Security Risks Flashcards
Virus?
A virus is a program, that can replicate itself by copying its source code into other programs (called ‘executable files’) and can also cause damage to the computer system when it runs.
Worm?
A worm is a malicious computer program that replicates itself in order to spread to other computer systems. Often spreads through a network and unlike a virus does not need to attach itself to a program. A worm replicates itself through computer networks, executing its code in the receiving computers memory.
Trojan?
A Trojan is a malicious program but it does not replicate itself, rather it relies on the user downloading what seems to be (and may actually be) a useful program that has the malicious functions hidden within the program. When activated it may steal data or damage the computer system. Trojans can also be used to control a computer remotely without the user’s permission
Spyware?
Spyware is a piece of software that installs itself on a computer, usually without the user’s knowledge. It is used to gather personal or private information from the computer, without the user’s knowledge or permission.
Purpose of Spyware?
ts main purpose is to track a user’s movements on the Internet and to target the user with pop ups. Some spyware can be used for useful purposes in business: many programs exist that can monitor activity across a network to see what employees are working on or looking at on the Internet.
Phishing?
Phishing is the attempt to acquire information like passwords or credit card details from users by pretending to be someone else, like a bank.
Keylogging?
Keylogging is an abbreviation of keystroke logging and it does what the name suggests - it logs the keys that are pressed on a keyboard. Usually a user will not be aware that their keystrokes are being recorded.
How to avoid keyloggers?
One way to avoid software keyloggers is to install anti-spyware software, or an anti-keylogger program. You could make use of one time passwords, a technique used by some banks.
DOS attack?
A Denial of Service (DOS) attack is when a website or a network is targeted, with the intention of making it unavailable to users.
Types of DOS attack?
Physical attack, Exploitation of Software Flaws, Exploitation of Network Management Flaws, Resource starvation, Ransomware, DNS attacks
Encryption?
encoding data before it is stored / transmitted. The data must then be encrypted using the correct key before it can be understood. If data is intercepted it cannot be easily. deciphered.
Digital signatures?
Uses encryption methods as a way of authenticating data so that the recipient can be sure it has not been altered/tampered with.`
Digital certificate?
An electronic document used to prove that the person sending data is who they claim to be, the padlock icon.
Biometrics in industry?
unique characteristics like fingerprint, voice recognition.
