Cyber Security: Vocabulary
DoS attack
-Prevents users from accessing normal services -Sends enough requests to overload a resource or even stopping its operation
Phishing
A form of social engineering where the attacker pretends to represent a legitimate outside organization.
E-mail Bomb
A large quantity of bulk e-mail that overwhelms the e-mail server preventing users from accessing e-mail.
Social Engineering
A person who is able to gain access to equipment or a network by tricking people into providing the necessary access information.
Worm
A self-replicating program that uses the network to duplicate its code to the hosts on the network. At a minimum, worms consume bandwidth in a network.
Ping of Death
A series of repeated, larger than a normal pings intended to crash the receiving computer
Virus
A software code that is deliberately created by an attacker. Viruses may collect sensitive information or may alter or destroy information.
SYN flood
A type of DoS where an attacker sends a large amount of SYN request packets to a server in an attempt to deny service.
Spyware
A type of grayware, is distributed without any user intervention of knowledge.
Java
Allows applets to run within a browser. -example: a calculator or a counter
Zombies
An attack launched from many computers.
Man-in-the-middle
An attack that intercepts legitimate communication and forges a fictitious response to the sender.
DNS poisoning
An attack that substitutes DNS addresses so that the computer is automatically redirected to another device.
ActiveX
Controls interactivity on web pages.
Anti-virus software
Designed to detect, disable, and remove viruses, worms, and Trojan horses before they infect a computer.
Adware
Displays advertising, usually in a popup window.
Internal security threats
Employees can cause a malicious threat or an accidental threat.
JavaScript
Interacts with HTML source code to allow interactive web sites. -example: a rotating banner or a popup window
Grayware
Or malware, is a file or program other than a virus that is potentially harmful.
External security threats
Outsider users can attack in an unstructured or structured way.
Data security attacks
Removal, corruption, denial of access, unauthorized access, or theft of information.
Security policy
Should describe how a company addresses security issues.
Trojan horse
Technically a worm and is named for its method of getting past computer defenses by pretending to be something useful.
Physical security attacks
Theft, damage, or destruction to computer equipment.
Replay Attack
Type of software attack where an attacker captures network traffic and stores it for retransmission at a later time to gain unauthorized access to a network
Spam
Unsolicited email that can be used to send harmful links or deceptive content.
TCP/IP
Used to control all internet communications.
Spoofing
When someone pretends to be someone else with the intent of obtaining unauthorized data.
Popups
Windows that are automatically open and designed to capture your attention and lead you to advertising sites
DDos
distributed denial of service