[Introduction To Computers - CSC110] Discovering Computers Ch.5 Terms

Digital Security Risk
Click the card to flip 👆
1 / 123
Terms in this set (123)
Malicious Software/MalwarePrograms that act without a user's knowledge and deliberately alter the operations of computers and mobile devices.AdwareA program that displays an online advertisement in a banner, pop-up window, or pop-under window on web pages, email messages, or other Internet services.RansomwareA program that blocks or limits access to a computer, phone, or file until the user pays a specified amount of money.RootkitA program that hides in a computer or mobile device and allows someone from a remote location to take full control of the computer or device.SpywareA program places on a computer or mobile device without the user's knowledge that secretly collects information about the user and then communicates the information it collects to some outside source while the user is online.Trojan HorseA program that hides within or looks like a legitimate program. Unlike a virus or worm, a trojan horse does not replicate itself to other computers or devices.VirusA potentially damaging program that affects, or infects, a computer or mobile device negatively by altering the way the computer or device works without the user's knowledge or permission.WormA program that copies itself repeatedly, for example in memory or on a network, using up resources and possibly shutting down the computer, device, or network.PayloadDestructive event or prank.BotnetA group of compromised computers or mobile devices connected to a network such as the Internet that are used to attack other networks, usually for nefarious purposes. (Also known as a zombie army.)ZombieA compromised computer or device whose owner is unaware the computer or device is being controlled remotely by an outsider.BotA program that performs a repetitive task on a network.Denial of Service Attack (DoS Attack)An assault whose purpose is to disrupt computer access to an Internet service such as the web or email.Distributed DoS Attack (DDoS Attack)Where a zombie army is used to attack computers or computer networks.Back DoorA program or set of instructions in a program that allows users to bypass security controls when accessing a program, computer, or network.SpoofingA technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network.IP SpoofingOccurs when an intruder computer fools a network into believing its IP address is associated with a trusted source.Email SpoofingOccurs when the sender's address or other components of an email header are altered so that it appears that the email message originated from a different sender.Online Security ServiceA web app that evaluates our computer or mobile device to check for Internet and email vulnerabilities.Computer Emergency Response Team Coordination Center (CERT/CC)A federally funded Internet security research and development center.FirewallHardware and/or software that protects a network's resources from intrusion by users on another network, such as the Internet.Proxy ServerA server outside the organization's network that controls which communications pass in and out of the organization's network. Carefully screens all incoming and outgoing messages.Personal FirewallA software firewall that detects and protects a personal computer and its data from unauthorized intrusions.Unauthorized AccessThe use of a computer or network without permission.Unauthorized UseThe use of a computer or its data from unapproved or possibly illegal activities.Acceptable Use Policy (AUP)Outlines the activities for which the computer and network may and may not be used.Access ControlA security measure that defines who can access a computer, device, or network; when they can access it; and what actions they can take while accessing it.Audit TrailRecords in a file both successful and unsuccessful access attempts.Identification/User NameLog on name, or sign in name - is a unique combination of characters, such as letters of the alphabet or numbers, that identifies one specific user. (Also known as a user ID.)PasswordA private combination of characters associated with the user name that allows access to a certain computer, mobile device, or network resources.Single Sign OnWhen you enter your user name into Microft, Google, Twitter, Facebook, etc, you automatically are signed into other accounts and services.Password ManagerA convenient service that stores all your account information securely. (Also known as password organizer.)PassphraseA private combination of words, associated with a user name that allows access to certain computer resources. Can be up to 100 characters in length, more secure than passwords, yet easier to remember because they contain words.Personal Identification NumberA numeric password, either assigned by a company or selected by a user. (Also known as passcode.)CAPTCHAA program developed at Cerneigie Mellon University that displays an image containing a series of distorted characters for a user to identify and enter in order to verify that user input is from humans not computer programs.Biometric DeviceDevice that authenticates a person's identity by translating a personal characteristic, such as a fingerprint, into a digital code that is compared with a digital code stored in a computer or mobile device verifying a physical or behavioral characteristic.Fingerprint ReaderBiometric device that captures curves and indentations of a fingerprint. (Also known as fingerprint scanner.)Lock ScreenA screen that restricts access to a computer or mobile device until