Dual Comp. Test- Chapter 5
zombie
a compromised computer or device whose owner is unaware the computer or device is being controlled remotely by an outsider
virus
a potentially damaging program that affects, or infects, a computer or mobile device negatively by altering the way the computer or device works without the user's knowledge or permission
spyware
a program placed on a computer or mobile device without the user's knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online
ransomware
a program that blocks or limits access to a computer, phone, or file until the user pays a specified amount of money
worm
a program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer, device or network
adware
a program that displays an online advertisement in a banner, a pop-up window, or pop-under window on webpages, email messages, or other internet services
adware
a program that displays an online advertisement in a banner, pop-up window, or pop-under window on webpages, email messages, or other internet services
rootkit
a program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device
trojan horse
a program that hides within or looks like a legitimate program; unlike a virus or worm, this does not replicate itself to other computers or devices
bot
a program that performs a repetitive task on a network
encription key
a set of characters that the originator of the data uses to encrypt the plaintext and the recipient of the data uses to decrypt the ciphertext
encryption algoritm (cypher)
a set of stepts that can convert readable plaintext into unreadable ciphertext; might switch the order of characters or replace characters with other characters
spoofing
a technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network
secure site
a website that uses encryption techniques to secure its data
distributed DoS attack
a zombie army is used to attack computer networks
madware
adware on mobile phones
continuous data protection
all data is backed up whenever a change is madeq
denial of service attack
an assault whose purpose is to disrupt computer access to an internet service, such as the web or email
cyberwarfare
an attack whose goal ranges from disabling a government's computer network to crippling a country
certificate authority
an organization that issues digital certificates; a trusted third party that takes responsibility for verifying the sender's identity before using a certificate
digital security risk
any event of action that could case a loss of or damage to computer or mobile device hardware, software, data, information, or processing capability
computer crime
any illegal act involving the use of a computer or related devices
biometric device
authenticates a person's identity by translating a personal characteristic, such as a fingerprint, into a digital code that is compared with a digital code stored in a computer or mobile device verifying a physical or behavioral characteristic
fingerprint reader
captures curves and indentations of a fingerprint
full backup
copies all of the files on media in the computer
differential backup
copies only the files that have changed since the last full backup
incremental backup
copies only the files that have changed since the last full or incremental backup
restore
copy the backed up files to their original location on the computer or mobile device
kengen (key generator)
creates software registration numbers and sometimes activation codes
decrypt
decode encrypted data
social engineering
defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others
payload
destructive event or prank delivered by malware
backup
duplicate of a file, program, or media that can be used if the original is lost, damaged or destroyed
digital signature
encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender; often are used to ensure that an impostor is not participating in an Internet transaction; can help to prevent email forgery; can also verify that the content of a message has not changed
cloud backup
files are backed up to the cloud as they change
copyright
gives authors, artists, and other creators of original work exclusive rights to duplicate, publish, and sell their materials; protects from any form of tangible expression
botnet (zombie army)
group of compromised computers or mobile devices connected to a network, such as the Internet, that are used to attack other networks, usually for nefarious purposes
Perpetrators of cybercrime typically fall into one of these basic categories:
hacker, cracker, script kiddie, corporate spy, unethical employee, cyberexterortonist, and cyberterrorist
firewall
hardware/software that protects a network's resources from intrusion by users on another network, such as the internet
script kiddie
has the same intent as a cracker but does not have the technical skills and knowledge; often use prewritten hacking and cracking programs to break into computers and networks
network license
legal agreement that allows multiple users to access the software on the server simultaneously
site license
legal agreement that permits users to install the software on multiple computers, usually at a volume discount
creative commons
nonprofit organization that allows content owners to specify how their online content can be reused, if at all, on other websites
digital certificate
notice that guarantees a user or a website is legitimate
cybercrime
online or internet-based illegal acts such as distributing malicious software or committing identity theft
hacker
