Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
107 Cards in this Set
- Front
- Back
Digital Security Risk |
Any event or action that could cause a loss of or damage to computer or mobile device hardware, software, data, information, or processing capability |
|
Computer Crime |
Any illegal act involving the use of a computer or related devices |
|
Cybercrime |
Refers to online or Internet-based illegal acts such as distributing malicious software or committing identity theft |
|
Crimeware |
Software used by cyber criminals |
|
Hacker |
Refers to someone who accesses a computer or network illegally |
|
Cracker |
Someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action |
|
Script Kiddie |
Has the same intent as a cracker but does not have the technical skills or knowledge |
|
Cyber extortionist |
Someone who demands payment to stop an attack on an organization's technology infrastructure |
|
Cyber terrorist |
Someone who uses the Internet or network to destroy or damage computers for political reasons |
|
Malware |
Consists of programs that act with a user's knowledge and deliberately alters the operations of computers and mobile devices |
|
Payload |
Destructive event or prank, on a computer or mobile device in a variety of ways |
|
Botnet/Zombie Army |
A group of compromised computers or mobile devices connected to a network such as the Internet that are used to attack other networks |
|
Zombie |
Compromised computer or device; owner is unaware that the device is being controlled |
|
Bot |
Program that performs a repetitive task on a network |
|
Denial of Service Attack |
An assault whose purpose is to disrupt computer access to an Internet service such as the web or email |
|
Distributed DoS Attack |
Zombie army is used to attack computers or computer networks |
|
Back Door |
Program or set of instructions in a program that allows users to bypass security controls when accessing a program, computer, or network |
|
Spoofing |
Technique intruders use to make their networks or Internet transmissions appear legitimate to a victim computer or network |
|
Email Spoofing |
Occurs when the sender's address or other components of an email header are altered so that it appears that the email message originated from a different sender |
|
IP Spoofing |
Occurs when an intruder computer fools a network into believing it's IP address is associated with a trusted source |
|
IP Spoofing |
Occurs when an intruder computer fools a network into believing it's IP address is associated with a trusted source |
|
Methods to protect your technology |
-use antivirus software -be suspicious of unsolicited email attachments -scan removable media for malware before using it -implement firewall solutions -back up regularly |
|
Firewall |
Hardware and/or software that protects a network's resources from intrusion by users on another network such as the Internet |
|
Proxy Server |
Server outside the organization's network that controls which communications pass in and out of the organization's network |
|
Personal Firewall |
Software firewall that detects and protects a personal computer and its data from unauthorized intrusions |
|
Unauthorized Access |
Use of a computer or network without permission |
|
Unauthorized use |
Use of a computer or its data for unapproved or possibly illegal activities |
|
Acceptable use policy |
Outlines the activities for which the computer and network may and may not be used |
|
Access Control |
Security measure that defines who can access a computer, device, or network AND what actions can take place while accessing it |
|
Audit Trail |
Records in a file both successful and unsuccessful access attempts |
|
Username |
Unique combination of characters, such as letters of the alphabet or numbers, that identifies a user |
|
Password |
Private combination of characters associated with the user name that allows access to certain computer resources |
|
Paraphrase |
A private combination of words associated with a user name that allows access to certain computer resources |
|
CAPTCHA |
Program developed at Carnegie Mellon University that displays an image containing a series of distorted characters for a user to identity and enter in order to verify that user input is from humans and not computer programs |
|
Possessed Object |
Any item you must carry with you in order to gain access to a computer or computer facility |
|
Biometric Device |
Authenticates a person's identity by translating a personal characteristic into a digital code that is compared with a digital code stored to verify physical or behavioral characteristics |
|
Fingerprint Reader |
Captures curves and indentations of a fingerprint |
|
Face Recognition System |
Captures a live face image and compares it with a stored image to determine if the person is a legitimate user |
|
Hand Geometry System |
Measures the hand size of a person's hand |
|
Voice Verification System |
Compares a person's live speech with their stored voice pattern |
|
Signature Verification System |
Recognizes the shape of your handwritten signature, as well as pressure exerted and motion used to write |
|
Iris Recognition System |
Reads patterns of the iris of the eye |
|
Biometric Payment |
Customer's fingerprint is read by a fingerprint reader that is linked to a payment method |
|
Digital Forensics/Cyberforensics |
The discovery, collections, and analysis of evidence found on computers and networks |
|
Software Theft |
Occurs when someone steals software media, intentionally erases programs, illegally registers a program, or illegally copies a program |
|
Software Piracy |
Unauthorized and illegal duplication of copyrighted software |
|
Product Activation |
Users provide the software product's identification number to associate the software with the computer or mobile device on which the software is installed |
|
License Agreement |
The right to use software |
|
Network License |
A legal agreement that allows multiple users to access the software on the server simultaneously |
|
Site License |
Legal agreement that permits users to install the software in multiple computers |
