Term
|
Definition
| the sum of all threats facing the corporation |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| pieces of executable code that attach themselves to other programs. Within a computer, whenever an infected program runs (executes), the virus attaches itself to other programs |
|
|
Term
|
Definition
| scan arriving files for viruses and other malware |
|
|
Term
|
Definition
|
|
Term
|
Definition
| attack programs that propagate on their own by seeking out other computers, jumping to them, and installing themselves |
|
|
Term
|
Definition
| worms that exploit vulnerability in software |
|
|
Term
|
Definition
| a piece of code that can be executed by a virus or worm after it has spread to multiple machines (in war, when a bomber reaches its target, it releases its payload of bombs) |
|
|
Term
|
Definition
| a program that looks like an ordinary system file, but continues to exploit the user indefinitely |
|
|
Term
|
Definition
| that sits on a victim’s machine and gathers information about the victim |
|
|
Term
|
Definition
| done without someone’s knowledge, such as surreptitious face recognition scanning |
|
|
Term
|
Definition
| spyware that records your keystrokes, looking for passwords, social security numbers, and other information that can help the person who receives the keystroke logger’s data commit fraud |
|
|
Term
|
Definition
| spyware that searches your hard drive for potentially useful information and sends it to the attacker |
|
|
Term
|
Definition
| tricking people into doing something to get around security protections |
|
|
Term
|
Definition
| unsolicited commercial e-mail |
|
|
Term
|
Definition
| social engineering attack that uses an official-looking e-mail message or website |
|
|
Term
|
Definition
| someone who steals credit card numbers |
|
|
Term
|
Definition
| stealing enough information about a person to impersonate him or her in complex financial transactions |
|
|
Term
|
Definition
| intentionally using a computer resource without authorization or in excess of authorization |
|
|
Term
|
Definition
| to try to determine a network’s design through the use of probe packets |
|
|
Term
|
Definition
| a packet sent into a firm’s network during scanning; responses to the probe packet tend to reveal information about a firm’s general network design and about its individual computers—including their operating systems |
|
|
Term
|
Definition
| break-in program; a program that exploits known vulnerabilities |
|
|
Term
|
Definition
| a security weakness found in software |
|
|
Term
|
Definition
| a collection of tools which automate some tasks that the hacker will have to perform after the break-in |
|
|
Term
|
Definition
| a way back into a compromised computer that an attacker leaves open; it may simply be a new account or a special program |
|
|
Term
|
Definition
| the type of attack whose goal is to make a computer or a network unavailable to its users |
|
|
Term
|
Definition
| DoS attack in which the victim is attacked by many computers |
|
|
Term
|
Definition
| a type of malware that can be upgraded remotely by an attacker to fix errors or to give the malware additional functionality |
|
|
Term
|
Definition
| someone who creates viruses |
|
|
Term
|
Definition
| an attacker who possesses only modest skills but uses attack scripts created by experienced hackers; dangerous because there are so many |
|
|
Term
|
Definition
| employee who is upset with the firm or an employee and who may take revenge through a computer attack |
|
|
Term
|
Definition
| former employee who is upset with the firm or an employee and who may take revenge through a computer attack |
|
|
Term
|
Definition
| an attacker who attacks with criminal motivation |
|
|
Term
|
Definition
| a computer attack made by terrorists |
|
|
Term
|
Definition
| a computer attack made by a national government |
|
|
Term
|
Definition
| the process of balancing threats and protection costs |
|
|
Term
|
Definition
| security in which all avenues of attack are closed off |
|
|
Term
|
Definition
| determining who may access each resource |
|
|
Term
|
Definition
| initially giving users only the permissions they absolutely need to do their jobs |
|
|
Term
|
Definition
| the use of successive lines of defense to thwart attackers |
|
|
Term
|
Definition
| plans for controlling access to a resource |
|
|
Term
|
Definition
| the requirement that someone who requests to use a resource must prove his or her identity |
|
|
Term
|
Definition
| permitting a person or program to take certain actions on a resource |
|
|
Term
|
Definition
| collecting data about events to assess actions after the fact |
|
|
Term
|
Definition
| in authentication, the party trying to prove its identity to the verifier |
|
|
Term
|
Definition
| the party requiring the applicant to prove his or her identity |
|
|
Term
|
Definition
| proof of identity that an applicant can present during authentication |
|
|
Term
|
Definition
| use of a central authentication server helps provide consistent security by ensuring that all verifiers check credentials against the same authentication information |
|
|
Term
|
Definition
| a secret keyboard string only the account holder should know; authenticates user access to an account |
|
|
Term
|
Definition
| an alias that signifies the account that the account holder will be using |
|
|
Term
|
Definition
| a common word, dangerous to use for a password because it is easily cracked |
|
|
Term
|
Definition
|
|
Term
|
Definition
| a password-cracking attack in which an attacker tries to break a password by trying all words in a standard or customized dictionary |
|
|
Term
