Chapter 11 Society, Security, Privacy Ethics Flashcards
What is computer crime?
is any illegal act involving a computer
Script Kiddie
same intent as a hacker
does not have technical skills and knowledge
Cyberextortionist
someone who uses email as a vehicle for extortion, threatens to attack company if not paid a sum of money
Cracker
someone who accesses a computer or network illegally
Cyberterrorist
uses computers to damage or destroy computers for political reasons
What is an online security service?
checks computer for vulnerabilities, and provides recomendations
What are some forms of internet and network attacks?
Computer viruses, worms, torjan horses, botnets, denial of service attacks, back doors, spoofing
What is a payload?
is the destructive event or prank the program is intended to deliver
What is a worm?
a program that copies itself repeatedly, in memory , uses up resources
What is a rootkit?
a program that hides in a computer
allows someone in a remote location to take full control of the computer
What are some symptoms of viruses, worms, trojans?
Unusual messages or images music or random sounds memory less than expected files dissapear files become corrupted programs or files dont work properly unknown programs appear OS doesnt start OS shuts down unexpectedly
What 4 ways can a payload be delivered?
- Open an infected file
- Runs an infected file
- Boots the computer with an infected removable media in a port
- Connects an unprotected computer to a network
What are some precautions against viruses etc?
Trusted sources
Virus hoax
Macros - Instructions in software to continually update against attacks
Virus Signature
is a known specific pattern of virus code
Inoculate
Antivirus records imformation about files, if a virus tampers with the file, the antivirus will detect descrepencies
Quarantine
is a separate part of hard disk, holds infected files until it can be removed
Botnet
a group of comprmised computers connected to a network, being used to attack other networks
Zombie
is a compromised computer
owner is unaware
being used from a remote location
Bot
a program that performs a repetitive task on a network
Denial of service attack
Dos attack
an assualt on a computer
purpose- to disrupt access to an internet service
Jams, blocks legitimate visitors from accessing network
DDos Attack
Distributed dos attack, means thats a zombie army is used to attack multiple computer networks
Back doors
a program or set of instructions that allow users to bypass security and access the network
Spoofing
a technique to make internet transmission appear legitimate to a victim
IP spoofing
when people use fake IP addresses to gain access
What is a proxy server?
a server outside the computers network, controls which communicationspass into the companys network
Intrusion detection software
combined with a firewall, adds another layer of protection
assesses system vulnerabilites
Honeypot
a vulnerable computer that is setup to entice an intruder to break into it
AUP
acceptable use policy, outlines what netowk may and may not be used for
possessed object
any item you must carry to obtain access ti a computer or facility…..badge, card, smart card
License agreement
the right to use the software
users to not own the software
provides specific conditions for use of the software
Single user license agreement
EULA, included with software, uses can use on only one computer, make one copy as backup, give or sell if is first removed from computer.
Plaintext VS ciphertext
plaintext is readable. ciphertect unreadable
Encription key
programmed formula, recipient of data uses to decipher text
hash
is a mathematical formula that generates a code from the contents of the message and differs for each message
Transport layer security
successor of SSL secure socket layer
encripts data
web addresses with SSL have https instead of http
Secure HTTP
allows users to choose an encryption scheme for data
more difficult to use than SSL but more secure
VPN
Virtual private network
Brownout
a prolonged undervoltage
Surge protector
Smooths out noise provides stable current flow allows no more than 500 maximum volts to pass through line protects equipment from spikes one nansecond reaction time should have a rating of at least 200
UPS
uninterurupitble power supply
Three generation backup
grandparent- oldest copy
parent - second oldest copy
child - most recent copy
What are some safeguards for wireless security?
ensure equipment uses wirless standards
802.11i , wi-fi protected access, wires equivalent privacy
CVS
computer vision syndrome
Code of conduct
a written guideline that helps determine weather computer actions are ethical or not
Spim
spam sent through an instant message
split
is spam sent visa internet telephony
Phishing
sends an official looking email that attempts to obtain your personal imformation
Pharming
trhough spoofing attempts to obtain your personal details
