CISAundso
Begriffe erklären
Begriffe erklären
Fichier Détails
| Cartes-fiches | 23 |
|---|---|
| Langue | Deutsch |
| Catégorie | Informatique |
| Niveau | Université |
| Crée / Actualisé | 12.05.2017 / 26.08.2021 |
| Lien de web |
https://card2brain.ch/box/20170512_cisabdjd
|
| Intégrer |
<iframe src="https://card2brain.ch/box/20170512_cisabdjd/embed" width="780" height="150" scrolling="no" frameborder="0"></iframe>
|
SSL secure sockets layer
used for many ecomerece applications to set up secure channels for communications providing confidentiality trough a combination of public and symmetric key encryption and integrity trogh hash message authentication code
IDS intrution detection system
An intrusion detection system (IDS) will log network activity but is not used for protecting traffic over the Internet.
pki - public key infrastructure
Public key infrastructure (PKI) is used in conjunction with SSL or for securing communications such as e-commerce and email.
vpn - virtual private network
A virtual private network (VPN) is a generic term for a communications tunnel that can provide confidentiality, integrity and authentication (reliability). A VPN can operate at different levels of the Open Systems Interconnection (OSI) stack and may not always be used in conjunction with encryption. SSL can be called a type of VPN.
Unterschied Thread und Vulnerability
Thread:
A threat is anything (e.g., object, substance, human) that is capable of acting against an asset in a manner that can result in harm. A threat exists regardless of controls or a lack of controls.
Vulnerability
The lack of adequate security controls represents a vulnerability, exposing sensitive information and data to the risk of malicious damage, attack or unauthorized access by hackers. This could result in a loss of sensitive information and lead to the loss of goodwill for the organization. A succinct definition of risk is provided by the Guidelines for the Management of IT Security published by the International Organization for Standardization (ISO), which defines risk as the “potential that a given threat will exploit the vulnerability of an asset or group of assets to cause loss or damage to the assets.” The various elements of the definition are vulnerability, threat, asset and impact. Lack of adequate security functionality in this context is a vulnerability.
Server utilization data
Monitoring server utilization identifies underutilized servers and monitors overall server utilization. Underutilized servers do not provide the business with optimal cost-effectiveness. By monitoring server usage, IT management can take appropriate measures to raise the utilization ratio and provide the most effective return on investment (ROI).
Indemnity clause (Schadensersatzklausel)
Having the service provider sign an indemnity clause will ensure compliance to the enterprise’s security policies because any violations discovered would lead to a financial liability for the service provider. This will also prompt the enterprise to monitor security violations closely.
ups - uninteruptible power supply
An uninterruptible power supply (UPS) is used to provide constant power even if main power is lost.
Database normalization
Normalization is the removal of redundant data elements from the database structure. Disabling normalization in relational databases will create redundancy and a risk of not maintaining consistency of data, with the consequent loss of data integrity.
Encapsulation
Encapsulation is a property of objects, and it prevents accessing either properties or methods that have not been previously defined as public. This means that any implementation of the behavior of an object is not accessible. An object defines a communication interface with the exterior and only that which belongs to that interface can be accessed.
ping of death
The use of Ping with a packet size higher than 65 KB and no fragmentation flag on will cause a denial of service.
leap frog attack
A leapfrog attack, the act of telneting through one or more hosts to preclude a trace, makes use of user ID and password information obtained illicitly from one host to compromise another host.
Negative acknowledgment attack
A negative acknowledgment (NAK) is a penetration technique that capitalizes on a potential weakness in an operating system that does not handle asynchronous interrupts properly, leaving the system in an unprotected state during such interrupts.
Kerberos
Kerberos is a network authentication protocol for client-server applications that can be used to restrict access to the database to authorized users.
Pharming attack
The pharming attack redirects the traffic to an unauthorized web site by exploiting vulnerabilities of the DNS server. To avoid this kind of attack, it is necessary to eliminate any known vulnerability that could allow DNS poisoning. Older versions of DNS software are vulnerable to this kind of attack and should be patched.
Alteration attack
Occurs when unauthorized modifications affect the integrity of the data or code.
Botnet
Comprise a collection of compromised computers running software, usually installed via worms, trojan horses or back doors.
Denial of Service (DoS) attack
Smurf attack - occurs when misconfigured network devices alow packets to be sent to all hosts on a particular network via the broadcast addres of the network
ping flood - occurs when the target system is overwhelmed with ping packets
teardrop attack - involves sending mangled IP fragments with overlapping, oversized payloads to the target machine
DDoS - Distributed denial-of-service attack - occurs when multiple compromised systems flood the bandwith or resources of the targeted system
Nuke - A DoS attack against computer networks in which fragmented or invalid ICMP packets are sent to the target. Modified ping utility is used to repeatedly send corrupt data, thus slowing down the affected computer to a complete stop.
Eavesdropping
An intruder gathers the information flowing trough the network with the intent of acquiring and releasing the message contents for either personal analysis or for third parties who might have comissioned such eavesdropping. These activities can enable the intruder to gain unauthorized access to fraudulently use of information such as credit card accounts and to compromise the confidentiality of sensitive information that could jeopardize or harm an individuals or an organizations reputation.
Malicious codes
Trojan horses
Logic bomb - A program or a section of a program that is triggered when a certain condior event occurs
Trap doors - Bits of code embedded in programs by programmers to quickly gain access during the testing or debugging phase.
Pharming
An attack that aims to redirect the traffic of a web site to a bogus website. Pharming can be conducted either by changing the hosts file on a victims computer or by exploiting a vulnerability in DNS server software.
Piggybacking / Tailgating
The act of following an authorized person through a secured door or electronically attaching to an authorized telecommunications link to intercept and possibly alter transmissions.
Salami
Involves slicing smal amounts of money from a computerized transation or account.
