IST 110 Chapter 9
distributed denial-of-service (DDoS) attack
An automated attack that's launched from more than one zombie computer at the same time.
spam filter
An option you can select in your e-mail account that places known or suspected spam messages into a folder other than your inbox.
Multi-factor authentication
Any authentication scheme that requires validation of at least two of the possible authentication factors.
hacker
Anyone who unlawfully breaks into a computer system (whether an individual computer or a network).
full backup
Backup that copies all data from a system.
logical port blocking
A condition in which a firewall is configured to ignore all incoming packets that request access to a certain port so that no unwanted requests will get through to the computer.
grey hat hackers
A cross between black and white—they will often illegally break into systems merely to flaunt their expertise to the administrator of the system they penetrated or to attempt to sell their services in repairing security breaches.
surge protector
A device that protects computers against power surges
adware
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
whole-house surge protector
A surge protector that is installed on (or near) the breaker panel of a home and protects all electronic devices in the home from power surges.
Network Address Translation (NAT)
A technique that allows private IP addresses to be used on the public Internet.
Scareware
A type of malware that's downloaded onto your computer and that tries to convince you that your computer is infected with a virus or other type of malware.
keystroke logger (keylogger)
A type of spyware program that monitors keystrokes with the intent of stealing passwords, login IDs, or credit card information.
Denial of Service (DoS) attack
An attack that occurs when legitimate users are denied access to a computer system because a hacker is repeatedly making requests of that computer system that tie up its resources and deny legitimate users access.
quarantining
Placing the virus in a secure area on your hard drive so that it won't spread to other files
antivirus software
Software used to detect and eliminate computer viruses and other types of malware.
drive-by download
The use of malicious software to attack your computer by downloading harmful programs onto your computer, without your knowledge, while you are surfing a Web site.
e-mail virus
Use the address book in the victims e-mail system to distribute the virus
data breach
When sensitive or confidential information is copied, transmitted, or viewed by an individual who is not authorized to handle the data.
White-hat hackers (ethical hackers)
break into systems for non-malicious reasons, such as to test system security vulnerabilities or to expose undisclosed weaknesses
black hat hackers
break into systems to destroy information or for illegal gain
polymorphic virus
changes its own code or periodically rewrites itself to avoid detection
virus
computer program that attaches itself to another computer program and attempts to spread to other computers when files are exhanged
Backups
copies of files that you can use to replace the originals if they're lost or damaged
Pretexting
creating a scenario that sounds legitimate enough that someone will trust you
multipartite virus
designed to infect multiple file types in an effort to fool the antivirus software that is looking for it
Program Files
files used to install software
Data Files
files you've created or purchased
computer forensics
involves identifying, extracting, preserving, and documenting computer evidence
Phishing
lures internet users to reveal personal information
Cyberloafing (cyberslacking)
means using your computer for non-work activities while you're being paid to do your job
identity theft
occurs when a thief steals personal information and poses as you in financial or legal transactions
Pharming
occurs when malicious code is planted on your computer, either by viruses or by visiting malicious websites, which alters your browser's ability to find web addresses.
incremental backup (partial backup)
only backs up files that have changed or have been created since the last backup was performed
packet analyzer (sniffer)
program developed by hackers that examines each packet and can read its contents
Zombie
program used to launch denial-of-service attacks on other computers
Backdoor programs and rootkits
programs that allow hackers to gain access to your computer and take almost complete control of it without your knowledge
boot sector virus
replicates itself onto a hard drive's master boot record
Virtual Private Networks (VPNs)
secure networks that are established using the public internet infrastructure
script
series of commands that is executed without your knowledge
cookies
small text files that some websites automatically store on your hard drive when you visit them
biometric authentication device
a device that reads a unique personal characteristic such as a fingerprint or the iris pattern in your eye and converts its pattern to a digital code
personal firewall
a firewall specifically designed for home networks
Botnet
a large group of software programs that runs autonomously on zombie computers
spear phishing
a phishing expedition in which the emails are carefully designed to target a particular person or organization
virus signature
a portion of virus code that is unique to a particular computer virus
packet filtering
a process in which firewalls are configured so that they filter out packets sent to specific logical ports
Trojan horse
a program that appears desirable but actually contains something harmful
Master Boot Record
a program that executes whenever a computer boots up, ensuring that the virus will be loaded into memory immediately, even before some virus protection programs can load
Firewall
a software program or hardware device designed to protect computers from hackers
logical ports
a virtual communications gateway or path that enables a computer to organize requests for information from other networks or computers
macro virus
a virus that attaches itself to a document that uses macros
time bomb
a virus that is triggered by the passage of time or on a certain date
image backup (system backup)
all system, application, and data files are backed up, not just the application and data files
exploit kits
software programs that run on servers and search for vulnerabilities of computers that visit the server
malware
software that is intended to damage or disable computers and computer systems.
worm
takes advantage of file transport methods to spread on their own
Social Engineering
technique that uses social skills to generate human interaction that entices individuals to reveal sensitive information
stealth viruses
temporarily erase their code from the files where they reside and then hide in the active memory of the computer
Inoculation
the antivirus software records key attributes about your computer files and keeps them in a safe place on your hard drive
encryption viruses (ransomware)
they run a program that searches for common types of data files and compresses them using a complex encryption key that renders your files unusable
Spam
unwanted e-mail (usually of a commercial nature sent out in bulk)
Spyware
unwanted piggyback program that usually downloads with other software you install from the internet and that runs in the background of the system
logic bomb
virus that is triggered by a specific logical event such as opening a file or starting a program a certain number of times