2775090
| Question | Answer |
| any software program intended for marketing purposes such as that used to deliver and display advertising banners or popups to the user’s screen or tracking the user’s online usage or purchasing activity. | Adware |
| an act that takes advantage of a vulnerability to compromise a controlled system. | Attack |
| degradation of service caused by events such as incidents such as a backhoe taking out a fiber-optic link for an ISP. | Availability disruption |
| component in a system, which allows the attacker to access the system at, will with special privileges. | Back door |
| a complete loss of power for a more lengthy period of time. | Blackout |
| a complete loss of power for a more lengthy period of time. | Blackout |
| infects the key operating system files located in a computer’s boot sector. | Boot virus |
| an abbreviation of robot; “an automated software program that executes certain commands when it receives a specific input. | Bot |
| a more prolonged drop in voltage. | Brownout |
| the application of computing and network resources to try every possible password combination. | Brute force attack |
| When any form of processing overload takes place. | Buffer overflow: |
| an application error that occurs when more data is sent to a program buffer than it is designed to handle. | Buffer overrun |
| a process developers used to ensure that the working system delivered to users represents the intent of the developers. | Change control |
| legal information gathering techniques employed. | Competitive intelligence |
| attempting to reverse-calculate a password. | Cracking |
| occurs when an application running on a Web server gathers data from a user in order to steal it. | Cross site scripting (XSS) |
| One who uses exploitative techniques for emotional online activities | Cyber activist |
| hacks of systems to conduct terrorist activities via network or Internet pathways. | Cyberterrorism |
| a variation of the brute force attack that narrows the field by selecting specific target accounts and using a list of commonly used passwords (the dictionary) instead of random combinations. | Dictionary attack |
| an attack in which a coordinated stream of requests is launched against a target from many locations at the same time. | Distributed denial-of-service (DDoS) |
| develops software scripts and program exploits used by those in the second category; usually a master of several programming languages, networking protocols, and operating systems and also exhibits a mastery of the technical environment of the chosen targeted system. | Expert hacker |
| complete loss of power for a moment. | Fault |
| people who use and create computer software [to] gain access to information illegally | Hackers |
| nterfere with or disrupt systems to protest the operations, policies, or actions of an organization or government agency. | Hacktivist |
| when information gatherers employ techniques that cross the threshold of what is legal or ethical. | Industrial espionage |
| fall into four broad classes: overflows, underflows, truncations, and signedness errors; are usually exploited indirectly—that is, triggering an integer bug enables an attacker to corrupt other areas of memory, gaining control of an application | Integer bugs |
| embedded in automatically executing macro code used by word processors, spread sheets, and database applications. | Macro virus |
| an attacker routes large quantities of e-mail to the target. | Mail bomb |
| software designed and deployed to attack a system. | Malicious code |
| an attacker monitors (or sniffs) packets from the network, modifies them, and inserts them back into the network. | Man-in-the-middle |
| script kiddies who use automated exploits to engage in distributed denial-of-service attacks. | Packet monkeys |
| a sniffer on a TCP/IP network. | Packet sniffers |
| the redirection of legitimate Web traffic (e.g., browser requests) to an illegitimate site for the purpose of obtaining private information. | Pharming |
| an attempt to gain personal or financial information from an individual, usually by posing as a legitimate entity. | Phishing |
| hacks the public telephone network to make free calls or disrupt services. | Phreaker |
| one that over time changes the way it appears to antivirus software programs, making it undetectable by techniques that look for preconfigured signatures. | Polymorphic threat |
| a momentary low voltage. | Sag |
| hackers of limited skill who use expertly written software to attack a system. | Script kiddies |
| an agreement providing minimum service levels. | Service Level Agreement (SLA) |
| used in public or semipublic settings when individuals gather information they are not authorized to have by looking over another individual’s shoulder or viewing the information from a distance. | Shoulder surfing |
| a program or device that can monitor data traveling over a network. | Sniffer |
| the process of using social skills to convince people to reveal access credentials or other valuable information to the attacker. | Social engineering |
| the unlawful use or duplication of software-based intellectual property. | Software piracy |
| unsolicited commercial e-mail. | Spam |
| a label that applies to any highly targeted phishing attack. | Spear phishing |
| a momentary increase in voltage | Spike |
| a technique used to gain unauthorized access to computers, wherein the intruder sends messages with a source IP address that has been forged to indicate that the messages are coming from a trusted host. | Spoofing |
| any technology that aids in gathering information about a person or organization without their knowledge. Ø Surge: a prolonged increase in voltage. | Spyware: |
| the illegal taking of another’s property, which can be physical, electronic, or intellectual. | Theft |
| damages or steals an organization’s information or physical asset. | Threat agent |
| an object, person, or other entity that presents an ongoing danger to an asset. | Threat |
| explores the contents of a Web browser’s cache and stores a malicious cookie on the client’s system. | Timing attack |
| Intentional vulnerability placed by security personnel to lure attackers. | Trap door |
| unauthorized real or virtual actions that enable information gatherers to enter premises or systems they have not been authorized to enter. | Trespass |
| software programs that hide their true nature and reveal their designed behavior only when activated. | Trojan horses |
| e-mails warning of supposedly dangerous viruses that don’t exist. | Virus hoaxes |
| consists of segments of code that perform malicious actions. | Virus |
| an identified weakness in a controlled system, where controls are not present or are no longer effective. | Vulnerability |
| a malicious program that replicates itself constantly, without requiring another program environment. | Worm |
| machines that are directed remotely (usually by a transmitted command) by the attacker to participate in the attack. | Zombies |
Want to create your own Flashcards for free with GoConqr? Learn more.