Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
DC1-11
Chapter 11 - Computer Security and Safety, Ethics, and Privacy
| Definition | Term |
|---|---|
| Higher-level Web browser encryption protection level. | 1024-bit encryption |
| Higher-level Web browser encryption protection level. | 128-bit encryption |
| Web browser encryption protection level. | 40-bit encryption |
| Sometimes called WPA2, a network standard developed by IEEE with enhanced security for wireless communications. | 802.11i |
| Security measure that defines who can access a computer, when they can access it, and what actions they can take while accessing the computer. | access control |
| Intrusion technique in which an individual attempts to detect wireless networks via their notebook computer while driving a vehicle through areas they suspect have a wireless network. See also war driving. | access point mapping |
| Program that displays an online advertisement in a banner or pop-up window on Web pages, e-mail, or other Internet services. | adware |
| Program that attempts to remove spam before it reaches a user’s inbox. | anti-spam program |
| Program that protects a computer against viruses by identifying and removing any computer viruses found in memory, on storage media, or on incoming files. | antivirus program |
| Type of encryption that uses two encryption keys: a public key and a private key. See also public key encryption. | asymmetric key encryption |
| Computer file that records both successful and unsuccessful access attempts. | audit trail |
| Access control that verifies an individual is the person he or she claims to be. | authentication |
| Program or set of instructions in a program that allow users to bypass security controls when accessing a program, computer, or network. | back door |
| To make a copy of a file. | back up |
| Duplicate or copy of a file, program, or disk that can be used if the original is lost, damaged, or destroyed. | backup |
| Device that authenticates a person’s identity by translating a personal characteristic, such as a fingerprint, into a digital code that then is compared with a digital code stored in a computer verifying a physical or behavioral characteristic. | biometric device |
| Payment method where the customer's fingerprint is read by a fingerprint scanner that is linked to a payment method such as a checking account or credit card. | biometric payment |
| A complete power failure. | blackout |
| Program that performs a repetitive task on a network. | bot |
| Group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. See also zombie army. | botnet |
| A prolonged undervoltage. | brownout |
| Organization formed by a number of major software companies to promote a better understanding of software piracy problems and, if necessary, to take legal action. | Business Software Alliance (BSA) |
| Completely Automated Public Turing test to tell Computers and Humans Apart; program used by some Web sites to provide further protection for a user's password by verifying that user input is not computer generated. | CAPTCHA |
| Inflammation of the nerve that connects the forearm to the palm of the wrist. | carpal tunnel syndrome (CTS) |
| Federally funded Internet security research and development center. | CERT/CC |
| Authorized person or company that issues and verifies digital certificates. | certificate authority (CA) |
| Term used in three-generation backups to refer to the most recent copy of the file. | child |
| Encrypted (scrambled) data. | ciphertext |
| Scam in which an object that can be clicked on a Web site, such as a button, image, or link, contains a malicious program. | clickjacking |
| Written guidelines that help determine whether a specific computer action is ethical or unethical. | code of conduct |
| Growing health problem that occurs when the computer consumes someone’s entire social life. | computer addiction |
| Any illegal act involving a computer. | computer crime |
| Federally funded Internet security research and development center. See also CERT/CC. | Computer Emergency Response Team Coordination Center |
| Moral guidelines that govern the use of computers and information systems. | computer ethics |
| The discovery, collection, and analysis of evidence found on computers and networks. See also cyberforensics, digital forensics, or network forensics. | computer forensics |
| Any event or action that could cause a loss of or damage to computer hardware, software, data, information, or processing capability. | computer security risk |
| Eyestrain due to prolonged computer usage. | computer vision syndrome |
| Process of restricting access to certain material on the Web. | content filtering |
| Small text file that a Web server stores on a computer. | cookie |
| Exclusive rights given to authors and artists to duplicate, publish, and sell their materials. | copyright |
| Someone who accesses a computer or network illegally with the intent of destroying data, stealing information, or other malicious action. | cracker |
| Software used by cybercriminals. | crimeware |
| Eyestrain due to prolonged computer usage. | CVS |
| Online or Internet-based illegal acts. | cybercrime |
| Someone who uses e-mail as a vehicle for extortion. | cyberextortionist |
| The discovery, collection, and analysis of evidence found on computers and networks. See also computer forensics, digital forensics, or network forensics. | cyberforensics |
