Anda di halaman 1dari 5

Are, Sweetcell Anne L.

BSA 5 letter in the original message (called the plaintext) is replaced with
a letter corresponding to a certain number of letters up or down in
the alphabet.
o Access Control List (ACL) - a table that tells a computer operating o Call-back device - requires the dial-in user to enter a password
system which access rights each user has to a particular system and be identified. The system then breaks the connection to
object, such as a file directory or individual file. Each object has a perform user authentication. If the caller is authorized, it dials the
security attribute that identifies its access control list. The list has an callers number to establish a new connection. This restricts access
entry for each system user with access privileges. The most common to authorized terminals or telephone numbers and prevents an
privileges include the ability to read a file (or all the files in a intruder masquerading as a legitimate user.
directory), to write to the file or files, and to execute the file (if it is o Certification authority (CA) - is a trusted entity that issues
an executable file, or program). The list is implemented differently electronic documents that verify a digital entitys identity on the
by each operating system. Internet.
o Access Token - a small hardware device that the owner carries to o Compiler a special program that processes statements written
authorize access to a network service. The device may be in the form in a particular programming language and turns them into machine
of a smart card or may be embedded in a commonly used object language or "code" that a computer's processor uses.
such as a key fob. o Data Collision - a collision is the result of two devices on the same
o Advance Encryption Standard - symmetric block cipher chosen Ethernet network attempting to transmit data at exactly the same
by the U.S. government to protect classified information and is time.
implemented in software and hardware throughout the world to Data Encryption Standard (DES) - an outdated symmetric-key
encrypt sensitive data. method of data encryption. DES works by using the same key to
o Algorithm - procedure or formula for solving a problem based encrypt and decrypt a message, so both the sender and the receiver
on conducting a sequence of specified actions. must know and use the same private key.
o Application-level firewall - form of firewall that controls input,
output, and/or access from, to, or by an application or service. It o Deep Packet Inspection (DPI) - is an advanced method of packet
operates by monitoring and potentially blocking the input, output, filtering that functions at the Application layer of the OSI (Open
or system service calls that do not meet the configured policy of the Systems Interconnection) reference model. The use of DPI makes it
firewall. possible to find, identify, classify, reroute or block packets with
o Botnets - are collections of internet-connected devices, which specific data or code payloads that conventional packet filtering,
may include PCs, servers, mobile devices and internet of things which examines only packet headers, cannot detect.
devices that are infected and controlled by a common type of o Denial of Service attacks (Dos) - a type of attack on a network
malware. Users are often unaware of a botnet infecting their that is designed to bring the network to its knees by flooding it with
system. useless traffic. Many DoS attacks, such as the Ping of Death and
o Caesar cipher - also known as a shift cipher, is one of the Teardrop attacks, exploit limitations in the TCP/IP protocols.
simplest forms of encryption. It is a substitution cipher where each
companies -- possibly in different countries -- to exchange
o Digest - a mathematical value calculated from the text content of documents electronically. Data can be exchanged through serial
the message. The digest is then encrypted using the senders private links and peer-to-peer networks, though most exchanges currently
key to produce the digital signature. rely on the Internet for connectivity.
o Digital Certificate - an electronic "passport" that allows a person, o Encryption - is the conversion of electronic data into another
computer or organization to exchange information securely over the form, called ciphertext, which cannot be easily understood by
Internet using the public key infrastructure (PKI). A digital certificate anyone except authorized parties.
may also be referred to as a public key certificate. o Event Monitoring - the process of collecting, analyzing, and
o Digital Envelope - secure electronic data container that is used to signaling event occurrences to subscribers such as operating system
protect a message through encryption and data authentication. A processes, active database rules as well as human operators.
digital envelope allows users to encrypt data with the speed of
Firewall - is a network security system, either hardware- or
secret key encryption and the convenience and security of public key
software-based, that uses rules to control incoming and outgoing
network traffic.
