click below
click below
Normal Size Small Size show me how
BI12: 6.01
Term | Definition |
---|---|
Hacker (attacker) | Terms for individuals who have the skills to gain access to computer systems through unauthorized or unapproved means |
Cracker | Refers to an individual who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems. |
White hat | A hacker who discovers and exposes security flaws in applications and operating systems so that manufacturers can fix them |
Black hat | A hacker who discovers and exposes security vulnerabilities for financial gain or for some malicious purpose. |
Malware | Any unwanted software that has the potential to damage a system, impede performance, or create a nuisance condition |
Virus | A piece of code that spreads from one computer to another by attaching itself to other files |
Worm | A piece of code that spreads from one computer to another on its own, not by attaching itself to another file. |
Trojan horse | A malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. |
Logic bomb | A piece of code that sits dormant on a target computer until it is triggered by a specific event, such as a specific date. |
Spyware | Secretly installed malicious software with a keylogger that is intended to track and report the usage of a target system |
Adware | Software that automatically displays or downloads advertisements when it is used |
Rootkit | Code that is intended to take full or partial control of a system at the lowest levels |
Spam | An email-based threat that presents various advertising materials, promotional content, or get-rich-quick schemes to users. |
Ransomware | Malicious software that prevents you from using your computer. It usually displays a message stating that you must pay a fee |
Social engineering attack | A type of attack that uses deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines. |
Shoulder surfing | A human-based attack where the goal is to look over the shoulder of an individual as he or she enters password information or a PIN. |
Spoofing | A human-based or software-based attack where the goal is to pretend to be someone else for the purpose of identity concealment. |
Impersonation | This is a human-based attack where an attacker pretends to be someone he is not. |
Hoax | An email-based or web-based attack that is intended to trick the user into performing undesired actions |
Phishing | The attacker sends an email that seems to come from a respected bank or other financial institution |
Vishing | the goal is to extract personal, financial, or confidential information from the victim by using services such as the telephone system |
Whaling | This is a form of phishing that targets individuals who are known to possess a good deal of wealth |
Spim | An Internet messaging (IM)-based attack similar to spam that is propagated through IM instead of through email. |
Dumpster diving | A term that can refer to physically going through trash cans and dumpsters to look for passwords, |
Password attack | Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately. |
Guessing | A guessing attack is the simplest type of password attack and involves an individual making repeated attempts to guess a password |
Stealing | Passwords can be stolen by various means, including sniffing network communications, reading handwritten password notes |
Dictionary attack | A dictionary attack automates password guessing by comparing encrypted passwords against a predetermined list of possible password values. |
Brute force attack | A type of attack in which the attacker uses password-cracking software to attempt every possible password combination. |
Hybrid password attack | Utilizes multiple attack vectors including dictionary, brute-force, and other attack methodologies when trying to crack a password. |