Advertisement Upgrade to remove ads

Physical Security

to protect physical items, objects, or areas from unauthorized access and misuse

personnel security

to protect the individual or group of individuals who are authorized to access the organization and its operations

operations security

to protect communication media, technology, and content

network security

to protect networking components, connections, and other contents

information security

to protect the confidentiality, integrity, and availability of information assets, whether in storage, processing, or transmission

Access

a subject or object's ability to use, manipulate, modify, or affect another subject or object

Asset

the organizational resource that is being protected

Attack

An intentional or unintentional act that can cause damage to or otherwise compromise information and/or the systems that support it

Risk

the probability that something unwanted will happen

risk appetite

the quantity and nature of risk the organization is willing to accept

Vulnerability

a weakness or fault in a system or protection mechanism that opens it to attack or damage

utility

quality or state of having value for some purpose or end

possession

the quality or state of ownership or control

Information system

more than the hardware: it is the entire set of software, hardware, data, people, procedures, and networks that make possible the use of information resources in the organization

Systems development life cycle

a methodology for the design and implementation of an information system

trojan horse

software programs that hide their true nature and reveal their designed behavior only when activated

back door/ trap door

allows the attacker to access the system at will with special privileges

polymorphic threat

one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for reconfigured signatures

spike

momentary increase

surge

a prolonged increase

Hackers

people who use and create computer software [to] gain access to information illegally

malicious code

attack includes the execution of viruses, worms, trojan horses, and active web scripts with the intent to destroy or steal information

bot

an automated software program that executes certain commands when it receives specific input

spyware

any technology that aids in gathering information about a person or organization without their knowledge

adware

any software program intended for marketing purposes such as that used to deliver and display advertising banners or pop ups to the user's screen or tracking the user's online usage or purchasing activity

brute force attack/ password attack

the application of computing and network resources to try every possible password combination

distributed denial-of-service (DDoS)

an attack in which a coordinated stream of requests is launched against a target from many locations at the same time

Zombies

machines that are directed remotely (usually by a transmitted command) by the attacker to participate in the attack

spoofing

technique used to authorize access to computers, wherein the intruder sends messages with a source IP address that has been forged to indicate that the message are coming from a trusted host

man in the middle (TCP hijacking attack)

an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network

pharming

the redirection of legitimate web traffic to an illegitimate site for the purpose of obtaining private information

buffer overrun

an application error that occurs when more data is sent to a program buffer than it is designed to handle

firewall

an information security program that prevents specific types of information from moving between the outside world ( untrusted network) and the inside network( trusted network)

address restrictions

rules designed to prohibit packets with certain addresses or partial addresses from passing through the device

reverse firewalls

primary purpose is to restrict internal access to external material

kerberos

uses symmetric key encryption to validate an individual user to various network resources

virtual Private networks

a private and secure connection between systems that uses the data communication capability of an unsecured and public network

intrusion

occurs when an attacker attempts to gain entry into or disrupt the normal operations of an information system

intrusion prevention

activities that deter an intrusion

intrusion detection

procedures and systems that identify system intrusions

Intrusion reaction

encompasses the actions an organization takes when an intrusion is detected

intrusion correction

finalize the restoration of operations to a normal state and seek to identify the source and method of the intrusion in order to ensure that the same type of attack cannot occur again

central IDPS control strategy

all IDPS control functions are implemented and managed in a central location

fully distributed IDPS control strategy

all control functions are applied at the physical location of each IDPS component

partially distributed IDPS control strategy

still analyze and respond to local threats, their reporting to a hierarchical central facility enables the organization to detect widespread attacks

honey pots

decoy systems designed to lure potential attackers away from critical systems

honeynet

collection of honey pots

Trap-and-trace

use a combination of techniques to detect an intrusion and then trace it back to its source

enticement

is an act of attracting attention to a system by placing tantalizing information in key locations-legal

entrapment

the act of luring an individual into committing a crime to get a conviction-illegal

footprinting

organized research of the internet address owned or controlled by a target organization

fingerprinting

systematic survey of all of the target organization's internet address

active vulnerability scanners

scan networks for highly detailed information. An active scanner is one that initiates traffic on the network in order to determine security holes

passive vulnerability scanner

one that listens in on the network and determines vulnerable versions of both server and client software

packet sniffer

a network that collects copies of packets from the network and analyzes them

biometric access control

based on the use of some measurable human characteristic or trait to authenticate the identity of a proposed system user

false reject rate

the percentage of supplicants who are in fact authorized users but are denied access

false accept rate

the percentage of supplicants who are unauthorized users but are granted access

crossover error rate

the level at which the number of false rejections equals the false acceptance

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set