Term
|
Definition
| is any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability |
|
|
Term
|
Definition
| is an online or Internet-based illegal act |
|
|
Term
|
Definition
Files become corrupted
Available memory is less than expected
Screen displays unusual message or image
Music or unusual sound plays randomly
Existing programs and files disappear
Programs or files do not work properly
Unknown programs or files mysteriously appear
System properties change
Operating system does not start up
Operating system shuts down unexpectedly
Operating system runs much slower than usual |
|
|
Term
Internet Attacks
denial of service attack (DoS attack) |
|
Definition
| disrupts computer access to Internet services |
|
|
Term
|
Definition
| distributed denial of service |
|
|
Term
|
Definition
| is a group of compromised computers connected to a network |
|
|
Term
Internet Attacks
back door |
|
Definition
| is a program or set of instructions in a program that allow users to bypass security controls |
|
|
Term
|
Definition
| is a technique intruders use to make their network or Internet transmission appear legitimate |
|
|
Term
|
Definition
|
|
Term
|
Definition
| is hardware and/or software that protects a network’s resources from intrusion |
|
|
Term
| Intrusion detection software |
|
Definition
Analyzes all network traffic
Assesses system vulnerabilities
Identifies any unauthorized intrusions
Notifies network administrators of suspicious behavior patterns or security breaches
SANS: Intrusion Detection FAQ: AINT Misbehaving: A Taxonomy of Anti-Intrusion Techniques |
|
|
Term
|
Definition
| define who can access a computer, when they can access it, and what actions they can take |
|
|
Term
|
Definition
| log both successful and unsuccessful attempts |
|
|
Term
| Identification and authentication |
|
Definition
a two-phase process:
identification: are you a valid user? (user name)
authentication: are you who you say you are?
passwords, CAPTCHAs, other enhanced access tools (see next slide) |
|
|
Term
|
Definition
| (“Completely Automated Public Turing test to tell Computers and Humans Apart”) |
|
|
Term
|
Definition
is any item that you must carry to gain access to a computer or computer facility (badges, smart cards, keys)
Often are used in combination with a PIN |
|
|
Term
|
Definition
| authenticates a person’s identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer |
|
|
Term
|
Definition
| is the discovery, collection, and analysis of evidence found on computers and networks |
|
|
Term
|
Definition
| occurs when someone steals personal or confidential information |
|
|
Term
|
Definition
User Identification/authentication
Encryption |
|
|
Term
|
Definition
| is a process of converting readable data into unreadable characters to prevent unauthorized access |
|
|
Term
|
Definition
| is an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender |
|
|
Term
|
Definition
| is a notice that guarantees a user or a Web site is legitimate |
|
|
Term
digital certificate
Issued by a |
|
Definition
|
|
Term
|
Definition
| allows individuals to detect wireless networks while driving a vehicle through the area |
|
|
Term
|
Definition
| is a duplicate of a file, program, or disk that can be used if the original is lost, damaged, or destroyed |
|
|
Term
| Offsite backups are stored in a location separate from |
|
Definition
|
|
Term
| Two categories of backups: |
|
Definition
Full backup
Selective backup
Three-generation backup policy |
|
|
Term
| The widespread use of computers has led to health concerns |
|
Definition
Repetitive strain injury (RSI)
Tendonitis
Carpal tunnel syndrome (CTS)
Computer vision syndrome (CVS)
Computer addiction occurs when the computer consumes someone’s entire social life |
|
|
Term
|
Definition
are the moral guidelines that govern the use of computers and information systems
Information accuracy is a concern
Not all information on the Web is correct |
|
|
Term
| Intellectual property rights |
|
Definition
| are the rights to which creators are entitled for their work |
|
|
Term
|
Definition
refers to the right of individuals and companies to deny or restrict the collection and use of information about them
Huge databases store data online
It is important to safeguard your information |
|
|
Term
|
Definition
| protects any tangible form of expression |
|
|
Term
| Digital rights management |
|
Definition
| (DRM) is a strategy designed to prevent illegal distribution of movies, music, and other digital content |
|
|
Term
| Common Points of Privacy Laws |
|
Definition
Limit collected information to only what is necessary
Limit access to those who need it to perform their jobs
Outside release only with permission
Provide opportunity to verify correctness
Informed Consent: consent given before collection of personal information with knowledge of material facts needed to make a rational decision about providing the information
Opt-in: affirmative action required by consumer to allow collection/use
Opt-out: collection/use by default, consumer must take action to prevent |
|
|
Term
|
Definition
| is a small text file that a Web server stores on your computer |
|
|
Term
|
Definition
| is an unsolicited e-mail message or newsgroup posting |
|
|
Term
|
Definition
| blocks e-mail messages from designated sources |
|
|
Term
|
Definition
| attempt to remove spam before it reaches your inbox |
|
|
Term
|
Definition
| is a scam in which a perpetrator sends an official looking e-mail message that attempts to obtain your personal and financial information |
|
|
Term
|
Definition
| uses a clickable object on a Web site (button, image, link) which contains a malicious program (e.g. virus download, redirection to phony site) |
|
|
Term
|
Definition
| is defined as gaining unauthorized access or obtaining confidential information by taking advantage of trust and naivety |
|
|
Term
|
Definition
| involves the use of computers to observe, record, and review an employee’s use of a computer |
|
|
