UCR Security Glossary

8/6/2019 UCR Security Glossary

1/7


2/7

y Denial-of-Service Attack (DoS) - An attack in which a mail server, Web Serveror even telephone system is purposely overloaded with phony requests so that itcannot respond properly to valid ones..

y Distributed Denial-of-Service Attack (DDoS) - A denial-of-service attack inwhich the attackers load their malignant code onto many other machines (often

through Trojan horses) to attack a single site/system. The defending company

needs to block hundreds or even thousands of IP addresses.y Disaster Recovery - Written plan describing the steps company would take to

restore computer operations in the event of a disaster containing four

components: the emergency plan, the backup plan, the recovery plan, and the

test plan.

y DNS - Domain Name Service translates domain names IP address to uniquename that identifies a site (e.g., web site or ftp site) on the Internet or other

TCP/IP network.

y DNS Spoofing - Assuming the DNS name of another system by eithercorrupting the name service cache of a victim system, or by compromising a

domain name server for a valid domain.

Top

E

y Encryption - Process of encoding data to prevent unauthorized access, especiallyduring transmission.

Top

F

y Firewall - A method of guarding a private network by analyzing the data leavingand entering. Firewalls can also provide network address translation, so the IP

addresses of computers inside the firewall stay hidden from view. Packet-filtering firewalls use rules based on a packets source, destination, port or other

basic information to determine whether or not to allow it into the network. Moreadvanced stateful packet filtering firewalls have access to more information

from which to make their decisions. Proxy firewalls, which look at content and

can involve authentication and encryption, can be more flexible and secure but

also tend to be far slower. Although firewalls are difficult to configure correctly,

security experts generally agree that they are a critical component of network

security.

Top

G

Top

H


3/7

y Hacker - Slang term for a computer enthusiast or unauthorized user whoattempts to or gains access to an information system.

y Host - A computer or workstation connected to the network.Top

I

y Intrusion - Any set of actions that attempt to compromise the integrity,confidentiality or availability of a resource.

y Intrusion Detection - Pertaining to techniques which attempt to detect intrusioninto a computer or network by observation of actions, security logs, or audit

data. Detection of break-ins or attempts either manually or via software expertsystems that operate on logs or other information available on the network.

y IP -Internet protocol, one of the two main protocols in the TCP/IP (transmissioncontrol protocol/Internet protocol) suite of communications protocols, is a

simple, connectionless protocol for delivering packet-based data across theInternet and other TCP/IP networks. A packet-based protocol for delivering data

across networks.y IP Address - Computer addressing analogous to the addresses of buildings used

by the postal system.

Top

J

Top

K

y Key - A symbol or sequence of symbols (or electrical or mechanical correlatesof symbols) applied to text in order to encrypt or decrypt.

y Keylogger - Specialized software, or a specially designed device, that recordsevery key struck, such as username/password, by a user and every character of

the response that the operating system returns to the user.

Top

L

y LAN (Local Area Network) - Local Area Network - A computercommunications system limited to no more than a few miles and using high-speed connections.

y Log files - Files that show the status of the system and are accessed via EventViewer, which lists the severity and a brief description of the logged event.

Top

M


4/7

y Malicious Code - Viruses like Trojan horses, worms, and scripts used bycrackers/hackers to gain privileges, capture passwords, and to modify audit logsto hide unauthorized activity or code intentionally included in a program to

allow an unauthorized person/purpose.y Malware - Malicious software, including Trojan Horses, viruses, worms, bombs,

or exploits.

Top

N

y Network - A computer network, also referred to as just a network, consists oftwo or more computers, and typically other devices as well (such as printers,external hard drives, modems and routers), that are linked together so that they

can communicate with each other and thereby exchange commands and sharedata, hardware and other resources.

y Network Mapping - A probe that uses SNMP or broadcast ICMP "ping" packetsto determine the architecture of the network.

y Network Security - Protection of networks and their services from unauthorizedmodification, destruction, or disclosure, and provision of assurance that the

network performs its critical functions correctly and there are no harmful side-effects. Network security includes providing for data integrity.

y Non-Repudiation - Method by which the sender of data is provided with proof ofdelivery and the recipient is assured of the sender's identity, so that neither can

later deny having processed the data.

