CH. 6 Terms Flashcards
1
Q
Adware – Software that collects consumer surfing and purchasing data (I)
A
.
2
Q
- Botnet – A network of hijacked computers (O)
A
.
3
Q
- Bot herder – Hackers that control hijacked computers (R)
A
.
4
Q
- Click fraud – Inflating advertising revenue by clicking online ads numerous times (U)
A
.
5
Q
- DoS – Overloading an Internet service provider’s email server by sending hundreds of email messages per second from randomly generated false address (T)
A
.
6
Q
- Email threats – Sending an email instructing the recipient to do something or else suffer adverse consequences (C)
A
.
7
Q
- Hijacking – Gaining control of a computer to carry out unauthorized illicit activities (L)
A
.
8
Q
- Internet misinformation – Circulating lies or misleading information using the world’s largest
network (S)
A
.
9
Q
- Internet terrorism – Using the internet to disrupt communications and e-commerce (M)
A
.
10
Q
- Key logger – Use of spyware to record a user’s keystrokes (Q)
A
.
11
Q
- Pharming – Diverting traffic from a legitimate website to a hacker’s website to gain access to personal and confidential information (N)
A
.
12
Q
- Phishing – Emails that look like they came from a legitimate source but are actually from a hacker who is trying to get the user to divulge personal information (J)
A
.
13
Q
- Spamming – Emailing an unsolicited message to many people at the same time (E)
A
.
14
Q
- Splog – A spam blog that promotes affiliated websites to increase their Google PageRank (H)
A
.
15
Q
- Spyware – Software that monitors and reports a user’s computing habits (A)
A
.
16
Q
- Spoofing – Making an email look like it came from someone else (K)
A
.
17
Q
- Typosquatting – Creating websites with names similar to real websites so users making errors while entering a website name are sent to a hacker’s site (F)
A
.
18
Q
- Bluebugging – Making phone calls and sending text messages using another user’s phone without physically holding that phone (I)
A
.
19
Q
- Bluesnarfing – Capturing data from devices that use Bluetooth technology (K)
A
.
20
Q
- Eavesdropping – Intercepting and/or listening in on private voice and data transmissions (F)
A
.
21
Q
- Evil twin – A rogue wireless access point masquerading as a legitimate access point (M)
A
.
22
Q
- Packing sniffing – deep packet filtering (G)
A
.
23
Q
- Phreaking – Using telephone lines to transmit viruses and to access, steal, and destroy data (J)
A
.
24
Q
- Piggybacking – Gaining access to a protected system by latching onto a legitimate user (D)
A
.
25
8. Vishing – Emails instructing a user to call a phone number where they are asked to divulge personal information (B)
.
26
9. War dialing – Searching for modems on unprotected phone lines in order to access the attached computer and gain access to the network to which it is attached (H)
.
27
10. War driving – Searching for unprotected wireless networks in a vehicle (C)
.
28
1. Chipping – Inserting a chip that captures financial data in a legitimate credit card reader (E)
.
29
2. Data diddling – Altering data before or during entry into a computer system (I)
.
30
3. Data leakage – Copying company data, such as computer files without permission (F)
.
31
4. Identity theft – Illegally obtaining confidential information, such as a SSN, about another person so that ii can be used for financial gain (A)
.
32
5. Round-down fraud – Placing truncated decimal places in an account controlled by the perpetrator (J)
.
33
6. Salami technique – Embezzling small fractions of funds over time (D)
.
34
7. Scavenging – Searching through garbage for confidential data (B)
.
35
1. Dictionary attack – Using software to guess company email addresses, send employees blank emails, and add unreturned messages to spammer email lists (J)
.
36
2. Hacking – Gaining access to a computer system without permission (W)
.
37
3. Logic bomb – Software that sits idle until a specified circumstance or time triggers it (S)
.
38
4. Malware – Software used to do harm (L)
.
39
5. Masquerading – Pretending to be a legitimate user, thereby gaining access to a system and all the rights and privileges of the legitimate user (N)
.
40
6. Password cracking – Capturing and decrypting passwords to gain access to a system (C)
.
41
7. Piggybacking – Using a wireless network without permission (E)
.
42
8. Posing – Creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the item sold (X)
.
43
9. Pretexting – Acting under false pretenses to gain confidential information (U)
.
44
10. Rootkit – Software that conceals processes, files, network connections, and system data from the operating system and other programs (Q)
.
45
11. Shoulder surfing – Observing or listing to users as they divulge personal information (V)
.
46
12. Skimming – Covertly swiping a credit card in a card reader that records the data for future use (F)
.
47
13. Social Engineering – Methods used to trick someone into divulging personal information (R)
.
48
14. Software piracy – Unauthorized copying or distribution of copyrighted software (P)
.
49
15. Steganography – Concealing data within a large MP3 file (G)
.
50
16. Superzapping – Special software used to bypass system controls (A)
.
51
17. Trap door - Entering a system using a back door that bypasses normal system controls (I)
.
52
18. Trojan horse – Unauthorized code in an authorized and properly functioning program (K)
.
53
19. Virus – Segment of executable code that attaches itself to software (B)
.
54
20. Worm – A program that can replicate itself and travel over networks (M)
.
55
21. Zero-day attack – Attack occurring between the discovery of a software vulnerability and the release of a patch to fix the problem (H)
.
56
1. Address Resolution Protocol (ARP) spoofing – Fake computer networking protocol messages sent to an Ethernet LAN to determine a network host’s hardware address when only its IP address is known (M)
.
57
2. Buffer overflow attack – So much input data that storage is exceeded; excess input contains code that takes control of the computer (J)
.
58
3. Carding – Verifying credit card validity (X)
.
59
4. Caller ID spoofing – Displaying an incorrect phone number to hide the caller’s identity (R)
.
60
5. Cyber-extortion – A demand for payment to ensure a hacker does not harm a computer (U)
.
61
6. Cyber-bullying – Using social networking to harass another person (Q)
.
62
7. Economic espionage – Theft of trade secrets and intellectual property (V)
.
63
8. Email spoofing – Making an electronic communication appear as though it originated from a different source (K)
.
64
9. IP address spoofing – Creating packets with a forged address to impersonate another computing system (L)
.
65
10. Internet auction fraud – Using a site that sells to the highest bidder to defraud another person (W)
.
66
11. Internet pump-and-dump fraud – Using the internet to inflate a stock price so it can be sold for
profit (G)
.
67
12. Lebanese looping – Inserting a sleeve to trap a card in an ATM, pretending to help the owner to obtain his PIN, and using the card and PIN to drain the account (A)
.
68
13. Man-in-the-middle (MITM) attack – A hacker placing himself between a client and a host to intercept network traffic (T)
.
69
14. Podslurping – Using a small storage device to download unauthorized data from a computer (C)
.
70
15.Ransomware – Software that encrypts programs and data until a payment is made to remove it (S)
.
71
16. Scareware – Malicious software that people are frightened into buying (E)
.
72
17. Sexting – Exchanging explicit messages and pictures by telephone (H)
.
73
18. SQL injection – Inserting a malicious database query in input in a way that it can be executed by an application program (I)
.
74
19. SMS spoofing – Changing the name or number a text message appears to come from (N)
.
75
20. XSS attack – A link containing malicious code that takes a victim to a vulnerable website where the victim’s browser executes the malicious code embedded in the link (P)
.
76
21. Tabnapping – Secretly changing an already open browser tab (Y)
.
