Using the MBSA Using Windows Update Keeping Applications Current

Understanding Computer Viruses Norton Antivirus Program How Does Virus Scanning Work? Spyware and Unwanted Software

Dangerous AttachmentsSpam Phishing(Spoofing)

How to Know if a Site is Secure What Are Cookies?Deleting the Browser Cache Clearing Recent Documents List

Different Types of IU Accounts Local Administrator Account

Creating Good PasswordsManaging Passwords

 

General IT PoliciesIT Policy Office Role IT Security Office Role

Physical Security Logging On and Off Locking a Workstation Disabling File & Print Sharing

Computer Security Terminology

Listed below are some commonly used terms:

• Adware — a general term used for software that invades your computer in the form of persistent pop-up ads.
• Cracker — someone who looks for and breaks into computers or networks without authorization, either for the fun of it or to steal valuable information such as credit card numbers; also called a “black hat” hacker.
• Denial of Service Attack (DoS) — a term used when an attacker attempts to prevent legitimate users from accessing information or services. The most common and obvious type of DoS attack occurs when an attacker “floods” a network with information.
• Distributed Denial of Service Attack (DDoS) — a DoS attack where the attacker uses multiple machines rather than one machine to prevent legitimate users from accessing information or servies. This type of attack is generally more effective than a traditional DoS attack.
• Firewall — software, hardware or both used to block unauthorized access to a machine or a network. A firewall can be internal (on an individual machine) or external (a separate piece of hardware on a network protecting multiple machines); however, the use of both internal and external firewalls is commonplace.
• Hacker — a general term used for anyone who spends time poking into computers and operating systems, trying to discover their vulnerabilities.
• Intruder — any unauthorized individual who tries to access a computer system from outside; also referred to as an attacker.
• Malware —A new term which is emerging to refer to any software written with malicious intent. Term is derived from malicious software.
• Phishing — a form of social engineering where an attacker tries to fradulently acquire sensitive information, such as a password, bank account number, social security number, etc., by masquerading as a trustworthy entity with official looking electronic communication (email, instant message, etc.).
• Probe — a program used to gather information about a system or its users.
• Risk — the probability that a vulnerability will cause a harmful result.
• Rootkit — an especially heinous Trojan Horse program or group of programs that can completely hide itself from a virus scan program by integrating itself into the core of the operating system. Rootkits typically start themselves before the machine's operating system making them capable of hiding multiple files, registry keys and/or programs from the operating system and thus the machine's virus scan software.
• Social Engineering — the practice of obtaining confidential information by manipulation; for example, people claiming to be administrators may trick computer users in to divulging sensitive information such as passwords.
• Spyware — a general term used for software that performs certain “secret” behaviors such as advertising or collecting personal information, generally without obtaining your consent.
• System Compromise — a violation of security policy in which disclosure of sensitive information may have occurred.
• Threat — any event that may harm a system by means of destruction, disclosure, modification of data, and/or denial of service.
• Trojan horse — "back door" software program that allows intruders to take remote control of a computer without the owner’s knowledge. Trojans can be installed on computers through thousands of free software packages that can be downloaded from the Internet.
• Virus — a piece of code that replicates by attaching itself to another object. It can attack the registry, replace system files, or take over email programs in its attempt to replicate itself.
• Vulnerability — a weakness in security procedures that may be used to violate a system security policy.
• Worm — an independent program that replicates by copying itself from one computer to another, usually over a network or through email attachments. A particularly common use of worms is to make computers spew out so much bad network traffic that they cause networks and servers to fail.