Chapter 5

Question 1

software to detect and remove viruses and other malware

Answer 1

anti-virus

Question 2

another term for public key encryption

Answer 2

asymmetric key encryption

Question 3

establishing a user’s identity

Answer 3

authentication

Question 4

method of by-passing security in a system, built in by the system designers

Answer 4

backdoor

Question 5

process of registering a user for a biometric system by taking an initial sample

Answer 5

biometric enrolment

Question 6

measurements taken from a biometric sample

Answer 6

biometric template

Question 7

use of fingerprints, retina scans, or other body features as an authentication mechanism

Answer 7

biometrics

Question 8

group of zombie computers under the control of a criminal

Answer 8

botnet

Question 9

attempt to break a password by trying all possible combinations of letters, numbers, and symbols

Answer 9

brute force attack

Question 10

system designed to create text that is unreadable to a computer but understandable to a person, to reduce spam

Answer 10

CAPTCHA

Question 11

organization that issues digital certificates to individuals and companies

Answer 11

Certificate Authority

Question 12

result of encrypting plaintext

Answer 12

ciphertext

Question 13

UK law governing criminal offenses committed using a computer

Answer 13

Computer Misuse Act

Question 14

another word for hacking

Answer 14

cracking

Question 15

flooding a computer system with data so that it cannot respond to genuine users

Answer 15

Denial of Service Attack

Question 16

attempt to break a password by trying all possible words

Answer 16

dictionary attack

Question 17

technique used to authenticate remote users, such as online shopping businesses

Answer 17

digital signatures

Question 18

denial of service attack committed using dozens of computers, usually zombies on a botnet

Answer 18

Distributed Denial of Service attack

Question 19

technique used by criminals to alter domain name system (DNS) records and drive users from faking sites to committing phishing

Answer 19

DNS poisoning

Question 20

program which automatically downloads when a user visits a webpage, usually without their knowledge or consent

Answer 20

drive-by download

Question 21

system of encoding plaintext so that it cannot be understood with access to an encryption key

Answer 21

encryption

Question 22

used to encrypt and decrypt data

Answer 22

encryption key

Question 23

Extended Validation SSL; digital certificate validation technique used on the world wide web

Answer 23

EV SSL

Question 24

when a system incorrectly rejects an action instead of accepting it

Answer 24

false negative

Question 25

when a system incorrectly accepts an action instead of rejecting it

Answer 25

false positive

Question 26

system that encrypts all data saved to a hard disk automatically and transparently

Answer 26

full disk encryption

Question 27

gaining illegal access to a computer system

Answer 27

hacking

Question 28

directory that contains a users personal files

Answer 28

home directory

Question 29

secure version of HyperText Transfer Protocol (HTTP) which offers encrypted communication

Answer 29

HTTPS

Question 30

stealing personal data in order to impersonate a person

Answer 30

identity theft

Question 31

idea of having encryption keys stored by a third party company so the government can access them if needed

Answer 31

key escrow

Question 32

software or hardware which records all key strokes on a computer system

Answer 32

key logger

Question 33

a public key and private key that work together in a public encryption system

Answer 33

key pair

Question 34

virus that takes advantage of the macro programming languages built into some software

Answer 34

macro virus

Question 35

generic name for malicious software

Answer 35

malware

Question 36

use of several authentication techniques together, such as passwords and security tokens

Answer 36

multi-factor authentication

Question 37

password generated by a security token, which expires as soon as it is used

Answer 37

one time password

Question 38

software or hardware used to collect data traveling over a network

Answer 38

packet sniffer

Question 39

another word for password

Answer 39

passphrase

Question 40

word or phrase used to authenticate a user

Answer 40

password

Question 41

another word for DNS poisoning

Answer 41

pharming

Question 42

use of fake emails and web sites to trick users into revealing sensitive data

Answer 42

phishing

Question 43

locks, alarms, and other techniques used to secure a building or computer room

Answer 43

physical security

Question 44

message before it is encrypted, or after it has been decrypted

Answer 44

plaintext

Question 45

key used for decryption in a public key encryption system

Answer 45

private key

Question 46

key used for encryption in a public key encryption system

Answer 46

public key

Question 47

user with full control over a computer system

Answer 47

root user

Question 48

type of malware which infiltrates the operating system and attempts to hide itself from view

Answer 48

rootkit

Question 49

encryption system in which a single key is used for both encryption and decryption

Answer 49

secret key encryption

Question 50

system used to encrypt https web traffic

Answer 50

Secure Socket Layer / Transport Layer Security

Question 51

hardware device that must be present during login to authenticate a user

Answer 51

security token

Question 52

software update to fix a security problem discovered in software

Answer 52

security update

Question 53

phishing attacks committed using text messages (SMS)

Answer 53

smishing

Question 54

tricking a user into revealing their password or other sensitive data

Answer 54

social engineering

Question 55

unwanted, bulk email

Answer 55

spam

Question 56

program that scans web pages for email address, in order to send spam

Answer 56

spam bot

Question 57

program designed to identify and block spam messages while letting genuine messages through

Answer 57

spam filters

Question 58

malware which covertly records a user’s actions, such as their key presses

Answer 58

spyware

Question 59

another word for secret key encryption

Answer 59

symmetric key encryption

Question 60

person in overall charge of a computer system in an organization

Answer 60

system administrator

Question 61

malware which pretends to be a genuinely useful program to trick the user into using it

Answer 61

Trojan horse

Question 62

gaining illegal access to a computer system

Answer 62

unauthorized access

Question 63

computer program which damages files and data spreads when infected programs are copied

Answer 63

virus

Question 64

used by anti-virus programs to recognize known viruses

Answer 64

virus definition file

Question 65

phishing attacks committed using telephone calls or VoIP systems

Answer 65

vishing

Question 66

software to scan a system for potential security problems

Answer 66

vulnerability scanner

Question 67

technique used by spammers to detect if an email address is valid or not

Answer 67

web bug

Question 68

Wired Equivalence Protocol; wireless network encryption system

Answer 68

WEP

Question 69

malicious software which replicates itself and spreads between computer systems and over networds

Answer 69

worm

Question 70

Wireless Protected Access; wireless network encryption system

Answer 70

WPA

Question 71

Wireless Protected Access 2; wireless network encryption system

Answer 71

WPA2

Question 72

computer which has been compromised by malware and is part of a botnet

Answer 72

zombie