IT Vocab 12 Flashcards
An early example of encryption used by Julius Caesar to send confidential military messages
Caesar Cipher
Authentication that requires two or more evidences of authentication, usually of different types
Multifactor Authentication
Data that are being transported from one device to another, whether by radio, electrical, or light signals
Data in Transit
A type of access control that restricts access based on the user’s role in an organization
Role-based Access Control (RBAC)
Convincing a victim that they are performing a legitimate task within their web browser window when, in fact, they are being tricked into revealing sensitive information or installing malware on their computer
Browser Attack
A device that controls the flow of network traffic to protect systems from unauthorized network connections
Firewall
An attack that attempts to overload a system to that the services it provides are no longer available to legitimate network clients
Denial of Service
An attack where the attacker secretly relays and possibly alters the communications between two parties who believe they are directly communicating with each other
Man-in-the-Middle Attack
The process of keeping track of user activity while attached to a system
Accounting
Software that helps remove unwanted, unsolicited email
Anti-Spam Software
The capturing and storing of computer and user events
Logging
An attribute used to classify information based on the risk of public disclosure
Information Sensitivity
A method of authenticating with one system to gain access to other related systems
Single Sign-on
A type of authentication that requires the user to provide something that they know, such as a password or PIN
Type 1 Authentication
A type of authentication that requires the user to provide something that they have, such as a key, fob, electronic chip, or smart card
Type 2 Authentication
TCP session hacking and other methods where an attacker takes over the communication to a server by appearing to be the victim
Impersonation
A type of authentication that requires the user to provide something that they are, such as a fingerprint, handprint, retinal pattern, face, or voice
Type 3 Authentication
Data in a persistent storage medium, such as a hard drive or optical disc
Data at rest
An attempt to connect to a server by capturing and resending authentication information
Replay attack
The ability to ensure that someone can’t deny that they performed a certain act
Non-repudiation
A type of access control where a user has complete control over a resource and also determines the permissions other users have to those resources
Discretionary Access Control (DAC)
Software that helps protect against malicious software infections
Anti-Malware Software
A type of access control that historically was associated with multilevel security and military systems and may use a security clearance to restrict access to resources. The security manager controls the security policy, and users aren’t able to override the policy
Mandatory Access Control (MAC)
Exploiting a victim using email messages
Email Attack
The buying and selling of products or services electronically, typically through the Internet
Ecommerce
A security concern regarding network devices and other devices, such as smartphones, that give the option of using the device without a password
Device Password
