Docsity
Log inSign up
Docsity
Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity

Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan

Guidelines and tips
Guidelines and tips
Sell on Docsity
Sell on Docsity
Log inSign up

Prepare for your exams

Study with the several resources on Docsity

Find documents

Prepare for your exams with the study notes shared by other students like you on Docsity

Search Store documents

The best documents sold by students who completed their studies

Search through all study resources
Docsity AINEW

Summarize your documents, ask them questions, convert them into quizzes and concept maps

Explore questions

Clear up your doubts by reading the answers to questions asked by your fellow students

Earn points to download

Earn points by helping other students or get them with a premium plan

Share documents
download point icon20 Points

For each uploaded document

Answer questions
download point icon5 Points

For each given answer (max 1 per day)

All the ways to get free points
Get points immediately

Choose a premium plan with all the points you need

Study Opportunities

Choose your next study program

Get in touch with the best universities in the world. Search through thousands of universities and official partners

Community

Ask the community

Ask the community for help and clear up your study doubts

University Rankings

Discover the best universities in your country according to Docsity users

Free resources

Our save-the-student-ebooks!

Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors

From our blog

Exams and Study
Go to the blog

Concepts and Terminology in Computer Security, Quizzes of Basic Electronics

Okanagan CollegeBasic Electronics

Definitions and explanations for various terms related to computer security, including different types of security, risk analysis, key components of a security policy, security measures, and minimum levels of security. It also covers topics such as eavesdroppers, man-in-the-middle attacks, data integrity, crackers and hackers, spoofing, phishing, cybervandalism, denial of service, authentication, digital signatures, key management, encryption, steganography, cryptography, and safe web surfing.

What you will learn

  • What are the key components of a security policy?
  • What are some common threats to computer security and how can they be mitigated?

Typology: Quizzes

2016/2017

Uploaded on 04/11/2017

jolandakondrak
jolandakondrak 🇨🇦

5

(1)

30 documents

1 / 10

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
TERM 1
Types of Security
DEFINITION 1
Computer (asset) security
Physical (tangible) security
Logical (intangible) security
TERM 2
Risk Analysis & Security
Approach
DEFINITION 2
Identify goals, risks & probabilities
Identify the assets needing protection
Determine how to protect assests (eg. access)
Calculate costs & resources required for protection
Develop written security policy & commit resources
TERM 3
Purdue CERIAS
DEFINITION 3
CIA hacking tools raised concerns... (article)- compromise of
a smart meter at Purdue University targeted attack could
potentially result in the shut down of the power grid
TERM 4
Key Components of a Security Policy
DEFINITION 4
Physical security
network security
access control
compliance/auditing
AUP & terms of use/service
software/virus protection
disaster contingency/recovery
TERM 5
Security Measures
DEFINITION 5
1. Monitoring/Auditing
Alien Vault, Spiceworks, Veriato 360
2. Website Analysis
Acunetix WVS, Netsparker WVS
3. Countermeasures4. Firewalls
Trusted network, untrusted network, personal firewalls
pf3
pf4
pf5
pf8
pf9
pfa

Partial preview of the text

Download Concepts and Terminology in Computer Security and more Quizzes Basic Electronics in PDF only on Docsity!

Types of Security

Computer (asset) security Physical (tangible) security Logical (intangible) security TERM 2

Risk Analysis & Security

Approach

DEFINITION 2 Identify goals, risks & probabilities Identify the assets needing protection Determine how to protect assests (eg. access) Calculate costs & resources required for protection Develop written security policy & commit resources TERM 3

Purdue CERIAS

DEFINITION 3 CIA hacking tools raised concerns... (article)- compromise of a smart meter at Purdue University targeted attack could potentially result in the shut down of the power grid TERM 4

Key Components of a Security Policy

DEFINITION 4 Physical security network security access control compliance/auditing AUP & terms of use/service software/virus protection disaster contingency/recovery TERM 5

Security Measures

DEFINITION 5

  1. Monitoring/Auditing Alien Vault, Spiceworks, Veriato 360
  2. Website Analysis Acunetix WVS, Netsparker WVS
  3. Countermeasures4. Firewalls Trusted network, untrusted network, personal firewalls

Minimum level of security: Privacy/Security

"who is allowed to view the data"- No unauthorized disclosure (e.g. credit cards and confidential data)- Threats: eavesdroppers (secrecy) - see other cards for details Man in the middle (secrecy) Crackers/hackers (secrecy) TERM 7

Eavesdroppers

DEFINITION 7 A person or device that can listen in on and copy internet transmissions TERM 8

