Term
|
Definition
| A specific and fail-safe solution that acts quickly to solve a serious IT security problem. |
|
|
Term
|
Definition
| A device that connects to a remote system through the internet to provide remote access to serial ports over TCP/IP so that administrators can access the remote system as if it were connected to the local network. These are commonly used by infrastructure control and traffic systems. |
|
|
Term
|
Definition
| Attacks that utilize many multiple computers against a single server or network. DDoS is an example of this. |
|
|
Term
|
Definition
| This is the concept of allowing employees to bring their own personal devices to work and connect them to the company network. This often poses security risks for the network. |
|
|
Term
|
Definition
| The goal to be free from danger and the process that achieves that freedom. |
|
|
Term
|
Definition
| The task of securing information that is stored in a digital format. |
|
|
Term
Confidentiality - Ensures that only authorized parties can view the information.
Integrity - Ensures that the information is correct and no unauthorized person or software has altered the data.
Availability - Ensures that data is accessible for the authorized users.
(Sometimes CIAS is used - the "S" stand for Safety referring to physical security) |
|
Definition
|
|
Term
Authentication - Ensures that the individual is who they claim to be.
Authorization - Provides permission for authenticated users to access specific technology resources.
Accounting - Provides tracking of events. |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| A type of action that has the potential to cause harm. |
|
|
Term
|
Definition
| An element that has the power to carry out a threat. |
|
|
Term
|
Definition
| A flaw or weakness that allows a threat agent to bypass security. |
|
|
Term
|
Definition
| The means by which an attack can occur. |
|
|
Term
|
Definition
| The probability that a threat will cause an attack to occur. |
|
|
Term
|
Definition
| A situation that involves exposure to some type of danger. |
|
|
Term
|
Definition
| Identifying a risk but making the decision of avoiding the cause of the potential risk. |
|
|
Term
|
Definition
| Acknowledging a risk but taking no action to address the issue. |
|
|
Term
|
Definition
| Taking action in order to make a risk less serious. |
|
|
Term
|
Definition
| The action of understanding something about the attacker in order to threaten them. |
|
|
Term
|
Definition
| Action taken to transfer a risk to a third party. |
|
|
Term
|
Definition
| Crime that involves stealing another person's personal information and using it for the thief's own gain. |
|
|
Term
|
Definition
| Law that forbids the health information of an individual from being disclosed without the patient's permission. |
|
|
Term
|
Definition
| A legal attempt to fight corporate corruption. It forbids false financial reports. |
|
|
Term
|
Definition
| Law that requires financial institutions to alert customers of their policies in disclosing customer information. |
|
|
Term
|
Definition
| Set of security standards that all companies that process, store, or transmit credit card information must follow. |
|
|
Term
|
Definition
| Any premeditated politically motivated attack against information, computer systems and programs, and other data which results in violence. |
|
|
Term
|
Definition
| Attackers who violate computer security for personal gain or to inflict malicious damage. |
|
|
Term
|
Definition
| Ethical attackers who attempt to check a system for security vulnerabilities in order to provide that information to the owner of the system. |
|
|
Term
|
Definition
| Attacker who attempts to break into a computer system without the organization's permission in order to disclose their vulnerability to the public. |
|
|
Term
|
Definition
| Targeted attack for financial gain or the gain of information. |
|
|
Term
|
Definition
| Individuals who want to attack systems but lack the knowledge needed to do so, and so they rely on automated software such as exploit kits to do the attacks for them. |
|
|
Term
|
Definition
| Individuals who sell their knowledge of vulnerabilities. |
|
|
Term
|
Definition
| Individual associated with a company who carries out an attack on that company. |
|
|
Term
|
Definition
| Attackers who launch their attacks in order to make a political or ideological statement. |
|
|
Term
|
Definition
| A process followed by an attacker who attempts to break into a system. The steps are: Reconnaissance, Weaponization, Delivery, Exploitation, Installation, Command and Control, and Actions on Objectives. |
|
|
Term
|
Definition
| Security tactic that involves implementing multiple defenses against attackers in order to protect against different types of attacks. This involves Limiting, Diversity, Obscurity, and Simplicity. |
|
|
Term
|
Definition
| A software that enters a computer system and performs an unwanted action without the users knowledge or consent. |
|
|
Term
|
Definition
| Malware that changes its code to one of a number of possible predefined set mutations when it is executed. |
|
|
Term
|
Definition
| Malware that completely changes from its original form when it is executed. |
|
|
Term
|
Definition
| Malware that can rewrite its own code and appears different each time it is executed. |
|
|
Term
Circulation - The trait of spreading rapidly in order to impact a large number of users.
Infection - The trait of malware embedding itself into some aspect of the system.
Concealment - The trait of avoiding detection by concealing the malware's presence from scanners.
