General Concepts Flashcards
(40 cards)
IP Address
A numerical label assigned to each device connected to a computer network that uses the Internet Protocol for communication.
Port
A communication endpoint on a computer or network device, used to identify a specific process or service.
Packet Sniffing
A method of monitoring and analyzing network traffic to detect and extract sensitive information.
Phishing
A type of social engineering attack in which an attacker attempts to trick a victim into providing sensitive information, such as login credentials or financial information.
SQL Injection
A type of cyber attack in which an attacker injects malicious code into a website’s SQL database, allowing them to gain unauthorized access to sensitive information.
Man-in-the-middle (MitM)
A type of cyber attack in which an attacker intercepts and alters communication between two parties.
DDoS
A type of cyber attack in which an attacker uses a network of infected computers to flood a website or online service with traffic, causing it to become unavailable to legitimate users.
Malware
Software specifically designed to harm or exploit a computer system, such as viruses, trojans, and ransomware.
Rootkit
A type of malware that is designed to conceal its presence on a system and provide an attacker with unauthorized access.
Public Key Cryptography
A method of encrypting and decrypting data using a pair of mathematically-related keys, one of which is public and the other is private.
SSH
A secure network protocol used to remotely access and manage network devices.
Vulnerability Scanning
The process of identifying potential vulnerabilities in a computer system or network.
Social Engineering
A type of cyber attack in which an attacker uses psychological manipulation to trick a victim into providing sensitive information or performing a certain action.
Botnet
A network of infected computers controlled by an attacker, used to launch DDoS attacks or other malicious activity.
Keylogger
A type of malware that records every keystroke made on a computer, allowing an attacker to steal login credentials and other sensitive information.
Encryption
The process of converting plaintext into ciphertext, making it unreadable to anyone without the decryption key.
Firewall
A network security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.
Two-Factor Authentication
A method of confirming a user’s claimed identity by requiring them to present two or more pieces of evidence.
Zero-Day Exploit
A type of cyber attack that takes advantage of a previously unknown vulnerability in a computer system or software.
Advanced Persistent Threat (APT)
A type of cyber attack in which an attacker establishes a long-term presence on a target’s network with the goal of stealing sensitive information or causing damage over an extended period of time.
Remote Access Trojan (RAT)
A type of malware that allows an attacker to remotely control an infected computer.
Denial of Service (DoS)
A type of cyber attack that aims to make a computer resource unavailable to its intended users by overwhelming it with traffic.
Cross-Site Scripting (XSS)
A type of cyber attack that injects malicious code into a website, allowing an attacker to steal sensitive information from users.
Cross-Site Request Forgery (CSRF)
A type of cyber attack that tricks a user into performing an action on a website without their knowledge or consent.
