CS2005 – Networks and Operating Systems: Security

0.0(0)
studied byStudied by 0 people
linked notesView linked note
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/49

flashcard set

Earn XP

Description and Tags

Vocabulary flashcards covering security threats, attacks, protection levels, malware, and fundamental cryptography concepts from the lecture notes.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

50 Terms

1
New cards

Security

A system state in which resources are used and accessed exactly as intended under all circumstances.

2
New cards

Attack

An active attempt to breach or compromise system security.

3
New cards

Threat

A potential security violation that could cause damage if realized.

4
New cards

Intruder

A person who tries to gain unauthorised access to a system, violate security, or damage data.

5
New cards

Breach of Confidentiality

Unauthorised access to or theft of information (e.g., credit-card data).

6
New cards

Breach of Integrity

Unauthorised modification of data (e.g., defacing a website).

7
New cards

Breach of Availability

Unauthorised destruction or disruption of data or services.

8
New cards

Theft of Service

Unauthorised use of resources, such as installing a hidden file server daemon.

9
New cards

Denial of Service (DoS)

Preventing legitimate use of a system by overwhelming it with illegitimate traffic.

10
New cards

Masquerading

An attacker pretends to be another host or user to gain privileges.

11
New cards

Replay Attack

Malicious or fraudulent repeat of a valid data transmission, often involving message modification.

12
New cards

Man-in-the-Middle Attack

Attacker inserts into a communication flow, impersonating each side to the other.

13
New cards

Session Hijacking

Intercepting an active session to bypass authentication and assume the connection.

14
New cards

Physical Security

Protecting data centres, servers, and terminals against physical tampering or theft.

15
New cards

Human Security

Reducing risks from social engineering, phishing, dumpster diving, etc.

16
New cards

Operating-System Security

OS protection mechanisms (e.g., permissions, debugging controls) that enforce access limits.

17
New cards

Network Security

Safeguards against intercepted communications, interruptions, and network-based DoS attacks.

18
New cards

Trojan Horse

A program that disguises itself as legitimate, may block/alter data or install a backdoor, but cannot self-replicate.

19
New cards

Trap Door (Backdoor)

Hidden mechanism (e.g., hard-coded credentials) left in software to bypass normal authentication.

20
New cards

Logic Bomb

Malicious code triggered by specific conditions such as a date or event.

21
New cards

Stack/Buffer Overflow

Attack technique that overwrites return addresses on the stack to hijack program control.

22
New cards

Virus

Self-replicating code fragment embedded in legitimate programs, capable of spreading to other machines.

23
New cards

File (Parasitic) Virus

Virus type that attaches to executable files.

24
New cards

Boot/Memory Virus

Infects boot sectors or memory to gain control during system start-up.

25
New cards

Macro Virus

Written in application macro languages (e.g., VB) and infects documents or templates.

26
New cards

Source-Code Virus

Inserts itself into source files so it later propagates when the code is compiled.

27
New cards

Polymorphic Virus

Changes form to avoid detection by signature-based scanners.

28
New cards

Worm

Standalone, self-replicating program that spawns copies across a network, consuming resources.

29
New cards

Port Scanning

Automated attempt to connect to multiple ports/IPs to discover exploitable services.

30
New cards

Morris Internet Worm

1988 worm by Robert T. Morris that exploited UNIX vulnerabilities; one of the first Internet worms.

31
New cards

Cryptography

The science of secret writing; techniques for secure communication via codes and ciphers.

32
New cards

Encryption

Process of encoding plaintext into ciphertext using an algorithm and key.

33
New cards

Decryption

Reversing encryption to obtain plaintext from ciphertext using the appropriate key.

34
New cards

Cipher

Algorithm that performs encryption and decryption operations.

35
New cards

Plaintext

The original, unencrypted message.

36
New cards

Ciphertext

The encrypted form of a message.

37
New cards

Cryptosystem

A set of algorithms for encryption, decryption, and key generation.

38
New cards

Cryptanalysis

The study of methods to break or circumvent encryption schemes.

39
New cards

Symmetric Encryption

Encryption where the same secret key is used for both encryption and decryption.

40
New cards

Block Cipher

Symmetric cipher that processes fixed-size blocks of data (e.g., DES, AES).

41
New cards

Stream Cipher

Symmetric cipher that encrypts data as a continuous stream (e.g., RC4).

42
New cards

DES (Data Encryption Standard)

Early NIST-adopted block cipher; now considered insecure for many uses.

43
New cards

Triple DES

An enhanced DES version applying the cipher three times for stronger security.

44
New cards

AES (Advanced Encryption Standard)

Modern NIST-standard block cipher replacing DES for most applications.

45
New cards

RC4

Stream cipher by Ron Rivest (1987); considered insecure today.

46
New cards

Key Exchange

Process of sharing a secret key directly or via a trusted third party (certificate authority).

47
New cards

Asymmetric Encryption (Public-Key)

Encryption using different keys: a public key for encryption and a private key for decryption.

48
New cards

Public Key

Non-secret key distributed openly to allow others to encrypt messages for the key owner.

49
New cards

Private Key

Secret key held by the owner to decrypt messages encrypted with the corresponding public key.

50
New cards

RSA Algorithm

Widely used public-key algorithm relying on the difficulty of factoring large composite numbers.