ITI TEST 3 KEY TERMS WEEK 6/7/8

studied byStudied by 1285 people
4.7(3)
get a hint
hint

Encryption

1 / 51

encourage image

There's no tags or description

Looks like no one added any tags here yet for you.

52 Terms

1

Encryption

A mathematical process that makes a message unreadable except to someone with the decryption key.

New cards
2

Decryption

The process of making a scrambled message or data understandable.

New cards
3

Key

In cryptography, a piece of data that enables encryption or decryption of a message.

New cards
4

Data “at rest”

Information stored on a device like a mobile phone, laptop, or server.

New cards
5

Data “in transit”

Information moving over a network from one place to another.

New cards
6

VPN (Virtual Private Network)

Encrypts internet communications for secure connection to a network.

New cards
7

HTTPS (S-secure)

uses encryption to better protect the data you send to websites and the information they return to you, from prying eyes.

New cards
8

End-to-End Encryption

protects messages in transit all the way from sender to receiver. It ensures that information is turned into a secret message by its original sender (the first “end”) and decoded only by its final recipient (the second “end”). No one, including the app you are using, can “listen in” and eavesdrop on your activity.

New cards
9

Data

Collection of information, stats, facts, measurements, and descriptions.

New cards
10

Metadata

Information about digital communications, like email subjects and conversation length.

New cards
11

OPSEC

the process of protecting information about one’s activities that may be important to a potential adversary. It is a process that seldom goes beyond the digital realm.

New cards
12

SSD

Guide for protecting against electronic surveillance with privacy tools.

New cards
13

Simple Substitution Cipher

Replaces single letters with specified ones in a fixed substitution alphabet. The combination of the plaintext and ciphertext alphabet forms the key of this cipher.

New cards
14

Caesar Cipher

Rotates the plaintext alphabet by a fixed number of places.

New cards
15

ROT13

Substitution Cipher | Replaces each letter with its partner 13 characters further along the alphabet. It provides virtually no cryptographic security

New cards
16

ROT5

Rotates numbers 0-9 in a message, clouding numeric values in a message.

New cards
17

ROT18

Combination of ROT13 and ROT5, rotating letters and numbers separately.

New cards
18

ROT47

uses all ASCII code points that range from 33 to 126 as the plaintext alphabet and rotates it by 47 characters. It can be used to obfuscate lowercase and uppercase letters, numbers, and punctuation symbols.

New cards
19

ROT8000

Uses the full Unicode Basic Multilingual Plane as the plaintext alphabet, which theoretically contains 65,536 characters

New cards
20

Social Engineering

Influencing a person to take actions, positive or negative.

New cards
21

Smishing

stands for SMS phishing or phishing through text messages. With a simple click, one’s credentials could be stolen, malware could be loaded on one’s mobile device, and sometimes both.

New cards
22

Vishing

Voice phishing through phone calls to deceive and steal information.

New cards
23

Phishing

Impersonating legitimate entities to trick people into providing personal information. It is the most dangerous of the four main vectors (smishing, vishing, phishing, impersonation).

New cards
24

Impersonation

Pretending to be someone else for malicious purposes like identity theft.

New cards
25

OSINT

the lifeblood of every social engineering engagement. It is also the piece that should have the most time spent on it which is why it occupies the first and largest piece of the pyramid. Documentation is one piece of OSINT that is rarely addressed.

New cards
26

Pretext Development

based on the findings from the OSINT period, the next step is to begin developing your pretexts. This is a crucial piece that is best done with OSINT in mind. In this phase, you see what changes or additions need to be made to ensure success.

New cards
27

Attack Plan

 having a pretext does not mean you are ready. The next stage is to plan out the three Ws: what, when, and who.

New cards
28

Attack Launch

launching the attack requires preparation but not scripted preparation that would not allow you to be dynamic. The use of an outline is recommended

New cards
29

Reporting

a report on the attacks is important because it is the very pinnacle that the rest of the pyramid rests on

New cards
30

Hacktivism

use of computer-based techniques such as hacking as a form of civil disobedience to promote a political agenda or social change.

New cards
31

Aaron Swartz

An agitator for free access to information on the internet who downloaded more than four million articles and reviews onto his laptop computers from a subscription-only digital storehouse, involved in Reddit and RSS development.

New cards
32

Information Security

the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to ensure confidentiality, integrity, and availability

New cards
33

Confidentiality

preserving authorized restrictions on information access and disclosure

New cards
34

Integrity

guardian against improper information modification or destruction and ensuring information non-repudiation and authenticity

New cards
35

Availability

ensuring timely and reliable access to and use of information

New cards
36

Security Controls

the management, operational, and technical controls (safeguards, countermeasures) prescribed for a system to protect the confidentiality, availability, and integrity of the system and its information

New cards
37

Information System

discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information

New cards
38

Information

  • Facts or ideas which can be represented (encoded) as various forms of data

  • Knowledge (data instructions) in any medium or form that can be communicated between system entities

New cards
39

Risk

can never be completely eliminated

New cards
40

Risk Management

striking a balance between usability and implementation of protection

New cards
41

Impact Levels

  • Federal organizations use these 

  • High, moderate and low 

  • Identify/categorize impact that a loss of confidentiality, integrity, or availability of info/system may have on organizations operation

  • Allows them to identify appropriate protections

New cards
42

Privacy

  • Past: two functions were discussed as if they cannot coexist in a system 

  • Today: relationship between privacy and security is essential 

  • It relates problems that individuals may experience as a result of authorized processing of their information throughout the data life cycle

New cards
43

Vulnerability

a weakness in a system, system security procedure, internal controls, or implementation that could be exploited by a threat source

New cards
44

Threat Events

  • incident/situation that could potentially cause undesirable consequences/impacts 

  • Example: hacker installing a keystroke monitor on an organizational system

New cards
45

Threat Sources (Adversarial)

 sources are individuals, groups, organizations, or entities seek to exploit and organizations dependence on cyber resources

New cards
46

Threat Sources (Non-Adversarial)

sources refer to natural disasters or erroneous actions taken by individuals in the course of executing day to day responsibilities

New cards
47

National Security Agency (NSA)

become the largest, most covert, and potentially most intrusive intelligence agency ever

New cards
48

Data Mining

everything a person does becomes charted on a graph so the NSA is able to paint a more detailed picture of someone’s life

New cards
49

Advanced Encryption Standard (AES)

Symmetric encryption and is considered so strong that the NSA has even approved its use for top-secret US government communications.

New cards
50

Lists (Python Concept)

ordered, changeable, allows duplicate

New cards
51

Sets (Python Concept)

unordered, changeable, doesn’t allow duplicates

New cards
52

Dictionaries (Python Concept)

ordered, changeable, doesn’t allow duplicates (except values).

New cards

Explore top notes

note Note
studied byStudied by 7 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 15 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 9 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 21 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 5 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 6 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 34 people
Updated ... ago
5.0 Stars(1)
note Note
studied byStudied by 2618 people
Updated ... ago
5.0 Stars(5)

Explore top flashcards

flashcards Flashcard24 terms
studied byStudied by 47 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard58 terms
studied byStudied by 123 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard74 terms
studied byStudied by 6 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard31 terms
studied byStudied by 2 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard25 terms
studied byStudied by 89 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard42 terms
studied byStudied by 41 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard506 terms
studied byStudied by 30 people
Updated ... ago
5.0 Stars(1)
flashcards Flashcard178 terms
studied byStudied by 57 people
Updated ... ago
5.0 Stars(2)