FBLA Cyber Security Vocabulary

antivirus software

a class of programs that searches your hard drive and floppy disks for any known or potential viruses

virus

Self-replicating, malicious code that attaches itself to an application program or other executable system component and leaves no obvious signs of its presence

rule base

a set of rules that govern what is and what is not allowed through the firewall

Directory harvest attack

an attempt to determine the valid e-mail addresses associated with an e-mail server so that they can be added to a spam database

Transport Layer Security

protocol that ensures privacy between communicating applications and their users on the Internet

BioAPI

standard being developed by IBM, Microsoft, Novell and others that will allow different manufacturers' biometric software to interact

CRAM

two-level scheme for authenticating network users that functions as part of the Web's Hypertext Transfer Protocol

buffer overflow

a common type of denial-of-service attack that involves sending more traffic to a network address than the temporary data storage area is intended to hold, thereby shutting down the service and possibly corrupting or overwriting valid data

Single Signon

technology which allows users to register their personal information once to access multiple applications ex: Microsoft's Passport

honeypot

a computer system on the Internet that is expressly set up to attract and "trap" intruders

WEP

(Wired Equivalent Privacy) a security protocol, specified in 802.11b, that is designed to provide a wireless local area network (WLAN) with a level of security and privacy comparable to what is usually expected of a wired LAN

spam filter

a program used to detect unsolicited and unwanted e-mail and prevents those messages from getting to a user's inbox

HTTPS

(Hypertext Transfer Protocol over Secure Socket Layer) a Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server

SSL

(Secure Sockets Layer) the standard security technology for encrypting data as it travels over a network, establishing an encrypted link between a web server and a browser. This ensures that all data passed between the web server and browsers remain private and integral

Social Engineering

type of attack that relies on the trusting nature of employees and the art of deception ex: phishing and pharming

security policy

a document that states in writing how a company plans to protect the company's physical and IT assets

malware

a program or file that is specifically developed for the purpose of doing harm

Trojan horse

a program in which malicious or harmful code is contained inside apparently harmless programming or data

Typo-squatting

a malicious website using a URL similar to a real one, so that when a person misspells a URL they can give them a virus

Biba security model

a formal state transition system of computer security policy that describes a set of access control rules designed to ensure data integrity

Trusted Recovery

means that if a system fails the security remains intact when it is restored and does not allow any security breeches

cable trap

a locking device that prevents unauthorized unplugging of cables from computer devices

grayware

encompasses spyware, adware, dialers, joke programs, remote access tools, and any other unwelcome files and programs apart from viruses that are designed to harm the performance of computers on your network

confidentiality

when the sender and the recipient can transmit data to each other over an unsecured or monitored link by encrypting messages without worrying that their communications are being monitored

e-mail attachments

a primary mechanism for a malicious code to enter a desktop

semi-trusted networks

Networks that allow access to some database materials and e-mail

digital signature

a message signed with a sender's private key that can be verified by anyone who has access to the sender's public key, thereby proving that the sender had access to the private key (and therefore is likely to be the person associated with the public key used), and the part of the message that has not been tampered with; usually looks like a random-looking string of letters and numbers at the bottom of the message

data warehouse

a duplicate of some or all of a main database's data stored on a separate computer from the main database

surge

A prolonged increase in the voltage level

DES-CBC

the default cipher for the IPSec

adware

Any software application which displays advertising banners while the program is running; The authors include additional code, which can be viewed through pop-up windows or through a bar that appears on the computer screen; has been criticized because it usually includes code that tracks a user's personal information and passes it on to third parties, without the user's authorization or knowledge

alert

Notification that a specific attack has been directed at the information system of an organization

attack

Intentional act of attempting to bypass one or more computer security controls

audit trail

A record showing who has accessed a computer system and what operations he or she has performed during a given period of time. ___ are useful both for maintaining security and for recovering lost transactions

authenticate

To verify the identity of a user, user device, or other entity, or the integrity of data stored, transmitted, or otherwise exposed to unauthorized modification in an information
system, or to establish the validity of a transmission

authentication

Security measure designed to establish the validity of a transmission, message, or originator, or a means of verifying an individual's authorization to receive specific categories of information

back/trap door

Hidden software or hardware mechanism used to circumvent security controls

backup

A copy of data and/or applications contained in the IT stored on magnetic media outside of the IT to be used in the event IT data are lost

blended threat

A computer network attack that seeks to maximize the severity of damage and speed of contagion by combining methods, for example using characteristics of both viruses and worms, while also taking advantage of vulnerabilities in computers, networks, or other physical systems. An attack using this approach might send a virus via an e-mail attachment, along with a Trojan horse embedded in an HTML file that will cause damage to the recipient computer. ex: The Nimda, CodeRed, and Bugbear

