Week 4 (Ch. 8) Flashcards
what is cybercrime
illegal activity using computer
what percentage of business report cybercrimes
12%
what are the two types of cybercrime
technology as target of crime and technology used to commit crime
what is malware
‘malicious software’: program designed to steal or destroy data
what are viruses and worms
codes that replicate to destroy data
what is spyware
software that gathers knowledge without users knowledge
what is ransomware
software that encrypts data and requires payment to access it again
what is a DoS (denial of service)
prevents web server from serving users
what is a DDoS
multiple users send requests to crash service
what is identity theft
criminal gains access and uses personal information without your knowledge
what is social engineering
criminals lure individuals into giving up personal information (scam calls)
what is hacking
accessing someones computer without their permission
what is phishing
user receives email with fake link requiring user to input username and password for criminal to steal
what is spoofing
criminals disguise themselves by modifying their IP address
what is piracy
illegal copying and distribution/use of of software
what is the information security triad
confidentiality: restricting access to those who are allowed to view information
integrity: information accessed has not been modified or altered
availability: information can be accessed and modified by anyone authorized to do so at a given time frame
what is example of authentication using something they know
password, questions
what is an example of authentication using something they have
key, card
what is an example of authentication using something they are
physical characteristic: finger print
what is multi factor authentication
combination of two or more factors above
what is access control
determines which users are allowed to read, modify, add or delete information
what is an access control list (ACL)
list of users who are able to perform specific actions
what are role based access control (RBAC)
users are assigned to roles and roles are given ability to perform specific actions
what is encryption
scrambles data so it is unreadable to those without public key
what is symmetric key encryption
two parties share encryption key
what is public key encryption
user must use public key to send message and receiver must use private key to view message
what are firewalls
protects servers by blocking packets that do not meet certain criteria
what are anti-virus programs
softwares that can be installed to detect and remove malicious programs
what are intrusion detection systems
identifies if network is being attacked
what are examples of physical security
locked doors, secured equipment, physical intrusion detection
what are the three sources of security problems
1) human error and mistakes
2) malicious human activity
3) natural events and disasters
what are the three types of security safegaurds
1) technical safeguards
2) data safeguards
3) human safeguards
what is a WAR room
office space with basic equipment, charged monthly subscription fee
what is a cold site
empty room or building used for recovery
what is a hot site
recovery location available 24/7
