Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
77 Cards in this Set
- Front
- Back
- 3rd side (hint)
Address Resolution Protocol spoofing |
Sending fake ARP mesages to an Ethernet LAN. |
|
|
Adware |
Software that collects and forwards data to advertising companies or causes banner ads to pop up as the internet is surfed. |
|
|
Bluebugging |
Taking control of a phone to make calls, send text messages , listen to calls, or read text messages. |
|
|
Bluesnarfing |
Stealing contact lists, images, and other data using Bluetooth. |
|
|
Botnet |
A network of hijacked computers. |
|
|
Zombies |
Bot herders use the hijacked computers, called _________. |
|
|
Buffer overflow attack |
Inputting so much data that the input buffer overflows. The overflow contains code that takes control of the computer. |
|
|
Caller ID spoofing |
Display an incorrect number on the recipient's callee ID display to hide the identity caller. |
|
|
Carding |
Verifying credit card validity; buying and selling stolen credit cards. |
|
|
Chipping |
Planting a chip that records transaction data in a legitimate credit card reader. |
|
|
Cross-site scripting (XXS) Attack |
Exploits Web page security vulnerabilities to bypass browser security mechanisms and create a malicious link that injects unwanted code into a website. |
|
|
Cyber Bullying |
Using computer technology to harm another person. |
|
|
Cyber-extortion |
Requiring a company to pay money to keep an extortionist from harming a computer or a person. |
|
|
Data diddling |
Changing data before, during, or after it is entered into the system. |
|
|
Data leakage |
Unauthorized copying of company data. |
|
|
Denial-of-service attack |
An attack designed to make vomputer resources unavailable to its users. |
|
|
Dictionary attack |
Using software to guess company addresses, send employees blank emails, and add unreturned messages to spammer email lists. |
|
|
DNS spoofing |
Sniffing the ID of a Domain Name System request and replying before the real DNS server. |
|
|
Eavesdropping |
listening to private voice or data transmissions. |
|
|
Economic espionage |
The theft of information, trade secrets, and intellectual property. |
|
|
E-mail threats |
Sending a threatening message asking recipients to do something that makes it possible to defraud them. |
|
|
E-mail spoofing |
Making a sender address and other parts of an email header appear as though the email originated from a different source. |
|
|
Evil twin |
A wireless network with the same name as another wireless access point. |
|
|
Hacking |
Unauthorized access, modification, or use of computer systems, usually by means of PC and communications network. |
|
|
Hijacking |
Gaining control of someone elses computer for illicit activities. |
|
|
IP address Spoofing |
Creating internet protocol packets with a forged IP address to hide the senders identity or to impersonate another computer system. |
|
|
Identity theft |
Assuming someones identity by illegally obtaining confidential information. |
|
|
Internet auction fraud |
Using an internet auction site to commit fraud. |
|
|
Internet misinformation |
Using the internet to spread false or misleading information. |
|
|
Internet terrorism |
Using the internet to disrupt communications and ecommerce |
|
|
Internet pump-and-dump fraud |
Using the internet to pump up the price of a stock and then sell it. |
|
|
Key logger |
Using spyware to record a users keystrokes. |
|
|
Lebanese looping |
Inserting a sleeve into an ATM so that it will not eject the victims card, pretending to help the victim as a means to discover his or her PIN, and then using the card PIN to drain the account. |
|
|
Logic bombs and time bombs |
Software that sits idle until a specified circumstance or time triggers it, destroying programs, data, or both. |
|
|
Malware |
Software that can be used to do harm. |
|
|
Man-in-the-Middle (MITM) attack |
A hacker placing himself between the client and a host to intercept network traffic |
A.k.a. Session Hacking |
|
Masquerading / Impersonation |
Accessing a system by pretending to be an unauthorized user. |
|
|
Packet sniffing |
Inspecting information packets as they travel the internet and other networks. |
|
|
Password cracking |
Penetrating the system defenses, stealing passwords, and decrypting them to access system programs, files, and data. |
|
|
Pharming |
Redirecting traffic to a spoofed web site to obtain confidential information. |
|
|
Phishing |
Communications that request recipients to disclose confidential information by responding to an email or visiting a website. |
|
|
Phreaking |
Attacking phone systems to get free phone access. |
|
|
Piggybacking |
Clandestine use of someones WiFi network. |
|
|
Podslurping |
Using a small device with a storage capacity to download unauthorized data from a person. |
|
|
Posing |
Creating a seemingly legitimate business, collecting personal data while making a sale and never delivering items sold. |
|
|
Rootkit |
Software that conceals processes, files, network connections, and system data from the operating systems and other programs |
|
|
Pretexting |
Acting under false pretenses to gain confidential information. |
|
|
Round-down fraud |
Truncating interest calculations at two decimal places and placing truncated amounts in the perpetrators account. |
|
|
Ransomware |
Software that encrypts programs and data until a ransom is paid to remove it. |
|
|
Salami technique |
Stealing tiny slices of money over time. |
|
|
Scareware |
Malicious software of no benefit that is sold using scare tactics. |
|
|
Scavenger / Dumpster diving |
Searching for confidential information by searching for documents and records in garbage cans, communal trash bins and city dumps. |
|
|
Sexting |
Exchanging explicit text messages and pictures. |
|
|
Shoulder surfing |
Watching or listening to people enter or disclose confidential data. |
|
|
Skimming |
Double-swiping a credit card or covertly swiping it in a card reader that records the data for later use. |
|
|
SMS spoofing |
Using short message service to change the name or number a text message appears to come from. |
|
|
Social engineering |
Techniques that trick a person into disclosing confidential information. |
|
|
Software piracy |
Unauthorized copying or distribution of copyrighted software. |
|
|
Spamming |
Emailing an unsolicited message yo many people at the same time. |
|
|
Splog |
A spam blog that promotes web sites to increase their google page rank. |
|
|
Spyware |
Software that monitors computing habits and sends that data to someone else, often without the users permission. |
|
|
Spoofing |
Making electronic communications look like someone else sent it. |
|
|
SQL injection attack |
Inserting a malicious SQL query in input in such a way that it is passed to and executed by an application program. |
|
|
Steganography |
Hiding data from one file inside a host file, such as a large image or sound file. |
|
|
Superzapping |
Using special software to bypass system controls and perform illegal acts. |
|
|
Tabnapping |
Secretly changing an already open browser tab using Javascript. |
|
|
Trap door |
A back door into a system that bypass normal system controls. |
|
|
Trojan horse |
Unauthorized code in an authorized and properly functioning program. |
|
|
Typosquatting / URL hijacking |
Web sites with names similar to real web sites |
|
|
Virus |
Executable code that attaches itself to software, replicates itself, and spreads to other systems or files. |
|
|
Vishing |
In which email recipients are asked to call a phone number that asks them to divulge confidential data. |
|
|
War dialing |
Dialing phone lines to find idle modems to use to enter a system, capture the attached computer, and gain access to its networks. |
|
|
War driving /rocketing |
Looking for unprotected wireless networks using a car or rocket. |
|
|
Web cramming |
Developing a free and worthless trial version web site and charging the subscribers phone bill for months. |
|
|
Web-page spoofing |
Also called phishing |
|
|
Worm |
Similar to virus; a program rather than a code segment hidden in a host program. |
|
|
Zero-day attack |
Attack between the time a software vulnerability is discovered and a patch to fix the problem is released. |
|