|
Information Theft |
Occurs when someone steals personal or confidential information |
|
Encryption |
Process of converting data that is readable to humans into encoded characters to prevent unauthorized access |
|
Plaintext |
Unencrypted, readable data |
|
Encryption Algorithm/ Cypher |
A set of steps that can convert readable plaintext into unreadable cipher text |
|
Encryption Key |
Set of characters that the originator of the data used to encrypt the plaintext and the recipient of the data used to decrypt the cipher text |
|
Transposition |
Switch the order of characters |
|
Substitution |
Replace the letters with other characters |
|
Expansion |
Insert characters between existing characters |
|
Compaction |
Remove characters and store elsewhere |
|
Caesar Cipher |
Substation encryption algorithm that replaces each character in the plaintext with a different letter by shifting the alphabet a certain number of positions |
|
Private Key Encryption/ Symmetric Key Encryption |
Both the originator and the recipient use the same secret key to encrypt and decrypt the data |
|
Public Key Encryption/Asymmetric Key Encryption |
Used two encryption keys: a public and a private key |
|
Virtual Private Network |
Provides the mobile user to a main office using a standard Internet connection |
|
Digital Signature |
Encrypted code that a person, website, or organization attached to an electronic message to verify the identity of the message sender |
|
Digital Certificate |
A notice that guarantees a user or website is legitimate |
|
Secure Site |
A website that uses encryption techniques to secure its data |
|
Backup |
A duplicate of a file, program, or media that can be used if the original is lost, damaged, or destroyed |
|
Restore |
Copying backed up files to their original location on the device |
|
Full Backup |
Copies all of the files on media in the computer |
|
Differential Backup |
Copies only have the files that have changed since the last full backup |
|
Differential Backup |
Copies only have the files that have changed since the last full backup |
|
Incremental Backup |
Copies only the files that have changed since the last full of incremental backup |
|
Selective Backup |
Users choose which folders and files to include in a backup |
|
Continuous Data Protection |
All data is backed up whenever a change is made |
|
ENERGY STAR Program |
Program created by the US government that helps reduce the amount of electricity used by computers and related devices |
|
Information Privacy |
Refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them |
|
🍪Cookie🍪 |
Small text file that a web server stores on your computer |
|
Session 🍪Cookie🍪 |
Keeps tracks of items in a user's shopping cart in a shopping site |
|
Browsing History |
A list of all websites you have visited over a period of time |
|
Private Browsing |
Browser does not keep track of the websites you are visiting |
|
Location Sharing |
Gives websites access to your current location |
|
Methods to secure your browser |
-Clear browsing history -Enable private browsing -Turn off location sharing -Never store passwords -Clear cookies regularly -Avoid phishing websites |
|
Types of Phishing Scams |
-Phone scams -Email scams -Website scams |
|
Spyware |
Program placed in a computer or mobile device without the user's knowledge that secretly collects information about the user and then communicates the information to some outside source while the user is online |
|
Disaster Recovery Program |
Written plan that describes the steps an organization would take to restore its computer operations in the event of a disaster |
|
Social Engineering |
Defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature or naivety |
|
Children's Internet Protection Act |
Protects minors from inappropriate content at school |
|
Children's Online Privacy Protection Act |
Requires websites to protect personal information of children under 13 years of age |
|
Computers Abuse Amendments Act |
Outlaws transmission of harmful computer code such as viruses |
|
Digital Millennium Copyright Act |
Makes it illegal to circumvent anti-piracy schemes in commercial software |
|
Electronic Communications Privacy Act |
Provides the same right of privacy protection of the postal delivery service and telephone companies to various forms of electronic communications |
|
Financial Modernization Act |
Protects consumers from disclosure of their personal financial information and requires institutions to alert consumers of information disclosure policies |
|
Freedom of Information Act |
Enables public access to most government records |
|
HIPAA |
Protects individuals against the wrongful disclosure of their health information |
|
PATRIOT |
Gives law enforcement the right to monitor people's activities |
|
Methods of Mobile Security |
-Avoid clocking unsafe links -Be extra cautious locating and downloading apps -Turn off GPS tracking -Use mobile security software |
|
Privacy Act |
Forbids federal agencies from allowing information to be used for a reason other than that for which it was collected |
|
Electronic Monitoring |
Involves the use of computers, mobile devices, or cameras to observe, record, and review an employee's use of a technology |
|
Content Filtering |
Process of restricting access to certain material |
|
Web filtering software |
Program that restricts access to specified websites |
|
Computer Ethics |
Moral guidelines that govern the use of computers, mobile devices, and information systems |
|
Intellectual Property |
Refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos |
|
Intellectual Property Rights |
Rights to which creators are entitled to their work |
|
Copyright |
Gives authors, artists, and other creators of original work exclusive rights to duplicate, publish, and sell their materials |
|
Digital Rights Management |
Strategy designed to prevent illegal distribution of movies, music, and other digital content |
|
Code of Conduct |
Written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed |
|
Green Computing |
Involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologists |