Cyber Security Essentials & Threats

studied byStudied by 1 person
0.0(0)
Get a hint
Hint

Cyber security

1 / 43

flashcard set

Earn XP

Description and Tags

44 Terms

1

Cyber security

Practice of protecting systems, networks, and programs from digital attacks to ensure confidentiality, integrity, and availability of data.

New cards
2

Malware

Malicious software disrupting, damaging, or gaining unauthorized access to computer systems. Types include viruses, worms, trojans, spyware, and adware.

New cards
3

Phishing

Fraudulent attempts to obtain sensitive information by posing as a trustworthy entity in electronic communications. Types include email phishing, spear phishing, smishing, and vishing.

New cards
4

Ransomware

Type of malware encrypting victim's files and demanding payment for decryption key. Examples include WannaCry, CryptoLocker, and NotPetya.

New cards
5

Insider Threats

Security risks from within the organization, involving malicious insiders, negligent insiders, and compromised insiders.

New cards
6

Vulnerabilities

Weaknesses in a system that can be exploited by threats, such as software bugs like buffer overflows, code injection, privilege escalation, weak passwords, and unpatched software.

New cards
7

Buffer Overflows

Errors occurring when a program writes more data to a buffer than it can hold, potentially allowing execution of arbitrary code.

New cards
8

Code Injection

Flaws enabling attackers to inject malicious code into a program, often through input fields.

New cards
9

Privilege Escalation

Vulnerabilities allowing attackers to gain elevated access to resources that are normally protected.

New cards
10

Weak Passwords

Easily guessable passwords providing an easy entry point for attackers due to common words or phrases, short length, and lack of complexity.

New cards
11

Unpatched Software

Outdated software lacking the latest security patches, making it vulnerable to attacks by exploiting known vulnerabilities.

New cards
12

Types of Cyber Attacks

Include malware (viruses, worms, trojans, spyware), which disrupt, damage, or gain unauthorized access to computer systems.

New cards
13

Viruses

Attach to legitimate programs or files, spread between computers, and can cause damage by deleting files, corrupting data, or slowing down system performance.

New cards
14

Worms

Self-replicating malware spreading without user intervention, exploiting network vulnerabilities to infect systems and cause disruption.

New cards
15

Trojans

Disguised as legitimate software but contain malicious code to create backdoors, steal information, or install additional malware.

New cards
16

Spyware

Secretly monitors and collects user information, tracking online activities, capturing keystrokes, and harvesting personal data for identity theft or espionage.

New cards
17

Adware

Automatically displays or downloads advertising material. Can track user behavior to deliver targeted ads. Can degrade system performance and invade privacy.

New cards
18

Email Phishing

Deceptive emails that appear to come from a legitimate source, requesting personal information or prompting the user to click on a malicious link.

New cards
19

Spear Phishing

Targeted phishing attempts aimed at specific individuals or organizations. Use personalized information to increase credibility and likelihood of success.

New cards
20

Smishing

Phishing attacks conducted through SMS text messages. Messages often contain links to malicious websites or prompt users to provide personal information.

New cards
21

Vishing

Phishing attacks conducted through voice calls. Attackers impersonate trusted entities to extract sensitive information, such as bank details.

New cards
22

Man-in-the-Middle (MitM)

Attacks where the attacker intercepts and potentially alters communication between two parties who believe they are directly communicating with each other.

New cards
23

Eavesdropping

Attacker secretly listens to communication between two parties. Can capture sensitive information, such as login credentials or personal data.

New cards
24

Session Hijacking

Attacker takes over a valid session between a user and a server. Can impersonate the user, steal information, or perform unauthorized actions.

New cards
25

SSL Stripping

Attacker downgrades a secure HTTPS connection to an unencrypted HTTP connection. Can intercept and modify data transmitted between the user and the website.

New cards
26

Denial-of-Service (DoS)

Attacks intended to make a system or network resource unavailable to its intended users by overwhelming it with traffic.

New cards
27

Basic DoS

Overloads the target with excessive traffic, causing it to crash or become unresponsive. Can be launched from a single source.

New cards
28

Distributed Denial-of-Service (DDoS)

Similar to DoS but launched from multiple sources, often using a botnet. Harder to mitigate due to the distributed nature of the attack.

New cards
29

Application Layer DoS

Targets specific applications or services rather than the entire network. Can exhaust resources by sending a high volume of requests to a particular application.

New cards
30

SQL Injection

Code injection technique that exploits vulnerabilities in an application's software to execute malicious SQL statements.

New cards
31

Cyber Security Measures

Various controls and practices implemented to enhance security in digital environments.

New cards
32

Firewalls

Devices or software that block unauthorized access to a network.

New cards
33

Antivirus Software

Programs that detect and remove malicious software.

New cards
34

Encryption

The process of converting data into a code to prevent unauthorized access.

New cards
35

Intrusion Detection Systems (IDS)

Systems that monitor network traffic for suspicious activity.

New cards
36

Multi-Factor Authentication (MFA)

Requires more than one method of authentication to verify the user's identity.

New cards
37

Security Policies and Procedures

Formalized rules and guidelines that govern the organization's security practices.

New cards
38

Securing Hardware

Physical security measures to protect computer hardware from theft or damage.

New cards
39

Access Control

Restricting physical access to facilities and sensitive areas to authorized personnel only.

New cards
40

Regular Updates and Patch Management

Ensuring all systems and software are up-to-date with the latest security patches.

New cards
41

Strong Password Policies

Using complex and unique passwords and changing them regularly.

New cards
42

User Education and Awareness

Training employees to recognize and respond to potential threats like phishing.

New cards
43

Regular Data Backups

Ensuring that data is regularly backed up and can be restored in case of an attack.

New cards
44

Incident Response Planning

Having a structured approach to handle and manage the aftermath of a security breach or cyberattack.

New cards

Explore top notes

note Note
studied byStudied by 18 people
... ago
4.0(1)
note Note
studied byStudied by 12 people
... ago
5.0(1)
note Note
studied byStudied by 34 people
... ago
5.0(1)
note Note
studied byStudied by 13 people
... ago
5.0(2)
note Note
studied byStudied by 1 person
... ago
5.0(1)
note Note
studied byStudied by 57 people
... ago
5.0(1)
note Note
studied byStudied by 22 people
... ago
5.0(1)
note Note
studied byStudied by 1975 people
... ago
4.7(11)

Explore top flashcards

flashcards Flashcard (93)
studied byStudied by 1 person
... ago
5.0(1)
flashcards Flashcard (115)
studied byStudied by 13 people
... ago
5.0(2)
flashcards Flashcard (22)
studied byStudied by 17 people
... ago
5.0(3)
flashcards Flashcard (75)
studied byStudied by 2 people
... ago
5.0(1)
flashcards Flashcard (29)
studied byStudied by 27 people
... ago
5.0(2)
flashcards Flashcard (40)
studied byStudied by 1 person
... ago
5.0(1)
flashcards Flashcard (20)
studied byStudied by 1 person
... ago
5.0(1)
flashcards Flashcard (134)
studied byStudied by 2615 people
... ago
4.0(26)
robot