| Someone who uses the Internet or network to destroy or damage computers for political reasons. | cyberterrorist |
| Computer or network attack whose goal ranges from disabling a government's computer network to crippling a country. | cyberwarfare |
| Set of steps that can convert readable plaintext into unreadable ciphertext. See also encryption algorithm. | cypher |
| More devastating type of denial of service attack in which a zombie army is used to attack multiple computer networks. | DDoS (distributed DoS) attack |
| Process of deciphering encrypted data into a readable form. | decrypt |
| Assault on a computer or network whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail. See also DoS attack. | denial of service attack |
| A notice that guarantees a user or a Web site is legitimate. | digital certificate |
| The discovery, collection, and analysis of evidence found on computers and networks. See also computer forensics, cyberforensics, or network forensics. | digital forensics |
| Strategy designed to prevent illegal distribution of movies, music, and other digital content. | digital rights management (DRM) |
| Encrypted code that a person, Web site, or organization attaches to an electronic message to verify the identity of the message sender. | digital signature |
| Assault on a computer or network whose purpose is to disrupt computer access to an Internet service such as the Web or e-mail. See also denial of service attack. | DoS attack |
| Strategy designed to prevent illegal distribution of movies, music, and other digital content. See also digital rights management. | DRM |
| Service that blocks e-mail messages from designated sources. | e-mail filtering |
| Spoofing that occurs when the sender's address or other components of the e-mail header are altered so that it appears the e-mail originated from a different sender. | e-mail spoofing |
| The use of computers to observe, record, and review an employee’s use of a computer, including communications such as e-mail messages, keyboard activity (used to measure productivity), and Web sites visited. | employee monitoring |
| Process of converting readable data into unreadable characters to prevent unauthorized access. | encryption |
| Set of steps that can convert readable plaintext into unreadable ciphertext. See also cypher. | encryption algorithm |
| Set of characters that the originator of the encrypted data uses to encrypt the plaintext and the recipient of the data uses to decrypt the ciphertext. | encryption key |
| License agreement included with software purchased by individual users. See also single-user license agreement. | end-user license agreement (EULA) |
| Program developed by the United States Department of Energy (DOE) and the United States Environmental Protection Agency (EPA) to help reduce the amount of electricity used by computers and related devices. | ENERGY STAR program |
| The science of incorporating comfort, efficiency, and safety into the design of the workplace. | ergonomics |
| 1970 law that limits the rights of others viewing a credit report to only those with a legitimate business need. | Fair Credit Reporting Act |
| Computer that has duplicate components so that it can continue to operate when one of its main components fail. | fault-tolerant computer |
| Hardware and/or software that protects a network’s resources from intrusion by users on another network such as the Internet. | firewall |
| Backup procedure that copies all program and data files in the computer. Also called archival backup. | full backup |
| Term used in three-generation backups to refer to the oldest copy of a file. | grandparent |
| Computer usage that reduces the electricity and environmental waste involved in using a computer. | green computing |
| Someone who accesses a computer or network illegally. | hacker |
| The act of stealing computer equipment. | hardware theft |
| The act of defacing or destroying computer equipment. | hardware vandalism |
| Mathematical formula that generates a code from the contents of an electronic message. | hash |
| Vulnerable computer that is set up to entice an intruder to break into it in order to allow a company to learn how intruders are exploiting its network. | honeypot |
| Access control that verifies an individual is a valid user. | identification |
| Right of individuals and companies to deny or restrict the collection and use of information about them. | information privacy |
| Computer security risk that occurs when someone steals personal or confidential information. | information theft |
| Capability of an antivirus program to record information such as file size and file creation date in a separate file in order to detect viruses. | inoculate |
| Unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos. | intellectual property (IP) |
| Rights to which creators are entitled for their work. | intellectual property rights |
| Organization that developed a rating system in order to filter content on the Web. | Internet Content Rating Association (ICRA) |
| Program that automatically analyzes all network traffic, assesses system vulnerabilities, identifies any unauthorized intrusions, and notifies network administrators of suspicious behavior patterns or system breaches. | intrusion detection software |
