click below
click below
Normal Size Small Size show me how
Brett Security Ch. 2
Key Terms
Term | Definition |
---|---|
Adware | A software program that delivers advertising content in a manner that is unexpected and unwanted by the user. |
Armored virus | A virus that goes to great lengths in order to avoid detection. |
Backdoor | Software code that gives access to a program or a service that circumvents normal security protections. |
Bot herder | An attacker who controls a botnet. |
Command and control | The structure by which a bot herder gives instructions to zombies in a botnet. |
Computer virus | Malicious computer code that, like its biological counterpart, reproduces itself on the same computer. |
Dumpster diving | The act of digging through trash receptacles to find information that can be useful in an attack. |
Hoax | A false warning designed to trick users into changing security settings on their computer. |
Impersonation | A social engineering attack that involves masquerading as a real or fictitious character and then playing out the role of that person on a victim. |
Key logger | Software or a hardware device that captures and stores each keystroke that a user types on the computer’s keyboard. |
Logic bomb | Computer code that lies dormant until it is triggered by a specific logical event. |
Macro | A series of instructions that can be grouped together as a single command, often used to automate a complex set of tasks or a repeated series of tasks. |
Malware | Software that enters a computer system without the user’s knowledge or consent and then performs an unwanted and usually harmful action. |
Metamorphic malware | Malware that rewrites its own code and thus appears different each time it is executed. |
Oligomorphic malware | Malware that changes its internal code to one of a set number of predefined mutations whenever it is executed. |
Pharming | A phishing attack that automatically redirects the user to a fake site. |
Phishing | Sending an email or displaying a web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information. |
Polymorphic malware | Malware code that completely changes from its original form whenever it is executed. |
Program virus | A computer virus that infects executable program files. |
Ransomware | Malware that prevents a user’s device from properly operating until a fee is paid. |
Rootlet | A set of software tools used by an attacker to hide the actions or presence of other types of malicious software. |
Shoulder surfing | Watching an authorized user enter a security code on a keypad. |
Social engineering | A means of gathering information for an attack by relying on the weaknesses of individuals. |
Spam | Unsolicited email. |
Spear phishing | A phishing attack that targets only specific users. |
Slim | A variation of spam, which targets instant messaging users instead of email users. |
Spyware | A general term used to describe software that spies on users by gathering information without consent. |
Tailgating | When an unauthorized individual enters a restricted-access building by following an authorized user. |
Trojan horse | An executable program that is advertised as performing one activity but which actually performs a malicious activity. |
Typo squatting | Redirecting a user to a fictitious website based on a misspelling of the URL. Also called URL hijacking. |
URL hijacking | Redirecting a user to a fictitious website based on a misspelling of the URL. Also called typo squatting. |
Wishing | A phishing attack uses telephone calls instead of emails. |
Watering hole attack | A malicious attack that is directed toward a small group of specific individuals who visit the same website. |
Whaling | A phishing attack that targets only wealthy individuals. |
Worm | A malicious program designed to enter a computer via a network to take advantage of a vulnerability in an application or an operating system. |
Zombie | An infected computer that is under the remote control of another attacker. |