Chapter 3: Cyber-attacks and Cyber-security Flashcards
(43 cards)
Advanced persistent threat (APT)
A network attack in which an intruder gains access to a network and stays there—undetected—with the intention of stealing data over a long period of time (weeks or even months).
Antivirus software
Software that scans for a specific sequence of bytes, known as a virus signature, that indicates the presence of a specific virus.
Blended threat
A sophisticated threat that combines the features of a virus, worm, Trojan horse, and other malicious code into a single payload.
Botnet
A large group of computers, which are controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.
Bring your own device
A business policy that permits, and in some cases, encourages employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications, including email, corporate databases, the corporate intranet, and the Internet.
Business Continuity Plan
A risk-based strategy that includes an occupant emergency evacuation plan, a continuity of operations plan, and an incident management plan with an active governance process to minimize the potential impact of any security incident and to ensure business continuity in the event of a cyberattack or some form of disaster.
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)
Software that generates and grades tests that humans can pass and all but the most sophisticated computer programs cannot.
CIA security triad
Refers to confidentiality, integrity, and availability.
Computer Forensics
A discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so that it is admissible as evidence in a court of law.
Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM) Act
A law that specifies that it is legal to spam, provided the messages meet a few basic requirements—spammers cannot disguise their identity by using a false return address, the email must include a label specifying that it is an ad or a solicitation, and the email must include a way for recipients to indicate that they do not want future mass mailings.
cyberespionage
The deployment of malware that secretly steals data in the computer systems of organizations, such as government agencies, military contractors, political organizations, and manufacturing firms.
cyberterrorism
The intimidation of government or civilian population by using information technology to disable critical national infrastructure (e.g., energy, transportation, financial, law enforcement, and emergency response) to achieve political, religious, or ideological goals.
Department of Homeland Security (DHS)
A large federal agency with more than 240,000 employees and a budget of almost $65 billion whose goal is to provide for a “safer, more secure America, which is resilient against terrorism and other potential threats.”
disaster recovery plan
A documented process for recovering an organization’s business information system assets—including hardware, software, data, networks, and facilities—in the event of a disaster.disaster recovery plan
distributed denial-of-service (DDoS) attack
An attack in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks.
encryption
The process of scrambling messages or data in such a way that only authorized parties can read it.
encryption key
A value that is applied (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemingly random characters (ciphertext) that is unreadable by those without the encryption key needed to decipher it.
exploit
An attack on an information system that takes advantage of a particular system vulnerability.
intrusion detection system (IDS)
Software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment.
logic bomb
A type of Trojan horse malware that executes when it is triggered by a specific event or at a predetermined time.
managed security service provider (MSSP)
A company that monitors, manages, and maintains computer and network security for other organizations.
mission-critical process
Business processes that are more pivotal to continued operations and goal attainment than others.
next-generation firewall (NGFW)
A hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents.