| Spoofing technique where an intruder computer fools a network into believing its IP address is associated with a trusted source. | IP spoofing |
| Unit of energy a surge protection device can absorb before it can be damaged. | Joule |
| Short for key generator; program that creates software registration numbers and sometimes activation codes used for software theft. | keygen |
| An agreement issued by a software manufacturer that gives the user the right to use the software. | license agreement |
| Instructions saved in software such as a word processor or spreadsheet program. | macros |
| Programs that act without a user’s knowledge and deliberately alter a computer’s operations. | malicious software |
| Short for malicious software; programs that act without a user’s knowledge and deliberately alter a computer’s operations. | malware |
| The discovery, collection, and analysis of evidence found on computers and networks. See also computer forensics, cyberforensics, or digital forensics. | network forensics |
| Electrical disturbance that can degrade communications. | noise |
| Type of UPS device that switches to battery power when a problem occurs in the power line. See also standby UPS. | offline UPS |
| Location separate from a computer site. | offsite |
| Web site that evaluates a computer to check for Internet and e-mail vulnerabilities. | online security service |
| Type of UPS device that always runs off a battery, which provides continuous protection. | online UPS |
| Electrical disturbance that occurs when the incoming electrical power increases significantly above the normal 120 volts. See also power surge. | overvoltage |
| Term used in three-generation backups to refer to the second oldest copy of the file. | parent |
| Private combination of words, often containing mixed capitalization and punctuation, associated with a user name that allows access to certain computer resources. | passphrase |
| Private combination of characters associated with a user name that allows access to certain computer resources. | password |
| Destructive event or prank a malicious-logic program is intended to deliver. | payload |
| Utility program that detects and protects a personal computer and its data from unauthorized intrusions. | personal firewall |
| Numeric password, either assigned by a company or selected by a user. | personal identification number (PIN) |
| Scam, similar to phishing, where a perpetrator attempts to obtain your personal and financial information, except they do so via spoofing. | pharming |
| Scam in which a perpetrator sends an official looking e-mail that attempts to obtain your personal and financial information. | phishing |
| Program that warns or blocks you from potentially fraudulent or suspicious Web sites. | phishing filter |
| Unauthorized and illegal duplication of copyrighted material. | piracy |
| Unencrypted, readable data. | plaintext |
| Any item that a user must carry to gain access to a computer or computer facility. | possessed object |
| Electrical disturbance that occurs when the incoming electrical power increases significantly above the normal 120 volts. See also overvoltage. | power surge |
| Ratio that measures how much power enters a computer facility, or data center, against the amount of power required to run the computers. | power usage effectiveness (PUE) |
| Popular e-mail encryption program that is free for personal, noncommercial use. | Pretty Good Privacy (PGP) |
| Type of encryption where both the originator and the recipient use the same secret key to encrypt and decrypt the data. See also symmetric key encryption. | private key encryption |
| Process that attempts to prevent software piracy by requiring users to provide a software product’s 25-character identification number in order to receive an installation identification number. | product activation |
| Server outside a company’s network that controls which communications pass into the company’s network. | proxy server |
| Type of encryption that uses two encryption keys: a public key and a private key. See also asymmetric key encryption. | public key encryption |
| Separate area of a hard disk that holds the infected file until a virus can be removed. | quarantine |
| Safeguard used by some businesses to track and identify the location of high-risk or high-value items. | real time location system (RTLS) |
| Injury or disorder of the muscles, nerves, tendons, ligaments, and joints. | repetitive strain injury (RSI) |
| To copy backed up files by copying them to their original location on the computer. | restore |
| Program that hides in a computer and allows someone from a remote location to take full control of the computer. | rootkit |
| Someone who accesses a computer or network illegally with the intent of destroying data, stealing information, or other malicious action but does not have the technical skills and knowledge. | script kiddie |
| Security technique that allows users to choose an encryption scheme for data that passes between a client and a server. | secure HTTP (S-HTTP) |
| Web site that uses encryption techniques to secure its data. | secure site |
| Security technique that provides encryption of all data that passes between a client and an Internet server. | Secure Sockets Layer (SSL) |
| Type of backup in which users choose which folders and files to include in the backup. Also called partial backup. | selective backup |
