Shared Flashcard Set

Details

Chapter 6
AIS Chapter 6
59
Accounting
Undergraduate 4
11/04/2013

Additional Accounting Flashcards

 


 

Cards

Term
Hacking
Definition
the unauthorized access, modification, or use of an electronic device or some element of a computer system
Term
Botnet
Definition
short for robot network; is a network of powerful and dangerous hijacked computers
Term
Hijacking
Definition
gaining control of a computer to carry our illicit activities without the user's knowledge
Term
bot herders
Definition
bot herders install software that responds to the hacker's electronic instructions onto unwitting PCs.
Term
zombies
Definition
another word for hijacked computers
Term
Denial-of-service attack
Definition
botnets are used to perform this attack, which is designed to make a resource unavailable to its users
Term
spamming
Definition
e-mailing or texting an unsolicited message to many people at the same time, often in an attempt to sell something
Term
dictionary attacks
Definition
harvestin attacks; spammers use special software to guess addresses at a company and send blank e-mail messages. Messages not returned usually have valid e-mail addresses and are added to spammer e-mail lists.
Term
Social Engineering
Definition
techniques, usually psychological tricks, to gain access to sensitive data or information. used to gain access to secure systems or locations
Term
Malware
Definition
any software which can be used to do harm
Term
Spoofing
Definition
making an electronic communication look as if someone else sent it to gain the trust of the recipient
Term
Email spoofing
Definition
making an email appear as though it originated from a different source
Term
Address Resolution Protocol Spoofing
Definition
sending fake ARP messages to an ethernet LAN
Term
DNS Spoofing
Definition
sniffing the ID of a domain name system request and replying before the real dns server can
Term

zero-day attack

(zero-hour attack)

Definition
an attack between the time a new software vulnerability is discovered and the time a software developer releases a patch that fixes the problem.
Term
Cross-site scripting (XSS)
Definition
a vulnerability in dynamic web pages that allows an attacker to bypass a browser's security mechanisms and instruct the victim's browser to execute code thinkinging it came from the desired web site
Term
Buffer overflow attack
Definition
happens when the amount of data entered into a program is greater than the amount of the memory set aside to receive it.
Term
SQL injection (insertion)
Definition
malicious code in the form of an SQL query is inserted into input so it can be passed to and executed by an application program
Term
Man-in-the-middle attack
Definition
places a hacker between a client and a host and intercepts network traffic between them.
Term
Password Cracking
Definition
Penetrating system security to steal passwords
Term
War Dialing
Definition
Computer automatically dials phone numbers looking for modems.
Term
Phreaking
Definition
Attacks on phone systems to obtain free phone service.
Term
Data Diddling
Definition
Making changes to data before, during, or after
it is entered into a system.
Term
Data Leakage
Definition
Unauthorized copying of company data.
Term
Strong Password Characteristics
Definition

- at least 10 characters

- include upper/lower case letter, digits, special characters

- phrases are effective

 

 

(names and birthdays are easily cracked)

Term
Salami Technique
Definition
Taking small amounts from many different
 
accounts.
Term
Economic Espionage
Definition
the theft of information, trade secrets, and intellectual property
Term
Internet Terrorism
Definition
the act of disrupting electronic commerce and harming computers and communications.
Term
Internet Misinformation
Definition
Using the Internet to spread false or misleading information
Term
Internet Auction
Definition
Using an Internet auction site to defraud another person
Term
Round-Down Fraud
Definition
all interest calculations are truncated at two decimal places and the excess decimals put into an account the perpetrator controls
Term
Social Engineering Techniques
Definition

- Identity Theft

- Pretexting

- Phishing

- Typosquatting

- Scavenging

- Shoulder Surfing

Term
Cyber-extortion
Definition
threatening to harm a company or person if a specified amount of money is not paid.
Term
Internet Pump-and-Dump
Definition
using the internet to pump up the price of a stock and then selling it.
Term
Click Fraud
Definition
manipulating click numbers to inflate advertising bills
Term
Lebanese Loping
Definition
Capturing ATM pin and card numbers
Term
Skimming
Definition
double-swiping a credit card
Term
Chipping
Definition
planting a device to read credit card information in a credit card reader
Term
Posing
Definition
creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the product
Term
Phishing
Definition
sending an electronic message pretending to be a legitimate company, usually a financial institution, and requesting information or verification of information and often warning of some dire consequence if it is not provided
Term
Carding
Definition
refers to activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers
Term
Pharming
Definition
is redirecting web site traffic to a spoofed web site
Term
evil twin
Definition
a wireless network with the same name as a legitimate wireless access point
Term
Typosquatting
Definition
setting up similarly named web sites so that users making typographical errors when entering a web site name are sent to an invalid site
Term
Tabnapping
Definition
secretly changing an already open browser tab
Term
Scavenging; dumpster diving
Definition
gaining access to confidential information by searching documents and records
Term
shoulder surfing
Definition
perpetrators look over a person's shoulders in a public place to get information
Term
malware
Definition
any software that can be used to do harm
Term
spyware
Definition
software that secretly monitors and collects personal information about users and sends it to someone else
Term
adware
Definition
spyware that pops banner ads on a monitor, collects information about the user's web-surfing and spending habits, and forwards it to the adware creator
Term
torpedo software
Definition
malware company creates software to attack a competitor's malware
Term
scareware
Definition
software that is often malicious and of little or no benefit that is sold using scare tactics
Term
Trojan horse
Definition
a set of malicious computer instructions in an authorized and otherwise properly functioning program
Term
steganography programs
Definition
hide data files inside a host file, such as a large image or sound file
Term
superzapping
Definition
the unauthorized use of special system programs to bypass regular system controls and perform illegal acts, all without leaving an audit trail
Term
virus
Definition
segment of self-replicating, executable code that attaches itself to a file or program
Term
worm
Definition
like a virus, except worms harm networks instead of infecting files or data on a targeted computer.

Code Red Worm used a buffer-overflow to exploit a hole in Microsoft's Internet Information Services
Term
bluesnarfing
Definition
stealing contact lists, images, and other data using bluetooth
Term
bluebugging
Definition
taking control of someone else's phone to make or listen to calls, send or read text messages, connect to the internet, forward the victims calls, and call numbers that charge fees
Supporting users have an ad free experience!