IT Security and Privacy

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

SQL Injection

A code injection technique used to attack data-driven applications by inserting malicious SQL statements

Phishing

A social engineering technique that deceives individuals into divulging sensitive information

Black Market for Stolen Data

An underground market where stolen credentials and other sensitive information are bought and sold

AI chatbots

Artificial intelligence programs that can generate malware or phishing messages

Zero-day attacks

Attacks that exploit vulnerabilities unknown to the developer and for which no patch is available

Backdoors

Code designed to bypass password protection and provide unauthorized access to an application

Ring Inc. case

Controversy surrounding the coordination between Ring and law enforcement agencies in sharing video footage

Responsible disclosure organizations

Entities that set deadlines for vulnerability disclosure to pressure developers to issue patches

Costs of a data breach

Financial losses and expenses incurred as a result of a data breach, including theft of data, damage to IT systems, and lost business

Bugs

Flaws or design weaknesses in software code that can be exploited to gain unauthorized access or cause malfunctions

Careless behavior

Ignorance or disinterest in security problems, leading to security vulnerabilities

Direct losses

Immediate financial losses resulting from a data breach, such as theft of data or damage to IT systems

Notification of impacted consumers

Informing individuals whose personal information has been compromised in a data breach

Lawsuits

Legal actions taken against a company following a data breach

Intentional malicious behavior

Malicious actions carried out by employees with the intent to harm the organization

Viruses

Malicious code that spreads by attaching itself to files and can cause various types of damage

Trojan horses

Malicious programs that appear to provide useful functionality but deliver a hidden, harmful payload

Ransomware

Malware that restricts access to a computer system and demands a ransom for its release

Spyware

Malware that secretly conducts surveillance on an infected system, capturing sensitive information

Social engineering

Manipulating people into performing actions or divulging information that compromises the security of their systems

Responsible disclosure of vulnerabilities

Notifying the developer of a vulnerability before making it public to allow time for a fix

Identity theft and credit monitoring coverage

Providing affected customers with protection against identity theft and monitoring of their credit

Internal threats

Security threats that arise from within an organization, such as careless or malicious employee behavior

External IT security threats

Security threats that originate from outside an organization, such as malware or social engineering attacks

External threats

Security threats that originate from outside an organization, such as malware or social engineering attacks

Internal IT security threats

Security threats that originate from within an organization, such as careless or malicious employee behavior

Zero-day vulnerabilities

Security vulnerabilities in IT products that are unknown to the developer and have no patch available

Worms

Self-replicating malicious code that exploits network vulnerabilities to spread across systems

Malicious code

Software code designed to cause damage, steal information, or gain unauthorized access to computer systems

Malicious software

Software designed to disrupt computer operation, gather sensitive information, or gain unauthorized access

Corporate domain administrator access

Stolen credentials that provide access to the administrative functions of a corporate network

Bank/Financial services credentials

Stolen username and password combinations used for banking or financial accounts

Consumer credentials

Stolen username and password combinations used for personal accounts

Privacy

The control and protection of personal information, including consent and safekeeping

Cyber crime impact

The economic impact of cyber crime, including financial losses and costs to the global economy

Impact of AI on cybersecurity

The effects of artificial intelligence on the field of cybersecurity, including the generation of malware and phishing messages

Zero-day vulnerability window

The period of time between the release of software with a vulnerability and its disclosure to the public

Investigation and remediation

The process of identifying how a data breach occurred and implementing measures to prevent future breaches

Cyber attacks

Unauthorized attempts to access, disrupt, or damage computer systems or networks

Stolen credentials

Username and password combinations that have been obtained illegally


Ensembles d'études connexes

How Change Happens or Doesn't- Kamarck

View Set

CSCE 102 Questions Week 1-4 (Test 1)

View Set

Chapter 13 The Spinal Cord, Spinal Nerves, and Spinal Reflexes (by BuGay )

View Set

Fundamentals of information systems security Ch 12 Summary

View Set

Chapter 3: National Differences in Economic Development

View Set

Ch 03: Tissue Renewal and Repair: Regeneration, Healing, and Fibrosis

View Set

Vander's ch 6 thru ch 9, all terms

View Set