bots

remote control agents installed on your system that are often controlled remotely via Internet Relay Chat (IRC); Once a system is infected with ___, it becomes part of a ___ network (___net) and is used in conjunction with other ___net members to carry out the wishes of the ___ owner or ___ herder; can scan networks for vulnerabilities, install various Distributed Denial of Service (DDoS) tools, capture network packets, or download and execute arbitrary programs; will often contain additional spyware or install it; Computers or systems infected with ____ can be used to distribute spam to make it harder to track and prosecute the spammers

broadband

high-speed network connections. In this context, Internet connections via cable modem and Digital Subscriber
Line (DSL) are frequently referred to as ____ Internet connections. There is no set bandwidth threshold required for a connection to be referred to as "___", but it is typical for connections in excess of 1 Megabit per second (Mbps) to be so named

bandwidth

the relative speed of a network connection -- for example, most current dial-up modems can support a ___ of 56 kbps (thousand bits per second)

browser/browser settings

One ___ configuration strategy to manage the risk associated
with active content while still enabling trusted sites is the use of Internet Explorer security zones; Using security zones, you can choose preset levels of security

certification

The comprehensive evaluation of the technical and non-technical security features of an IT and other safeguards, made in support of the accreditation process, that
establishes the extent to which a particular design and implementation meet a specified set of security requirements

ciphertext

encrypted data

cookie

pieces of information generated by a Web server and stored in the user's computer, ready for future access; are embedded in the HTML information flowing back and forth between the user's computer and the servers; were implemented to allow user-side customization of Web information ex: used to personalize Web search engines, to allow users to participate in WWW-wide contests (but
only once!), and to store shopping lists of items a user has selected while browsing through a virtual shopping mall

Configuration management

The process of keeping track of changes to the system, if
needed, approving them

contingency plan

A plan for emergency response, backup operations, and post-disaster recovery maintained by an activity as a part of its security program that will ensure the availability of critical resources and facilitate the continuity of operations in an emergency situation

countermeasures

Action, device, procedure, technique or other measure that reduces the vulnerability of an information system

data driven attack

A form of attack that is encoded in seemingly innocuous data which is executed by a user or a process to implement an attack; a concern for firewalls, since it may get through the firewall in data form and launch an attack against a
system behind the firewall

data integrity

The state that exists when automated data is the same as that in source documents, or has been correctly computed from source data, and has not been exposed to alteration or destruction

denial of service

Result of any action or series of actions that prevents any part of an information system from functioning

dial-up

The service whereby a computer terminal can use the telephone to initiate and effect communication with a computer

dictionary attack

An attack that uses a brute-force technique of successively trying all the words in some large, exhaustive list

distributed tool

A tool that can be distributed to multiple hosts, which can then be coordinated to anonymously perform an attack on the target host simultaneously after some time delay

DNS spoofing

Assuming the DNS name of another system by either corrupting the name service cache of a victim system, or by compromising a domain name server for a valid domain

DSL

(Digital Subscriber Line) Internet connectivity, unlike cable modem-based service, that provides the user with dedicated bandwidth; However, the maximum bandwidth available to ___ users is usually lower than the maximum cable modem rate because of differences in their respective network technologies; Also, the "dedicated bandwidth" is only dedicated between your home and the ___ provider's central office -- the providers offer little or no
guarantee of bandwidth all the way across the Internet

encryption

the translation of data into a secret code; the most
effective way to achieve data security. To read an ___ed file, you must have access to a secret key or password that enables you to understand it

plain text

unencrypted data

EULA

(End User License Agreement) a contract between you and the software's vendor or developer. Some software packages state that by simply removing the shrink-wrap on the package, you agree to the contract. However, you may be more familiar with the type of ___ that is presented as a dialog box that appears the first time you open the software. It usually requires you to accept the conditions of the contract before you can proceed

firewall

A system designed to prevent unauthorized access to or from a private network; can be implemented in both hardware and software, or a combination of both; frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the
intranet pass through the ___, which examines each message and blocks those that do not meet the specified security criteria; considered a first line of defense in protecting private information

flooding

type of incident involving insertion of a large volume of data resulting in denial of service

gateway

a bridge between two networks

hacker

unauthorized user who attempts to or gains access to an information system

internet

A global network connecting millions of computers; As of 1999, has more than 200 million users worldwide, and that number is growing rapidly

intranet

A network based on TCP/IP protocols (an internet) belonging to an organization, usually a corporation, accessible only by the organization's members, employees, or others with authorization; its Web sites look and act just like any other Web sites, but the firewall surrounding a ___ fends off unauthorized access

intrusion

unauthorized act of bypassing the security mechanisms of a system

ISP

(Internet Service Provider) a company that provides individuals and other companies access to the Internet and other related services

malicious code

Software capable of performing an unauthorized process on an information system

management controls

Security methods that focus on the management of the computer security system and the management of risk for a system

mobile code

Software modules obtained from remote systems, transferred across a network, and then downloaded and executed on a local system without explicit installation or
execution by the recipient; Malicious ___ is designed, employed, distributed, or activated with the intention of compromising the performance or security of information
systems and computers, increasing access to those systems, disclosing unauthorized information, corrupting information, denying service, or stealing resources

