle until a specified circumstance or time triggers it, destroying programs, data, or both.
|
|
|
Phreaking
|
Attacking a phone system to get free phone access; using phone lines to transmit viruses and to access, steal, and destroy data.
|
|
|
Podslurping
|
Using a small device with storage capacity (ipod, flash drive) to download unauthorized data from a computer.
|
|
|
Ransomware
|
Software that encrypts programs and data until a ransom is paid to remove it.
|
|
|
Splog
|
A spam blog that promotes Web sites to increase their Google page rank.
|
|
|
Tabnapping
|
Secretly changing an already open browser tab using Java Script.
|
|
|
Typosquatting/ URL hijacking
|
Web sites with names similar to real Web sites; users making typographical errors are sent to a site filled with malware.
|
|
|
Vishing
|
Voice phishing, in which email recipients are asked to call a phone number that asks them to divulge confidential data.
|
|
|
War dialing
|
Dialing phone lines to find idle modems to use to enter a system, capture the attached computer, and gain access to its network.
|
