89 terms

Chapter 11 Computer Security

Computer Security and Safety, Ethics, and Privacy
STUDY
PLAY
Computer Security Risk
any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability
Cybercrime
any online or Internet-based illegal act
Crimeware
software used by cybercriminals
Hacker
refers to a person that access a computer or network illegally
Cracker
also a hacker but has intent of destroying data, stealing information, or some other malicious action
Script kiddie
same intention as hacker but does not have the technical skills and knowledge. Basically uses previous written cracker code or programs
Corporate Spies
Hired to break into specific computer and steal proprietary data and information or to help identify risk in their own system
Unethical Employees
break into employer system to exploit weakness or seek financial gains. Disgruntled employee may want revenge
Cyberextrotionist
a person that uses email as their vehicle for extortion to get paid money to remove an attack that compromise that organization network
Cyberterrorist
a person that uses the internet to destroy or damage computers for political reasons like the air traffic control towers, electrical plants or telecommunication infrastructure
Computer Virus
Affects a computer negatively by altering the way the computer works
Worm
Copies itself repeatedly, using up resources and possibly shutting down the computer or network
Trojan Horse
A malicious program that hides within or looks like a legitimate program
Rootkit
Program that hides in a computer and allows someone from a remote location to take full control
Piggybacking
Type of malware that spread when you distribute infected files, especially as e-mail attachments
payload
a destructive event or prank the program is intended to deliver
Online Security Service
Web site that evaluate your computer to check for Internet and e-mail vulnerabilities
malware
Common form of computer viruses, worms, Trojan Horses, and rootkits
Virus hoax
a email warning uses of a nonexisting virus or other malware
Botnet
a group of compromised computers connected to a network
Denial of service attack (DoS attack)
disrupts computer access to Internet services network.
Back Door
a program or set of instructions in a program that allow users to bypass security controls
Spoofing
a technique intruders use to make their network or Internet transmission appear legitimate
Identiy Theft
Occurs when thieves steal your personal information and use it to commit crimes
Spyware
software secretly installed on network computer that tracks and transmit personal data without your knowledge or permission
Adware
Displays unwanted advertisements in banners or pop-ups on your computer
Bot
Computer taken over by hackers program to perform malicious task across a network
Phishing
E-mail scam that tricks you into revealing personal information
Firewall
A compromised computer is known as
zombie
hardware and/or software that protects a network's resources from intrusion by constantly monitoring all transmission to and from the computer
Authentication
method used to verify the identify of computer user
Identification
verifies that an individual is a valid user
Unauthorized access
the use of a computer or network without permission
Unauthorized use
the use of a computer or its data for unapproved or possibly illegal activities
Honeypot
Vulnerable computer that is set up to entice an intruder to break into it
User name
user ID is a unique combination of characters
Password
private combination of characters associated with the user
Passphrase
private combination of words often mixed with capitalization and punctuation
CAPTChA
test to tell computers and Humans Apart
Biometric device
authenticates a person's identity by translating a personal characteristic into a digital code that is compared with a digital code in a computer
Personal identification number (PIN)
a numeric password, either assigned by a company or selected by user
Hardware theft
the act of stealing computer equipment
Hardware vandalism
the act of defacing or destroying computer equipment
Software theft
act of stealing media, erasing programs, or making illegal program copies
License agreement
the right to use protected software
White Hat
Type of hacker that show off skills and don't intend any serious damage but to find security holes
Black Hat
Type of hacker who intends serious harm through espionage, theft, or disruption of a network
Information theft
occurs when someone steals personal or confidential information
Encryption
a process of converting readable data into unreadable characters to prevent unauthorized access
https://
Indicated that a web site is secure for shopping or banking
Money transfer
One secure method of online payment
Personal Login Information
Data often requested from a phishing site or message
WiFi
Public network that leaves data vulnerable
Weak computer or network protection
permits hackers to intercept transaction data
Digital signature
an encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the sender
Digital Certificates
a notice that guarantee a user or web site is legitimate
Secure HTTP
an encryption scheme for data that passes between a client and a server
VPN (virtual private network)
provides private the mobile user with a secure connection to the company network server
Clear privacy and return policies
Things to look for in a secure shopping site
Transport Layer Security (TLS)
provide encryption of all data that passes between client and Internet server
Components of an online profile
Details about an individual that are combined from online and offline behaviors, including comments, postings, likes and shares, and online coupons
Report abuse quickly
first step to take when being cyberbullied or cyberstaked
Netiquette
a set of online communication practices and rules
Identity theft
The nation's faster growing crime, where victims are unaware it's being committed until the damage is done
Driver's license, birth certificate
Items an identity thief can obtain to impersonate you
Information contained in a cookie
User preference, history, logon information
Social Security number, account numbers
Information useful to an identify thief who wants to assume your identify
Result of having a damage credit score
inability to get loans, insurance, and credit
Things never really deleted from the Internet
Post, tweets, messages, photos, videos, comments, and status
Cyberstalking
Using Web technologies to harass or threaten someone
Repetitive strain injury (RSI)
an injury or disorder of the muscles, nerves, tendons, ligaments, and joints
Tendonitis
inflammation of a tendon due to repeated motion or stress on that tendon
Carpal tunnel syndrome (CTS)
inflammation of the nerve that connects the forearm to the palm of the wrist
Computer addiction
occurs when the computer consumes someone's entire social life
Computer ethics
the moral guidelines that govern the use of computers and information systems
Intellectual property rights
the rights to which creators are entitled for their work
copyright
protects any tangible form of expression
IT code of conduct
a written guideline that helps determine whether a specific computer action is ethical or unethical
Spam
an unsolicited e-mail message or newsgroup posting
E-mail filtering
blocks e-mail messages from designated sources
Anti-spam programs
attempt to remove spam before it reaches your inbox
Pharming
a scam where a perpetrator attempts to obtain your personal and financial information via spoofing (redirecting you to a phony web site)
Social engineering
defined as gaining unauthorized access or obtaining confidential information by taking advantage of trust and naivety
Employee monitoring
involves the use of computers to observe, record, and review an employee's use of a computer
Content filtering
the process of restricting access to certain material on the Web
Web filtering software
restricts access to specified Web sites
Fair Credit Reporting Act
limits the rights of others viewing a credit report to only those with a legitimate business need
Green computing
involves reducing the electricity and environmental waste while using a computer
Information privacy
refers to the right of individuals and companies to deny or restrict the collection and use of information about them
YOU MIGHT ALSO LIKE...