| Type of cookie that is used by online shopping sites to keep track of items in a user’s shopping cart. | session cookie |
| License agreement included with software purchased by individual users. See also end-user license agreement (EULA). | single-user license agreement |
| Gaining unauthorized access or obtaining confidential information by taking advantage of the trusting human nature of some victims and the naivety of others. | social engineering |
| Computer security risk that occurs when someone (1) steals software media, (2) intentionally erases programs, (3) illegally copies a program, or (4) illegally registers and/or activates a program. | software theft |
| Unsolicited e-mail message or newsgroups posting sent to many recipients or newsgroups at once. | spam |
| Electrical disturbance that occurs when an overvoltage lasts for less than one millisecond (one thousandth of a second). | spike |
| Spam sent through an instant messaging service. | spim |
| Spam sent via VoIP. | spit |
| Technique intruders use to make their network or Internet transmission appear legitimate to a victim computer or network. | spoofing |
| Program placed on a computer without the user’s knowledge that secretly collects information about the user. | spyware |
| Service set identifier. | SSID |
| Type of UPS device that switches to battery power when a problem occurs in the power line. See also offline UPS. | standby UPS |
| Device that uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment. See also surge suppressor. | surge protector |
| Device that uses special electrical components to smooth out minor noise, provide a stable current flow, and keep an overvoltage from reaching the computer and other electronic equipment. See also surge protector. | surge suppressor |
| Type of encryption where both the originator and the recipient use the same secret key to encrypt and decrypt the data. See also private key encryption. | symmetric key encryption |
| Prolonged malfunction of a computer. | system failure |
| Inflammation of a tendon due to repeated motion or stress on that tendon. | tendonitis |
| Backup policy that preserves three copies of important files: the grandparent, the parent, and the child. | three-generation backup |
| Successor to Secure Sockets Layer (SSL), a security technique that provides encryption of all data that passes between a client and an Internet server. | Transport Layer Security (TLS) |
| Program named after the Greek myth that hides within or looks like a legitimate program. | Trojan horse |
| Company or person a user believes will not send a virus-infected file knowingly. | trusted source |
| Use of a computer or network without permission. | unauthorized access |
| Use of a computer or its data for unapproved or possibly illegal activities. | unauthorized use |
| Electrical disturbance that occurs when the electrical supply drops. | undervoltage |
| Safety specification that allows no more than 500 maximum volts to pass through an electrical line. | Underwriters Laboratories (UL) 1449 Standard |
| Device that contains surge protection circuits and one or more batteries that can provide power during a temporary or permanent loss of power. | uninterruptible power supply (UPS) |
| Unique combination of characters, such as letters of the alphabet or numbers, that identifies one specific user. See also user name. | user ID |
| Unique combination of characters, such as letters of the alphabet and/or numbers, that identifies a specific user. | user name |
| Network that provides a mobile user with a secure connection to a company network server, as if the user has a private line. | virtual private network (VPN) |
| Potentially damaging computer program that affects, or infects, a computer negatively by altering the way the computer works without the user’s knowledge or permission. | virus |
| Known specific pattern of virus code. See also virus signature. | virus definition |
| E-mail message that warns users of a nonexistent virus or other malware. | virus hoax |
| Known specific pattern of virus code. See also virus definition. | virus signature |
| Intrusion technique in which an individual attempts to detect wireless networks via their notebook computer while driving a vehicle through areas they suspect have a wireless network. See also access point mapping. | war driving |
| Intrusion technique in which individuals use an airplane to detect unsecured wireless networks. | war flying |
| Type of spyware that is hidden on Web pages or in e-mail messages in the form of graphical images. | Web bug |
| Program that restricts access to certain material on the Web. | Web filtering software |
| Security standard that improves on older security standards by authenticating network users and providing more advanced encryption techniques. | Wi-Fi Protected Access (WPA) |
| Program that copies itself repeatedly, using up system resources and possibly shutting down the system. | worm |
| A compromised computer whose owner is unaware the computer is being controlled remotely by an outsider. | zombie |
| Group of compromised computers connected to a network such as the Internet that are used as part of a network that attacks other networks, usually for nefarious purposes. See also botnet. | zombie army |
Created by:
sheidkamp
Popular Computers sets