Digital Security Final Exam

Digital Security Risk

Any event or action that could cause a loss or of damage to computer or mobile device hardware, software, data, information, or processing capability.

Computer Crime

Any illegal act involving the use of a computer or related devices

Cybercrime

An online or Internet-based illegal act

Hacker

Someone who accesses a computer or network illegally

Cracker

Access a computer or network illegally, but has the intent of destroying data, stealing information, or other malicious actions

Script Kiddie

Has the same intent as a cracker but does not have technical skills or knowledge

Cyberextortionist

Someone who demands payment to stop an attack on an organization's technology infrastructure

Cyberterrorist

Someone who uses the Internet or network to destroy or damage computers for political reasons

Information transmitted over networks

Has a higher degree of security risk than information kept on an organization's premises

• Malwares

• Botnets

• Denial of service attacks

• Back doors

• Spoofing

Name the internet and network attacks that jeopardize security?

Malware

Consists of programs that act without a user's knowledge and deliberately alter the operations of computers and mobile devices

Malware

Short for Malicious Software

Botnet

A group of compromised computers or mobile devices connected to a network

Zombie

A compromised computer is also known as a what?

Denial of service attack (DoS attack)

Disrupts a computer access to Internet service

Distributed Denial of Service attack (DDoS)

Zombie army is used to attack computer networks

Back doors

Program or set of instructions in a /program that allow users to bypass security controls

Spoofing

Technique intruders use to make their network or Internet transmission appear legitimate

1. IP Spoofing

2. Email Spoofing

What are the two types of spoofing?

Firewall

Hardware and/or software that protects a network's resources from intrusion

Unauthorized access

The use of a computer or network without permission

Unauthorized use

The use of a computer or its data for unapproved or possibly illegal activities

Access Controls

Define who can access a computer, device, or network; when they can access it; and what actions can they take while accessing it

User Names and Passwords

Are unique combinations of characters that identifies one user

PIN (personal identification number)

Is a number password

Possessed Object

An item that you must poss in order to gain access to computer or facility

Biometric Device

Authenticates translating pers characteristic into digital code

1. Finger Print reader

2. Hand Geometry System

3. Face Recognition System

4. Voice Verification System

5. Iris Recognition System

Name the five Biometric Devices

Two-step verification

Uses two separate methods, one after the next, to verify the identity of a user

1. User Accounts

2. ATM Machines

Name both two-step verification systems

Digital Forensics/Cyberforensics

The discovery, collection, and analysis of evidence found on computers and networks

Physical Stealing Software

A perpetrator physically steals the media that contains the software, or steals the hardware that contains the media that contains the software

Intentionally Erasing Software

A perpetrator erases the media that contains the software

Illegal Registration/Activation

A perpetrator illegally obtains registration numbers and/or activation codes

Illegal Copying

A perpetrator copies software from manufacturers

Software Piracy

The unauthorized and illegal duplication of copyrighted software

License Agreement

The right to use the software

Information Theft

Occurs when someone steals personal or confidential information

Encryption

The process of converting data that is readable by humans into encodable characters to prevent unauthorized access

Digital Signatures

Encrypted code that a person, website, or organization attaches to an electronic message to verify the identity of the message sender

Digital Certificate

Is a notice that guarantees a user or a website is legitimate. Website that uses encryption techniques to secure its data is known as a secure site

Technology Ethics

The moral guidelines that govern the use of computers, mobile devices, information systems, and related technologies

Intellectual Property

Refers to unique and original works such as ideas, inventions, art, writings, processes, company and product names, and logos

Intellectual Property Rights

Are the rights to which creators are entitled to their work

A Copyright

Protects any tangible form of expression

Digital rights management (DRM)

A strategy designed to prevent illegal distribution of movies, music, and other digital content

Green Computing

Involves reducing the electricity and environmental waste while using computers, mobile devices, and related technologies

Information Privacy

Refers to the right of individuals and companies to deny or restrict the collection, use, and dissemination of information about them

Cookies

Small text files that a web server stores on your computer

• Allow for personalization

• Store user names and/or passwords

• Assist with online shopping

• Track how often users visit a site

• Target advertisements

Why do websites use cookies?

Social Engineering

Defined as gaining unauthorized access to or obtaining confidential information by taking advantage of the trusting human nature of some victims a the naivety of others