operation controls

Security methods that focus on mechanisms that primarily are implemented and executed by people (as opposed to systems)

packet

A block of data sent over the network transmitting the identities of the sending and receiving stations, error-control information, and message

packet filtering

A feature incorporated into routers to limit the flow of information based on pre-determined communications such as source, destination, or type of service being
provided by the network; let the administrator limit protocol specific traffic to one network segment, isolate email domains, and perform many other traffic control
functions

packet sniffer

A device or program that monitors the data traveling between computers on a network

patches (software patches)

updates that fix a particular problem or vulnerability within a program. Sometimes, instead of just releasing a ___, vendors will release an upgraded version of their software, although they may refer to the upgrade as a ___. Make sure to apply relevant ___ to your computer as soon as possible so that your system is protected

pharming

seeks to obtain personal or private (usually financial related) information through domain spoofing. Rather than being spammed with malicious and mischievous e-mail requests for you to visit spoof Web sites which appear
legitimate, ___ 'poisons' a DNS server by infusing false information into the DNS server, resulting in a user's request being redirected elsewhere. Your browser, however will
show you are at the correct Web site, which makes ___ a bit more serious and more difficult to detect; allows the scammers to target large groups of people at one time through domain spoofing

phishing

use email or malicious web sites to solicit personal, often
financial, information. Attackers may send email seemingly from a reputable credit card company or financial institution that requests account information, often suggesting that there is a problem. When users respond with the requested information, attackers can use it to gain
access to the accounts; attempts to scam people one at a time with an e-mail

probe

An attempt to gather information about an information system for the apparent purpose of circumventing its security controls

proxy

Software agent that performs a function or operation on behalf of another application or system while hiding the details involved

RADIUS

(Remote Authentication Dial-In User Service) an authentication and accounting system used by many Internet Service Providers (ISPs). When you dial in to the ISP you must enter your username and password. This information is passed to a ___ server, which checks that the information is correct, and then authorizes access to the ISP system

remote access

The hookup of a remote computing device via communication lines such as ordinary phone lines or wide area networks to access network applications and information

replicator

Any program that acts to produce copies of itself. Examples include; a program, a worm, or virus

retro-virus

a virus that waits until all possible backup media are infected too, so that it is not possible to restore the system to an uninfected state

risk analysis

The process of identifying security risks, determining their magnitude, and identifying areas needing safeguards; a part of risk management

risk management

Process of identifying, controlling, and eliminating or reducing risks that may affect IT resources

rootkit

A hacker security tool that captures passwords and message traffic to and from a computer; A collection of tools that allows a hacker to provide a backdoor into a system, collect information on other systems on the network, mask the fact that the system is compromised, and much more; a classic example of Trojan Horse software; available for a wide range of operating systems

security incident

An adverse event in a computer system or the threat of such an event occurring

security plan

document that details the security controls established and planned for a particular system

security specifications

a detailed description of the safeguards required to protect a system

sensitive data

Any information, the loss, misuse, modification of, or unauthorized access to, could affect the national interest or the conduct of Federal programs, or the privacy to which
individuals are entitled under Section 552a of Title 5, U.S. Code, but has not been specifically authorized under criteria established by an Executive order or an act of Congress to be kept classified in the interest of national defense or foreign policy

smart card

A credit-card-sized device with embedded microelectronics circuitry for storing information about an individual. This is not a key or token, as used in the remote access authentication process

smurfing

Software that mounts a denial of service attack by exploiting IP broadcast addressing and ICMP ping packets to cause flooding

spam

To indiscriminately send unsolicited, unwanted, irrelevant, or inappropriate messages, especially commercial advertising in mass quantities; Noun: electronic "junk mail"; can contain worms, viruses and other malicious code

spim

Spam that is sent over Instant Messaging. Like spam, ___ can contain worms, viruses and other malicious code

spoofing

Unauthorized use of legitimate identification and authentication data, however it was obtained, to mimic a subject different from the attacker; ex: Impersonating, masquerading, piggybacking, and mimicking

spyware

Any software using someone's Internet connection in the background without their knowledge or explicit permission; typically bundled as a hidden component of freeware or shareware programs that can be downloaded from the Internet; however, it should be noted that the majority of shareware and freeware applications do not come with ___. Once installed, the ___ monitors user activity on the Internet and transmits that information in the background to someone else; can also gather information about e-mail addresses and even passwords and credit card numbers

system integrity

The quality that a system has when it performs its intended function in an unimpaired manner, free from deliberate or inadvertent unauthorized manipulation of the system

threat

Any circumstance or event with the potential to adversely impact an information system through unauthorized access, destruction, disclosure, modification of data, and/or denial of service

vulnerability

A weakness in automated system security procedures, technical controls, environmental controls, administrative controls, internal controls, etc., that could be used as
an entry point to gain unauthorized access to information or disrupt critical processing.