204 Chap 10

Vunerability

An opportunity fir attackers to gain access to individual or organizational assets

Intellectual Property (IP)

Information owned by the company and protected by law

Incidents, breaches, or compromises

A successful attack against a computer system

Threat Environment q

The types of attackers and attacks that companies face

Countermeasures

Software or procedures implemented to stop an attack

Safeguards

Any action, device, procedure, technique, or other measure that reduces a system’s vunerability to a threat

Cybersecurity

The process of protecting computer hardware, networks, data, and applications from attackers

Weakest-link

The failure of even one cybersecurity safeguard may result in a breach

Comprehensive Security

Closing all routes of attack to an organization’s system to attackers

Threats

A person or organization that seeks to obtain or alter data or other IS assets illegally, without the owner’s permission and often without the owner’s knowledge

Unauthorized Data Disclosure

Event when data that is supposed to be protected, is released to unauthorized people

Insider Threats

A person who maliciously uses legitimate credentials and confidential information to destroy data or other system components

Fraud

Intentionally deceptive actions taken for an unlawful gain

Cybercrime

The execution of crimes on the internet

Hacking

A form of computer crime in which a person gains unauthorized access to a computer system. Some hackers have malicious intent

Career Criminals

Attackers who attack for purely criminal motives to make money illegally

Hacktivists

Hackers who commit cybercrimes based on political or social beliefs

Dark Web

Web content exists on obscured private networks and requires special software to access

Social Engineering

Attacks that take advantage of flawed human judgement by convincing the victim to take actions that are countered to security policies

Pretexting

Deceiving someone over the internet by pretending to be another person or organization

Phishing

Technique for obtaining unauthorized data the uses pretexting via email

Phisher

An individual or organization that spoofs legitimate companies in an attempt to illegally capture person data

Smishing

Phishing done using SMS messaging (texts)

Vishing

Phishing done over the phone

Spoofing

When someone pretends to be someone else with the intent of obtaining unauthorized data.

IP Spoofing

A type of spoofing whereby an intruder uses another site’s IP address as if it were that other site

Sniffing

Technique for intercepting computer communications. Sometimes requires physical connection to the networks

Wardrivers

People who search an area for unprotected wireless networks using a laptop or smartphone

Packet Sniffers

A program that captures network traffic

Advanced Persistent Threat (APT)

Sophisticated, possibly long-running, computer hack that is perpetrated by large, well-funtioning organizations like governments

Malware

Viruses, worms, trojan horses, spyware, and adware

Cyber Warfare Forces

Specialized military units operated by national governments, integrated into their militaries and focused on cyberwar

Cyberwar

Computer-based attacks made by national governments

Crime-as-a-Service

Cloud-based criminal services that automate many of the labor-intensive functions that cyber criminals have to perform as part of their criminal operations

Ransonware-as-a-Service

A cloud-based criminal service that provides attackers with custom ransomware, software, management consoles, and victim payment portals

Scanning-as-a-Service

A cloud-based criminal service that provides fully automated vulnerability scanning of systems and websites

Spamming-as-a-Service

A cloud-based criminal service that offers bulk sending of customized unwanted messages

Malware Distribution-as-a-Service

A cloud-based criminal service that provides the automated distribution of malware

Phishing-as-a-Service

A cloud-based criminal service that offers fully-automated phishing campaigns

Access-as-a-Service

A cloud-based criminal service that provides unauthorized access to systems

Security Policy

A document that states the rules and procedures that protect an organization’s information systems and data

Information System Fatigue

A reluctance to deal with information security due to feeling overwhelmed

NIST Cybersecurity Framework

A governance framework designed to help organizations better reduce and manage cybersecurity risks

Intrusion Detection System (IDS)

A computer program that senses when another computer is attempting to scan or otherwise access a computer

Response

Recovery from an incident according to plan

Best Practices

Methods to have been shown to produce successful results in prior implementations

Crypto Malware

Malicious software that encrypts your data and prevents you from accessing it until money is paid to the attacker

Passphrase

A password that consists of a sequence of words

Password Cracking

Recovering passwords using automated password guessing software

Brute Force Attack

A password-cracking program that tries every possible combination of characters

Credential Stuffing

The automated injection of stolen usernames and passwords to gain access to multiple web sites

Password Reuse

The use of login information to access multipe sites

Authentication

The process whereby an information system verifies a user

Authorization

Specific permissions that a particular authenticated user should have, given his or her authenticated identity

Web Trackers

Files that collect and store info about users’ web activities

Cookies

A small file that is stored on the user’s computer by a browser. Can be used for authentication, storing shopping cart contents, or to implement spyware

Third-party Cookie

A cookie created by a site other than one visited

Browser Fingerprinting

Collection of unique browser ingo like operating system, screen resolution, device model, and browsing history to create a fingerprint about who you are

Web Beacons

Single-pixel transparent images that are used to track your behaviors

Technical Safeguards

Procedures designed to protect the hardware and software components of an information systemq

Access Control

The policy driven control of access to buildings, systems, data, networks, and data flows

AAA Framework

A framework to control and track access which includes authentication, authorization, and accounting

Identification

The process whereby an information system identifies a user by requiring the user to sign on with a username and password

Supplicant

The person requesting access

Verifier

The person providing admission

Logging

Recording the actions a person takes with a resource and stores them in logs

Logs

Files that store data about events

Two-factor Authentication

Requiring a supplicant to supply two sets of authentication credentials

Multi-factor Authentication

More than two forms of authentication are required

Smart Card

Plastic cards that hold a microchip, which holds much more data than a magnetic strip

Personal Identification Number (PIN)

A form of authentication whereby the user supplies a number that only he or her knows

One-time-password Token

A small device with a display that has a number that changes frequently

Biometric Authentication

The use of person physical characteristics to authenticate users

Encryption

Process of transforming clear text into code

Plaintext

The original message displayed in readable text

Ciphertext

Plaintext that is enciphered into encryption for confidentiality

Key

String of bits used to encrypt data

Cipher

A specific mathematical process used in encryption and decryption

Symmetric Encryption

Encryption method whereby the same key is used to encode and decode the message

Asymmetric Encryption

Encryption method whereby different keys are used to encode and decode the message

Encryption Algorithms

Algorithms used to transform clear text into coded, unintelligible text for secure storage or cimmunication

Advanced Encryption Standard (AES)

Preferred symmetric key encryption standard today

Cryptographic System

A packaged set of cryptographic countermeasures for protecting communication

Public Key Encryption

Popular encryption method for the internet. Each site has a public key for encodeing and a private key for decoding

Hypertext Transfer Protocol Secure or HRRPS

A protocol that ensures secure communication over the Internet

Transport Layer Security

The new name for a later version of Secure Sockets Layer (SSL)

Firewall

Computing device that prevents unauthorized network access

Perimeter Firewall

A firewall that sits outside the organizational network; it is the first device that Internet traffic encounters

Internal Firewalls

Firewalls that sit inside the organizational network

Packet-Filtering Firewall

Firewall that examines each part of a message and determines whether to let that part pass

Man-in-the-Middle Attack (MITM)

A form of attack in which an attacker intercepts messages being sent between two parties and forwards them on

Evil Twin Access Point

A computer that has software to allow it to masquerade as an access point

Wireless Signal Jammer

A device designed to deliberately interfere with wireless communication

Honeypots

False targets for computer criminals to attack