Gerlyn

A cyberattack that takes place before the security community and/or software developers become aware of and fix a security vulnerability

A business policy that permits, and in some cases encourages, employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications, including email, corporate databases, the corporate intranet, and the Internet

An attack on an information system that takes advantage of a particular system vulnerability

Malware that stops you from using your computer or accessing your data until you meet certain demands, such as paying a ransom or sending photos to the attacker

A piece of programming code, usually disguised as something else, that causes a computer to behave in an unexpected and usually undesirable manner

A harmful program that resides in the active memory of the computer and duplicates itself

A seemingly harmless program in which malicious code is hidden

Another type of Trojan horse which executes when it is triggered by a specific event

Is a sophisticated threat that combines the features of a virus, worm, Trojan horse, and other malicious code into a single payload

Is the use of email systems to send unsolicited email to large numbers of people

States that it is legal to spam, provided the messages meet a few basic requirements—spammers cannot disguise their identity by using a false return address, the email must include a label specifying that it is an ad or a solicitation, and the email must include a way for recipients to indicate that they do not want future mass mailings

Software generates and grades tests that humans can pass and all but the most sophisticated computer programs cannot

One in which a malicious hacker takes over computers via the Internet and causes them to flood a target site with demands for data and other small tasks

Is used to describe a large group of such computers, which are controlled from one or more remote locations by hackers, without the knowledge or consent of their owners

The botnet computers are called

Set of programs that enables its user to gain administrator-level access to a computer without the end user’s consent or knowledge

A network attack in which an intruder gains access to a network and stays there—undetected—with the intention of stealing data over a long period of time (weeks or even months)

The act of fraudulently using email to try to get the recipient to reveal personal data

Is a variation of phishing in which the phisher sends fraudulent emails to a certain organization’s employees

Another variation of phishing that involves the use of texting

People receive a legitimate-looking text message telling them to call a specific phone number or log on to a website

Similar to smishing except that the victims receive a voice-mail message telling them to call a phone number or access a website

Involves the deployment of malware that secretly steals data in the computer systems of organizations, such as government agencies, military contractors, political organizations, and manufacturing firms

The intimidation of government or civilian population by using information technology to disable critical national infrastructure (for example, energy, transportation, financial, law enforcement, and emergency response) to achieve political, religious, or ideological goals

Is a system of software, hardware, or a combination of both that stands guard between an organization’s internal network and the Internet and limits network access based on the organization’s access policy

is a hardware- or software-based network security system that is able to detect and block sophisticated attacks by filtering network traffic dependent on the packet contents

The process of scrambling messages or data in such a way that only authorized parties can read it

Is a value that is applied (using an algorithm) to a set of unencrypted text (plaintext) to produce encrypted text that appears as a series of seemingly random characters (ciphertext) that is unreadable

Is a communications protocol or system of rules that ensures privacy between communicating applications and their users on the Internet

Serves as an intermediary between a web browser and another server on the Internet that makes requests to websites, servers, and services on the Internet for you

Is software and/or hardware that monitors system and network resources and activities and notifies network security personnel when it detects network traffic that attempts to circumvent the security measures of a networked computer environment

Scans for a specific sequence of bytes, known as a virus signature, that indicates the presence of a specific virus