Upgrade to remove ads
Only $2.99/month

1.6 System Security

Key Concepts:

Terms in this set (32)

malware
The overall term for all types of 'malicious software'.
viruses
Malicious software that attaches itself to programs or files on a computer or server. It can causes documents/programs to be corrupted or deleted.
worms
Malicious software that copies itself in order to spread to other computers. Unlike a virus, it does not need to attach to a program.
Trojan horse
Malicious software that is designed to access a computer by misleading users of its intent.
social engineering
People are the 'weak point' in computer systems. Criminals use our weaknesses as a way of spreading viruses or stealing information.
phishing
Emails sent pretending to be from genuine companies trying to steal data.
brute force attacks
A trial and error method used for gaining access to password based entry systems.
denial of service attacks (DOS)
When a website is overloaded with unwanted traffic from a single source trying to stop the website from working..
data interception and theft
Data travels across networks in packets. Packets can be intercepted
If packets are encrypted, they cannot be read without a key.
SQL injection
Where an attacker uses SQL wildcards on website user input boxes to try to gain access to the databases behind the website.
network forensics
Involves the examination of data sent across a network. Looking for unusual patterns or times of high network traffic.
packet sniffing
Inspecting information packets as they travel around networks
penetration testing
Professional hacking to identify and repair network vulnerabilities.
anti-malware software
Software with the aim of preventing malware from entering the system.
firewall
Part of a computer system that is designed to block unauthorized access from outside the network
network policies
A set of policies that govern how a network is managed and used.
user access levels
Controls what files or areas of the network different groups of users can access.
passwords
Typically a string of characters used to gain access to a service or system.
biometrics passwords
Can be used in addition to 'standard' password entry e.g. retina scan, fingerprint, voice, facial recognition.
strong passwords
A password that contains a specific amount of characters with mixed cases and often requires letters and numbers.
encryption
Process of converting readable data into unreadable characters to prevent unauthorised access.
spyware
A type of Malware that locates and saves data from users without them knowing about it.
adware
A software program that delivers advertising content in a manner that is unexpected and unwanted by the user.
captcha
A test created by software developers that the visitor must pass before continuing to register or enter a website; designed to thwart software bots.
Two factor authentication
Validating user identity with two means of identification - usually a password and a code sent to a smartphone.
automatic software updates
A method of keeping software up-to-date so that any security holes can be removed
distributed denial of service attacks (DDOS)
Use of numerous computers to launch a DOS
Acceptable Use Policy (AUP)
A policy that defines the actions users may perform while accessing systems and networking equipment.
Disaster Recovery Policy
A policy to minimise the impact of network failure - either through criminal actions or natural disasters.
Backup Policy
A written policy detailing the frequency of backups and the location of the storage used.
Failover Policy
A written policy detailing the process of reconstructing a system or switching over to other systems when a failure is detected.
Archive Policy
A written policy detailing what data will be kept by an organisation and for how long after it is no longer being used.
YOU MIGHT ALSO LIKE...

IS 3003 Chapter 8

30 terms
w0205800

MTA Security Fundamentals 98-367 Study Guide

129 terms
Robin_Schmidt83

Information Technology Chapter 9

31 terms
stephanie_dallara

Chapter 10 security

76 terms
willie_taylor1997