CHAPTER 6&7 - Cybersecurity

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

QR code

A Quick Response Code that is attached to an item and that records information related to that item.

IP address

A number that uniquely identifies each computer or device connected to the Internet.

Daemon

A type of service of a network

Attack Surface

All points or areas of in a system that could be used or compromised to allow hackers entry into the system. The total number of points or vectors through which an attacker could try to enter an environment. *Different from the Attack Vector*

Bring Your Own Device (BYOD)

Bring Your Own Device. Its is a security measure put in place to protect the company's information available per mobile devices. It's policy usually requires a good anti-malware software to be installed on the devices and a own wireless network for the devices.

Wearable Technology

Computing devices that are worn on various parts of the body.

Firmware

It is permanent software programmed into a read-only memory. In computing, firmware is a specific class of computer software that provides the low-level control for a device's specific hardware.

Ports

Places on the outside of the computer that connect to the motherboard and allows hardware to work

Firewall

Security tool that acts as a barrier or protection against an unwanted data transfer

Proxy Server Firewall

The Firewall acts as a proxy, which communicates to the server A proxy server firewall analyzes the packet's data as well as its header Webfilter - its a part of the school network.

Consequences of Not Patching

The consequences of not patching are that you leave your computer open to vulnerabilities that the patches were supposed to fix. By patching a computer, it fixes the vulnerability but also alerts the hacker of it. The hackers could then use that vulnerability on unpatched systems. An example of that is WannaCry

Startup Services

are applications that you can have automatically open once you start up your mac or login.

Sytem Patching

are fixes to an operating system that address issues, typically related to performance or security. Patches can be applied using program files on a storage device, or in computer memory. Typically these are short-term fixes before a major feature update. Although patches are meant to be helpful those that are poorly designed can introduce new problems.

Scheduled Tasks

are tasks that are set to occur at a certain time or interval. A hacker could exploit this by inserting a command that executes only at a certain time. For example, a script that turns off the firewall in the evening.

Packet Filter Firewall

is a Firewall that monitors outgoing and incoming packets.

Event logging

is a basic resource that helps provide information about network traffic, usage and other conditions. An event log stores these data for retrieval by security professionals or automated security systems to help network administrators manage various aspects such as security, performance and transparency.

Botnet

is a loosely connected network of infected computers that are being managed by an unknown host. The main purpose of the botnet is for DDOS attacks, spam and stealing data. However, cyber criminals use botnets to instigate botnet attacks, these include malicious activities like credential leaks and unauthorized access.

GPS Metadata

is a security risk because it can track where you took a photo. Your device knows your exact location at all times and it is accessible just based on the geo location of the photograph.

Service

is any program that is run in the background of an operating system to provide specific features and functionality. On a Linux host, services are called daemons. (p. 179) Some services are required by operating systems and they are also able to be managed with PowerShell or the Task Manager for Windows, using systemctl for Linux, Activity Monitor for Macintosh, and top for the Terminal.

Metadata

is data that describes another piece of data. It can be found in digital files, pictures, music, etc.

Geotagging

is the process of identifying a person's location by tagging documents, such as pictures and videos, with GPS data.

Internet of Things (IoT)

refers to a system of interrelated, internet-connected objects that are able to collect and transfer data over a wireless network without human intervention.

Drive Encryption

renders data that is unreadable without the encryption key to unlock it. Different types of drive encryption are, Software encryption, Hardware encryption and ATA security. Mobile devices should have full drive encryption in the event that the device is lost or stolen. Full drive encryption should be in place on a laptop.

Choose Your Own Device (CYOD)

short for Choose Your Own Device. This is essentially an updated variation on the Bring Your Own Device (BYOD) theme but in this case, employees get to choose their devices from a preapproved list. CYOD puts more of the purchase decision into the hands of the organization

Hardening

the act of configuring an OS securely, updating it, creating rules and policies to help govern the system in a secure manner, and removing unnecessary applications and services. This is done to minimize a computer OS's exposure to threats and to mitigate possible risk. Removing unnecessary drivers, libraries, programs, and software Automatically applying OS updates, service packs, and patches Requiring all users to use strong passwords and change them on a regularly Logging all activity, errors, and warnings


Set pelajaran terkait

Physical Fitness : 3. CARDIOVASCULAR FITNESS

View Set

1,001 CCNA Questions: Chapter 18 Cisco IOS Fundamentals

View Set

Chapter 9: Healthy Relationships

View Set

Fundamentals Physiological (eaq)Aspects

View Set

Chapter 16: Spirituality Practice Questions

View Set