|
Definition
| password cracking, a mode that tries variations on common word passwords |
|
|
Term
|
Definition
| a password-cracking attack in which an attacker tries to break a password by trying all possible combinations of characters |
|
|
Term
|
Definition
| passwords should be at least eight characters long, and even longer passwords are highly desirable |
|
|
Term
|
Definition
| a document that gives the name of a true party, that true party’s public key, and other information; used in authentication |
|
|
Term
| Digital certificate authentication |
|
Definition
| authentication in which each user has a public key and a private key. Authentication depends on the applicant knowing the true party’s private key; requires a digital certificate to give the true party’s public key |
|
|
Term
|
Definition
| a key that is not kept secret. Part of a public key-private key pair |
|
|
Term
|
Definition
| a key that only the true party should know. Part of a public key-private key pair |
|
|
Term
| Public key authentication |
|
Definition
| authentication in which each user has a public key and a private key. Authentication depends on the applicant knowing the true party’s private key; requires a digital certificate to give the true party’s public key |
|
|
Term
| Public key infrastructures |
|
Definition
| a total system (infrastructure) for public key encryption |
|
|
Term
|
Definition
| the use of bodily measurements to identify an applicant |
|
|
Term
|
Definition
| a form of biometric authentication that uses the applicant’s fingerprints |
|
|
Term
|
Definition
| in biometrics, the normal rate of misidentification when the subject is cooperating |
|
|
Term
|
Definition
| a form of biometric authentication that uses the colored part of the eye (iris) |
|
|
Term
|
Definition
| the scanning of passerby to identify terrorists or wanted criminals by the characteristics of their faces |
|
|
Term
|
Definition
| a security system that examines each incoming packet. If the firewall identifies the packet as an attack packet, the firewall discards the packet and copies information about the discarded packet into a log file |
|
|
Term
|
Definition
| a packet that is provably an attack packet |
|
|
Term
|
Definition
| file containing information about packets discarded by a firewall |
|
|
Term
|
Definition
| the filtering of traffic coming into a site from the outside |
|
|
Term
|
Definition
| the filtering of traffic from inside a site going out |
|
|
Term
| Stateful firewall filtering |
|
Definition
| a firewall whose default behavior is to allow all connections initiated by internal hosts but to block all connections initiated by external hosts. Only passes packets that are part of approved connections |
|
|
Term
| Access control lists (ACLs) |
|
Definition
| an ordered list of pass/deny rules for a firewall or other device |
|
|
Term
| Intrusion Detection Systems (IDSs) |
|
Definition
| a security system that examines messages traveling through a network. IDSs look at traffic broadly, identifying messages that are suspicious. Instead of discarding these packets, IDSs will sound an alarm |
|
|
Term
|
Definition
| a false alarm; an apparent incident that proves not to be an attack |
|
|
Term
| Intrusion Prevention Systems (IPSs) |
|
Definition
| firewall system that uses sophisticated packet filtering methods to stop attacks |
|
|
Term
|
Definition
| the examination of headers and messages at multiple layers in a packet |
|
|
Term
|
Definition
| a security system that automatically provides a mix of security protections, usually including confidentiality, authentication, message integrity, and replay protection |
|
|
Term
|
Definition
| to mathematically process a message so that an interceptor cannot read the message |
|
|
Term
|
Definition
| assurance that interceptors cannot read transmissions |
|
|
Term
|
Definition
| term for encryption methods |
|
|
Term
|
Definition
| conversion of encrypted ciphertext into the original plaintext so an authorized receiver can read an encrypted message |
|
|
Term
|
Definition
| family of encryption methods in which the two sides use the same key to encrypt messages to each other and to decrypt incoming messages. In bidirectional communication, only a single key is used |
|
|
Term
|
Definition
| cracking a key or password by trying all possible keys or passwords |
|
|
Term
|
Definition
| a bit string added to a message to provide message-by-message authentication and message integrity |
|
|
Term
|
Definition
| a calculation added to a plaintext message to authenticate it |
|
|
Term
| Key-hashed Message Authentication Codes (HMACs) |
|
Definition
| electronic signature technology that is efficient and inexpensive but lacks non-repudiation |
|
|
Term
|
Definition
| set up to protect itself, as a server or client |
|
|
Term
| Group Policy Objects (GPOs) |
|
Definition
| policies that govern specific types of resources on a domain |
|
|
Term
|
Definition
| testing after protections have been configure, in which a company or consultant attacks protections in the way a determined attacker would and notes which attacks that should have been stopped actually succeeded |
|
|
Term
|
Definition
| the collection of data in a form acceptable for presentation in a legal proceeding |
|
|
Term
| Computer Security Incident Response Team (CSIRT) |
|
Definition
| a team convened to handle major security incidents, made up of the firm’s security staff, members of the IT staff, and members of functional departments, including the firm’s legal department |
|
|
Term
|
Definition
| recovering from a disaster that damages computer equipment or data |
|
|
