ISEC - Ch. 3 Vocabulary
URL
A Uniform Resource Locator is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
Syn flood
A popular technique for launching a packet flood; the attacker sends a large number of packets requesting connections to the victim computer; however, the ACK bit is never received
Zero-day
Exploiting a new vulnerability or software bug for which no specific defenses yet exist.
Evil Twin
Faking an open or public wireless network to use a packet sniffer on any user who connects to it.
Backdoor
Hidden access method that give developers or support personnel easy access to a system without having to struggle with security controls
Vishing
Performing a phishing attack by telephone in order to elicit personal information; using verbal coercion and persuasion ("sweet talking") the individual under attack.
Whaling
Targeting the executive user or most valuable employees, otherwise considered the "whale" or "big fish" (often called spear phishing).
CVE
The Common Vulnerabilities & Exposure list is maintained and managed by the Mitre Corporation on behalf of the U.S. Department of Homeland Security
DDoS
The distributed denial of service attack is a type of DoS attack that also impacts a user's ability to access a system. It overloads computers and prevents legitimate users from gaining access
VoIP
Voice over IP
Vulnerability
a bug or weakness in the program
Netcat
a computer networking utility for reading from and writing to network connections using TCP or UDP; one of the most popular backdoor tools in use today
Wardialer
a computer program that dials telephone numbers, looking for a computer on the other end. The program works by automatically dialing a defined range of phone numbers
Gray-hat hacker
a hacker with average abilities who may one day become a black-hat hacker but could also opt to become a white-hat hacker. Another common definition is a hacker who will identify but not exploit discovered vulnerabilities, yet may still expect a reward for not disclosing the vulnerability openly.
Trojan horse
a malware that masquerades as a useful program; use their outward appearance to trick users into running them
Firewall
a program or dedicated hardware device that inspects network traffic passing through it and denies or permits that traffic based on a set of rules you determine at configuration. It's basic task is to regulate the flow of traffic between computer networks of different trust levels—for example, between the LAN-to-WAN domain and the WAN domain, where the private network meets the public Internet
Worm
a self-contained program that replicates and sends copies of itself to other computers, generally across a network, without any user input or action
Virus
a software program that attaches itself to or copies itself into another program on a computer. The purpose of a _________ is to trick the computer into following instructions not intended by the original program developer.
Packet sniffer
a software program that enables a computer to monitor and capture network traffic, whether on a LAN or a wireless network.
Cracker
a software program that performs one of two functions: a brute-force password attack and a dictionary password attack
Password cracker
a software program that performs one of two functions: a brute-force password attack and dictionary password attack
Dictionary Attack
a subset of brute-force attacks
Cookie
a text file that contains details gleaned from past visits to a website
Port scanner
a tool used to scan IP host devices for open ports that have been enabled
Spoofing
a type of attack in which one person, program, or computer disguises itself as another person, program, or computer to gain access to some resources
Hijacking
a type of attack in which the attacker takes control of a session between two machines and masquerades as one of them
Birthday Attack
a type of cryptographic attack that is used to make brute-force attack of one-way hashes easier
Phishing
a type of fraud in which an attacker attempts to trick the victim into providing private information such as credit card numbers, passwords, dates of birth, bank account numbers, automated teller machine (ATM) PINs, and Social Security numbers
Spyware
a type of malware that specifically threatens the confidentiality of information. It gathers information about a user through an Internet connection, without his or her knowledge
Keystroke logger (Keylogger)
a type of surveillance software or hardware that can record to a log file every keystroke a user makes with a keyboard
Media Access Control Address (MAC Address)
a unique identifier assigned to network interfaces for communications at the data link layer of a network segment. They are used as a network address for most IEEE 802 network technologies, including Ethernet and Wi-Fi
Script kiddie
a wannabe hacker, a person of any age with little or no skill; simply follows direction/uses the "cookbook" approach
Cryptographic attack
an algorithm that converts a large amount of data to a single (long) number. Once mathematically hashed, the hash value can be used to verify the integrity of those data.
