click below
click below
Normal Size Small Size show me how
Identify Security
definitions
Term | Definition |
---|---|
1.Hacker (attacker) | Terms for individuals who have the skills to gain access to computer systems through unauthorized or unapproved means. |
2.Cracker | Refers to an individual who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems. |
3.White hat | A white hat is an ethical security hacker. Ethical hacking is a term meant to imply a broader category than just penetration testing. |
4.Black hat | Black hat hackers are criminals who break into computer networks with malicious intent. They may also release malware that destroys files, holds computers hostage, or steals passwords, credit card numbers, and other personal information. |
5.Malware | a file or code, typically delivered over a network, that infects, explores, steals or conducts virtually any behavior an attacker wants |
6.Virus | A piece of code that spreads from one computer to another by attaching itself to other files. The code executes when the file it is attached to is opened. |
7.Worm | A piece of code that spreads from one computer to another on its own, not by attaching itself to another file. |
8.Trojan horse | A malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. |
9.Logic bomb | a set of instructions secretly incorporated into a program so that if a particular condition is satisfied they will be carried out, usually with harmful effects. |
10.Spyware | secretly make changes to a device's firewall settings, reconfiguring the security settings to allow in even more malware. |
11.Adware | software that automatically displays or downloads advertising material (often unwanted) when a user is online. |
12.Rootkit | a set of software tools that enable an unauthorized user to gain control of a computer system without being detected. |
13.Spam | any kind of unwanted, unsolicited digital communication that gets sent out in bulk |
14.Ransomware | a type of cryptovirological malware that permanently block access to the victim's personal data unless a ransom is paid |
15.Social engineering attack | involves email or other communication that invokes urgency, fear, or similar emotions in the victim, leading the victim to reveal sensitive information, click a malicious link, or open a malicious file." |
16.Shoulder surfing | A human-based attack where the goal is to look over the shoulder of an individual as he or she enters password information or a PIN. |
17.Spoofing | faking one's identity, and can be used for various attacks such as identity theft. |
18.Impersonation | This is a human-based attack where an attacker pretends to be someone he is not. |
19.Hoax | An email-based or web-based attack that is intended to trick the user into performing undesired actions, such as deleting important system files in an attempt to remove a virus. |
20.Phishing | the fraudulent practice of sending emails or other messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as passwords and credit card numbers. |
21.Vishing | a type of cyber attack that uses voice and telephony technologies to trick targeted individuals into revealing sensitive data to unauthorized entities. |
22.Whaling | a highly targeted phishing attack - aimed at senior executives - masquerading as a legitimate email. |
23.Spam | unsolicited and unwanted junk email sent out in bulk to an indiscriminate recipient list. |
24.Spim | An Internet messaging (IM)-based attack similar to spam that is propagated through IM instead of through email. |
25.Dumpster diving | a cyberattack where the attacker gets their hands on sensitive documents or data you carelessly threw into the trash bin. |
26.Password attack | any attempt to exploit a vulnerability in user authorization within a digital system. |
27.Guessing | A guessing attack is the simplest type of password attack and involves an individual making repeated attempts to guess a password by entering different common password values, such as the user's name, a spouse's name, or a significant date. |
28.Stealing | Passwords can be stolen by various means, including sniffing network communications, reading handwritten password notes, or observing a user in the act of entering the password. |
29.Dictionary attack | A dictionary attack automates password guessing by comparing encrypted passwords against a predetermined list of possible password values. |
30.Brute force attack | A type of attack in which the attacker uses password-cracking software to attempt every possible alphanumeric password combination. |
31.Hybrid password attack | Utilizes multiple attack vectors including dictionary, brute-force, and other attack methodologies when trying to crack a password. |