ITM Chapter 8 Flashcards
Security
The policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damage to information systems.
Controls
Methods, policies, and organizational procedures that ensure the safety of the organization’s assets; the accuracy and reliability of its records; and operational adherence to management standards.
War Driving
Technique in which eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic.
Malware
Malicious software programs such as computer viruses, worms, and Trojan horses.
Computer Virus
Rogue software program that attaches itself to other software programs of data files in order to be executed, often causing hardware and software malfunctions.
Worms
Independent software programs that propagate themselves to disrupt the operation of computer networks or destroy data and other programs.
Trojan Horse
A software program that appears legitimate but contains a second hidden function that may cause damage.
SQL injection attack
The largest malware threat that takes advantage of vulnerabilities in poorly coded Web application software to introduce malicious program code into a company’s systems and networks.
Spyware
Technology that aids in gathering information about a person or organization without their knowledge.
Keyloggers
Spyware that records every keystroke made on a computer to steal personal information or passwords or to launch Internet attacks.
Hacker
A person who gain unauthorized access to a computer network for profit, criminal mischief, or personal reasons.
Cybervandalism
Intentional disruption, defacement, or destruction of a Web site or corporate information system.
Spoofing
Attempts by hackers to hide their true identities by using fake e-mail address or masquerading as someone else; might involve redirection a Web line to an address different from the intended one, with the site masquerading as the intended destination.
Sniffer
Type of eavesdropping program that monitors information traveling over a network.
Denial-of-service (DoS) Attack
Flooring a network server of Web server with false communications or requests for services in order to crash the network.
Distributed Denial-of-service (DDoS) Attack
Numerous computers inundating and overwhelming a network from numerous launch points.
Botnet
A group of computers that have been infected with bot malware without users’ knowledge, enabling a hacker to use the amassed resources of the computers to launch distributed denial of service attacks, phishing campaigns, or spam.
Computer Crime
The commission of illegal acts through the use of a computer or against a computer system.
Identity Theft
Theft of key pieces on personal information, such as credit card or social insurance numbers, in order to obtain merchandise and services in the name of the victim or to obtain false credentials.
Phishing
Form of spoofing involving setting up fake Web sites of sending e-mail messages that resemble those of legitimate businesses that ask users for confidential personal data.
Evil Twins
Wireless networks that pretend to be legitimate to entice participants to log on and reveal passwords or credit card numbers.
Pharming
Phishing technique that redirects users to a bogus Web page, even when an individual enters the correct Web page address.
Click Fraud
Fraudulently clicking on an online as in pay-per-click advertising to generate an improper charge per click.
Social Engineering
Tricking people into revealing their passwords by pretending to be legitimate users or members of a company in need of information.