Info Tech Protection of Info Flashcards
Types of Threats
- Dos- Denial of Service - uses zombie computer
- Session hijacking occurs when an attacker finds and uses a “session token” to gain access to a system. The hijack occurs after the user has authenticated himself/herself into the system. If the attack is successful, then the hacker has hijacked the session—gained access to the session under the guise of another user. It is possible that session masquerading can lead to a DoS attack, but they are not the same thing. Zombies take over computers full-time—not just for a session.
- In a man-in-the-middle attack, a perpetrator establishes a connection between two devices and then pretends to be each party, thereby intercepting and interfering with messages between the parties.
- A phish is deceptive request for information delivered via email.
Backdoor
A software program that allows an unauthorized user to gain access to the system by sidestepping the normal logon procedures.
Masquerading.
An attacker identifies an IP address (usually through packet sniffing) and then attempts to use that address to gain access to the network
Superzapping.
The use of powerful software to access secure information while bypassing normal controls
Prototyping
Prototyping is the practice of rapid development of a system containing essential features for the purpose of eliciting user comments, which drive successive iterations of the prototype system.
Change Control
The practice of authorizing changes, approving tests results, and copying developmental programs to a production library is program change control.
Remittance Advices
Remittance advices help customers match payments with invoices. They are more likely to be used in complex businesses, such as construction and medical billing.
Systems Development Life Cycle
The steps in the systems development life cycle are
- analysis
- design
- build
- test
- implement
Edit C heck
An edit check is a check on the accuracy of data as it is inputted.
