Cybersecurity Final

CAPTCHA

A system that can distinguish between a human and an automated program

Trojan Horse

malicous program disguised as legimiate softeware. users intentionally install ths

Worms

similar to virus, does not need human to spread, rather can replicate on own to ifect other computers

Phishing

Practice of sending frad emails that appear to be legimate

Spam

Irrelevant or inappropriate messaging sent through email to a large number of recipients; also known as junk mail.

top level domain

last segment of web address; follows immediately after last (.com, .net, .org, .gov)

social engineering

art of manipulating people so they give up confidendtial information, includes passwords, bank info, access to your computer

log files

file that keeps records of events that occur on a computer

LAN

made up of: clients/laptops Connected by: physical cable (wires)

Site Certificate

small data file that is validated by a “certificate authority” which allws an organization to have a secure website

cookie

small text based bits of information about your brownser that a web server saves

spyware

software that secretly collects information about you.

Typosquatting

Known as URL hijacking, form of cybersquatting that targets internet users who incorrectly type a website address into their web browser

backdoor

malicious software taht bypasses the normal, secure or restricted access

Script Files

Disgusing executable files as otehr file types, tricking user into executing a script

Ransomware

software that locks your computer or makes it inoperable, requiring you to pay someone to remove it

ecommerce

Buying and selling goods or services over internet

Confidentiality in CIA Triad

Protects info from unauthorized access

Integrity in CIA Triad

Ensuring accuracy and validity of information

Availability in CIA Triad

Ensuring info readily accessible to authorized users at all times

Protocol

Agreed method of communication

Host Machine

computer, tpically one on a network

Web server

computer that delivers files forming web pages across a network to requestiong clients

Port HTTP on

80

Port HTTPS on

443

Information Architecture

Way organization structure ogranizes info that is required by employees and/or customers

Passive Analysis

Analyze something without intefering or affecting it

IP Address

Identifing number for hosts and servers on internet. often includes a port number as part of address

Security Baseline

Starting point for data analysis

nslookup

command to look up domain names of ip addresses

netstat - n

converst IP address to domain names, to see just IP addresses use the -n flag

CD

command changes directory in powershell

Dir

command shows computer directory in powershell

CLS

command clears the screen in powershell

CTRL + C

command clears errors in powershell

Python in powershell

executes a python script

DDOS attack

a denial of service attack that targets websites and web servers

Whistleblower

employee that exposes injustice or criminal behavior that organization is committing

Social Ideology

Hackers engage in “hacktivism” to change aspects of society such as disrupting terrorists, promoting human rights, exposing injustice

Black Hat Hacker

Hacker who breaks laws, steals data, holds info for ransom, commits other criminal acts. Behavior meant to cause harm, draw attentio, or achieve personal gain

White Hat Hacker

Expert who has permission to perfom security tests and who fully discloses their activities. They report vulnerabilites and improve security of system. Noble behavior and good action align with society’s greater good

Grey Hat Hacker

Hacker uses illegal or unethical means to discover systems security vulnerabilities.

Industiral Espionage

companies steal info from competitors to gain upper hand or eliminate the competition

Botnet Malware

Software that replicates and infects many computers, turning the computer into a zombie

Keylogger

Software and hardware that track all keyboard clicks, including back spaces, to discover usernames, passwords, credit card numbers, and otehr sensitive info

Packet

Small units of data transmitted on a network. Collected together, they compose some larger data such as a document, a website, a movie, etc.

Decrypt

Decodes information

Encrypt

To write in code; to encode

Penetration Test (pen test)

performing a computer attack to evaluate the security of a system

IIS

Internet Infomration Services

IoT

Internet of Things

FTP

File transfer protocol; port 20

Inetpub

contains all the web pages and content that will be published on the web. It is the default directory for publishing web pages.

IIS Manager

Administration tool for the MS IIS web server. Allows administrators to define behavior and structure of websites run by IIS and supports secure site configurations.

Log File protection using IIS Manager

Change the file location to make it harder to find

FTP protection using IIS manager

Use the remove services tool in IIS manager to remove FTP functions

Direct Browsing

Use IIS manager to go to directory and then you disbale directory browsing