Busy. Please wait.
or

show password
Forgot Password?

Don't have an account?  Sign up 
or

Username is available taken
show password

why


Make sure to remember your password. If you forget it there is no way for StudyStack to send you a reset link. You would need to create a new account.
We do not share your email address with others. It is only used to allow you to reset your password. For details read our Privacy Policy and Terms of Service.


Already a StudyStack user? Log In

Reset Password
Enter the associated with your account, and we'll email you a link to reset your password.

Remove Ads
Don't know
Know
remaining cards
Save
0:01
To flip the current card, click it or press the Spacebar key.  To move the current card to one of the three colored boxes, click on the box.  You may also press the UP ARROW key to move the card to the "Know" box, the DOWN ARROW key to move the card to the "Don't know" box, or the RIGHT ARROW key to move the card to the Remaining box.  You may also click on the card displayed in any of the three boxes to bring that card back to the center.

Pass complete!

"Know" box contains:
Time elapsed:
Retries:
restart all cards




share
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

  Normal Size     Small Size show me how

CIT292 Ch 1 and 2

CIT292 NW Security Ch 1 and 2 Terms

TermDefinition
Information Security Act of protecting information from unauthorized access.
Confidentiality Prevention of disclosure of information to unauthorized persons.
Integrity Data has not been tampered with or changed in any way. Authorization is necessary before data can be changed.
CIA Three principles of information security: Confidentiality, Integrity, and Availability
Availability Data is obtainable regardless of how information is stored, accessed, or protected.
Nonrepudiation Have indisputable proof of something which can not be denied.
Authentication Person's identity is established with proof such as login and password, smart card, etc.
Authorization User is given access to certain data. Happens after authentication and includes permissions, ACLs (Access Control Lists), login or physical restrictions.
Accounting Tracking of data, computer usage, and nw resources using logging, monitoring, auditing of data or resource.
AAA Security concept that should be applied to security plans. Authentication, Authorization, Accounting
Defense in Depth Layering of security that protect data through the entire life cycle: inception, usage, storage, transfer, and disposal
Ethical Hacker Expert at breaking into systems but attacks with owners knowledge and consent to find security weaknesses.
White hat nonmalicious hacker
Gray hat Hacker who has no affiliation with company, but breaks into system and lets administrator of network know.
Black hat Malicious hacker that attempts to break into computer systems without authorization. Attempt theft, fraud, piracy, and so on.
Encryption Act of changing information using an algorithm known as cipher to make it "unreadable" to anyone except users who have "key" to data.
Malware Software designed to infiltrate a computer system and possibly damage it without the user's knowledge or consent.
Virus Code that runs on a computer without the user's knowledge that infects a computer when the code is accessed and executed.
Worm Code that runs on a computer without the user's knowledge that is able to self-replicate.
Trojan horse Applications that appear to perform desired functions but are actually performing malicious functions behind the scenes.
spyware Type of malicious software either downloaded unwittingly from a web site or installed along with some other 3rd party software.
Adware Type of spyware that pops up advertisements based on what it has learned about that user.
Grayware General term used to describe applications that are behaving improperly but without serious consequences; often describes spyware.
Rootkit Type of software designed to gain administrative-level control over a computer system without being detected
Logic Bomb Code that has, in some way, been inserted into software, it is meant to initiate some type of malicious function when specific criteria are met.
Easter egg Platonic extra added to OS or app as joke; harmless cousin of logic bomb.
Time bomb Trojan set off at certain date
Botnet Group of compromised computers used to distribute malware across the Internet: usually made up of zombies
Zombie Individual compromised computers in a botnet.
spam Abuse of electronic messaging systems such as email, broadcast media, and instant messaging
Active interception Also known as active inception, normally includes a computer placed between the sender and receiver in effort to capture/modify info
open email relay Also known as SMTP open relay; it enables anyone on the Internet to send email through an SMTP server.
HIDS (Host-based Intrusion Detection System Type of system loaded on individual computer that analyzes and monitors what happens inside that computer; example checks for file integrity.
Pop-up blocker Application or add-on to a web browser that blocks pop-up windows that usually contain advertisements.
Ad Filtering Ways of blocking and filtering out unwanted advertisements; pop-up blockers and content filters are ad filtering methods.
Content filters Individual computer programs that block external files that use JavaScript or images from loading into the browser.
Personal Firewall Application that protect an individual computer from unwanted Internet traffic using a set of rules and policies
Privilege escalation Act of exploiting a bug or design flaw in a software or firmware app to gain access to resources that normally are protected from a app or user.
Backdoor Used in computer programming to bypass authorization and normal security mechanisms in place.
Hardware Security module (HSM)Physical device that deals with the encryption of authentication processes, digital signings, and payment processes.
Bluejacking Sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones and PDAs
Bluesnarfing The unauthorized access of information from a wireless device through a Bluetooth device.
ACL (Access Control List) List of permissions on an object. Specify what level of access user, groups, have to an object. When dealing with firewalls, set of rules that apply to a list of network names, IP addresses, and port numbers.
Created by: Leisac