Top

O

Top

P

y Packet - Limited-length unit of data formed by the network, transport,presentation, or application layer (layers 3-7 of the OSI Model) in a networked

computer system. Data is transported over the network, and larger amounts of

data are broken into shorter units and placed into packets.

y Packet Sniffer - A device or program that monitors the data traveling on anetwork.

y Phishing - Is a technique used to gain personal information for purposes ofidentity theft, using fraudulent e-mail messages that appear to come legitimatesource such as a bank.

y Physical Security - The measures used to provide physical protection ofresources against threats (e.g. locked doors).

y Plaintext - Unencrypted readable data.y Probe - Unauthorized access attempts.y Protocol - Agreed-upon methods of communications used by computers. A

specification that describes the rules and procedures that products should follow

to perform activities on a network, such as transmitting data. If they use the


5/7

same protocols, products from different vendors should be able to communicate

on the same network.

Top

Q

Top

R

y Router - An interconnection device that is similar to a bridge but serves packetsor frames containing certain protocols. Routers link LANs at the network layer.

Top

S

y Security Policies - The set of laws, rules, and practices that regulate how anorganization manages, protects, and distributes sensitive information.

y Security Requirements - Types and levels of protection necessary for equipment,data, information, applications, and facilities.

y Sniffer - A program to capture data across a computer network. Used by hackersto capture user id names and passwords. Software tool that audits and identifies

network traffic packets. Is also used legitimately by network operations andmaintenance personnel to troubleshoot network problems.

y Spam (or Spamming) - An inappropriate attempt to use a mailing list, orUSENET or other networked communications facility as if it was a broadcast

medium by sending the same message to a large number of people who didn't

ask for it.

y Spoofing (IP address spoofing) - The creation of IP packets with counterfeit(spoofed) IP source addresses. An attacker can use special programs to construct

IP packets that to originate from valid addresses inside the corporate intranet.

After gaining access to the network with a valid IP address, the attacker can

modify, reroute, or delete data and can also conduct other types of attacks.

Impersonating, masquerading, and mimicking are forms of spoofing.

y SSL (Secure Sockets Layer) - A session layer protocol that providesauthentication and confidentiality to applications.

Top

y TCP/IP - Transmission Control Protocol/Internetwork Protocol. The suite ofprotocols the Internet is based on.

y Telnet - Protocol that allows connections across the Internet and to log ontoanother computer as if connected directly.

y Topology - The map or plan of the network. The physical topology describeshow the wires or cables are laid out, and the logical or electrical topology

describes how the information flows.


6/7

y Traceroute - An operation of sending trace packets for determining information;traces the route of UDP packets for the local host to a remote host. Normallytraceroute displays the time and location of the route taken to reach its

destination computer.y Trojan Horse - A malicious program that disguises itself as a beneficial or

entertaining program but that actually damages a computer or installs code that

can counteract security measures (perhaps by collecting passwords) or performother tasks (such as launching a distributed denial of service attack). Unlike acomputer virus, a Trojan horse does not replicate itself. Intruders use Trojan

horse programs to hide their activity, capture username and password data, and

create backdoors for future access to a compromised system. A "Time Bomb" is

a Trojan horse set to trigger at a particular time.

Top

U

y Unauthorized Access - The use of a computer without permission.Top

V

y Virus - A computer program that is designed to replicate itself by copying itselfinto the other programs stored in a computer. When this application is run, it can

infect other files on a system's disk. It may be benign or have a negative effect,such as causing a program to operate incorrectly or corrupting a computer's

memory.y VPN (Virtual Private Network) - A secure connection with network servers via

an encrypted tunnel. VPNs can also be used for secure communication across aLAN or WAN.

Top

W

y WAN - Wide Area Network. A physical or logical network that providescapabilities for a number of independent devices to communicate with each

other over a common transmission-interconnected topology in geographic areas

larger than those served Web Site Defacement - The malicious defacement of aWeb site.

y Worm - Resides in memory, eat up system resources, and slows down acomputer. It spreads without human intervention automatically over the network

to other vulnerable computers on a network.

Top

XYZ


7/7

y Zero Day Attack - An exploit that takes advantage of a newly discovered hole ina program or operating system possibly before the software developer has madea fix or work around is available. Occasionally this occurs prior to the software

vendor being aware the vulnerability exists-before AntiVirus or AntiSpywarehave had time to develop a signature to detect and prevent system

compromise/infection.

UCR Security Glossary

Documents

Transcript of UCR Security Glossary