Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
56 Cards in this Set
- Front
- Back
Hacking |
Unauthorized access, modification, or useof an electronic device or some element of a computer system |
|
SocialEngineering |
Techniques or tricks on people to gain physical or logical access to confidential information |
|
Malware |
Software used to do harm |
|
Hijacking |
Gaining control of a computer to carry out illicit activities |
|
Botnet (robot network) |
Zombies Bot herders Denial of Service (DoS) Attack Spamming Spoofing Makes the communication look as if someone else sent it so as to gain confidential information. |
|
Cross-sitescripting (XSS) |
Uses vulnerability of Web application that allows the Web site to get injected with malicious code. When a user visits the Web site, that malicious code is able to collect data from the user. |
|
Bufferoverflow attack |
Large amount of data sent to overflow the input memory (buffer) of a program causing it to crash and replaced with attacker’s program instructions. |
|
SQLinjection (insertion) attack |
Malicious code inserted in place of a query to get to the database information |
|
Identitytheft |
Assuming someone else’s identity |
|
Pretexting |
Using a scenario to trick victims to divulge information or to gain access |
|
Posing |
Creating a fake business to get sensitive information |
|
Phishing |
Sending an e-mail asking the victim to respond to a link that appears legitimate that requests sensitive data |
|
Pharming |
Redirects Web site to a spoofed Web site |
|
URLhijacking |
Takes advantage of typographical errors entered in for Web sites and user gets invalid or wrong Web site |
|
Scavenging |
Searching trash for confidential information |
|
Shouldersurfing |
Snooping (either close behind the person) or using technology to snoop and get confidential information |
|
Skimming |
Double swiping credit card |
|
Eeavesdropping |
|
|
Compassion |
Desire to help others |
|
Greed |
Want a good deal or something for free |
|
Sex appeal |
More cooperative with those that are flirtatious or good looking |
|
Sloth |
Lazy habits |
|
Trust |
Will cooperate if trust is gained |
|
Urgency |
Cooperation occurs when there is a sense of immediate need |
|
Vanity |
More cooperation when appeal to vanity |
|
Threat of Social Engineering |
•Neverlet people follow you into restricted areas •Neverlog in for someone else on a computer•Nevergive sensitive information over the phone or through e-mail •Nevershare passwords or user IDs •Becautious of someone you don’t know who is trying to gain access through you |
|
Types of Malware |
•Spyware •Keylogger •TrojanHorse •Trapdoor •Packetsniffer •Virus •Worm |
|
•Spyware |
▫Secretly monitors and collects information ▫Can hijack browser, search requests ▫Adware |
|
•Keylogger |
▫Software that records user keystrokes |
|
•Trojan Horse |
▫Malicious computer instructions in an authorized and properly functioning program |
|
•Trapdoor |
▫Set of instructions that allow the user to bypass normal system controls |
|
•Packet sniffer |
▫Captures data as it travels over the Internet |
|
•Virus |
▫A section of self-replicating code that attaches to a program or file requiring a human to do something so it can replicate itself |
|
•Worm |
▫Stand alone self replicating program |
|
•Bluesnarfing |
▫Stealing contact lists, data, pictures on bluetooth compatible smartphones |
|
•Bluebugging |
▫Taking control of a phone to make or listen to calls, send or read text messages |
|
Why people fall victim |
•Compassion •Greed •Sexappeal •Sloth •Trust •Urgency •Vanity |
|
Social engineering techniques |
•Identity theft •Pretexting •Posing •Phishing •Pharming •URL hijacking •Scavenging •Shoulder surfing •Skimming •Eavesdropping |
|
System |
A set of two or more interrelated components interacting to achieve a goal |
|
Goal Conflict |
Occurs when components act in their own interest without regard for overall goal |
|
Goal Congruence |
Occurs when components acting in their own interest contribute toward overall goal |
|
Data are facts that are recorded andstored. |
Insufficient for decision making. |
|
Information is processed data used in decision making. |
Too much information however, will make it more, not less, difficult to make decisions. This is known as Information Overload. |
|
Value of Information: Benefits |
¤Reduce Uncertainty ¤Improve Decisions ¤Improve Planning ¤Improve Scheduling |
|
Value of Information: Costs |
¤Time & Resources ¤ProduceInformation ¤DistributeInformation SchedulinC |
|
Necessary Characteristics |
Relevant Reliable Complete Timely Understandable Verifiable Accessible |
|
Relevant |
“The capacity of information tomake a difference in a decision by helping users to form predictions about theoutcomes of past, present, and future events or to confirm or correct priorexpectations.” |
|
Reliable |
“Thequality of information that assures that information is reasonably free fromerror and bias and faithfully represents what it purports to represent.” |
|
Complete |
“Theinclusion in reported information of everything material that is necessary forfaithful representation of the relevant phenomena.” |
|
Timely |
“Having information available toa decision maker before it loses its capacity to influence decisions.” |
|
Understandable |
“Thequality of information that enables users to perceive its significance.” |
|
Verifiable |
“Theability through consensus among measurers to ensure that information representswhat it purports to represent or that the chosen method of measurement has beenused without error or bias.” |
|
Accessible |
Availablewhen needed (see Timely) and in a useful format (see Understandable). |
|
Business Process |
Systems working towardorganizational goals |
|
Business Process Cycles |
Revenue Expenditure Production Human Resources Financing |
|
Business Transactions |
Give-Get exchanges Between two entities Measured in economic terms |