Information Security Lecture Notes

Flashcards covering key vocabulary and concepts from the Information Security lecture notes, including types of threats, vulnerabilities, deliberate attacks, risk management strategies, and security controls.

Threat

Any danger to which an information resource may be exposed.

Exposure

The harm, loss, or damage that can result if a threat compromises an information resource.

Vulnerability

The possibility that an information resource will be harmed by a threat.

Human Error

Carelessness by employees or other insiders, posing significant threats, especially from higher-level employees due to greater access privileges.

Social Engineering

An attack in which the perpetrator uses social skills to trick or manipulate legitimate employees into providing confidential company information such as passwords.

Tailgating

A form of social engineering where an unauthorized person gains physical access to a restricted area by following an authorized person.

Spear phishing

A social engineering attack targeting specific high-value individuals or groups, custom-tailoring attacks to improve the chances of obtaining sensitive personal information.

Phishing

A social engineering attack that uses deception to acquire sensitive personal information by masquerading as official-looking emails or instant messages.

Shoulder surfing

A social engineering technique where an attacker observes a person's personal information by looking over their shoulder.

Deliberate threats

Malicious actions performed by malicious individuals using technical means to disrupt an organization's regular business operations, identify IT weaknesses, gain protected information, or further an attack plan via access to IT systems.

Espionage or trespassing

Occurs when an unauthorized individual attempts to gain illegal access to organizational information.

Information extortion

Occurs when an attacker either threatens to steal, or actually steals, information from a company, demanding payment for not stealing, returning, or disclosing the information.

Ransomware

Malicious software that blocks access to a computer system or encrypts an organization’s data until the organization pays a sum of money.

Sabotage or vandalism

Deliberate acts that involve defacing an organization’s website, potentially damaging the organization’s image and causing its customers to lose faith.

Hacktivist or cyberactivist operation

A form of online vandalism performed by individuals or groups with a political or social agenda.

Dumpster diving

Rummaging through commercial or residential trash to find discarded information like paper files, letters, memos, photographs, IDs, passwords, and credit cards.

Compromises to intellectual property

Threats that involve the unauthorized use, disclosure, or theft of exclusive creations of the mind.

Alien software

Clandestine software that is installed on your computer through duplicitous methods, enabling other parties to track Web surfing habits and personal behaviors.

Adware

A type of alien software that displays unwanted advertisements.

Keyloggers

A type of alien software that records keystrokes made on a keyboard.

Supervisory control and data acquisition (SCADA) attacks

Attacks against systems used to monitor or control chemical, physical, and transport processes such as those used in oil refineries, water treatment plants, and power plants.

Virus

Segment of computer code that performs malicious actions by attaching to another computer program.

Polymorphic virus

Segment of computer code that modifies itself to avoid detection by anti-malware systems, while keeping the same functionality.

Worm

Segment of computer code that performs malicious actions and will replicate, or spread, by itself (without requiring another computer program).

Whaling attack

A phishing attack that targets specific high-value individuals such as senior executives in an attempt to steal sensitive information from a company.

Smishing attack

A phishing attack carried out over mobile text message (Short Message Service phishing).

Vishing attack

Short for 'voice phishing,' these attacks attempt to defraud people over the phone.

Denial-of-service attack

An attacker sends so many information requests to a target computer system that the target cannot manage them successfully and typically ceases to function (crashes).

Distributed denial-of-service attack

An attacker first takes over many computers (zombies or bots) to form a botnet, which is then used to deliver a coordinated stream of information requests to a target computer, causing it to crash.

Trojan horse

Software programs that hide in other computer programs and reveal their designed behaviour only when they are activated.

Back door

Typically a password, known only to the attackers, that allows them to access a computer system at will, without having to go through any security procedures (also called a trap door).

Logic bomb

A segment of computer code that is embedded within an organization's existing computer programs and is designed to activate and perform a destructive action under specific conditions.

Risk mitigation

Has two functions: implementing controls to prevent identified threats from occurring, and developing a means of recovery if the threat becomes a reality.

Communication Controls

Measures dealing with the movement of data across networks, including firewalls, anti-malware systems, encryption, and VPNs.

Firewalls

Network security devices that monitor and filter incoming and outgoing network traffic based on an organization's previously established security policies.

Anti-malware systems

Software packages that attempt to identify and eliminate viruses, worms, and other malicious software.

Whitelisting

A strategy under which only pre-approved or trusted users, entities, or actions are allowed to operate on a system or network.

Blacklisting

A strategy under which certain users, entities, or actions are explicitly denied permission to operate on a system or network.

Encryption

The process of converting an original message into a form that cannot be read by anyone except the intended recipient.

Virtual private networking (VPN)

A method used to add security and privacy to private and public networks, like WiFi hotspots and the Internet.

Transport Layer Security (TLS)

An encryption standard used for secure transactions such as credit card purchases and online banking, which is the successor to SSL.

Application controls

Security countermeasures that protect specific applications in functional areas, including input, processing, and output controls.

Input controls

Programmed routines that edit input data for errors before they are processed.

Processing controls

Programmed routines that perform actions part of record-keeping, reconcile transactions, or monitor application operations.

Output controls

Programmed routines that edit output data for errors or help to ensure that output is provided only to authorized individuals.

Business Continuity Planning

The chain of events linking planning to protection and to recovery, aiming to provide continuous availability and ensure critical systems are operating after a failure or attack.