Study sets, textbooks, questions
Upgrade to remove ads
CSP - 2.3 Security and Cryptography
Terms in this set (54)
Undesired software intended to advertise product to the user.
Software that searches for code snippets known to be contained in malware; these code snippets are listed in a definitions file that must be updated to include new malware.
Association for Computing Machinery (ACM)
The leading professional organization for computing specialists.
Black-Hat Penetration Testing
Testing the vulnerability of a network without written permission; permanently excludes a person from penetration testing professions.
Blacklist and Whitelist
A list of addresses, ports, or applications that should be denied (blacklist) or allowed (whitelist) by a firewall, spam filter, or other software.
Malware that "calls home" to a command and control center for further instructions after it infects a computer.
Brute Force Attack
An attack on passwords or encryption that tries every possible password or encryption key.
A problem is computable if an algorithm can be used to solve it; uncomputable problems might cause any algorithm solving the problem to go on forever.
Computer Emergency Readiness Team (CERT)
Though the acronym is used by many organizations, CERT began at Carnegie Mellon University and continues there as the CERT Coordination Center (CERT/CC); the Department of Homeland Security uses the acronym US-CERT and now issues the official weekly CERT Bulletins summarizing new vulnerabilities.
A function like f(x) = y = 5 that is the same regardless of the independent variable; graph is horizontal line.
Routine practices that protect against data loss and cyber intrusion.
Denial of Service (DoS) Attack
Preventing a target from fulfilling its intended function, typically by keeping the target busy or causing it to crash.
Distributed Denial of Service (DDoS) Attack
Many computers collaborate to shut down a target, usually by keeping it busy or overwhelming it with incoming requests.
Describes how quickly an algorithm executes.
How quickly an algorithm executes, measured by timing the execution with a clock.
To obtain a list. Attackers often try to enumerate usernames or open ports on a machine, or IP addresses in a network; countered by obscurity.
Escalation of Privileges
A strategy for a cyber intruder, using whatever access has been gained to gain additional access to data or processing power.
A method to take advantage of vulnerability by delivering input to gain unintended access or deny service.
A function like f(x) = y = 2xthat has the independent variable in the exponent; exponential functions will always "outpace" polynomial functions.
Software or hardware that limits network traffic based on the packets' source and destination address and port and/or source and destination application on a computer.
Figuring out ways to use hardware and software that was unintended by the engineers who created it, usually used in the context of cybersecurity.
A pair of functions that, when performed one after another, return to the starting data.
Malware that detects and reports keystrokes.
A function like f(x) = y = 3x + 4 that has an x-term and a constant term; graph is a line.
The broadest category of software installed or intended to be installed on a target computer, with an intentional negative effect.
Unintentional variation in data, contrasted with signal, which is the variation between one data set and another data set collected under intentionally different circumstances for comparison.
Protecting a computer by hiding details like software version number.
A function like multiplying two large prime numbers that takes a small amount of time to compute an output from an input but a large amount of time to recover an input from the output.
Open Data Movement
A movement to make raw data available to users in standardized formats so that third parties can create applications that link to the data for users to consume.
P and NP Problems
P problems can be solved in polynomial time; solutions to NP problems can be verified in polynomial time, but it is unknown if that implies they can be solved in polynomial time.
An update to software that repairs one or more bugs, often including security vulnerabilities.
Malware delivered by social engineering and/or by exploiting vulnerability in software.
Professional hacking to access data and computing power without being granted access; professional pen-testers are hired to identify and repair vulnerabilities and only work once, given written permission to obtain ungranted access.
Privileges are rights granted to a user, often specific to a file or a directory, and often categorized as granting permission to read data, modify data, and/or execute data.
A function like f(x) = y = 7x^100+ 5x^34+ 12x^7+ 6 that has any number of terms in which x is raised to a power. Polynomial functions include quadratic, linear, and constant functions.
Problems can be solved in polynomial time if the time for an algorithm to solve the problem increases as a power of the bytes of the input, and not exponentially with the length of the input.
A function like f(x) = y = 5x^2+ 7x +3 that has an x^2 term but no power higher than two.
Rogue Security Software
Software that claims to detect or remove malware, adware, or spyware but actually installs it.
A tool that obtains the highest level of privilege on a device, sometimes used intentionally by a mobile device owner to override the protections installed by the service provider.
Named after inventors Rivest, Shamir, and Adelman, RSA is a system for encrypting and decrypting a message using a pair of keys, both of which contain the product of two prime numbers.
A black-hat "penetration tester" with limited computer science knowledge that uses instructions and tools from other people to exploit vulnerable computer systems.
A broad category for techniques that aim to psychologically manipulate a person's trust to gain access to data or computing resources, usually by being tricked into clicking on a link, opening a file, or answering a question.
Software that limits email traffic based on the email's content, attachments, or sender's address.
Undesired software intended to collect information, including installed software, browsing history, or keystroke logging.
How quickly an algorithm will execute, predicted by counting the number of operations that will be executed by the processor.
Describes how much more time an algorithm will need if provided a longer string of input, emphasizing the worst-case scenario and the limiting trend when the input string is long.
A problem is tractable if it can be solved in polynomial time; it is untractable if the worst-case time to execute any solution grows exponentially with the length of the input.
Software or application data that seems useful but that actually delivers a malware payload.
User Account Control
MS Windows-based methods that limit software exploitation of a user's privileges by prompting the user to confirm that they want to allow the software to continue with specific privileges.
Malware that spreads by inserting itself into files, spreading to other computers when humans move files or connect devices.
A flaw in software, including a website, a protocol, an operating system, programming languages, or hardware drivers, that allows unexpected input to gain unintended access to computing resources or to deny service to legitimate users.
A special character used in a query string pattern, matching any character or characters in search results.
Malware that spreads by sending itself to other computers.
Worst-Case Running Time
The time that an algorithm will take to execute input of a given length if the input is specially chosen to take a long time. Includes only the time for the processor to complete the algorithm with this worst-case input, and does not include variation from the processor performing unrelated tasks.
Sets with similar terms
CSE 2.3 KEYTERMS
Information Systems Chapter 3
CIS Study Guide Chapter 10
APCSP Unit 3/Unit 4
Other sets by this creator
Unit 5 - Applications of Integration
Unit 4 - Integration
MTH107 Unit 1 - Sampling and Data
Unit 3 - Applications of Differentiation