CIS 440 issues in computer security chapter 1-5

Information Security / InfoSec

The practice of protecting information from unauthorized access, disclosure, disruption, destruction, or modification.

Confidentiality

Ensures information is only disclosed to authorized users. Example A customer's credit card number used in an online transaction should not be disclosed to other customers.

Integrity

Ensures information is only modified in an authorized manner. Example A bank customer should not be able to increase the customer's account balance without adding funds to the account.

Availability

Ensures information is accessible by authorized users whenever required. Example Smishing, Phishing aimed at high-value individuals like executives.

Business Email Compromise (BEC)

Impersonating a trusted individual to trick employees into financial transactions.

Misinformation

False information spread without intent to harm.

Disinformation

False information spread intentionally to mislead.

Malware

Any software developed to compromise the confidentiality, integrity, or availability of data.

Virus

A type of malware that self-replicates and spreads within infected devices.

Fileless Virus

A virus that exists only in memory and is undetectable by traditional scanning.

Worm

A self-replicating malware that spreads across networks.

Bot

A device infected with malware that allows remote control by an attacker.

Cryptomalware

Malware that uses computing resources to mine cryptocurrency.

Ransomware

Malware that denies access to files until a ransom is paid.

Spyware

Malware that collects user data without consent.

Bloatware

Unwanted software preloaded on a new device by the manufacturer.

Keylogger

Malware that records keystrokes.

Trojan

Malware disguised as legitimate software.

Remote Access Trojan (RAT)

Trojans that provide remote access to infected devices.

Potentially Unwanted Program (PUP)

Software considered unnecessary or unwanted.

Backdoor

Malware that enables unauthorized access to a device.

Logic Bomb

Malware that triggers under specified conditions.

Rootkit

Malware that allows administrative access without detection.

Security Control

Mechanisms that protect confidentiality, integrity, and availability of systems and data.

**Technical Control

Controls performed by systems.

Managerial Control

Controls addressing risk management and governance.

Operational Control

Controls performed by employees.

Physical Control

Controls securing the physical environment.

Preventive Control

Controls that prevent security issues.

Deterrent Control

Controls that discourage policy violations.

Directive Control

Controls that provide direction.

Detective Control

Controls that identify security issues.

Corrective Control

Controls that restore normal operations after issues occur.

Identity and Access Management (IAM) / Identity Management (IdM)

A framework for managing user identities and controlling access to resources.

User

An entity accessing a system, typically a person or device.

Identification

The act of claiming an identity.

Username

A unique identifier assigned to a user.

Certificate

A digital credential binding a user's identity to a cryptographic key.

Token

A physical device generating a unique code for authentication.

SSH Key

A user's cryptographic key-pair.

Smart Card

A card with an embedded microchip for authentication.

Identity Proofing

Verifying a user's identity during account creation.

Attribute

A characteristic of an identity.

Authentication

Verifying a user's claim to an identity.

Authentication Factors

Types of evidence to prove identity claims.

Authentication Protocol

A protocol designed for securely transferring authentication information.

Authorization

Granting a user access to resources.

Subject

An entity attempting to access a resource.

Object

A resource the subject wants to access.

Access Control Model / Authorization Model

Rules for managing access control.

Authentication Factor

Evidence provided to prove a user's claim to identity.

Knowledge Factor

Information known by the user.

Possession Factor

Something the user possesses.

Inherence Factor

A unique characteristic of the user.

Location Factor

Information about the user's current location.

Behavior Factor

An action performed by the user.

Single-Factor Authentication (SFA)

Uses one authentication factor.

Two-Factor Authentication / 2FA

Uses two different authentication factors.

Smart Card Authentication

Using a smart card for authentication.

Multi-Factor Authentication (MFA)

Uses two or more authentication factors.

Knowledge-Based Authentication (KBA)

Requires knowledge of personal information for validation.

Static KBA / Shared Secrets

Based on predefined questions between the user and the system.

Dynamic KBA

Knowledge questions based on the user's private data.

One-Time Password (OTP)

An authentication code used once.

Time-Based One-Time Password (TOTP)

An OTP that changes periodically.

HMAC-Based One-Time Password (HOTP)

An OTP that changes based on an event.

Authentication Application / Software Token

An application generating OTPs.

Push Notification

A notification sent to a user's device for authentication.

Security Token

A hardware device generating an OTP.

Static Code

A pre-generated OTP.

Trusted Platform Module (TPM)

A secure processor for cryptographic operations.

Full Disk Encryption (FDE)

Encryption of an entire drive.

Hardware Security Module (HSM)

A device providing cryptographic services.

Cryptoprocessor

A microprocessor for cryptographic operations.

FIPS-140

U.S. government security standard for cryptographic modules.

Secure Enclave

A tamper-resistant hardware component for secure operations.

Biometrics

Measurements of unique characteristics of an individual.

Physical Biometrics

Measurements of physical characteristics (e.g., fingerprints, facial patterns).

Behavioral Biometrics

Measurements of behavioral traits (e.g., voice, gait).

Biometric Authentication

Using biometrics to verify identity.

Biometric Factor / Inherence Factor

Unique physical or behavioral characteristics.

False Rejection Rate (FRR)

Percentage of valid biometric measures rejected.

False Acceptance Rate (FAR)

Percentage of invalid measures accepted.

Crossover Error Rate (CER)

Rate at which FRR and FAR are equal.

Efficacy Rate

Measure of a biometric system's effectiveness.

Relative Operating Characteristic (ROC)

Visual trade-off between FRR and FAR.

Password Authentication Protocol (PAP)

Authenticates a client to a server in point-to-point connections.

Challenge Handshake Authentication Protocol (CHAP)

Uses a shared secret to authenticate a client to a server.

Kerberos

An authentication protocol using a ticket-based mechanism.

Kerberos Realm

A network using Kerberos authentication.

Key Distribution Center (KDC)

Trusted third-party that authenticates users.

Authentication Server (AS)

Authenticates users.

Ticket-Granting Server (TGS)

Issues tickets for service access.

Ticket-Granting Ticket (TGT)

Allows requests for service tickets.

Service Ticket (ST)

Proof of a user's authorization to access a service.

Extensible Authentication Protocol (EAP)

An authentication framework for various protocols.

EAP Request

A request message from a server to a client.

EAP Response

A response message from a client to a server.

EAP Success

Message indicating successful authentication.

EAP Failure

Message indicating unsuccessful authentication.