Payload - The primary focus of the malware. Common payloads may be actions taken to steal information, delete data or otherwise harm the system, or reducing system security. |
|
Definition
| The four traits of malware? |
|
|
Term
|
Definition
| A malicious code that reproduces itself on a computer and causes harm. |
|
|
Term
|
Definition
| A virus that infects an executable file. |
|
|
Term
|
Definition
| A virus that infects a common data file type such as DOCX. |
|
|
Term
|
Definition
| A malicious program that uses a network to replicate and spread onto multiple systems. |
|
|
Term
|
Definition
| The means by which a virus is delivered onto a computer system. |
|
|
Term
|
Definition
| An malicious executable program that is disguised as a benign program. |
|
|
Term
|
Definition
| Malicious software that alters or replaces system files, the operating system itself, or the boot sector, and takes actions in order to hide itself, in order to perform a harmful attack. |
|
|
Term
|
Definition
| Advertising content that is unwanted by the user and that can possibly contain malware. |
|
|
Term
|
Definition
| Prevents a user's device from properly operating until a certain demand is met (usually used for financial gain or the gain of information). |
|
|
Term
|
Definition
| Malware that gives access to a computer, program, or system service and circumvents normal security protection. |
|
|
Term
| Command and Control (C&C/C2) |
|
Definition
| Instructions from malware infections to zombie computers on a botnet. |
|
|
Term
|
Definition
| Means of gathering information by exploiting human weaknesses. These methods include Authority, Intimidation, Consensus, Scarcity, Urgency, Familiarity, and Trust. |
|
|
Term
|
Definition
| Sending an email or other online message that falsely claims to be a legitimate source in order to trick the user into sending private information. |
|
|
Term
|
Definition
| Attack that is performed by redirecting a user to a fake website in order to convince them to enter private information. |
|
|
Term
|
Definition
| Phishing attacks targeted toward specific wealthy or otherwise notable individuals. |
|
|
Term
|
Definition
| Phishing attack carried out by calling the victim. |
|
|
Term
|
Definition
| False warning used to reduce the user's security measures. |
|
|
Term
|
Definition
| Malicious attack carried out by convincing a user to go to a fake website whose URL is a misspelling of another popular website. |
|
|
Term
|
Definition
| Attack directed toward a small group of individuals who tend to go to the same specific website. |
|
|
Term
|
Definition
| Physically following an individual in order to gain access to private information or resources. |
|
|
Term
|
Definition
| Watching an individual view private information in order to steal that knowledge. |
|
|
Term
|
Definition
| Attack that exploits previously unknown vulnerabilities and the user no time to defend. This type of attack is common in new software versions. |
|
|
Term
| Cross-Site Scripting (XSS) |
|
Definition
| A type of attack that injects its code via an exploit in the existing scripts of a web server, and directs the attack toward the web server's clients. |
|
|
Term
|
Definition
| An attack that targets SQL servers by introducing malicious code into their databases. |
|
|
Term
|
Definition
| Taking advantage of a web server vulnerability to move from the root directory to restricted directories. |
|
|
Term
|
Definition
| Attacks that compromise servers and/or their clients by targeting vulnerabilities in web applications used by the client. |
|
|
Term
|
Definition
| Cookie that originates from the website that the user is currently viewing. |
|
|
Term
|
Definition
| Cookie that originates from a website that has content such as advertising on the website that the user is currently viewing. |
|
|
Term
|
Definition
| Cookie that is stored in RAM and only exists while the user is viewing the website. |
|
|
Term
| Persistent Cookie/Tracking Cookie |
|
Definition
| Cookie that remains on the hard drive of the user's computer after the browser is closed and is never automatically deleted. |
|
|
Term
| Flash Cookie/Locally Shared Object (LSO) |
|
Definition
| Cookie that comes from certain web applications such as Adobe Flash. These cookies contain different types of content besides text, and can store up to 100KB of data. |
|
|
Term
|
Definition
| Random string assigned to the user's current session. |
|
|
Term
|
Definition
| Attack in which an attacker attempts to impersonate a user by using their session token. |
|
|
Term
|
Definition
| Attack that occurs when a process attempts to store data in RAM beyond the boundaries of a fixed-length storage buffer, causing the buffer to overflow to a new address pointing to the attacker's code. |
|
|
Term
|
Definition
| Attack that occurs by changing the value of a variable to something outside a program's intended range. |
|
|
Term
| Arbitrary/Remote Code Execution Attack |
|
Definition
| Attack that, once the attacker's code has been injected into the victim's computer, allows the attacker to remotely control the computer. |
|
|
Term
| Distributed Denial of Service (DDoS) Attack |
|
Definition
| Attack that uses many computers to flood a system with requests in order to prevent authorized users from accessing that system. |
|
|
Term
|
Definition
| Denial of service attack that uses ping (ICMP) to flood a server with requests in order to prevent users from accessing the server. |
|
|
Term
|
Definition
| The impersonation of another device. |
|
|
Term
|
Definition
| Attack in which an attacker poses as the victim's device and sends requests to many other devices on the network in order to crash the victim's device. |
|
|
Term
|
Definition
| Attack that takes advantage of the SYN/ACK process of a user's session. The attacker sends IP packets containing false source addresses to the server, causing the server to continue to listen for requests that do not exist. This exhausts the servers resources and impairs its ability to function properly. |
|
|
Term
|
Definition
| Attack in which the attacker intercepts communication between computers in a way that the computers cannot recognize the attacker's presence while the attacker is capturing information from their communication. The attacker does this either to steal the information (passive attack) or to modify the information before it is sent to the other party (active attack). |
|
|
Term
|
Definition
| Attack that involves the attacker making a copy of a communication containing certain confidential information such as a user's logon session. The copy is later used by an attacker to take advantage of that information. |
|
|
Term
|
Definition
| Attack that modifies a MAC address in an ARP cache to point to a different computer. |
|
|
Term
|
Definition
| Attack that modifies a DNS address on either the local host table or the external DNS server, so that the user will be redirected to a different website. |
|
|
Term
|
Definition
| Exploiting a vulnerability in a software to gain access to resources that the user would normally be restricted from accessing. |
|
|
Term
|
Definition
| An attack that exploits the trust relationship between three parties. |
|
|