o Digital Signature - is a mathematical technique used to validate
the authenticity and integrity of a message, software or digital - acts as a barrier between a trusted network and and an
document. untrusted network. A firewall controls access to the resources of a
o Discretionary Access Privileges - type of access control defined network through a positive control model. This means that the only
by the Trusted Computer System Evaluation Criteria "as a means of traffic allowed onto the network is defined in the firewall policy; all
restricting access to objects based on the identity of subjects and/or other traffic is denied.
groups to which they belong. o Hierarchical topology - made up of the following: A core layer of
o Distributed denial of service (DDos) attack occurs when multiple high-end routers and switches optimized for network availability
systems flood the bandwidth or resources of a targeted system, and performance. A distribution layer of routers and switches
usually one or more web servers. Such an attack is often the result implementing forwarding decisions, an access layer connecting
of multiple compromised systems (for example, a botnet) flooding users via hubs, bridges, switches, or routers.
the targeted system with traffic. o Internet relay chat (IRC) - a system for chatting that involves a set
o Echo Check - a quality check and error-control technique for data of rules and conventions and client/server software. On the Web,
transferred over a computer network or other communications link, certain sites such as Talk City or IRC networks such as the Undernet
in which the data received is stored and also transmitted back to its provide servers and help you download an IRC client to your PC. Talk
point of origin, where it is compared with the original data. City also offers an IRC client applet that it downloads for you as part
o EDE3 - ses one key to encrypt, the second to decode and the third of their home page so that you can start chatting right away.
to encrypt the garbled message o Interpreter - translates high-level instructions into an
o Electronic data interchange (EDI) is the transfer of data from one intermediate form, which it then executes.
computer system to another by standardized message formatting,
without the need for human intervention. EDI permits multiple
o Intranet - a network based on TCP/IP protocols belonging to an o Multilevel password control - used to restrict employees who are
organization, accessible only by the organization's members or sharing the same computers to specific directories, programs and
those with authorization. data files. Different passwords are used to access different
o Intrusion Prevention Systems (IPS) - or intrusion prevention functions.
system is used in computer security. It provides policies and rules for o Network-level firewall - filter traffic between two or more
network traffic along with an intrusion detection system for alerting networks; they are either software appliances running on general-
system or network administrators to suspicious traffic, but allows purpose hardware, or hardware-based firewall computer
the administrator to provide the action upon being alerted. appliances. Host-based firewalls provide a layer of software on one
o IP broadcast address - a special Internet Protocol (IP) address host that controls network traffic in and out of that single machine.
used to transmit messages and data packets to network systems. o Network topology - refers to the layout of a network and how
o IP Spoofing - also known as IP address forgery or a host file hijack, different nodes in a network are connected to each other and how
is a hijacking technique in which a cracker masquerades as a trusted they communicate.
host to conceal his identity, spoof a Web site, hijack browsers, or o One-time password - is a password that is valid for only one login
gain access to a network. session or transaction, on a computer system or other digital device.
o Key - a variable value that is applied using an algorithm to a string o Operating system - the most important program that runs on a
or block of unencrypted text to produce encrypted text, or to computer.
decrypt encrypted text. o Operating system security - is the process of ensuring OS
o Keystroke Monitoring - records both the users keystrokes and integrity, confidentiality and availability. OS security refers to
system responses. May be used to reconstruct the details of an specified steps or measures used to protect the OS from threats,
event or as a real-time control to prevent unauthorized intrusion. viruses, worms, and malware or remote hacker intrusions. OS
o Line error - the bit structure of the message can be corrupted security encompasses all preventive-control techniques, which
through noise on the communications lines. safeguard any computer assets capable of being stolen, edited or
o Log-on procedure - two requests are made from the individual deleted if OS security is compromised.
trying to gain access: a preauthorized account (or user) name and a o Parity check - a technique that checks whether data has been lost
preset password. On a computer system used by more than one or written over when it is moved from one place in storage to
individual, the logon procedure identifies the authorized users and another or when it is transmitted between computers.
the protocols of users' access time. o Password - a string of characters used to verify the identity of a
o Message sequence numbering - through it, a sequence number user during the authentication process.
