security

Question 1

access levels / level of access

Answer 1

Settings that determine who can access an item and what they can do with it (read, write, delete). Applies to files, folders and databases among other things.

Question 2

anti-virus

Answer 2

Software to detect and remove viruses and other malware.

Question 3

asymmetric key encryption

Answer 3

Encryption system in which two keys are used: a public key used only to encrypt data, and a private key used only to decrypt it.

Question 4

authentication

Answer 4

Establishing a user’s identity.

Question 5

backdoor

Answer 5

Method of bypassing security in a system, built in by the system designers.

Question 6

biometric enrolment

Answer 6

Process of registering a user for a biometric system by taking an initial sample.

Question 7

biometric template

Answer 7

Measurements taken from a biometric sample.

Question 8

biometrics

Answer 8

Use of fingerprints, retina scans, or other body features as an authentication mechanism.

Question 9

botnet

Answer 9

Group of zombie computers under the control of a criminal.

Question 10

brute force attack

Answer 10

Attempt to break a password by trying all possible combinations of letters, numbers, and symbols.

Question 11

CAPTCHA

Answer 11

Scribble text displayed as an image, which the user must type in to verify that they are a person.

Question 12

Certificate Authority

Answer 12

Organisation that issues digital certificates to individuals and companies.

Question 13

ciphertext

Answer 13

Result of encrypting plaintext.

Question 14

Computer Misuse Act

Answer 14

UK law governing criminal offences committed using a computer.

Question 15

cracking

Answer 15

Gaining illegal access to a computer system

Question 16

DDoS

Answer 16

Denial of service attack committed using dozens of computers, usually zombies on a botnet.

Question 17

denial of service attack

Answer 17

Flooding a computer system with data so that it cannot respond to genuine users.

Question 18

dictionary attack

Answer 18

Attempt to break a password by trying all possible words.

Question 19

digital signatures

Answer 19

Technique used to authenticate remote users, such as online shopping businesses.

Question 20

Distributed Denial of Service attack

Answer 20

Denial of service attack committed using dozens of computers, usually zombies on a botnet.

Question 21

DNS poisoning

Answer 21

Technique used by criminals to alter DNS records and drive users to fake sites, to committing phishing.

Question 22

DoS

Answer 22

Flooding a computer system with data so that it cannot respond to genuine users.

Question 23

Drive-by download

Answer 23

Program which automatically downloads when a user visits a web page, usually without their knowledge or consent.

Question 24

encryption

Answer 24

System of encoding plaintext so that it cannot be understood with access to an encryption key.

Question 25

encryption key

Answer 25

Used to encrypt and decrypt data.

Question 26

EV SSL

Answer 26

Extended Validation SSL. Digital certificate validation technique used on the world wide web.

Question 27

false negative

Answer 27

When a system incorrectly rejects an action instead of accepting it.

Question 28

false positive

Answer 28

When a system incorrectly accepts an action instead of rejecting it.

Question 29

full disk encryption

Answer 29

System that encrypts all data saved to a hard disk automatically and transparently.

Question 30

hacking

Answer 30

Gaining illegal access to a computer system

Question 31

home directory

Answer 31

Directory that contains a users personal files.

Question 32

https

Answer 32

Protocol used to send web pages securely over the Internet.

Question 33

identity theft

Answer 33

Stealing personal data in order to impersonate a person.

Question 34

key escrow

Answer 34

Idea of having encryption keys stored by a third party company so the government can access them if needed.

Question 35

key logger

Answer 35

Software or hardware which records all key strokes on a computer system.

Question 36

key pair

Answer 36

A public key and private key that work together in a public encryption system.

Question 37

macro virus

Answer 37

Virus that takes advantage of the macro programming languages built into some software.

Question 38

malware

Answer 38

Generic name for malicious software

Question 39

Multi-factor authentication

Answer 39

Use of several authentication techniques together, such as passwords and security tokens.

Question 40

one time password

Answer 40

Password generated by a security token, which expires as soon as it is used.

Question 41

packet sniffer

Answer 41

Software or hardware used to collect data travelling over a network.

Question 42

passphrase

Answer 42

Word or phrase used to authenticate a user.

Question 43

password

Answer 43

Word or phrase used to authenticate a user.

Question 44

pharming

Answer 44

Technique used by criminals to alter DNS records and drive users to fake sites, to committing phishing.

Question 45

phishing

Answer 45

Use of fake emails and web sites to trick users into revealing sensitive data.

Question 46

physical security

Answer 46

Locks, alarms, and other techniques used to securely a building or computer room.

Question 47

plaintext

Answer 47

Message before it is encrypted, or after it has been decrypted.

Question 48

private key

Answer 48

Key used for decryption in a public key encryption system.

Question 49

public key

Answer 49

Key used for encryption in a public key encryption system.

Question 50

public key encryption

Answer 50

Encryption system in which two keys are used: a public key used only to encrypt data, and a private key used only to decrypt it.

Question 51

root user

Answer 51

User with full control over a computer system.

Question 52

rootkit

Answer 52

Type of malware which infiltrates the operating system and attempts to hide itself from view.

Question 53

secret key encryption

Answer 53

Encryption system in which a single key is used for both encryption and decryption.

Question 54

Secure Socket Layer

Answer 54

System used to encrypt https web traffic.

Question 55

security token

Answer 55

Hardware device that must be present during login to authenticate a user.

Question 56

security update

Answer 56

Software update to fix a security problem discovered in software.

Question 57

smishing

Answer 57

Phishing attacks committed using text messages (SMS).

Question 58

social engineering

Answer 58

Tricking a user into revealing their password or other sensitive data.

Question 59

spam

Answer 59

Unwanted, bulk email.

Question 60

spam bot

Answer 60

Program that scans web pages for email address, in order to send spam.

Question 61

spam filters

Answer 61

Program designed to identify and block spam messages while letting genuine messages through.

Question 62

spyware

Answer 62

Malware which covertly records a user’s actions, such as their key presses.

Question 63

SSL

Answer 63

System used to encrypt https web traffic.

Question 64

symmetric key encryption

Answer 64

Encryption system in which a single key is used for both encryption and decryption.

Question 65

system administrator

Answer 65

Personal in overall charge of a computer system in an organisation.

Question 66

TLS

Answer 66

System used to encrypt https web traffic.

Question 67

Transport Layer Security

Answer 67

System used to encrypt https web traffic.

Question 68

trojan horse

Answer 68

Malware which pretends to be a genuinely useful program to trick the user into using it.

Question 69

unauthorised access

Answer 69

Gaining illegal access to a computer system

Question 70

Virus

Answer 70

Computer program which damages files and data spreads when infected programs are copied.

Question 71

virus definition file

Answer 71

Used by anti-virus programs to recognise known viruses.

Question 72

vishing

Answer 72

Phishing attacks committed using telephone calls or VoIP systems.

Question 73

vulnerability scanner

Answer 73

Software to scan a system for potential security problems.

Question 74

web bug

Answer 74

Technique used by spammers to detect if an email address is valid or not.

Question 75

WEP

Answer 75

Wired Equivalence Protocol. Wireless network encryption system.

Question 76

worm

Answer 76

Malicious software which replicates itself and spreads between computer systems and over networks.

Question 77

WPA

Answer 77

Wireless Protected Access. Wireless network encryption system.

Question 78

WPA2

Answer 78

Wireless Protected Access 2. Wireless network encryption system.

Question 79

zombie

Answer 79

Computer which has been compromised by malware and is part of a botnet.