Term
|
Definition
| Programs that provide additional functionality to Web browsers. |
|
|
Term
| Address Resolution Protocol (ARP) |
|
Definition
| Part of the TCP/IP protocol for determining the MAC address based on the IP address. |
|
|
Term
|
Definition
| An attack that corrupts the ARP cache. |
|
|
Term
|
Definition
| Files that are coupled to e-mail messages. |
|
|
Term
|
Definition
| An attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer. |
|
|
Term
|
Definition
| An attack that targets vulnerabilities in client applications that interact with a compromised server or processes malicious data. |
|
|
Term
|
Definition
| Injecting and executing commands to execute on a server. |
|
|
Term
|
Definition
| A file on a local computer in which a server stores user-specific information. |
|
|
Term
| cross-site scripting (XSS) |
|
Definition
| application server to direct attacks at clients. |
|
|
Term
|
Definition
| An attack that attempts to prevent a system from performing its normal functions. |
|
|
Term
|
Definition
| An attack that takes advantage of a vulnerability in the Web application program or the Web server software so that a user can move from the root directory to other restricted directories. |
|
|
Term
| distributed denial of service (DDoS) |
|
Definition
| An attack that uses multiple zombie computers (even hundreds or thousands) in a botnet to flood a device with requests. |
|
|
Term
|
Definition
| An attack that substitutes DNS addresses so that the computer is automatically redirected to another device. |
|
|
Term
|
Definition
| A hierarchical name system for matching computer names and numbers. |
|
|
Term
|
Definition
| A cookie that is created from the Web site that currently is being viewed. |
|
|
Term
|
Definition
| A cookie named after the Adobe Flash player. Also known as local shared objects (LSOs). Cannot be deleted through the browser's normal configuration settings. Typically are saved in multiple locations on the hard drive and can be take up as much as 100,000 bytes of storage per. They can also be used to reinstate regular ones that a user has deleted or blocked. |
|
|
Term
|
Definition
| A list of the mappings of names to computer numbers. |
|
|
Term
|
Definition
| Part of HTTP that is composed of fields that contain the different characteristics of the data that is being transmitted. |
|
|
Term
|
Definition
| Modifying HTTP headers to create an attack. |
|
|
Term
|
Definition
| An attack that intercepts legitimate communication and forges a fictitious response to the sender. |
|
|
Term
| persistent cookie (tracking cookie) |
|
Definition
| A cookie that is recorded on the hard drive of the computer and does not expire when the browser closes. |
|
|
Term
|
Definition
| A utility that sends an ICMP echo request message to a host. |
|
|
Term
|
Definition
| An attack that uses the Internet Control Message Protocol (ICMP) to flood a victim with packets. |
|
|
Term
|
Definition
| An attack that exploits a vulnerability in software to gain access to resources that the user would normally be restricted from obtaining. |
|
|
Term
|
Definition
| An attack that makes a copy of the transmission before sending it to the recipient. |
|
|
Term
|
Definition
| A cookie that is only used when a browser is visiting a server using a secure connection. |
|
|
Term
|
Definition
| A cookie that is stored in Random Access Memory (RAM), instead of on the hard drive, and only lasts for the duration of visiting a Web site. |
|
|
Term
|
Definition
| An attack in which an attacker attempts to impersonate the user by using his session token. |
|
|
Term
|
Definition
| A form of verification used when accessing a secure Web application. |
|
|
Term
|
Definition
| An attack that broadcasts a ping request to all computers on the network yet changes the address from which the request came to that of the target. |
|
|
Term
|
Definition
| Impersonating another computer or device. |
|
|
Term
|
Definition
| An attack that targets SQL servers by injecting commands to be manipulated by the database. |
|
|
Term
|
Definition
| An attack that takes advantage of the procedures for initiating a TCP session. |
|
|
Term
|
Definition
| A cookie that was created by a third party that is different from the primary Web site. |
|
|
Term
|
Definition
| An attack involving using a third party to gain access rights. |
|
|
Term
|
Definition
| A markup language that is designed to carry data instead of indicating how to display it. |
|
|
Term
|
Definition
| An attack that injects XLM tags and data into a database. |
|
|
Term
|
Definition
| Attacks that exploit previously unknown vulnerabilities, so victims have no time to prepare or defend against the attacks. |
|
|
