Computer Science Illuminated Ch 17 Vocab

Cybersecurity

Antivirus software

Software designed to detect, remove, and/or prevent malicious software

Authentication credentials

Information users provide to identify themselves

Availability

The degree to which authorized users can access information for legitimate purposes

Back door

A program feature that gives special and unauthorized access to a software system to anyone who knows it exists

Biometrics

Using physiological characteristics, such as fingerprints, to identify users and control access

Buffer overflow

A defect in a computer program that could cause a system to crash and leave the user with heightened privileges

Caesar cipher

A substitution cipher that shifts characters a certain number of positions in the alphabet

CAPTCHA

A software mechanism used to verify that a web form is submitted by a human and not an automated program

Cipher

An algorithm used to encrypt and decrypt text

Confidentiality

Ensuring that data is protected from unauthorized access

Cryptanalysis

The process of decrypting a message without knowing the cipher or key used to encrypt it

Cryptography

The field of study related to encoded information

Decryption

The process of converting ciphertext into plaintext

Denial of service

An attack on a network resource that prevents authorized users from accessing the system

Digital certificate

A representation of a sender’s authenticated public key used to minimize malicious forgeries

Digital signature

Data that is appended to a message, made from the message itself and the sender’s private key, to ensure the authenticity of the message

Encryption

The process of converting plaintext into ciphertext

Fingerprint analysis

A technique used for user authentication that compares a scanned fingerprint to a stored copy of the authorized user’s fingerprint

GPS (Global Positioning System)

A system that uses satellites to pinpoint the location of any GPS receiver

Information security

The techniques and policies used to ensure proper access to data

Integrity

Ensuring that data can be modified only by appropriate mechanisms

Logic bomb

A malicious program that is set up to execute when a specific system event occurs

Malicious code (malware)

A computer program that attempts to bypass appropriate authorization safeguards and/or perform unauthorized functions

Man-in-the-middle

A security attack in which network communication is intercepted in an attempt to obtain key data

Password criteria

A set of rules that must be followed when creating a password

Password guessing

An attempt to gain access to a computer system by methodically trying to determine a user’s password

Password management software

A program that helps you manage sensitive data, such as passwords, in a secure manner

Phishing

Using a web page to masquerade as part of a trusted system to trick users into revealing security information

Public-key cryptography

An approach to cryptography in which each user has two related keys, one public and one private

Risk analysis

Determining the nature and likelihood of the risks to key data

Route cipher

A transposition cipher that lays out a message in a grid and traverses it in a particular way

Security policy

A written statement describing the constraints or behavior an organization embraces regarding the information provided by its users

Smart card

A card with an embedded memory chip used to identify users and control access

Spoofing

An attack on a computer system in which a malicious user masquerades as an authorized user

Substitution cipher

A cipher that substitutes one character with another

Transposition cipher

A cipher that rearranges the order of the characters in a message

Trojan horse

A malicious program disguised as a benevolent resource

User authentication

The process of verifying the credentials of a particular user of a computer or software system

Virus

A malicious, self-replicating program that embeds itself into other code

Wiki

A website whose content can be created and edited by multiple users

Worm

A malicious stand-alone program that often targets network resources