Chapter 1 Flashcards
Asset
property that belongs to an individual, organization, company, etc. A bank’s asset is its money; programming code is a software company’s asset.
Threat
the possibility of being a cyberattack target. Every organization and individual can be threatened by cyber-attacks for a variety of reasons, such as competition, politics, revenge, and more.
Risk
the potential damage to an individual or organization that exists due to a lack of security or awareness.
Vulnerability
weakness that can pose risks. Systems, software, hardware, and other elements that are not configured properly may have vulnerabilities that can be exploited for malicious purposes.
Exploitation
taking advantage of vulnerabilities to gain access to and control over a system.
Firewall
software that inspects, detects, and blocks traffic based on policies and parameters (IP, port, etc.). It can also be a physical device with the same purpose but is capable of handling a higher volume of network traffic.
Antivirus
software that inspects, detects, and removes malicious programs. There are many types of antivirus applications, but all have the same basic purpose. Each application incorporates different technologies to accomplish the task.
The CIA Triad
Confidentiality
Integrity
Availability
key to keeping information protected from potential leaks, changes, or other types of harm.
Malware
software designed for malicious purposes, or malicious software. It can be hidden in a computer program, a piece of code, and even embedded in hardware. malicious software created with the purpose of causing damage or exploiting any device, including computers, routers/switches, servers, and IoT devices. Some examples of malware are trojans, viruses, worms, ransomware, and spyware.
Virus
Self-replicating software that targets systems in a computer and attaches itself to them upon execution. As a virus spreads across a computer, it may corrupt or destroy data and cause a lot of damage.
Worm
Similar to a virus, a worm self-replicates, but does not require user intervention for it to be executed. It can spread to other computers, typically over a network.
Trojan Horse
Code that masquerades as a legitimate program but causes a lot of damage when executed. Trojan horses do not self-replicate like worms or viruses. They can, however, create backdoors in systems, or use system resources for various purposes, such as crypto mining.
Spyware
Malware that attempts to harvest information from a computer. The possibly confidential information is copied to the attacker’s computer.
Ransomware
The malware encrypts computer files and prevents them from being accessed or restored. Widely used for financial purposes, including demands for payment in return for decrypting the files.
Social Engineering
Art used to reveal vulnerabilities related to human action or obtain important information. By observing human behavior, hobbies, and social activities, a lot of information can be gathered and used for both malicious purposes and security assessments.
