Term
|
Definition
| the protection of information from accidental or intentional misuse by persons inside or outside an organization |
|
|
Term
| Three primary information security areas |
|
Definition
Authentication and authorization.
Prevention and resistance.
Detection and response. |
|
|
Term
|
Definition
| a method for confirming users’ identities |
|
|
Term
|
Definition
| giving someone permission to do or have something |
|
|
Term
|
Definition
| a type of virus that spreads itself, not only from file to file, but also from computer to computer |
|
|
Term
|
Definition
| software written with malicious intent to cause annoyance or damage |
|
|
Term
|
Definition
| hides inside other software, usually as an attachment or a downloadable file |
|
|
Term
|
Definition
| small electronic device that changes user passwords automatically |
|
|
Term
|
Definition
| software that comes hidden in free downloadable software and tracks online movements, mines the information stored on a computer, or uses a computer's CPU and storage for some task the user knows nothing about |
|
|
Term
|
Definition
| the forging of the return address on an email so that the email message appears to come from someone other than the actual sender |
|
|
Term
|
Definition
|
|
Term
|
Definition
| using one's social skills to trick people into revealing access credentials or other information valuable to the attacker |
|
|
Term
|
Definition
| a program or device that can monitor data traveling over a network |
|
|
Term
|
Definition
| a device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing |
|
|
Term
|
Definition
| viruses that open a way into the network for future attacks |
|
|
Term
|
Definition
| the identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting |
|
|
Term
|
Definition
| occurs when organizations use software that filters content to prevent the transmission of unauthorized information |
|
|
Term
|
Definition
|
|
Term
|
Definition
| seeks to cause harm to people or to destroy critical systems or information and use the internet as a weapon of mass destruction |
|
|
Term
|
Definition
| floods the web site with so many requests for service that it slows down or crashes the site |
|
|
Term
| distributed denial of service attack |
|
Definition
| attacks from multiple computers that flood a web site with so many requests for service that it slows down or crashes |
|
|
Term
|
Definition
| scrambles information into an alternate form that requires a key or password to decrypt the information |
|
|
Term
|
Definition
| process by which a user misleads a system into granting unauthorized rights, usually for the purpose of compromising or destroying the system |
|
|
Term
|
Definition
| hardware and/or software that guards a private network by analyzing the information leaving and entering the network |
|
|
Term
|
Definition
| person very knowledgeable about computers who uses his knowledge to invade other people's computers |
|
|
Term
|
Definition
| person with philosophical and political reasons for breaking into systems who will often deface web site as a protest |
|
|
Term
|
Definition
| attack computer systems by transmitting a virus hoax, with a real virus attached |
|
|
Term
|
Definition
| the forging of someone's identity for the purpose of fraud |
|
|
Term
| information security plan |
|
Definition
| details how an organization will implement the information securities policies |
|
|
Term
| information security policy |
|
Definition
| identifies the rules required to maintain information security |
|
|
Term
|
Definition
| legitimate users who misuse their access to the environment and cause some kind of business-affecting incident |
|
|
Term
| intrusion detection software |
|
Definition
| searches out patterns in information and network traffic to indicate attacks and quickly responds to prevent any harm |
|
|
Term
|
Definition
| includes a variety of threats such as viruses, worms, and trojan horses |
|
|
Term
|
Definition
| altering the contents of packets as they travel over the internet or altering data on computer disks after penetrating a network |
|
|
Term
|
Definition
| technique to gain personal information for the purpose of identity theft, usually by means of a fraudulent email |
|
|
Term
| polymorphic virus and worm |
|
Definition
| change their form as they propagate |
|
|
Term
|
Definition
| encryption system that uses two keys: a public key that everyone can have and a private key for only the recipient |
|
|
