Network Security CH 1
Threat
A category of objects, persons, or other entities that present a danger to an asset.
Exposure
A condition or state of being exposed. In InfoSec, exposure exists when a vulnerability known to an attacker is present.
Denial-of-service Attack
A cyber attack in which an attacker sends a flood of data packets to the target computer, with the aim of overloading its resources.
Man-in-the-middle Attack
A form of eavesdropping where the attacker makes an independent connection between two victims and steals information to use fraudulently.
Brute Force Attack (guessing attack)
A password-cracking program that tries every possible combination of characters.
Worms
A program that resembles a computer virus in that it can spread from one computer to another. It can propagate over a computer network and does not require a user to execute a program.
McCumber Cube
A representation of a 3x3x3 cube, with 27 cells representing areas that must be addressed to secure today's information systems.
Security Policy
A set of rules that protect an organization's assets.
Loss
A single instance of an information asset suffering damage, unintended or unauthorized modifications or disclosure. When information is stolen from an company, its considered a loss.
Sniffers
A specially designed software (and in some cases hardware) applications that capture network packets as they traverse a network, displaying them for the attacker.
Rainbow Table
A table of hashed phrases/words that can be used in a password attack.
Exploit
A technique used to compromise a system.
Risk Appetite
Amount of risk that a business is willing to accept.
Attack
An act or action that takes advantage of a vulnerability to compromise a controlled system using intentional or unintentional steps that can cause damage or loss.
Subject
An agent entity used to conduct the attack.
Buffer Overflow
An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer.
Asset
An organizational resource that has value to the organization. In InfoSec, this is often the resource that is being protected.
C.I.A. triad
Confidentiality, Integrity, and Availability of data (aka the CIA triad) are the main characteristics of secured data. Confidentiality, refers to preventing unauthorized use of data. Integrity and availability were discussed in previous slides
Distributed denial-of-service Attack
Cyber attack uses numerous computers (zombies/bots) to inundate and overwhelm the network from numerous launch points
Availability
Enables authorized users, persons or computer systems to access information without interference or obstruction, and to receive it in the required format.
Data Users
End users who work with the information to perform their daily jobs supporting the mission of the organization, and who therefore share the responsibility for data security.
Spoofing
Faking the sending address of a transmission in order to gain illegal entry into a secure system.
Policy
Guidance or instructions that an organization's senior management implements to regulate the activities of the organization members who make decisions, take actions, and perform other duties.
Social Engineering
Hackers use their social skills to trick people into revealing access credentials or other valuable information
Phreaker
Hacks the public telephone network to make free calls or disrupt services.
Dictionary Attack
Helps hackers guess your password by stepping through a dictionary containing thousands of the most commonly used passwords.
Hacktivist (Cyberactivist)
Individuals who interfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency.
Boot Virus
Infects the master boot record of a hard drive. (MBR contains program necessary to start computer
Privacy
Information is used in accordance with the legal requirements mandated for employees, partners, and customers.
Integrity
Information remains whole, complete, and uncorrected.
Accuracy
Information that is free from mistakes/errors and has the value that the end user expects it to have.
Well-known vulnerabilites
Is a type of vulnerability that has been examined, documented, and published; other remain latent (or undiscovered).
Enterprise Information security policy (EISP) (General Security Policy, IT security policy, information security policy)
Is an executive-level document, usually drafted by, or in cooperation with, the CIO of the organization. Shapes the philosophy of security in the IT environment.
Software Piracy
Is the unauthorized copying and selling of software.
De jure Standard
Legally binding industry standards that all manufactures have to agree on
E-mail Attack
Like a DOS for email.
Trojan Horse
Masquerades as beneficial program while quietly destroying/damaging your system.
Script Kiddies
Novice hackers who download scripts written by someone else to exploit known vulnerabilities.
Intellectual Property
Often referred to as IP; IP is defined as works of the mind, such as inventions, literature, art etc... IP is protected by law and any use, whether or not it requires payments or permission, should be properly credited.
Possession
Ownership or control of some object or item.
Password Cracking
Penetrating system defenses, stealing passwords, and decrypting them to access system programs, files, and data
Data Owners
People responsible for the security and use of a particular set of information.
Chief Information Officer (CIO)
Person who is primarily responsible for advising the CEO, president or company owner on the strategic planning that affects the management of information in the organization.
Rootkit
Program that hides in a computer and allows someone from a remote location to take full control of the computer.
Four Important Organizational Fuctions
Protect the organization's ability to function. Enables the safe operation of applications implemented on the organization's IT system. Protects the data the organization collects and uses. Safeguards the technology assets in use at the organization.
Information security policy
Provides rules for the protection of the information assets of the organization.
Chief Information Security Officer (CISO)
Responsible for the assessment, management, and implementation of securing the information in the organization
Packet Monkey
Script kiddies who use automated tools to inundate a Web site with a barrage of network traffic, usually resulting in a DOS.
Countermeasure (Control, Safeguard)
Security mechanisms, policies, or procedures that can successfully counterattack, reduce risk, resolve vulnerabilities, and otherwise improve the security within an organization.
Computer Virus
Segments of code that perform malicious actions.
Mail bomb
Sends a massive amount of email to a specific person or system that can cause that user's server to stop functioning
Backdoor
Software code that gives access to a program or a service that circumvents normal security protections.
Malicious Code (malcode) Malware (malicious software)
Software components or programs designed to damage, destroy, or deny service to the target systems.
Hacker
Someone who accesses a computer or network illegally
Cracker
Someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action
Cyberterrorist
Someone who uses the internet or network to destroy or damage computers for political reasons
De facto Standard
Standards that have developed over time through common usage until they become the accepted way of doing things.
Access
The ability to use, manipulate, modify, or affect an asset or resource.
Confidentiality
The act of holding information in confidence, not to be released to unauthorized individuals
Protection Profile (Security Posture)
The entire set of controls and safeguards (including policy, education, training, and awareness, and technology) that the organization implements (or fails to implement) to protect the asset.
Risk
The probability that something unwanted will happen.
Strategic Planning
The process of moving the organization towards its vision.
Communication Security
The protection of an organization's communications media, technology, and content.
Information Security
The protection of information and its critical elements, including the systems and hardware that use, store, and transmit that information.
Network Security
The protection of networking components, connections, and contents, which is the primary focus of this textbook.
Operations Security
The protection of the details of a particular operation or series of activities.
Personal Security
The protection of the people who are authorized to access the organization and its operations.
Physical Security
The protection of the physical items or areas of an organization from unauthorized access and misuse.
Authenticity
The quality or condition of being authentic, trustworthy, or genuine
Utility
The quality or state of having value for some purpose or end. Information must be in a format that is meaningful to the end user
Threat agent
The specific instance of a threat or a particular component of a threat.
Object
The target entity of an attack.
Spam
Unwanted e-mail (usually of a commercial nature sent out in bulk)
Rainbow Attack
Uses the hashed password table from an organization and compares it to a rainbow table, which contains hash values of text strings.
Shoulder Surfing
Watching an authorized user enter a security code on a keypad.
Vulnerability
Weaknesses or faults in a system or protection mechanism that open it to the possibility of attack or damage.
Timing Attacks
Works by measuring the time required to access a Web page and deducing that the user has visited the site before by the presence of the page in the browser's cache.
Data Custodians
Works directly with data owners and are responsible for the storage, maintenance, and protection of the information.
Vision
Written statement of the organization's long term goals.
Mission
Written statement of the organization's purpose.
Macro Virus
a virus that attaches itself to a document that uses macros A software exploitation virus that works by using the macro feature included in many application, such as Microsoft Office.