a user performs a certain action.Face Recognition SystemCaptures a live face image and compares it with a stored image to determine if the person is a legitimate user.Hand Geometry SystemMeasures the shape and size of a person's hand.Voice Verification SystemCompares a person's live speech with their stored voice pattern. Larger organizations sometimes use oice verification systems as time and attendance devices.Signature Verfication SystemRecognizes the shape of your handwritten signature, as well as measures the pressure exerted and the motion used to write the signature.Biometric PaymentWhere the customer's fingerprint is read by a fingerprint reader that is linked to a payment method, such as a checking account or credit card.Two-Step VerificationA computer or mobile device uses two separate methods, one after the next, to verify the identity of a user. (Also known as two-factor verification.)Digital ForensicsThe discovery, collection and analysis of evidence found on computers and networks. (Also known as cyberforensics.)Business Software Alliance (BSA)Uses to promote understanding of software piracy. Operates a website and antipiracy hotlines around the world.Software TheftIllegal act that occurs when someone steal software media, intentionally erases programs, illegally registers and/or activates a progra or illegally copies a program.Physically Stealing SoftwareA perpetrator physically steals the media that contains the software, or steals the hardware that contains the media that contains the software.Intentionally Erasing SoftwareA perpetrator erases the media that contains the software. For example, a software developer who is terminated from a company may retaliate by removing or disabling the programs he/she haswritten from company computers.Illegal Registration/ActivationA perpetrator illegally obtains registration numbers and/or activation codes.Key Generator/KeygenCreates software registration numbers and sometimes activation codes.Illegal CopyingA perpetrator copies software from manufacturers.Software PiracyThe unauthorized and illegal duplicaion of copyrighting software.Production ActivationProcess in which users, either online or on the phone, provide the software product's identification number to associate the software with the computer or mobile device on which the software is installed.License AgreementThe right to use a program or app, which provides specific conditions for use of the software and that a user typically must accept before using the software.Network LicenseA legal agreement that allows multiple users to acces the software on the server simultaneously. Usually based on the number of users or the number of computers attached to the network.Site LicenseA legal agreement that permits users to install the software on multiple computers - usually at a volume discount.Information TheftIllegal act that occur when someone steals personal or confidential information.EncryptionThe process of converting data that is readable by humans into encoded characters to prevent unauthorized access.DecryptThe process of decoding encrypted data.PlaintextUnencrypted readable data in the encryption process.CiphertextThe encrypted (scrambles) data.Encryption Algorithm/CypherA set of steps that can convert readble plaintext into unreadable ciphertext. A Simple encryption algorithm might switch the order of characters or replace characters with other characters.Encryption KeyA set of characters that the originator of the data uses to encrypt the plaintext and the recipient of the data uses to decrypt the ciphertext.Private Key EncryptionBoth the originator the the recipient use the same secret key to encrypt and decrypt the data. (Also known as symmetric key encryption.)Public Key EncryptionUses two encryption keys: a public key and a private key. Generates both the private key and the public key. (Also known as symmetric key encryption.(Virtual Private Network (VPN)Provides the mobile user with a secure connection to the company network servr, as if the user has a private line. Help ensure the data is safe from being intercepted by unauthorized people by encrypting data as it transmits from a laptop, smartphone, or other mobile device.Digital SignatureAn encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the messge sender.Digital CertificateA notice that guarantees a user or a website is legitimate.Secure SiteA website that uses encryption techniques to secure its data.Certificate Authority (CA)An organization that issues digital certificates. A trusted third party that takes responsibility for cerifying the sender's identity before issuing a certificate.BackupA duplicate of a file, program, or media that can be used if the original is lost, damages, or destroyed.RestoreCopying backed up files to their original location on a computer or mobile device.Off-SiteIn a location seperate from where you typically store or use your computer or mobile device.Disc Burning SoftwareSoftware that writes text, graphics, audio, and video files on a recordable or rewritable disc.Full BackupCopies all of the files on media in the computer. Fastest recovery method. All files are saved. Longest backup time.Differential BackupCopies only the files that have changed since the last full backup. Fast backup method. Required minimal storage space to back up. Recovery is time-consuming because the last full backup plus the differential backup are needed.Incremental BackupCopies only the files that have changed since the last full or incremental backup. Fastest backup method. Requires minimal storage space to