copy of Cybersecurity Semester 1 Final Review

Inetpub

________- contains all the web pages and content that will be published on the web.

Software

________ that replicates and infects many computers, turning the computer into a "zombie.

Spyware

________- Software that secretly collects information about you.

Whistleblower

________- An "insider, "meaning an employee of an organization, exposes an injustice or some criminal behavior that the organization is committing.

Breaches

________ are made by word of mouth, printing, and emailing.

Decrypt

________- Decodes information and is the opposite of encrypted.

Backdoor

________- Malicious software that bypasses the normal, secure, or restricted access.

Social Engineering

________- The art of manipulating people so they give up confidential information, which.

Admins

________ can enable or disable directory browsing, such as FTP.

Spam

________- Irrelevant or inappropriate messaging sent through email to a large number of recipients; also known as junk mail.

Passive Analysis

________- Analyze something without interfering or affecting it.

White Hat Hacker

________- Expert who has permission to perform security tests and who fully discloses their activities.

Ecommerce

________- The buying and selling of goods or services over the internet.

Ransomware

________ can spread like a virus, worm, or Trojan horse.

Security Baseline

________- A starting point for data analysis.

CAPTCHA

________- A system that can distinguish between a human and an automated program.

Industrial Espionage

________- Companies steal information from competitors to gain the upper hand or eliminate the competition.

URL

Typosquatting- Also known as ________ hijacking, is a form of cybersquatting (sitting on sites under someone else's brand or copyright) that targets Internet users who incorrectly type a website address into their web browser.

Cookie

________- Small text- based bits of information about your browser that a web server saves.

Packet

________- Small units of data transmitted on a network.

IIS

The behavior and structure of the websites run by ________ and supports secure site configurations.

Protocol

________- Agreed method of communication.

Top Level Domain

________- The last segment of a web address; it follows immediately after the last "dot "symbol (.com, .net, .org, .gov)

Encrypt

________- to write in code; to encode.

personal gain

Their behavior is meant to cause harm, to draw attention to something, or to achieve ________.

Web Server

________- A computer that delivers files forming web pages across a network to requesting clients.

Log File

________- A file that contains an official record of activities that occur on a computer.

Social Ideology

________- Hackers engage in "hacktivism "to change aspects of society such as disrupting.

Penetration Testing

________ (Pen Test)- Performing a computer attack to evaluate the security of a system.

Trojan Horse

________- A malicious program disguised as legitimate software.

IP Address

________- An identifying number for hosts and servers on the internet.

Information Architecture

________- The way an organization structures and structures and organizes the information that is required by their employees and /or customers.

Internet Protocol

It uses the ________ (IP) and is of the form nnn.nnn.nnn.nnn.

IIS Manager

________- Administration tool for the MS IIS web server.

Host Machine

________- A computer, typically one on a network.

Zombie devices

________ are remotely controlled by an attacker for malicious purposes.

Worms

________- Similar to a virus except that a(n) ________ does not need a human to spread, rather it can replicate on its own to infect other computers.

Log File protection measures

________ using IIS Manager- Change the file location to make it harder to find.

Ransomware

________- Software that locks your computer or makes it inoperable, requiring you to pay someone to remove it.

Software

________ and hardware that track all keyboard clicks, including back spaces, to discover usernames, passwords, credit card numbers, and other sensitive information.

Log Files

________- A file that keeps records of events that occur on a computer.

CAPTCHA

A system that can distinguish between a human and an automated program

Trojan Horse

A malicious program disguised as legitimate software

Difference between worm and virus

A worm is spread on it's own and does not need human interaction, a virus is spread through humans and needs them to spread

Worms

Similar to a virus except that a worm does not need a human to spread, rather it can replicate on its own to infect other computers

Phishing

Practice of sending fraudulent emails that appear to be from legitimate

Spam

Irrelevant or inappropriate messaging sent through email to a large number of recipients; also known as junk mail

Top-Level Domain

The last segment of a web address; it follows immediately after the last "dot" symbol (.com, .net, .org, .gov)

Social Engineering

The art of manipulating people so they give up confidential information, which

Log Files

A file that keeps records of events that occur on a computer

Site Certificate

A small data file that is validated by a "certificate authority" which allows an organization have a secure website

Cookie

Small text-based bits of information about your browser that a web server saves

Spyware

Software that secretly collects information about you

Typosquatting

Also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else's brand or copyright) that targets Internet users who incorrectly type a website address into their web browser

Backdoor

Malicious software that bypasses the normal, secure, or restricted access

Script Files

Disguising executable files as other file types, tricking a user into executing a script (1.2.2 bubble 15)

Ransomware

Software that locks your computer or makes it inoperable, requiring you to pay someone to remove it

Ecommerce

The buying and selling of goods or services over the internet

Protocol

Agreed method of communication

Host Machine

A computer, typically one on a network

Web Server

A computer that delivers files forming web pages across a network to requesting clients

Information Architecture

The way an organization structures and structures and organizes the information that is required by their employees and/or customers

Passive Analysis

Analyze something without interfering or affecting it

IP Address

An identifying number for hosts and servers on the internet

This appears after a colon at the end of the address nnn.nnn.nnn.nnn

nnn

Security Baseline

A starting point for data analysis

What does netstat

n do

- Without the "-n" it converts IP address to domain names, to see just the IP addresses use the -n flag (also runs faster)

shows all remote (foreign) hosts that are currently exchanging data with your host

Whistleblower

An "insider", meaning an employee of an organization, exposes an injustice or some criminal behavior that the organization is committing

Social Ideology

Hackers engage in "hacktivism" to change aspects of society such as disrupting

Black Hat Hacker

Hacker who breaks laws, steals data, holds information for ransom, and commits other criminal acts

White Hat Hacker

Expert who has permission to perform security tests and who fully discloses their activities

Grey hat hacker

Hacker uses illegal and/or unethical means to discover a system's security vulnerabilities

Industrial Espionage

Companies steal information from competitors to gain the upper hand or eliminate the competition

Packet

Small units of data transmitted on a network

Decrypt

Decodes information and is the opposite of encrypted

Encrypt

to write in code; to encode

Penetration Testing (Pen Test)

Performing a computer attack to evaluate the security of a system

Log File

A file that contains an official record of activities that occur on a computer

Inetpub

contains all the web pages and content that will be published on the web

IIS Manager

Administration tool for the MS IIS web server

Log File protection measures using IIS Manager

Change the file location to make it harder to find

FTP protection measures using IIS Manager

You use the remove services tool in the IIS manager to remove FTP functions

Directory Browsing

You use the IIS manager to go to directory and then you disable directory browsing