Chapter 9 & 10 - Security Concepts and Threats/ Best Practices Flashcards
1.4, 6.1, 6.4
Data
raw values collected by a computer system. It is meaningless until placed in the correct context
Information
data that has been process into a form that has meaning and is useful
Insight
a meaningful and deep understanding
Intellectual Property (IP)
a category of property that includes creations of the human intellect
Trademark
a type of intellectual property consisting of a recognizable sign, design, or expression that uniquely identifies one product or service from others
- Nike logo, Pepsi logo
Copyright
a type of intellectual property that protects original works of authorship form publication, distribution, and sale without the author’s permission
- Books, songs, movies, software
Patent
a type of intellectual property that grants exclusive rights to an invention, which is a product or a process that provides a new way of doing something, or offers a new solution to a problem
- a machine process, formula, or product
Digital Product
a product that is sold or distributed as binary computer data
- Software Applications
- Video Downloads
- Computer games
- eBooks
Snooping
an attempt to gain access to information that you are not authorized to view
- prevent shoulder surfing, use a privacy screen
Eavesdropping
secretly listening to the private conversations or communications of others without their consent in order to gather information
Wiretapping
the practice of connection a listening device to a telephone or data line to secretly monitor a conversation
Dumpster Diving
the process of investigating a person or business’s trash to find information that can be used in an attack
Social Engineering
manipulating, influencing, or deceiving a person in order to gain control over a computer system, or acquire confidential information
Single Sign-On (SSO)
a user authentication service that permits a user to use one set of login credentials, like a username and password, to access multiple applications.
Permissions
the specific rights or privileges granted to users or software
Least Privilege
giving users or systems only the permissions they absolutely need to perform a task or job function and nothing more
Logs
are records that provide a chronological account of events in a system. They can track a wide range of activities, from user logins, file accesses, to even the smallest system errors and security breaches
Non-Repudiation
a safeguard that guarantees individuals or entities involved in a digital transaction cannot later refute or deny their participation or the legitimacy of their actions
Antivirus / Anti-Malware
software designed to detect, prevent, and remove malicious software (malware) from a computer or network, ensuring the device’s safety and integrity
- Signature-based Detection
- Behavioral-based (Heuristic) Detection
Host Firewall
software that provides protection to an individual device by monitoring and controlling incoming and outgoing network traffic based on predetermined security rules.
Policy
a set of rules that dictate what actions should be taken under various circumstances.
Procedure
a set of step-by-step instructions to perform a task
- Standard Operating Procedure
Personal Identifiable Information (PII)
any information that can be used to identify an individual
- Name
- Social Security Number
- Date of Birth
- Email Address
- Phone Number
Protected Health Information (PHI)
any information about an individual’s health status
- Medical Records
- Healthcare Service
Plain Text
data presented in a format that is immediately understandable and accessible. It’s in its most basic, unaltered state, free from any form of encryption or coding.
Confidentiality
refers to the ability to keep data and information accessible to ONLY authorized users
Integrity
Assurance that the information is trustworthy and accurate
Availability
refers to the ability to allow authorized users to access data whenever they need to
Hacking
refers to a variety of computer crimes that involve gaining unauthorized access to a computer system, to its data
- stealing passwords or personal information
- gaining remote access to a server or an operating system
- Logging in locally and stealing data
Phishing
occurs when an attacker pretends to represent a legitimate organization and asks for verification of the victim’s information such as a password, username, address, credit card information, SSN, etc
- Phishing emails are most common ways people lose their personal info
Denial of Service (DoS)
sending enough request to overload a resource or even stopping its operation
Brute Force attack
is a trial-and-error method used to get access to certain data such as passwords
Man-in-the-Middle
intercepting communications between computers to steal information transiting through the network
Key fobs
use RF to get access to certain areas
RFID badges/ Key Fobs
use Radio Frequency to get access to certain areas
Cable Locks
are mostly used to prevent physical theft of laptops. The lock is usually attached to a metal cable which is ted to a table
Man-Traps
A two door system that makes access more difficult though the use of some sort of authentication or multi-authentication method such as biometrics, badges, or a combination of others.
Multi-Factor Authentication (MFA)
occurs when multiple protection techniques are used in collaboration to prevent unauthorized access to sensitive data or rooms’
- Physical (Badges, Cell Phone, etc.)
- Private (Pin Code, passwords, On time passwords, security questions, etc.)
- Biometric (Fingerprint, retina scan, etc.)
VPN (Virtual Private Network)
is a service that uses an encryption tunnel which encrypts data in transit while making it difficult in seeing the data that is in transmission’
SOHO (Small office/home office)
this is the typical router for networks that don’t require dedicated equipment to perform daily functions.
- It is a router, switch, access point, firewall, and sometimes modem all in one device
Shoulder Surfing
a physical security threat where an unauthorized person gains access to sensitive information by observing someone’s actions or keystrokes.
- looking over someone shoulder while they are typing in a password or watching them enter a PIN at an ATM
Whaling
uses phishing tactics to target high-profile people and professionals
Tailgating
a physical attack used to gain access to a restricted area by following someone who is authorized to enter
Brute Force Attack
is when attackers use trial and error to guess a password
- run combination for a password
Cybersecurity
is the practice of protecting hardware, software, infrastructure, and data from the criminal/unauthorized access
- Viruses
- Social Engineering
- Ransomware
- Rootkits
- Man-in-the-Middle Attacks
Encryption
involves encoding data, making it unreadable. This protects data from being read by potential hackers and malicious software
- Decipher the data, and encryption key must be provided
- Unencrypted data is known a s plaintext
- Encrypted data is often referred to as ciphertext
Data Capture and Collection
This could be from varying sources, like web server log files or tracking systems used to gather data with scanning sensors.
- Once captured, you must store the data.
Meaningful Reporting
Captured data or correlations statics are helpful in making better business decisions only if they can be presented in a way that makes sense to those making the decisions.
Data Correlation
Establishing a correlation in data enables an organization to make better business decisions.
- This kind of correlation is often made using special tools that use machine learning and AI.
Reconnaissance
A type of social engineering exploit that passively gathers information about a potential victim
- The goal is to get the information needed to further exploit the victim.
Email Attacks
A form of social engineering that attempts to exploit a victim using email messages.
Spear phishing
a variation of phishing attacks that involves gathering as much information about the victim as possible, like online bank or credit card company.
- The attacker then sends phishing emails that appear to be from the trusted bank or credit card company.
Replay Attack
a hacker sniffs the packets between a client and a server in hopes of obtaining
authentication information.
Authorization
means creating one or more barriers around the resource such that only
authenticated users can gain access.
- Each resource has a permissions list specifying what users
can do. - Resources often have different access levels, for example, being able to read a file or being able to read and edit it
Authentication
means one or more methods of proving that a user is who they say they are and
associates that person with a unique computer or network user account.
Accounting
means recording when and by whom a resource was accessed.
Type 1 Authentication
is something you know
- Personal Identification numbers (PINs)
- Passphrase
- Pattern Lock
Type 2 Authentication
is something you have
- Keys
- Hardware tokens like fobs, electronic chips, and smart cards
- Physical location
- Software tokens
- One time password (OTP)
Type 3 Authentication
is something you are
- Biometric scanners
- fingerprints
- Handprints
- Retinal patterns
- Face, or voice
S/MIME (Secure/Multipurpose Internet Mail Extensions)
is a protocol used to encrypt emails
- It allows the sender to digitally sign and encrypt emails.
- If a user cannot receive attachments aka files then sending an email using cipher text would encrypt the message so that only
the sender and receiver could read the content of the message.
