Upgrade to remove ads
1.6 System Security
Terms in this set (32)
The overall term for all types of 'malicious software'.
Malicious software that attaches itself to programs or files on a computer or server. It can causes documents/programs to be corrupted or deleted.
Malicious software that copies itself in order to spread to other computers. Unlike a virus, it does not need to attach to a program.
Malicious software that is designed to access a computer by misleading users of its intent.
People are the 'weak point' in computer systems. Criminals use our weaknesses as a way of spreading viruses or stealing information.
Emails sent pretending to be from genuine companies trying to steal data.
brute force attacks
A trial and error method used for gaining access to password based entry systems.
denial of service attacks (DOS)
When a website is overloaded with unwanted traffic from a single source trying to stop the website from working..
data interception and theft
Data travels across networks in packets. Packets can be intercepted
If packets are encrypted, they cannot be read without a key.
Where an attacker uses SQL wildcards on website user input boxes to try to gain access to the databases behind the website.
Involves the examination of data sent across a network. Looking for unusual patterns or times of high network traffic.
Inspecting information packets as they travel around networks
Professional hacking to identify and repair network vulnerabilities.
Software with the aim of preventing malware from entering the system.
Part of a computer system that is designed to block unauthorized access from outside the network
A set of policies that govern how a network is managed and used.
user access levels
Controls what files or areas of the network different groups of users can access.
Typically a string of characters used to gain access to a service or system.
Can be used in addition to 'standard' password entry e.g. retina scan, fingerprint, voice, facial recognition.
A password that contains a specific amount of characters with mixed cases and often requires letters and numbers.
Process of converting readable data into unreadable characters to prevent unauthorised access.
A type of Malware that locates and saves data from users without them knowing about it.
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
A test created by software developers that the visitor must pass before continuing to register or enter a website; designed to thwart software bots.
Two factor authentication
Validating user identity with two means of identification - usually a password and a code sent to a smartphone.
automatic software updates
A method of keeping software up-to-date so that any security holes can be removed
distributed denial of service attacks (DDOS)
Use of numerous computers to launch a DOS
Acceptable Use Policy (AUP)
A policy that defines the actions users may perform while accessing systems and networking equipment.
Disaster Recovery Policy
A policy to minimise the impact of network failure - either through criminal actions or natural disasters.
A written policy detailing the frequency of backups and the location of the storage used.
A written policy detailing the process of reconstructing a system or switching over to other systems when a failure is detected.
A written policy detailing what data will be kept by an organisation and for how long after it is no longer being used.
YOU MIGHT ALSO LIKE...
IS 3003 Chapter 8
MTA Security Fundamentals 98-367 Study Guide
Information Technology Chapter 9
Chapter 10 security
OTHER SETS BY THIS CREATOR
2.2 Programming Techniques
2.4 Computational Logic
2.6 Data Representation
2.3 Producing Robust Programs