Chapter 11 quiz
CA
(Certificate Authority) Authorized person or company that issues and verifies digital certificates.
CAPTCHA
(Completely automated public turing test to tell computers and humans apart)
RTLS
(Real time location system) track and identify the location of high-risk or high-value items.
SSL
(Secure Sockets Layer) Security technique that provides encryption of all data that passes between a client and an Internet server.
TLS
(Transport Layer Security) Successor to Secure Sockets Layer (SSL), a security technique that provides encryption of all data that passes between a client and an Internet server.
AUP
(acceptable use policy)
Zombie army
(also called Botnet) groups of bots
Virus signature
(also called a Virus definition) a known specific pattern of virus code.
Dos Attack
(also called denial of service attack) An assault whose purpose is to disrupt computer access to an internet service such as the web or e-mail.
Digital forensics
(computer forensics, network forensics, or cyberforensics) the discovery, collection, and analysis of evidence found on computers and networks. involves the examination of computer media, programs, data and log files on computers, servers, and networks.
DDos
(distributed Dos) attack, A zombie army is used to attack computers or computer networks. (A more devastating type of DoS attack)
Malware
(short for malicious software) programs that act without a user's knowledge and deliberately alter the computer's operations. other classes of malware include back doors and spyware.
inoculate
(to inoculate a program file) the antivirus program records information such as the file size and file creation date in a separate inoculation file. The antivirus program then uses this information to detect if a virus tampers with the data describing the inoculated program file.
Rootkit
a program that hides in a computer and allows someone from a remote location to take full control or the computer. Once the rootkit is installed, the rootkit author can execute programs, change settings, monitor activity, and access files on the remote computer. Although rootkits can have legitimate uses, such as in law enforcement, their use in nefarious and illegal activities is growing rapidly.
Trojan horse
a program that hides within or looks like a legitimate program. A certain condition or action usually triggers the trojan horse. trojan horse does not replicate itself to other computers.
Cyberwarfare
an attack whose goal ranges from disabling a government's computer network to crippling a country. (usually require a team of highly skilled individuals, millions of dollars, and several years of planning)
Virus hoax
an e-mail message that warns user of a nonexistent virus or other malware. These hoaxes are in the form of a chain letter that requests the user to send a copy of the e-mail message to as many people as possible.
Computer security risk
any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability.
Biometric Devices
authenticates a person's identity by translating a personal characteristic, such as a fingerprint, into a digital code that is compared with a digital code stored in the computer verifying a physical or behavioral characteristic.
Botnets
group of compromised computers connected to a network such as the internet that are used as part of a network that attacks other networks usually for nefarious purposes.
Script kiddie
has the same intent as a cracker but does not have the technical skills and knowledge. Script kiddies often use pre-written hacking and cracking programs to break into computer.
Macros
instructions saved in software such as a word processing or spreadsheet program.
Cybercrime
online or internet-based illegal acts
Trusted Source
organization or person you believe will not send a virus infected file knowingly.
Encryption
process of converting readable data into unreadable characters to prevent unauthorized access
Anti-virus program
protects a computer against viruses by identifying and removing any computer viruses found in memory, on storage media or on incoming files.
hacker
someone who accesses a computer or network illegally (has advanced computer and network skills)
cracker
someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action (has advanced computer and network skills)
cyberextortionist
someone who uses e-mail as a vehicle for extortion. these perpetrators send organization a threatening e-mail message indicating they will expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization's network- if they are not paid a sum of money.
Cyberterrorist
someone who uses the internet or network to destroy or damage computers for political reasons.
Unauthorized use
the use of a computer or its data fro unapproved or possibly illegal activites
Online security service
website that evaluates your computer to check for internet and e-mail vulnerabilities. (Service then provides recommendations of how to address the vulnerabilities)
Cert/CC
Computer Emergency Response Team Coordination Center (A federally funded internet security research and development center)
Decrypt
Decipher into a readable form
Zombie
A computer whose owner is unaware the computer is being controlled remotely by an outside.
Virus
A potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user's knowledge or permission. Once the virus infects the computer, it can spread throughout and may damage files and system software, including the operating system.
Back Door
A program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network.
Bot
A program that performs a repetitive task on a network. Cybercriminals install malicous bots on unprotected computers to create a botnet.
Quarantine
A separate area of a hard disk that hods the infected file until the infection can be removed. This step ensures other files will not become infected.
Proxy server
A server outside the organization's network that controls which communications pass into the organization's network.
Spoofing
A technique intruders use to make their network or internet transmission appear legitimate to a victim computer or netorks.
Personal Firewall
A utility program that detects and protects a personal computer and its data from unauthorized intrusions.
Honeypots
A vulnerable computer that is set up to entice an intruder to break into it.
IP Spoofing
An intruder computer fools a network into believing its IP address is associated with a trusted source. Perpetrators of IP spoofing trick their victims into interacting with the phony web site.
computer crime
Any illegal act involving a computer
Possessed objects
Any item that you must carry to gain access to a computer or computer facility. (examples : badges, cards, smart cards, and keys.
Intrusion detection software
Automattically analyzes all network traffic, assesses system bulnerabilities, identifies any unauthorized intrusions, and notifies network administrators of suspicious behavior patterns or system breaches.
Firewall
Hardware and/or software that protects a networks resources from intrusion by users on another network such as the internet.
PIN
Personal identification number, a numeric password, either assigned by a company or selected by a user.
PGP
Pretty good privacy
Audit trail
Records in a file both successful and unsuccessful access attempts.
RSI
Repetitive strain injury
Payload
The destructive event or prank the program is intended to deliver.
E-mail Spoofing
The sender's address or other other componets of the e-mail header are altered so that it appears the e-mail originated from a different sender.
Unauthorized access
The use of a computer or network without permission