Pharming
another type of attack that seeks to obtain personal or private financial information through domain spoofing. A _______ attack doesn't use messages to trick victims into visiting spoofed websites that appear legitimate, however. Instead, ________ "poisons" a domain name on the domain name server (DNS), a process known as DNS poisoning
Threat
any action that can damage or compromise an asset
Asset
any item that has value
PBX (Private branch exchange)
attackers would use wardialers to gain access to ________________ phone systems in an attempt to obtain dial tone or international dialing capability to commit toll fraud
DoS (Denial of service)
attacks that result in downtime or inability of a user to access a system. They impact the availability tenet of information systems security. It is a coordinated attempt to deny service by occupying a computer to perform large amounts of unnecessary tasks
CIA
confidentiality, integrity, or availability
Phreaking
is a slang term that describes the activity of a subculture of people who study, experiment with, or explore telephone systems, telephone company equipment, and systems connected to public telephone networks. ___________ is the art of exploiting bugs and glitches that exist in the telephone system.
White-hat
is an information systems security professional who has authorization to identify vulnerabilities and perform penetration testing. The difference between _____ hackers and black-hat hackers is that ______ hackers will identify weaknesses for the purpose of fixing them, and black-hat hackers find weaknesses just for the fun of it or to exploit them.
Downtime
is the time during which a service is not available due to failure or maintenance
Rootkit
malicious software programs designed to be hidden from normal methods of detection. They allow an attacker to gain access to a computer system
Promiscuous mode
means that every data packet can be seen and captured by the sniffer
Disclosure
occurs any time unauthorized users access private or confidential information that is stored on a network resource or while it is in transit between network resources. It can also occur when a computer or device containing private or confidential data, such as a database of medical records, is lost or stolen
Masquerade attack
one user or computer pretends to be another user or computer. They usually include one of the other forms of active attacks, such as IP address spoofing or replaying
Malicious attack
overtaking a persons computer in order to spread the bug to other peoples devices and profiles
Typo squatting
same as URL hijacking
Protocol analyzer
same as packet sniffer
Adware
similar to spyware but does not transmit personally identifiable information (PII)
Malware
software used to conduct a malicious attack
Hacker
someone who breaks into a computer system without authorization
Passive wiretap
tapping telephone/communication lines; an unauthorized user simply listens to the transmission without changing the contents
Espionage
the act of spying to obtain secret information, typically to aid another nation state. Terrorists and enemy agents might well be involved in activities to obtain sensitive government information that they can use to perpetuate future attacks
Opportunity cost
the amount of money a company loses due to downtime
Session hijack
the attacker attempts to take over an existing connection between two network computers. The first step in this attack is for the attacker to take control of a network device on the LAN, such as a firewall or another computer, in order to monitor the connection. Then the attacker generates traffic that appears to come from one of the communicating parties. This steals the session from one of the legitimate users
URL Hijacking (or browser hijacking)
the user is directed to a different website than what he or she requested, usually to a fake page that the attacker has created
Brute-force password attack
to gain unauthorized access to a system or recovery of passwords stored as a cryptographic hash on a computer system
Black-hat hacker
tries to break IT security and gain access to systems with no authorization in order to prove technical prowess. They generally develop and use special software tools to exploit vulnerabilities. They generally exploit holes in systems, but they generally do not attempt to disclose vulnerabilities they find to the administrators of those systems
SPAM
unwanted emails
Spim
unwanted instant messages or IM chats
Cyberattackers
use a number of hardware and software tools to discover exploitable weaknesses and other tools to perform the actual attack
Logic attack
use software flaws to crash or seriously hinder the performance of remote servers. You can prevent many of these attacks by installing the latest patches to keep your software up to date.
ARP Poisoning
used to map an Internet Protocol (IP) address to a physical or MAC address.
Wardialing
useful for finding access points to computers
Smurf attack
uses a directed broadcast to create a flood of network traffic for the victim computer.