Cyber Security - Terminology - List 2Social Engineering: Social engineering is essentially the art of gaining access to buildings, computer systems or data by exploiting human psychology, rather than by breaking in or using technical hacking techniques.
Email spoofing: Email spoofing is the creation of email messages with a forged sender address. Email spoofing is the forgery of an email header so that the message appears to have originated from someone or somewhere other than the actual source. Email spoofing is a tactic used in phishing and spam campaigns because people are more likely to open an email when they think it has been sent by a legitimate source.
Active Attacks: An active attack is a network exploit in which a hacker attempts to make changes to data on the target or data en route to the target.
Passive Active: A passive attack is a network attack in which a system is monitored and sometimes scanned for open ports and vulnerabilities. The purpose is solely to gain information about the target and no data is changed on the target. Passive attacks include active reconnaissance and passive reconnaissance.
Types of Cyber security Attacks
- Phishing Attacks.
- SQL Injection Attacks (SQLi)
- Cross-Site Scripting (XSS)
- Man-in-the-Middle (MITM) Attacks.
- Malware Attacks.
- Denial-of-Service Attacks, etc..
Conﬁdentiality: Confidentiality is the protection of personal information. Confidentiality means keeping a client's information between you and the client, and not telling others including co-workers, friends, family, etc. Examples of maintaining confidentiality include: individual files are locked and secured.
Cyber space: the notional environment in which communication over computer networks occurs. Cyberspace refers to the virtual computer world, and more specifically, is an electronic medium used to form a global computer network to facilitate online communication. It is a large computer network made up of many worldwide computer networks that employ TCP/IP protocol.
Certifying Authority: A certificate authority (CA) is a trusted entity that issues electronic documents that verify a digital entity's identity on the Internet. The electronic documents, which are called digital certificates, are an essential part of secure communication and play an important part in the public key infrastructure (PKI).
Domain name: A domain name is your website name. A domain name is the address where Internet users can access your website. A domain name is used for finding and identifying computers on the Internet.
Intellectual property: Intellectual property (IP) is a category of property that includes intangible creations of the human intellect, and primarily encompasses copyrights, patents, and trademarks.
Jurisdiction: the official power to make legal decisions and judgements.
Brute force attack: A brute force attack is a trial-and-error method used to obtain information such as a user password or personal identification number (PIN). In a brute force attack, automated software is used to generate a large number of consecutive guesses as to the value of the desired data.
Salami attack: A “salami attack” is a form of cybercrime usually used for the purpose of committing financial crimes in which criminals steal money or resources a bit at a time from financial accounts.