MIS ch. 17 quiz

phishing

A con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software.

honeypots

A seemingly tempting, but bogus target meant to draw hacking attempts.

Intrusion detection systems

A system that monitors network use for potential hacking attempts. Such a system may take preventative action to block, isolate, or identify attempted infiltration, and raise further alarms to warn security personnel.

Certificate Authority

A trusted third party that provides authentication services in public key encryption schemes.

Public Key Encryption

A two key system used for securing electronic transmissions. One key distributed publicly is used to encrypt (lock) data, but it cannot unlock data. Unlocking can only be performed with the private key.

CAPTCHA

An acronym for Completely Automated Public Turing Test to Tell Computers and Humans Apart.

brute force attack

An attack that exhausts all possible password combinations in order to break into an account.

Distributed Denial of Service (DDoS)

An attack where a firm's computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site's use.

zero-day exploit

Attacks that are so new that they haven't been clearly identified, and so they haven't made it into security screening systems.

cash-out fraudsters

Criminals that purchase assets from data harvesters to be used for illegal financial gain.

data harvesters

Cybercriminals who infiltrate systems and collect data for illegal resale.

shoulder surfing

Gaining compromising information through observation

whitelists

Highly restrictive programs that permit communication only with approved entities and/or in an approved manner.

bones

Hordes of surreptitiously infiltrated computers, linked and controlled remotely, also known as zombie networks.

blacklists

Programs that deny the entry or exit of specific IP addresses, products, Internet domains, and other communication restrictions.

encryption

Scrambling data using a code or formula, known as a cipher, such that it is hidden from those who do not have the unlocking key.

white hat hacker

Someone who uncovers computer weaknesses without exploiting them.

spoofed

Term used in security to refer to forging or disguising the origin or identity.

multi-factor authentication

When identity is proven by presenting more than one item for proof of credentials.