back up. Only most recent changes saved. Recovery is most time-consuming because the last full backup and all incremental backups since the last full backup are needed.Selective BackupUsers choose which folders and files to include in a backup. Fast backup method. Provides great flexibility. Difficult to manage individual file backups. Least manageable of all the backup methods.Continuous Data Protection (CDP)All data is backed up whenever a change is made. The only real-time backup. Very fast recovery of data. Very expensive and requires a great amount of storage.Cloud BackupFiles are backed up to the Cloud as they change. Provider maintains backup hardware. Files may be retrieved or restored from anywhere with an Internet connection and app on any device. Requires an Internet connection and app, otherwise files are marked for backup when the computer goes back online.Disaster Recovery PlanA written plan that described the steps an organization would take to restore its computer operations in the event of a disaster.Service Set Identifier (SSID)A network name.MAC Address ContorolSpecifies the computers and mobile devices that can connect to your network. It a compute or device is not specified, it will not be able to connect.Technology EthicsThe moral guidelines that govern the use of computers, mobile devices, information systems, and related technology.Intellectual Propety (IP)Unique and original works, such as ideas, inventions, art, writings processes, company and product names, and logos.Intellectual Property RightsThe rights to which creators are entitled for their work.CopyrightGives authors, artists, and other creators of original work exclusive rights to duplicate, publish, and sell their materials.Creative CommonsA nonprofit organization that allows content owners to specify how their online content can be reused, if at all, on other websites.Digital Rights Management (DRM)A strategy designed to prevent illegal distribution of movies, music, and other digital content.Code of ConductWritten guidelines that help determine whether a specific action is ethical/unethical or allowed/not allowed.ENERGY STAR ProgramDeveloped to help reduce the amount of electricity used by computers and related devices.Power Usage Effectiveness (PUE)A ratio that measures how much power entered the computer facility or data center against the amount of power required to run the computers and devices.Information PrivacyThe right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them.CookieA small text file that a web server stores on your computer.Session CookieKeeps track of items in a user's shopping cart. This way, users can start an order during one web session and finish it on another day in another session. Usually expire after a certain time, such as a week or a month.Phishing FilterCan warn or block you from potentially fraudulent or suspicious websites.ClickjackingAn object that can be tapped or clicked - such as a button, image, or link - on a website, pop-up ad, pop-under ad, or in an email message or text message contains a malicious program. When a user taps or clicks the distinguished object, a variety of nefarious events may occur. For example, the user may be redirected to a phone website that requests personal information, or a virus may download to the computer or mobile device.MadwareAdware on mobile phones, for mobile adware. Sometimes, spyware is hidden in adware.Social EngineeringScam in which perpetrators gain unauthorized access to or obtain confidential information by taking advantage of the trusting human nature of some victims and the naivety of others.Children's Internet Proection ActProtects minors from inappropriate content when accessing the Internet in schools an libraries.Children's Online Privacy Protection Act (COPPA)Requires websites to protect personal information of children under 13 years of age.Computer Abuse Amendments ActOutlaws transmission of harmful computer code, such as viruses.Digital Millennium Copyright Act (DMCA)Makes it illegal to circumvent antipiracy schemes in commercial software; outlaws sale of devices that copy software illegally.Electronic Communications Privacy Act (ECPA)Provides the same right of privacy protection of the postal delivery service and phone companies to various forms of electronic communications, such as voice mail, email, and mobile phones.Financial Modernization ActProtects consumers from disclosure of their personal financial information and requires institutions to alert customers of information disclosure policies.Freedom of Information Act (FOIA)Enables public access to most government records.Health Insurance Portability and Accountability Act (HIPAA)Protects individuals against the wrongful disclosure of their health information.Provide Appropriate Tools Required to Intercept and Obstruct Terrorism (PATRIOT)Gives law enforcement the right to monitor people's activities, including web and email habits.Privacy ActForbids federal agencies from allowing information to be used for a reason other than that for which it was collected.Content FilteringThe process of restricint access to certain material.Web Filtering SoftwareA program that restricts access to specified websites. Some also filter sites that use specific words. Others allow you to filter email messages, chat rooms, and programs.Employee MonitoringThe use of computers, mobile devices, or camera to observe, record, and review an employee's use of a technology, including communications such as email messages, keyboard activity (used to measure productivity), and websites visited.