Page 40 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 40
Information Security and Privacy
Notes Card Skimmers: An unlawful electronic device that can capture all of the personal information
from a credit card or debit card.
Countermeasures: Action, device, procedure, method or other measure that decreases the
vulnerability of an information system.
Data Driven Attack: A form of attack that is encoded in apparently inoffensive data, which is
executed by a user or a process to execute an attack. A data driven attack is a concern for
firewalls, as it may get through the firewall in data form and begin an attack against a system at
the back of the firewall.
Denial of Service: Effect of any action or series of actions that averts any part of an information
system from functioning.
Dictionary Attack: An attack that accesses a brute-force technique of successively attempting all
the words in some large, comprehensive list.
DNS Spoofing: Assuming the DNS name of another system by either humiliating the name
service cache of a victim system, or by compromising a domain name server for a valid domain.
Firewall: A firewall is a hardware or software solution to implement security policies.
Flooding: Type of incident including insertion of a large volume of data effecting in denial of
service.
Hacker: Unauthorized user who tries to or gains access to an information system and the data it
supports.
Intrusion: Unauthorized act of bypassing the security techniques of a system.
Malicious Code: Software efficient of performing an unauthorized process on an information
system.
Mobile Code: Software modules received from remote systems, transferred across a network,
and then downloaded and implemented on a local system without explicit installation or
execution by the recipient.
Packet: A block of data sent over the network broadcasting the identities of the sending and
receiving stations, error-control information, and message.
Packet Filtering: A feature included into routers to restrict the flow of information based on
predetermined communications like source, destination, or type of service being provided by
the network.
Packet Sniffer: A machine or program that observes the data traveling within computers on a
network.
Phishing: A type of scam with the intention of obtaining personal information like online
banking user identification numbers, debit and credit card account numbers, and passwords.
Probe: An effort to collect information about an information system for the apparent reason of
circumventing its security controls.
Proxy: Software agent that carries out a function or operation on behalf of another application
or system while hiding the details involved.
Replicator: Any program that acts to generate copies of itself. Examples include; a program, a
worm, or virus.
Retro-virus: A retro-virus is a virus that waits until all possible backup media are infected too,
so that it is not possible to restore the system to an uninfected state.
34 LOVELY PROFESSIONAL UNIVERSITY
