AP CSP Impact of Computing - Vocabulary
AP Practice
Call Kai1/40
Earn XP
Description and Tags
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
41 Terms
digital divide
differing access to computing devices and the Internet, based on socioeconomic, geographic, or demographic characteristics., typically due to limitations of Internet speed or computer hardware access.
crowdsourcing
the practice of obtaining input, information, resources, or funding from a large number of people via the Internet to help fund projects, generate ideas, or create goods or services (like Wikipedia)
citizen science
scientific research conducted in whole or part by distributed individuals, many of whom may not be scientists, who contribute relevant data to research using their own computing devices
Creative Commons
a public copyright license that enables the free distribution of an otherwise copyrighted work. This is used when the content creator wants to give others the right to share, use, and build upon the work they have created.
open source
programs that are made freely available and may be redistributed and modified
open access
a policy that allows people to have access to documents (like research papers) for reading or data (like government datasets) for analysis free of any and all restrictions on access and free of many restrictions on use, such as copyright or license restrictions
PII (Personally identifiable information)
Information about an individual that identifies, links, relates, or describes them. Examples include: (1) Social Security number, (2) age, (3) race, (4) phone number(s), (5) medical information, (6) financial information, (7) biometrical data
authentication measure
protects devices and information from unauthorized access (examples - strong passwords and multifactor authentication)
strong password
something that is easy for a user to remember but would be difficult for someone else to guess based on knowledge of that user
multi-factor authentication (MFA)
a method of computer access control in which a user is only granted access after successfully presenting several separate pieces of evidence to an authentication mechanism, typically in at least two of the following categories: knowledge (something they know), possession (something they have), and inherence (something they are).
encryption
the process of encoding(scrambling) data to prevent unauthorized access
decryption
the process of decoding the data
symmetric encryption
a technique for encrypting data where the same one key is used to both encrypt and decrypt data.
public key encryption
An asymmetric encryption technique that pairs a public key for encryption and a private key for decryption. The sender does not need the receiver's private key to encrypt a message, but the receiver's private key is required to decrypt the message.
digital certificates
certificates issued by certificate authorities that validate the ownership of encryption keys used in secure communications and are based on a trust model.
computer virus
is a malicious program that can copy itself and gain access to a computer in an unauthorized way. It often attaches itself to legitimate programs and starts running independently on a computer.
malware
software intended to damage a computing system or to take partial control over its operation
phishing
An attack technique that attempts to trick a user into providing personal information, often via a deceptive email. That personal information can then be used to access sensitive online resources, such as bank accounts and emails.
keylogging
the use of a program to record every keystroke made by a computer user in order to gain fraudulent access to passwords and other confidential information
bias
designing or writing from a particular perspective or point of view (and not including or considering other perspectives or points of view).
certificate authorities
issue digital certificates that validate the ownership of encryption keys used in secure communication and are based on a trust model.
rough access point
a wireless point that gives unathorized access to secure networks
Intellectual property
material created on a computer is the property of the creator or an organization.
authentification
the process of establishment of trust between two parties (i.e. "Prove that I am who I say I am")
dictionary attack
a password attack where software automate the process of rapidly testing many potential passwords for a given account.
This attack uses a database of words that people are likely to use in their passwords including names of movies, teams, celebrities, foreign languages AND including spelling with numbers or special characters substituted for letters.
password spraying
a password attack that tests a weak password against a large number of accounts.
credential stufffing
a password attack that is trying username/password from a breach in order to gain access to user accounts.
"breach"
a situation when a database is exposed or stolen (it can be accidental or through insufficient security or from a hacker attack)
identity proofing
a situation when a user can't authentificate and they then asked to provide a different value like the answer to a security question. The result a request to change a password is sent to the registered email.
hashing
a process of one-ay conversion of the password with the help of a special math functions NOT to store the password as a plain text in the computer.
biometrics
a way of authentification that uses a measurable physical characteristic (like fingerprint, retina scan, etc) to verify identity BUT can be expensive to implement
two-factor authentication
an authentification method that uses uses more than one method of authentication to increase security (but from the same group - what you know and what you know)
social engineering
decept and trickery to To get an authorized user to give information or access to an unauthorized person
Baiting
a social engineering technique that offers something of value such as a prize if you click or leaving a USB drive to be found.
shoulder surfing
a social engineering technique where a malicious actor looks over their shoulder at ATM, charge cards, entry access code pads
piggybacking
a social engineering technique (aka tailgating) to get into a restricted space - this is where someone goes through a door after you have swiped in OR you hold the door open for them without making them authenticate
scareware
a social engineering technique of making people believe that malware has been installed and that they need to give you access or install software to "fix it".
dumpster diving
a social engineering technique to retrieve discarded paper information - can use phone lists for usernames or might get financial information that has been thrown away or wearning a "uniform" or using authority to get authorized people to give you an authorized assess.
Pretexting
a social engineering technique of Impersonation with rushing or "emergency"
a rainbow table
a password hacking tool that uses a precomputed table of reversed password hashes to crack passwords in a database.
DDoS Attack
Distributed Denial of Service Attack. Typically a virus installed on many computers (thousands) activate at the same time and flood a target with traffic to the point the server becomes overwhelmed.