Term
|
Definition
| A person organization that seeks to obtain or alter data or other assets illegally |
|
|
Term
|
Definition
| An opportunity for threats to gain access to individual or organizational assets |
|
|
Term
|
Definition
| Some measure that individuals or organizations take to block the threat from obtaining the asset. |
|
|
Term
|
Definition
| The asset that is desired by the threat |
|
|
Term
|
Definition
| Human error, Computer crime, Natural events and disasters |
|
|
Term
|
Definition
| Unauthorized data disclosure, incorrect data modification, faulty service, denial of service and loss of infrastructure |
|
|
Term
| Unauthorized data disclosure |
|
Definition
| Occurs when a threat obtains data that is supposed to be protected |
|
|
Term
|
Definition
| Occurs when someone deceives by pretending to be someone else |
|
|
Term
|
Definition
| A similar technique for obtaining unauthorized data that uses pretexting via email |
|
|
Term
|
Definition
| Pretends to be a legitimate company and sends an email requesting confidential data such as account numbers, social security numbers, account passwords, and so forth |
|
|
Term
|
Definition
Another term for someone pretending to be someone else
(Pretending to be your professor "spoofing your professor") |
|
|
Term
|
Definition
| Occurs when and intruder uses another's sites IP address to masquerade as that other site |
|
|
Term
|
Definition
| Is a synonym for phishing |
|
|
Term
|
Definition
| Is another term for intercepting computer communications |
|
|
Term
|
Definition
| Take computers with wireless connections through an area and search for unprotected wireless networks |
|
|
Term
|
Definition
| Which is breaking into computers, servers, or networks to steal data such as computer lists product inventory data, employee data and other proprietary confidential data |
|
|
Term
| Incorrect Data Modification |
|
Definition
| Examples- Incorrectly increasing a customer's discount or incorrectly modifying an employee's salary, earned days of vacation, or annual bonus. |
|
|
Term
|
Definition
| Problems that result because of incorrect system operation. Can include incorrect data modification, systems that work incorrectly by sending the wrong goods to a customer or the ordered goods to the wrong customer, incorrectly billing customers, or sending the wrong information to employees |
|
|
Term
|
Definition
| Occurs when computer criminals invade a computer system and replace legitimate programs with their own unauthorized ones that shut down legitimate applications and substitute their own processing to spy, steal, and manipulate data or other purposes |
|
|
Term
|
Definition
| Human error in following procedures or a lack of procedures |
|
|
Term
|
Definition
| Examples- A bulldozer cutting a conduit of fiber-optics cables and the floor buffer crashing into a rack of web servers |
|
|
Term
| Advanced persistent Threat (APT) |
|
Definition
| A sophisticated, possibly long running, computer hack that is perpetrated by large, well funded organizations like governments |
|
|
Term
| Intrusion Detections System (IDS) |
|
Definition
| A computer program that senses when another computer is attempting to scan the disk or otherwise access a computer |
|
|
Term
|
Definition
| In which a the password cracker tries every possible combination of characters |
|
|
Term
|
Definition
| Involve the hardware and software components of an information system |
|
|
Term
|
Definition
| A plastic card similar to a credit card they have a microchip which holds far more data than a magnetic strip. Users of smart cards a required to have a PIN to be authenticated |
|
|
Term
|
Definition
| Is the process of transforming clear text into coded, unintelligible text for secure storage or communication. |
|
|
Term
|
Definition
| Procedures for encrypting data that are difficult to break |
|
|
Term
|
Definition
| Number used to encrypt the data |
|
|
Term
|
Definition
| The same key (again a number) is used to encode and to decode |
|
|
Term
|
Definition
| Two keys are used one key encodes the message and the other decodes the message |
|
|
Term
|
Definition
| Is used on the internet with this method each site has a public key for encoding messages and a private key for decoding them |
|
|
Term
|
Definition
| Most secure communications over the internet use this protocol |
|
|
Term
| Secure Socket Layer (SSL) Transport Layer Security(TLS) |
|
Definition
| Uses a combination of public private key and symmetric encryption |
|
|
Term
|
Definition
| Is a computing device that prevents unauthorized network access |
|
|
Term
|
Definition
| Sits outside the organizational network; it is the first device that internet traffic encounters |
|
|
Term
|
Definition
| Inside the organizational network |
|
|
Term
| Packet-filtering Firewall |
|
Definition
| Examines each part of a message and determines whether to let that part pass |
|
|
Term
|
Definition
| Viruses, worms, Trojan horses, spyware, and adware |
|
|
Term
|
Definition
| A computer program that replicates itself |
|
|
Term
|
Definition
| The program code that causes unwanted or harmful activity |
|
|
Term
|
Definition
| Viruses that masquerade as useful programs or files |
|
|
Term
|
Definition
| Virus that propagates using the internet or other computer network |
|
|
Term
|
Definition
| Programs that are installed on the user's computer without the user's knowledge or permission |
|
|
Term
|
Definition
| Similar to spyware but it watches user activity and produce pop-up ads |
|
|
Term
|
Definition
| Protect databases and other organizational data |
|
|
Term
|
Definition
| Refers to an organization wide function that is in charge of developing data policies and enforcing data standards |
|
|
Term
|
Definition
| Refers to a function that pertains to a particular database |
|
|
Term
|
Definition
| Involve the people and procedure components of information system |
|
|
