Reading...
Play button
Play button
Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
39 Cards in this Set
- Front
- Back
|
Access Control List (ACL)
|
A list of resources and the usernames of people who are permitted access to those resources within a computer system
|
|
|
Active Wiretapping
|
An integrity threat that exists when an unauthorized party can alter a message
|
|
|
Advanced Encryption Standard (AES)
|
The encryption standard designed to keep government information secure using the Rijndael algorithm. It was introduced in February 2001 by the National Institute of Standards and Technology (NIST)
|
|
|
Antivirus Software
|
Software that detects viruses and worms and either deletes them or isolates them on the client computer so they cannot run
|
|
|
Backdoor
|
An electronic hole in eCommerce software left open by accident or intentionally that allows users to run the program without going through the normal authentication procedure for access to the program
|
|
|
Biometric Security Device
|
A security device that uses an element of a person’s biological makeup to confirm identification. These devices include writing pads that detect the form and pressure of a person writing a signature, eye scanners that read the pattern of blood vessels in a person’s retina, and palm scanners that read the palm of a person’s hand (rather than just one fingerprint)
|
|
|
Botnet
|
A robotic network that can act as an attacking unit, sending spam or launching denial-of-service attacks against specific Web sites. Synonymous with zombie farm.
|
|
|
Buffer overrun/overflow
|
An error that occurs when programs filling buffers malfunction and overfill the budder, spilling the excess data outside the designate buffer memory area.
|
|
|
Countermeasure
|
A physical or logical procedure that recognizes, reduces, or eliminates a threat
|
|
|
Cracker
|
A technologically skilled person who uses his or her skills to obtain unauthorized entry into computers or network systems, usually with the intent of stealing information or damaging the information, the system’s software, or the system’s hardware.
|
|
|
Cryptography
|
The science that studies encryption, which the hiding of messages so that only the sender and receiver can read them
|
|
|
Cyber Vandalism
|
The electronic defacing of an existing website
|
|
|
Denial-of-service (DoS) attack
|
A computer attack that disrupts normal computer processing or denies processing entirely.
|
|
|
Dictionary attack program
|
A program that cycles through an electronic dictionary, trying every word in the book as a password
|
|
|
Eavesdropper
|
A person or device who is able to listen in on and copy Internet transmissions
|
|
|
Encryption
|
The coding of information using a mathematical-based program and secret key; it makes a message illegible to casual observers or those without the decoding key
|
|
|
Ethical Hacker
|
A computer security specialist hired to probe computers and computer networks to assess their security; can also be hired to locate information that can be used in legal proceedings.
|
|
|
Firewall
|
A computer that provides a defense between one network (inside the firewall) and another network (outside the firewall, such as the Internet) that could pose a threat to the inside network. All traffic to and from the network must pass through the firewall. Only authorized traffic as defined by the local security policy, is allowed to pass through the firewall. Als used to describe the software that performs these functions on the firewall computer
|
|
|
Hacker
|
A dedicated programmer who writes complex code that tests the limits of technology; usually meant in a positive way
|
|
|
Hash algorithm
|
A security utility that mathematically combines every character in a message to create a fixed-length number (usually 128 bits in length) that is a condensation, or fingerprint, of the original message
|
|
|
Intrusion detection system
|
A part of a firewall that monitors attempts to log in to servers and analyses those attempts for patterns that might indicate a cracker’s attack is under way
|
|
|
Java sandbox
|
A Web browser security feature that limits the actions that can be performed by a Java applet that has been downloaded from the Web
|
|
|
Logical Security
|
The protection of assets using non physical means
|
|
|
Macro virus
|
A virus that is transmitted or contained inside a downloaded file attachment; it can cause damage to a computer and reveal otherwise confidential information
|
|
|
Mail bomb
|
A security attack in which many computers (hundreds or thousands) each exceeding the recipient’s allowable mail limit and causing mail systems to malfunction; the computers are often under the surreptitious control of a third party
|
|
|
Man-in-the-middle exploit
|
A message integrity violation in which the contents of the e-mail are changed in a way that negates the messages original meaning
|
|
|
Masquerading
|
Pretending to be someone you are not (for example, by sending an email that shows someone else as the sender) or representing a Web
|
|
|
Multivector virus
|
A virus that can enter a computer system in several different ways
|
|
|
Packet-filter firewall
|
A firewall that examines all data flowing back and forth between a trusted network and the Internet
|
|
|
Phishing expeditions
|
A masquerading attack that combines spam with spoofing. The perpetrator sends millions of spam e-mails that appear to be from a respectable company. The e-mails contain a link to a web page that is designed to look exactly like the company’s site. The victim is encouraged to enter his or her username, password, and sometimes credit card information
|
|
|
Physical security
|
Tangible protection devices such as alarms, guards, fireproof doors, fences, and vaults
|
|
|
Pretty Good Privacy (PGP)
|
A popular technology used to implement public-key encryption to protect the privacy of e-mail messages
|
|
|
Private-key encryption
|
The encoding of a message using a single numeric key to encode and decode data; it requires both the sender and receiver of the message to know the key, which much be guarded from public disclosure
|
|
|
Public key
|
One of a pair of mathematically related numeric keys, it is used to encrypt messages and is freely distributed to the public
|
|
|
Remote Wipe
|
Removing personal information from a lost or stolen mobile device by clearing all of the data stored on the device, including emails, text messages, contact lists, photos, videos, and any type of document file
|
|
|
Trojan horse
|
A program hidden inside another program or Web page that masks its true purpose (usually destructive)
|
|
|
Worm
|
A virus that replicates itself on other machines
|
|
|
Zombie
|
A program that secretly takes over another computer for the purpose of launching attacks on other computers. Zombie attacks can be difficult to trace to their perpetrators
|
|
|
Zombie Farm
|
A group of computers on which a hacker has planted zombie programs
|
