IT and Informatics Exam 2

Internet

A global network of interconnected computer networks communicating using standard protocols (TCP/IP) for information sharing and communication.

Undersea Cables

Hair-thin fiber optic strands bundled within larger cables that connect continents, enabling global internet connectivity.

TCP/IP Model

A practical model with four layers used by the Internet that merges some layers of the OSI model.

Fiber Optic Technology

A technology that transmits data as pulses of light through thin glass or plastic fibers.

Network Hubs

Buildings where multiple networks interconnect physically, forming essential points for data transmission.

URI (Uniform Resource Identifier)

A general category of identifiers for resources, which includes URLs and URNs.

URL (Uniform Resource Locator)

The address used by web browsers to locate resources on the internet, following the format scheme://server/path.

ICMP (Internet Control Message Protocol)

A network protocol used for diagnostic purposes, including the operation of traceroute.

Traceroute

A network diagnostic tool that tracks the path and measures the transit time of packets across networks.

Navigating the Internet's Resources

The process of using URLs to access and retrieve information from the Internet.

Digital Attention

The divided focus between engaging with digital devices and being aware of physical surroundings.

Confidentiality

The principle of ensuring that sensitive information is not disclosed to unauthorized users.

Integrity

The assurance that information and systems are accurate and unchanged except in authorized ways.

Availability

The promise that authorized users have access to information and resources when needed.

Hypertext

A non-linear way to present information through interconnected documents and links, distinguishing it from linear text.

Phishing

A social engineering tactic involving fraudulent communications to obtain sensitive information.

Exploitation (in security context)

The act of taking advantage of weaknesses in a network or system to gain unauthorized access.

Malware

Malicious software designed to disrupt, damage, or gain unauthorized access to computer systems.

Social Engineering

Manipulating people to divulge confidential information, often by exploiting trust.

Metadata

Data providing information about other data, illustrating details such as time, location, and participants of communication.

Routing

The process of selecting paths in a network along which to send network traffic.

Elicitation

A social engineering tactic focused on discreetly obtaining information from individuals.

Baiting

A tactic used in social engineering to entice targets to take undesirable actions by offering something appealing.

Access Policy

A set of rules defining who can access what in a network or system.

Defense-in-Depth

A security strategy involving multiple layers of defense to protect resources from threats.

Encapsulation

The process of adding headers and trailers to data as it passes down the OSI layers.

De-encapsulation

The process of removing headers from data as it ascends back through the OSI layers.

Risk Management

A process that involves identifying, evaluating, and prioritizing risks followed by coordinated efforts to minimize, monitor, and control the impact.

CIA Triad

A model of information security that focuses on confidentiality, integrity, and availability.

Server

A computer or system that provides resources, services, or data to other computers, called clients.

Vulnerability

A weakness in a system that can be exploited by threats to gain unauthorized access.

Insider Threat

A risk posed by individuals within an organization who have inside information concerning the organization's security practices.

User List

A list of usernames permitted access to certain resources or systems within a network.

Network Protocol

Set rules for data exchange over a network that governs formatting, sending, receiving, and interpreting data.

NIST

The National Institute of Standards and Technology, which provides guidelines for information security.

Error Handling

The processes in place to manage errors and omissions in systems, ensuring data integrity and system reliability.

Cloud Computing

The delivery of computing services over the internet, enabling on-demand access to resources.

Firewall

A network security device that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Encryption

The process of converting information or data into a code to prevent unauthorized access.

Access Control

The method of restricting access to systems and data to authorized users only.

Penetration Testing

A simulated cyberattack on a system to evaluate its security and identify vulnerabilities.

Authentication

The process of verifying the identity of a user, device, or system.

Authorization

The process of granting or denying a user access to specific resources or functions.

TCP/IP

A set of communication protocols used for the Internet and similar networks, consisting of layers that govern how data is transmitted.

Link

The connection or relationship between nodes in a network.

Node (in a network)

Any device or point in a network that can send, receive, or forward data.

System Development Processes

Structured approaches to designing, implementing, and managing information systems.

Open Systems Interconnection Model

A standard framework for understanding how different networking protocols relate to each other.