The process of converting readable data into unreadable characters to prevent unauthorized access.
A file format that retains only text, but no formatting, when you transfer documents between applications or platforms.
plaintext that was transformed into unreadable gibberish using encryption
is a procedure for encryption and decryption
a specific word, number, or phrase that must be used to encrypt or decrypt data
Advanced, Encryption, Standard. used worldwide
such as passwords, PINs, and fingerprint scanners, are the first line of defense againsts data.
at least 8 characters long. One or more uppercase, letter, numbers, and symbols
The password cracker tries every possible combination of characters.
A technique in which attackers run a program that tries a combination of a known user ID and, for a password, every word in a dictionary to attempt to gain access to a network.
stores login info in an encrypted form on their devices
a software that tracks your activities and hijacks your email and other personal information
Common classifications of malware (3)
1) viruses 2) worms 3) Trojans
is a set of replicating program instructions that surreptitiously attaches itself to a legitimate executable file on a host device.
is the process of modifying an executable file or data stream by adding additional commands
an app from a source other than an official app store is installed on a device, can contain virusesro
Software tools used to conceal malware and backdoors that have been installed on a victim's computer
Program that can replicate itself and eventually consume most of the memory and other resources of a computer or network.
A worm that sends itself to every e-mail address in the address book of an infected computer
looks for vulnerabilities in operating systems
copies itself into a shared folder under an innocuous name
Program disguised as a harmless application that actually produces harmful results.
is designed to deliver a malicious code into a device; usually the first phase of a malware attack.
scans and searches hard drives to prevent, detect, and remove known viruses, adware, and spyware
is a section of program code that contains a unique series of instructions known to be part of a malware exploit; they are discovered by security experts who examine the bit sequences contained in malware program code
that detects malware by analyzing the characteristics and behavior of suspicious files
heuristics may produce false positives that mistakenly identify a legitimate file as malware
contains a code that is suspected of being part of a virus.
takes place when an unauthorized person gains access to digital device by using an internet connect and exploiting vulnerabilities in hardware or software.
remote access trojan that arrives in a trojan disguised as a legitimate software sets up a communication link to the hacker.
Software that encrypts programs and data until a ransom is paid to remove it.
a set of computers that are penetrated by malicious software known as malware that allows an external agent to control their actions
an undocumented method of accessing a digital device.
Distributed Denial of Service (DDoS)
An attack where a firm’s computer systems are flooded with thousands of seemingly legitimate requests, the sheer volume of which will slow or shut down the site’s use. DDoS attacks are often performed via botnets.
a vulnerability-specific attack that occurs before a patch is available
shields certain applications against behaviors commonly exhibited by intrusions and other exploits
pings a packet of data to a port; if a reply is received, than the port is open. Open ports are used for communication between botnets and their masters.
is a device or software that is designed to block unauthorized access while allowing authorized communications
uses a set of rules to block data or allow it to enter a digital device.
A program placed on a computer without the user's knowledge that secretly collects information about the user.
is software which routinely displays advertising to a computer system after the software is installed, usually without the user's consent
Spyware that records every keystroke made on a computer to steal personal information or passwords or to launch Internet attacks.
attacks include evil twins, address spoofing, digital certificate hacks. eg. two parties believe they are communicating directly with each other, in fact they are communicating with another party.
A wireless network with the same name as a local wireless access point. The hacker disables the legitimate access point, users unknowingly reconnect to the evil twin, and hackers monitor the traffic looking for useful information
a data file that identifies individuals or organizations online and is comparable to a digital signature
the current method of encrypting communication between a client and a server depends on TLS (Transport Layer Security)
IMSI (International Mobile Subscriber Identity)
A unique number that identifies a cellular subscription for a device or subscriber, along with its home country and mobile network. Some carriers store the number on a SIM card installed in the device
hackers use their social skills to trick people into revealing access credentials or other valuable information
is a judgement neutral term for a person who devises and carries out a scam in order to accomplish a goal
A scam in which the perpetrator offers to share the proceeds of some large payoff w the victim if the victim will make a "good faith" deposit or partial funding-then the perpetrator disappears w the deposit.
defined as unsoliated messages that are usually sent into massive numbers using electronic mail systems. 70% of all mail.
The use of a deceptive email message or Web site to lure a person into divulging credit card numbers or other sensitive information.
reroutes requests for legit websites to false websites
is a service offered by Google that checks URLs against a list of suspicious web site URL
usually begins with a virus warning and an offer to disinfect the infected device.
Potentially unwanted application. They are installed using social engineering techniques, such as hoping consumers will mistakenly accept a PUA application during software installation.