Upgrade to remove ads
Principles of Computer Security - Ch 15 Key Terms
Terms in this set (32)
Actions or processes used to verify the assigned privileges and rights of a user, or any capabilities used to create and maintain a record showing who accessed a particular system and what actions they performed.
A hidden method used to gain access to a computer system, network, or application. Often used by software developers to ensure unrestricted access to the systems they create. Synonymous with trapdoor.
A form of attack in which the attack needs to match not a specific item but just one of a set of items.
A term for a collection of software robots, or bots, that runs autonomously and automatically and commonly invisibly in the background. The term is most often associated with malicious software, but it can also refer to the network of computers using distributed computing software.
A specific type of software coding error that enables user inputs to overflow the allocated storage area and corrupt a running program.
Denial-of-service (DoS) attack
An attack in which actions are taken to deprive authorized individuals from accessing a system, its resources, the data it stores or processes, or the network to which it is connected.
Distributed denial-of-service (DDoS) attack
A special type of DoS attack in which the attacker elicits the generally unwilling support of other systems to launch a many-against-one attack.
The use of a DNS record during the payment grace period without paying.
Drive-by download attack
An attack on an innocent victim machine where content is downloaded without the user's knowledge.
An error condition caused by the mismatch between a variable assigned storage size and the size of the value being manipulated.
A form of malicious code or software that is triggered by a specific event or condition. See also time bomb.
A class of software that is designed to cause harm.
Any attack that attempts to use a network node as the intermediary between two other nodes. Each of the endpoint nodes thinks it is talking directly to the other, but each is actually talking to the intermediary.
The way in which Microsoft Windows represents an unauthenticated connection.
The use of a fake web site to socially engineer someone out of credentials.
The use of social engineering to trick a user into responding to something such as an e-mail to instantiate a malware-based attack.
Malware that encrypts sensitive files and offers their return for a ransom.
An attack where data is replayed through a system to reproduce a series of transactions.
A form of malware that modifies the OS in a system to change the behavior of the system.
A number within a TCP packet to maintain TCP connections and conversation integrity.
A method of generating significant numbers of packets for a DoS attack.
The use of a software or hardware device (sniffer) to observe network traffic as it passes through a network on a shared broadcast media.
A form of targeted phishing where specific information is included to convince the recipient that the communication is genuine.
Making data appear to have originated from another source so as to hide the true origin from the recipient.
Malware designed to spy on a use, typically recording information such as keystrokes for passwords.
A method of performing DoS by exhausting TCP connection resources through partially opening connections and letting them time-out.
An attack where the attacker intercepts and hijacks an established TCP connection.
A form of malicious code that appears to provide one service (and may indeed provide that service) but also hides another purpose. This hidden purpose often has a malicious intent. This code may also be referred to as a Trojan horse.
An attack form that involves capitalizing upon common typo errors.
A form of malicious code or software that attaches itself to other pieces of code in order to replicate. Viruses may contain a payload, which is a portion of the code that is designed to execute when a certain condition is met (such as on a certain date). This payload is often malicious in nature.
An independent piece of malicious code or software that self-replicates. Unlike a virus, it does not need to be attached to another piece of code. A worm replicates by breaking into another system and making a copy of itself on this new system. A worm can contain a destructive payload but does not have to.
A machine that is at least partially under the control of a botnet.
THIS SET IS OFTEN IN FOLDERS WITH...
Computer Security: Principles and Practice, 4th Ed…
Principles of Computer Security (Exam 1 Terms)
Chapter 5 - Database Security (Computer Security:…
Principles of Computer Security (Exam 2 Terms)
YOU MIGHT ALSO LIKE...
Security Plus: Chapter 2
CSCI 3200 Final
uCertify Chapter 9 Cards
Security+ Chapter 15
OTHER SETS BY THIS CREATOR
Chapter 10 Key Terms
Chapter 9 Key Terms
Chapter 8 Key Terms
Chapter 7 Key Terms