origionally a complimentary word for a computer enthusiast, now has a derogatory meaning and refers to someone who accesses a computer or network illegally
acceptable use policy
outlines the activities for which the computer and network may and may not be used; should specify the acceptable use of technology by employees for personal reasons
encryption
process of converting data that is readable by humans into encoded characters to prevent unauthorized access
back door
program or set of instructions in a program that allows users to bypass security controls when accessing a program, computer, or network; allows them to continue to access the computer remotely without the user's knowledge
web filtering software
program that restricts access to specified websites
virtual private network
provides the mobile user with a secure connection to the company network server, as if the user has a private line; help ensure that data is safe from being intercepted by unauthorized people by encrypting data as it transmits from a laptop, smartphone, or other mobile device
audit trail
records in a file both successful and unsuccessful attempts at access
information privacy
refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them
intellectual property (IP)
refers to unique and original works, such as ideas, inventions, art, writings, processes, company and product names, and logos
lock screen
screen that restricts access to a computer or mobile device until a user performs a certain action
access control
security measure that defines who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it
proxy server
server outside the organization's network that controls which communications pass in and out of the organization's network; screens all incoming and outgoing messages
malware
short for malicious software; consists of programs that act without a user's knowledge and deliberately alter the operations of computers and mobile devices
cookie
small text file that a web server stores on your computer; typically contain an identification code that links to a file on a web server that contains data about you, such as your user name, postal code, or viewing preferences
personal firewall
software firewall that detects and protects a personal computer and its data from unauthorized intrusions; constantly monitor all transmissions to and from the computer and may inform a user of any attempted intrusions
crimeware
software used by cyber-criminals
Cracker
someone who accesses a computer or network illegally but has the intent of destroying data, stealing information, or other malicious action
cyberextortionist
someone who demands payment to stop an attack on an organizations technology infrastructure; threaten to expose confidential information, exploit a security flaw, or launch an attack that will compromise the organization's network
cyberterrorist
someone who uses the internet or network to destroy or damage computers for political reasons
digital forensics (cyberforensics)
the discovery, collection, and analysis of evidence found on computers and networks; involves the examination of media, programs, data, and log files on computers, mobile devices, servers, and networks
ciphertext
the encrypted (scrambled) data
private key encryption (symetric key encription)
the origionator and the recipient use the same secret key to encrypt and decrypt the data
content filtering
the process of restricting access to certain material
license agreement
the right to use software
intellectual property rights
the rights to which creators are entitled for their work
software piracy
the unauthorized and illegal duplication of copyrighted software; most common form of software theft
plaintext
the unencrypted, readable data in the encryption process
unauthorized use
the use of a computer or its data for unapproved or possibly illegal activities
unauthorized access
the use of a computer or network without permission
Hactivists
those who disagree with the beliefs of actions of a particular organization
back up
to make a copy
Script kiddies often use prewritten hacking and cracking programs to break into computers and networks
true
selective backup
users choose which folders and files to include in a backup
product activation
users provide the software product's identification number to associate the software with the computer or mobile device on which the software is installed
public key encryption (asymetric key encryption)
uses two encryption keys: a public key and private key; can be decrypted only with the corresponding private key; the private key is kept confidential
IP Spoofing
when an intruder computer fools a network into believing its IP address is associated with a trusted source; trick their victims into interacting with phony websites
Email Spoofing
when the sender's address or other components of an email header are alerted to that it appears that the email message originated from a different sender; commonly used in virus hoaxes, spam, and phishing scams
disc burning software
writes text, graphics, audio, and video files on a recordable or rewritable disc; enables home users easily to back up contents of their hard drive on an optical disc and make duplicates of uncopyrighted music or movies; usually also includes photo editing, audio editing, and video capabilities
disaster recovery plan
written plan that describes the steps an organization would take to restore its computer operations in the event of a disaster
Both hackers and crackers have advanced computer and network skills.
True