Term | Definition |
CIA triad | Confidentiality, integrity and availability |
Security Triad | model designed to guide policies for information security |
Confidentiality | the state of keeping or being kept secret or private |
Integrity | quality of being honest |
Availability | quality of being able to be used or obtained |
Physical controls | safeguards or countermeasures to avoid, detect, counteract, or minimize security risks |
Logical controls | tools and protocols used for identification, authentication, authorization, and accountability in computer information systems |
Administrative controls | changes in work procedures |
Client-Layer | architecture in which presentation, application processing, and data management functions are physically separated |
Application Layer | consists of protocols that focus on process-to-process communication across an IP network |
Data Layer | ensure maximum flexibility, portability, and ease of implementation |
SDOS | Social,Decision, and Organizational Sciences |
DDOS | Distributed Denial Of Services |
SQL Injection | code injection technique that might destroy your database |
XSS | attacks are a type of injection, in which malicious scripts are injected into otherwise benign and trusted web sites |
CSRF | attack that forces an end user to execute unwanted actions on a web application -Cross-Site Request Forgery |
Authentication | process or action of proving or showing |
Authorization | action or fact of authorizing |
Malware | software that is intended to damage or disable computers and computer systems |
Virus | a type of error in your system that can infect other systems |
Trojan horse | program designed to breach the security of a computer system |
Worm | self-replicating malware that duplicates itself to spread to uninfected computers |
hoax | malicious deception |
Root kit | collection of computer software mostly malicious |
Session fixation | attack that permits an attacker to hijack a valid user session |
AUP | document stipulating constraints and practices that a user must agree to for access to a corporate network - acceptable use policy |
TOS | a field in the Internet Protocol version 4 |
SPAM | types of hacking that try to get your info by making you click on links you don't need |
Phishing | a scam hackers use to get your personal info by pretending they are you |
SpearPhishing | email or electronic communications scam targeted towards a specific individual, organization or business |
Eavesdropping | an over the shoulder attack |
Man in the middle | attack where the attacker secretly relays and possibly alters the communication between two parties |
Bluesnarfing | theft of information from a wireless device through a Bluetooth connection |
War driving | act of searching for Wi-Fi wireless networks by a person in a moving vehicle, using a laptop or smartphone |
Identity theft | fraudulent acquisition and use of a person's private identifying information, usually for financial gain |
Social engineering | use of centralized planning in an attempt to manage social change and regulate the future development and behavior of a society |
Firewall | part of a computer system or network that is designed to block unauthorized access while permitting outward communication |
Cookies | a way information is stored into a computer in certain sites |
Sniffer | a type of packet analyzer |
Vpn | vitual private network - extends a private network across a public network |
SSID | primary name associated with an 802.11 wireless local area network |
MAC ID | fast way to unlock your Mac using just your fingerprint |
PKI | public key infostructure - set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption |
Certificates | digital certificate is an electronic "passport" that allows a person, computer or organization to exchange information securely over the Internet |
Thumbprint | a type of new bio metric scanning |
Biometrics | technical term for body measurements and calculations |
Libel | false and damaging statements made about another person |
Copyright | legal right created by the law of a country that grants the creator of an original work exclusive rights for its use and distribution |
Plagiarism | practice of taking someone else's work or ideas and passing them off as one's own |