Help
Options
Term
Hacker (attacker)
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Term
Cracker
Remaining cards (30)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
6.01 IST
CompTIA
| Term | Definition |
|---|---|
| Hacker (attacker) | Terms for individuals who have the skills to gain access to computer systems through unauthorized or unapproved means. |
| Cracker | Refers to an individual who breaks encryption codes, defeats software copy protections, or specializes in breaking into systems. |
| White hat | A hacker who discovers and exposes security flaws in applications and operating systems so that manufacturers can fix them before they become widespread problems. This is often done professionally by individuals working for a security organization or a sy |
| Black hat | A hacker who discovers and exposes security vulnerabilities for financial gain or for some malicious purpose. Although these individuals might not break directly into systems the way attackers do, widely publicizing security flaws can potentially cause fi |
| Malware | Any unwanted software that has the potential to damage a system, impede performance, or create a nuisance condition. The software might be introduced deliberately or inadvertently and might or might not be able to propagate itself to other systems. |
| Virus | A piece of code that spreads from one computer to another by attaching itself to other files. The code executes when the file it is attached to is opened. |
| Worm | A piece of code that spreads from one computer to another on its own, not by attaching itself to another file. |
| Trojan horse | A malicious computer program which misrepresents itself to appear useful, routine, or interesting in order to persuade a victim to install it. |
| Logic bomb | A piece of code that sits dormant on a target computer until it is triggered by a specific event, such as a specific date. Once detonated it performs whatever actions it was programmed to do, which often includes erasing and corrupting data on the target |
| Spyware | Secretly installed malicious software with a keylogger that is intended to track and report the usage of a target system, or to collect other data the author wishes to obtain. Data collected can include web browsing history, personal information, banking |
| Adware | Software that automatically displays or downloads advertisements when it is used. Although not all adware is malicious, many adware programs have been associated with spyware and other types of malicious software. Also, it can reduce user productivity by |
| Rootkit | Code that is intended to take full or partial control of a system at the lowest levels. Rootkits often attempt to hide themselves from monitoring or detection, and modify low-level system files when integrating themselves into a system. Rootkits can be us |
| Spam | An email-based threat that presents various advertising materials, promotional content, or get-rich-quick schemes to users. The messages can quickly fill a user's inbox and cause storage issues. Spam can also carry malicious code and other types of malwar |
| Ransomware | Malicious software that prevents you from using your computer. It usually displays a message stating that you must pay a fee or face some other penalty before you can access your files and computer again. Paying the ransom doesn't necessarily mean that yo |
| Social engineering attack | A type of attack that uses deception and trickery to convince unsuspecting users to provide sensitive data or to violate security guidelines. Social engineering is often a precursor to another type of attack. |
| Shoulder surfing | A human-based attack where the goal is to look over the shoulder of an individual as he or she enters password information or a PIN. |
| Spoofing | A human-based or software-based attack where the goal is to pretend to be someone else for the purpose of identity concealment. Spoofing can occur in Internet Protocol (IP) addresses, network adapter's hardware (Media Access Control [MAC]) addresses, and |
| Impersonation | This is a human-based attack where an attacker pretends to be someone he is not. |
| Hoax | An email-based or web-based attack that is intended to trick the user into performing undesired actions, such as deleting important system files in an attempt to remove a virus. |
| Phishing | A common type of email-based social engineering attack. The attacker sends an email that seems to come from a respected bank or other financial institution. The email claims that the recipient needs to provide an account number, Social Security number, or |
| Vishing | A human-based attack where the goal is to extract personal, financial, or confidential information from the victim by using services such as the telephone system and IP-based voice messaging services (Voice over Internet Protocol [VoIP]) as the communicat |
| Whaling | This is a form of phishing that targets individuals who are known to possess a good deal of wealth. It is also known as spear phishing. This form targets individuals that work in Fortune 500 companies or financial institutions whose salaries are expected |
| Spam | An email-based threat that presents various advertising materials, promotional content, or get-rich-quick schemes to users. The messages can quickly fill a user's inbox and cause storage issues, and can also carry malicious code and other types of malware |
| Spim | An Internet messaging (IM)-based attack similar to spam that is propagated through IM instead of through email. |
| Dumpster diving | A term that can refer to physically going through trash cans and dumpsters to look for passwords, or access codes written on paper, but is often used in the context of a physical method a hacker might use to gain information about a computer network. |
| Password attack | Any type of attack in which the attacker attempts to obtain and make use of passwords illegitimately. The attacker can guess or steal passwords or crack encrypted password files. It can show up in audit logs as repeatedly failed logons and then a successf |
| Guessing | A guessing attack is the simplest type of password attack and involves an individual making repeated attempts to guess a password by entering different common password values, such as the user's name, a spouse's name, or a significant date. |
| Stealing | Passwords can be stolen by various means, including sniffing network communications, reading handwritten password notes, or observing a user in the act of entering the password. |
| Dictionary attack | A dictionary attack automates password guessing by comparing encrypted passwords against a predetermined list of possible password values. These types of attack are successful against only fairly simple and obvious passwords, because they rely on a dictio |
| Brute force attack | A type of attack in which the attacker uses password-cracking software to attempt every possible alphanumeric password combination. |
| Hybrid password attack | Utilizes multiple attack vectors including dictionary, brute-force, and other attack methodologies when trying to crack a password. |
Created by:
angelo.g828