chapter 6info system security CS3 Flashcards
Internet and Network Attacks
Malware,
short for malicious software, consists of programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices
Internet and Network Attacks
firewall
is hardware and/or software that protects a network’s resources from intrusion
Internet and Network Attacks
Spoofing
is a technique intruders use to make their network or Internet transmission appear legitimate.
Internet and Network Attacks:
Back Door
is a program that allow users to bypass security controls.
Internet and Network Attacks
denial of service attack (DoS attack)
disrupts computer access to an Internet service.
Internet and Network Attacks
TAntivirus
software is a set of utility programs that looks for and eradicates a wide spectrum of problems such as viruses, Trojan horses, and worms
Internet and Network Attacks
Trojan horse
s not a virus. It is a destructive program that looks as a genuine application.
Internet and Network Attacks
worm:
s similar to a virus by its design, and is considered to be a sub-class of a virus. Worms spread from computer to computer, but unlike a virus, it has the capability to travel without any help from a person.
Internet and Network Attacks
WHAT DOES A VIRUS DO?
A virus can perform a trigger event: corrupt and/or destroy data display an irritating message
Internet and Network Attacks
computer virus:
s a program that attaches itself to a file, reproduces itself, and spreads to other files
Unauthorized Access and Use
A unauthorized access is the use of a computer or network without permission
Access controls define
who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it
computer/device/network maintain an audit trail that records & File successful/unsuccessful access attempts OF WHAT?
USERN NAME
PASSWORD
Unauthorized Access and Use
biometric device?
authenticates a person’s identity by translating a BIO INFORMATION into a digital code.
Unauthorized Access and Use:
Digital forensics?
evidence found on computers and networks
Unauthorized Access and Use
possessed object?
is any item that you must possess, or carry with you, in order to gain access to a computer or computer facility
Unauthorized Access and Use
PIN?
personal identification number)
Unauthorized Access and Use
passphrase
is a private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources
Information Theft:
secure site
A website that uses encryption techniques to secure its data.
Information Theft - digital certificate
s a notice that guarantees a user or a website is legitimate
Information Theft - digital signature
is an encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender
Information Theft - Encryption
• the process of encoding a message, information, or data in such a way that only authorized parties can access it, prevents unauthorized access.
Computer Ethics
code of conduct
is a written guideline that helps determine whether a specification is ethical/unethical or allowed/not allowed
Ethics and Society
Green computing?
g involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies
