Discovering Computers - Chapter 5

digital security risk

any event or action that could cause a loss of/damage to device hardware, software, data, info, or processing capability

computer crime

any illegal act involving the use of a computer

cybercrime

online or Internet-based illegal act

hacker

someone who accesses a computer or network illegally

cracker

someone who accesses a computer or network illegally but has malicious intent

script kiddie

someone who accesses a computer or network illegally with malicious intent, but uses a prewritten code to do so

cyberextortionist

someone who demands payment to stop an attack on an organization’s technology infrastructure

cyberterrorist

someone who uses the Internet/network to damage computers for political reasons

cyberwarfare

use of cyber attacks against an enemy state

malware

programs that act without a user’s knowledge and deliberately alter the operations of computers and mobile devices

payload

destructive event or prank

botnet (zombie army)

a group of compromised computers connected to a network that are used to attack other networks

zombie

a compromised device, being controlled by someone other than owner

bot

a program that performs a repetitive task on a network

denial of service attack (DoS attack)

an assault whose purpose is to disrupt computer access to an Internet service

distributed DoS attack (DDoS)

attack in which a zombie army is used to attack computers/computer networks

back door

program that allows users to bypass security controls

spoofing

a technique intruders use to make their network appear legit to a victim

IP spoofing

intruder fools network into believing its IP address is trustworthy

email spoofing

when sender’s address/heading is altered so that it appears that the email was from a different sender

firewall

hardware/software that protects a network’s resources from intrusion by users on another network

proxy server

a server outside the organization’s network that controls which communications pass in and out of the organization’s network

AUP

acceptable use policy

audit trail

records successful and unsuccessful attempts to access a computer or network

password manager

service that stores all your account information securely

Which is safer - passwords or passphrases?

passphrases

CAPTCHA

Completely Automated Public Turing test to tell Computers and Humans Apart - distorted letters to verify input is from humans

biometric device

authenticates a person’s identity by translating a personal characteristic (like a fingerprint) into a digital code that is compared w/ a digital code stored in a device

two-step verification

computer uses two separate methods, one after the next, to verify the identity of a user

digital forensics

discovery, collection, and analysis of evidence found on computers and networks

software theft

when someone steals software media, intentionally erases programs, illegally registers/activates a program, or illegally copies a program

software piracy

unauthorized and illegal duplication of copyrighted software

What is the most common form of software theft?

piracy

product activation

ensures software is not installed on more computers than legally licensed

license agreement

the right to use software

network license

a legal agreement that allows multiple users to access the software on the server simultaneously

site license

a legal agreement that permits users to install the software on multiple computers

encryption

the process of converting data that is readable by humans into encoded characters to prevent unauthorized access

virtual private network (VPN)

provides users w/ secure connections to servers, help ensure data is safe from being intercepted by encrypting data as it transmits

digital signature

an encrypted code that a person/website/organization attaches to an e-message to verify the identity of the sender

digital certificate

a notice that guarantees a user/website is legitimate

secure site

a website that uses encryption techniques to secure its data - https

What is the ultimate safeguard to protect data loss?

back up

disc burning software

writes text, graphics, audio, and video files on a recordable disc

differential backup

copies only the files that have changed since the last full backup

incremental backup

copies only the files that have changed since the last full/incremental backup

continuous data protection (CDP)

all data is backed up whenever a change is made

Intellectual Property (IP)

unique and original works

Intellectual Property Rights

rights to which creators are entitled for their work

ENERY star

on devices that comply w/ guidelines of the program - energy efficient

information privacy

the right of individuals and companies to deny or restrict the collection and use of info about them

cookie

small text file that a web server stores on your computer

What are cookies used for?

track user preferences, customize viewing preference, store user names/passwords, target advertisements

Where are cookies stored?

in computer’s hard drive

social engineering

obtaining confidential information by taking advantage of others

rootkit

lets someone from a remote location take full control of your device