Man-in-the-Middle

DEFINITION 8 Imposted access points set up to gain access to wireless communications. Ex. email message can be intercepted and contents changed forwarded to original destination TERM 9

Minimum level of security: Data Integrity

DEFINITION 9 "who is allowed to change the data"- No unauthorized modification (i.e. use encryption and digital envelopes)Threats: Spoofing (integrity) Phishing (integrity) Cybervandalism TERM 10

Crackers/Hackers

DEFINITION 10 Authors of programs that manipulate technologies to obtain unauthorized access to computers and networks

Wardrivers &

Warchalking

Wardrivers: attackers drive around using their wireless- equipped laptops to search for accessible ntwksWarchalking: when wardrivers find an open ntwk they sometimes place a chalk mark on the building TERM 17

Minimum level of security: Non-Repudiation

DEFINITION 17 "is this really "that" person or company?"- End to end proof identity (e.g. combating friendly fraud)Threats: Cyber shoplifting (fraud) TERM 18

End-to-end proof of identity

DEFINITION 18 "Friendly" fraud occurs when consumers dispute seemingly legitimate charge made to their credit cards. This may happen for various reasons: a consumer may want to wriggle out of paying for a product May be unaware another household member made the purchase May have forgotten about a transaction they made TERM 19

Minimum level of security: Authentication

DEFINITION 19 "who is trying to access this site?"- Digital signatures (i.e. SSL certificates) and biometrics (ie. retinal scans) TERM 20

Digital Signatures and Biometrics

DEFINITION 20 DC: can be used as an electronic means of verification of the authenticity of a website. It is essentially a form of endorsement by a third party that the website is a legitimate website, does not make any further assessment about the credibility of the services they sell or other security measure they have employed

Minimum level of security: Key Management

"how to manage authentication & permissions?"- Secure encryption keys (e.g. public & private keys) TERM 22

Encryption

DEFINITION 22 Coding info using a math based programs (secret key) to transform normal text into cipher text TERM 23

Steganography

DEFINITION 23 Hiding info within another piece of info TERM 24

Cryptography

DEFINITION 24 The study of encryption TERM 25

Types of Encryption & Trust

Seals

DEFINITION 25 Hash Coding Symmetric (private key) - shared key, DES, 3DES, AES Asymmetric (public key)

SSL

** Secure Sockets Layer Used by websties globally to secure online transactions through encryption About creating trust; provides proof of holder (signed) Costs $100-$1500 annually TERM 32

How does SSL work?

DEFINITION 32 Encryption, via attachements & embedded code Provides proof of holder identified by the certificate. Using email message attachment or program embedded in web page; contains a means to send encrypted or signed message TERM 33

Viewing Certificate Information

DEFINITION 33 Owners info: secure1.ncix.comSerial number: 07:4A:5ACertification authority: GeoTrust Inc.Dates valid: 9/27/2014Digital fingerprints: 54:01:D6:98........ TERM 34

Certification Authorities

DEFINITION 34 SSL Shopper Comodo Entrust GeoTrust RapidSSL TERM 35

Safe Web Surfing: Anti-Virus

DEFINITION 35 AVAST AVG Free Comodo F-Prot Windows Defender

Safe Web Surfing: Anonymity

Tor Project Anonymizer Tails Linux I have no idea if this is important or relevant and i am just waisting my time...... TERM 37

Safe Web Surfing: Spam Blocker &

Spyware

DEFINITION 37 Spyware: Ad-aware Malware Bytes SpyBot S&D TERM 38

Safe Web Surfing: Passwords

DEFINITION 38 Whose responsible? Customer or e-Tailer Brute-force dictionary attacks: an attempt to gain unauthorized access to a computing system by generating and trying all possible passwords Password Utilities Dashlane EasyPass KeyPass TERM 39

Types of Web Cookies

DEFINITION 39 Session (temporary) cookies Persistent (permanent) cookies First party vs. Third party 1st party: web server site places them on client comp. 3rd party: different web site places them on client comp.

  1. Web Bugs tiny graphic that a 3rd party web site placed on another site's page; you may not be able to see it but the graphic can set a cookie on your computer. Web bugs are also known as "clear GIFS" or "1 by 1 GIFS" TERM 40

Uses of Web Cookies

DEFINITION 40 Online ordering Site personalization Website tracking user IDs

Viruses, Worms &

Zombies

Virus: SW that attaches itself to another program; can cause damage when the host program is activated Macro Virus: type of virus coded as a small program and embedded in a file Worm: replicates itself on the computers that it infects, very nasty for web servers Zombie: program (like a trojan horse) that secretly takes over another comp. to lauch attacks on other comps.