CIS105 Chapter 9: Study Guide

Zombie

A computer that is controlled by a hacker who uses it to launch attacks on other computer systems

Grey-hat hackers

A cross between black and white—they will often illegally break into systems merely to flaunt their expertise to the administrator of the system they penetrated or to attempt to sell their services in repairing security breaches

Worm

A destructive computer program that bores its way through a computer's files or through a computer's network without human interaction

Hacker

A person who breaks into a computer system; either into an individual computer or a network

Polymorphic virus

A virus that can change its own code or periodically rewrites itself to avoid detection

Boot-sector virus

A virus that replicates itself into the master boot record of a flash drive or hard drive.

Denial-of-service (DOS) attack

An attack that occurs when legitimate users are denied access to a computer system because a hacker is repeatedly making requests of that computer system that tie up its resources and deny legitimate users access

Distributed denial-of-service (DDOS) attack

An automated attack that's launched from more than one zombie computer at the same time.

Spam filter

An option you can select in your e-mail account that places known or suspected spam messages into a special folder

Full backup

Backup that copies all data from a system

Quarantining

The placement (by antivirus software) of a computer virus in a secure area on the hard drive so that it won't spread infection to other files.

Drive-by download

The use of malicious software to attack a computer by downloading harmful programs onto a computer, without the user's knowledge, while they are surfing a website.

E-mail viruses

Use the address book in the victims e-mail system to distribute the virus (Ex: Melissa virus)

Virus

a computer program that replicates itself and attaches itself to other computers when files are exchanged

Surge protector

a device that protects computers and other electronic devices from power surges

Biometric authentication device

a device that reads a unique personal characteristic such as a fingerprint or the iris pattern in your eye and converts its pattern to a digital code

Personal firewall

a firewall specifically designed for home networks

Script

a miniprogram that is executed without your knowledge; legitimate functions on websites, such as collecting name and address information from customers

Spear phishing

a phishing expedition in which the emails are carefully designed to target a particular person or organization

Virus signature

a portion of virus code that is unique to a particular computer virus

Packet filtering

a process in which firewalls are configured so that they filter out packets sent to specific logical ports

Network address translation (NAT)

a process that firewalls use to assign internal Internet protocol addresses on a network

Trojan horse

a program that appears desirable or useful but actually contains something harmful (Ex: a game, screen saver, etc.)

Master boot record

a program that executes whenever a computer boots up, ensuring that the virus will be loaded into memory immediately, even before some virus protection programs can load

Firewall

a software program or hardware device designed to protect computers from hackers

Whole-house surge protector

a surge protector that's installed on the breaker panel of a home and that protects all electronic devices in the home from power surges

Identity theft

a thief steals personal information such as your name, address, SSN, birth date, bank account number, and credit card information and poses as you in financial or legal transactions

Scareware

a type of malware that's downloaded onto your computer and that tries to convince you that your computer is infected with a virus or other type of malware

Logical ports

a virtual communications gateway or path that enables a computer to organize requests for information from other networks or computers

Macro virus

a virus that attaches itself to a document that uses macros, a series of commands that automate repetitive tasks

Time bomb

a virus that is triggered by the passage of time or on a certain date (Ex: Michaelangelo)

Image backup

all system, application, and data files are backed up

Incremental backup

backup that copies only the changed data since the last backup

White-hat hackers (ethical hackers)

break into systems for non-malicious reasons, such as to test system security vulnerabilities or to expose undisclosed weaknesses

Black-hat hackers

break into systems to destroy information or for illegal gain

Adware

computer software that displays advertisements

Logic bomb

computer virus that is triggered when certain logical conditions are met, such as opening a file or starting a program a certain numbers of times

Backups

copies of files that you can use to replace the originals if they're lost or damaged

Multipartite virus

designed to infect multiple file types in an effort to fool the antivirus software that is looking for it

Program files

files used to install software

Data files

files you've created or purchased such as research papers, spreadsheets, music etc...

Encryption viruses (ransomware)

infect your computer by running a program that searches for common types of data files such as Microsoft Word documents and compresses them using a complex encryption key that disables access for the user

Pretexting

involves creating a scenario that sounds legitimate enough that someone will trust you

Computer forensics

involves identifying, extracting, preserving, and documenting computer evidence

Botnet

is a large group of software programs (called robots or bots) that runs autonomously on zombie computers

Packet analyzer (sniffer)

is a program deployed by hackers that examines each packet and can read its contents

Phishing

lures internet users to reveal personal information

Pharming

malicious code is planted on your computer, either by viruses

Malware

malicious software

Cyberloafing (cyberslacking)

means using your computer for non-work activities while you're being paid to do your job

Keystroke logger (keylogger)

monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information

Data breach

occurs when sensitive or confidential information is copied, transmitted, or viewed by an individual who isn't authorized to handle the data

Inoculation

places the virus in a secure area on your hard drive so that it won't spread to other files

Backdoor programs and rootkits

programs that allow hackers to gain access to your computer and take almost complete control of it without your knowledge

Virtual private networks (VPNs)

secure networks that are established using the public internet infrastructure

Cookies

small text files that some websites automatically store on your hard drive when you visit them

Exploit kits

software programs that run on servers and search for vulnerabilities of computers that visit the server

Antivirus software

software that is specifically designed to detect viruses and protect a computer and files from harm

Logical port blocking

specifically block requests to access certain ports

Stealth viruses

temporarily erase their code from the files where they reside and then hide in the active memory of the computer

Spam

unwanted or jun e-mail find you e-mail address from a list they purchase or with software that looks for e-mail addresses

Spyware

unwanted piggyback program that usually downloads with other software you install from the internet and that runs in the background of the system

Social engineering

uses social skills to generate human interaction and entices individuals to reveal sensitive information