is inserted in each message and any such attempt will become o Ping - is a utility to determine whether a specific IP address is
apparent at the receiving end. accessible.
o Message transaction logs - records the User ID, time of access o Polling - nodes can send data only when the master nodes
and the terminal location or phone number where the access request, two nodes can never access the network at the same time
o Private Key - is a tiny bit of code that is paired with a public key o Screening router - performs packet-filtering and is used as a
to set off algorithms for text encryption and decryption. It is created firewall. In some cases a screening router may be used as perimeter
as part of public key cryptography during asymmetric-key protection for the internal network or as the entire firewall solution.
encryption and used to decrypt and transform a message to a o Server - a computer program that provides services to other
readable format. Public and private keys are paired for secure computer programs (and their users) in the same or other
communication, such as email. computers.
o Public key encryption - an encryption technique that uses a o Smurf attack - a type of denial of service attack in which a system
paired public and private key (or asymmetric key) algorithm for is flooded with spoofed ping messages.
secure data communication. A message sender uses a recipient's o SYNchronize-ACKnowledge (SYN-ACK) - rely on the fact that web
public key to encrypt a message. To decrypt the sender's message, servers will respond to apparently legitimate requests for web
only the recipient's private key may be used. pages, no matter how many requests are made. However, should an
o Public key infrastructure (PKI) - allows users of the Internet and attacker make lots of requests, which then leave the web server tied
other public networks to engage in secure communication, data up and unable to continue serving truly legitimate requests, disaster
exchange and money exchange. This is done through public and will strike and the web server will fail.
private cryptographic key pairs provided by a certificate authority. o SYN flood attack is a type of Distributed Denial of Service (DDoS)
o Request-response technique - one party sends a request attack that exploits part of the normal TCP three-way handshake to
message and the receiving party returns a response message. consume resources on the targeted server and render it
o Reusable password - the user defines the password and reuses it unresponsive. Essentially, with SYN flood DDoS, the offender sends
to gain future access. TCP connection requests faster than the targeted machine can
o Ring topology a peer-to-peer arrangement in which all nodes process them, causing network saturation.
are of equal status thus, responsibility for managing o System audit trails is a chain of evidence in the form of hard or
communications is distributed among nodes. electronic business transactions or communications resulting from
o RSA (Rivest-Shamir-Adleman) - encryption is a public-key business processes, functions or programming executions.
encryption technology developed by RSA Data Security. The RSA o Token passing is a channel access method where a signal called a
algorithm is based on the difficulty in factoring very large numbers. token is passed between nodes to authorize that node to
Based on this principle, the RSA encryption algorithm uses prime communicate. In contrast to polling access methods, there is no pre-
factorization as the trap door for encryption. Deducing an RSA key, defined "master" node.
therefore, takes a huge amount of time and processing power. RSA o Triple-DES encryption is a type of computerized cryptography
is the standard encryption method for important data, especially where block cipher algorithms are applied three times to each data
data that's transmitted over the Internet.RSA stands for the creators block. The key size is increased in Triple DES to ensure additional
of the technique, Rivest, Shamir and Adelman. security through encryption capabilities. Each block contains 64 bits
of data. Three keys are referred to as bundle keys with 56 bits per
key. There are three keying options in data encryption standards: All
keys being independent, Key 1 and key 2 being independent keys,
All three keys being identical.
o Trojan horse - is a program whose purpose is to capture IDs and
passwords from unsuspecting users. They mimic the normal login
procedures of the OS. When user enters his or her ID and password,
the Trojan horse stores a copy of them in a secret file. At a later date,
the author uses these IDs and passwords to access the system and
masquerade as an authorized user.
o Virus - a program that attaches itself to a legitimate program to
penetrate the OS and destroy application programs, data files and
the OS itself.
o Worm - is a software program that virtually burrows into the
computers memory and replicates itself into areas of idle memory.
The worm systematically occupies idle memory and replicates itself
until memory is exhausted and the system fails. Replicated worm
modules remain in contact with the original worm that controls their
o Zombie - perpetrators of DDoS may employ a virtual army of
zombie or bot (computers) to launch the attack