Exam 1 Flashcards
A weakness in a computer system
vulnerability
A set of circumstances that could cause harm
threat
when a bad actor exploits a vulnerability
attack
an action, device, procedure, or technique that reduces a vulnerability
control/countermeasure
the ability of a system to ensure that an asset is only viewed by authorized parties
confidentiality
the ability of a system to ensure that an asset can only be edited by authorized parties
integrity
the ability of a system to ensure that an asset can be accessed by all authorized parties
availability
a systems full set of vulnerabilities, actual and potential
attack surface
authentication method: something a user knows
password, PIN
authentication method: something a user is
finger print, face id
authentication method: something a user has
key fob, ID card
incorrectly confirming an identity
false positive
a tool used by system administrators to see who accessed data or files on a server
access log
managing user permissions w/ a set of lists (used by Linux and Unix)
Access Control Lists (ACL’s)
assigning permissions to users based on their jobs by creating groups
role-based access control
encoding a message
encryption
breaking an encryption
decryption
when a program exceeds the space allocated to it
buffer overflow
type of program that can replicate itself by modifying other programs on the same computer
virus
type of program that can replicate itself to other computers on the same network
worm
most difficult passwords to hack
- long strings
- large characters sets
- do not appear in the dictionary of words and phrases
