Terms used in Cyber Security Exam Elaborated Answers
Instant Message - Answers Common communication using a computer
ICMP - Answers Internet Control Message Protocol. Used by a router to exchange information with
other routers
Configuration Management - Answers The process of keeping track of changes to the system, if needed,
approving them.
Packet Sniffer - Answers A device or program that monitors the data traveling between computers on a
network
Gateway - Answers A bridge two networks
Keywords - Answers will block any website that to deal with certain predetermined keywords
Risk Analysis - Answers The process of identifying security risks, determining their magnitude, and
identifying areas needing safeguards
Packet Filtering or Packet Purity - Answers analyzed against a set of filters. That make it through the
filters are sent to the requesting system and others are discarded
Telnet - Answers used to perform commands on a remote computers
Spyware - Answers any software using someone's Internet connection in the background without their
knowledge or explicit permission. These applications are typically bundled as a hidden component of
freeware or shareware programs that can be downloaded from the Internet; however, it should be
noted that majority of shareware and freeware do not come with this. Once installed, this monitors user
activity on the Internet and transmits that information in the background to someone else. IT can also
gather information about e-mail addresses and even passwords and credit card numbers.
SMTP Session Hijacking - Answers by gaining access to a list of e-mail addresses a person can send spam
to thousands of users
Distributed Tool - Answers A tool that can be distributed to multiple hosts, which can then be
coordinated to anonymously perform an attack on the target host simultaneously after some time delay
Operation Controls - Answers Security methods that focus on mechanisms that primarily are
implemented and executed by people (as opposed to systems)
Encryptions - Answers the translation of data into a secret code; the most effective way to achieve data
security. To read these files, you must have access to a secret key or password that enables you to
decrypt it
, Audit Trail - Answers A record showing who has accessed a computer system and what operations he or
she has performed during a given period of time. Useful both for maintaining security and for recovering
lost transactions
Mobile Code - Answers Software moduels obtained from remote systems, transferred across a network,
and then downloaded and executed on a local system without explicit installation or execution by the
recipient, Malicious types of this are designed, employed, distributed, or activated with the intention of
compromising the performance or security of information systems and computers, increasing access to
those systems disclosing unauthorized information, corrupting information, denying service, or stealing
resources.
Data Integrity - Answers The state that exists when automated data is the same as that in source
documents, or has been correctly computed from source data, and has not been exposed to alteration
or destruction
Digital Signature - Answers A way to verify that an email message is really from the person who
supposedly sent it and that it hasn't been changed. You may have received emails that have a block of
letters and numbers at the bottom of the message - this mathematical algorithm is used to combine the
information in the message. The result is a random-looking string of letters and numbers.
Dictionary Attack - Answers An attack that uses a brute-force technique of successively trying all the
words in some large, exhaustive list
SNMP - Answers Simple Network Management Protocol. Used to collect system information from a
remote computer
EULA - Answers A contract between you and the software's vendor or developer. Some software
packages state that you agree to the contract by removing the shrink-wrap on the package. However,
you may be more familiar with the type of this that is presented as a dialog box that appears the first
time you open the software. It usually requires you to accept the conditions of the contract before you
can proceed
Backup - Answers A copy of data and/or applications contained in the IT stored on magnetic media
outside of the IT to be used in the event IT data are lost.
DNS Spoofing - Answers Assuming the name of another system by either corrupting the name service
cache of a victim system, or by compromising a domain name server for a valid domain
Operating System Bugs - Answers operating systems backdoors
Replicator - Answers Any program that acts to produce copies of itself. Examples include; a program, a
worm, or virus
Firewall - Answers A system designed to prevent unauthorized access to or from a private network; can
be implemented in both hardware and software, or a combination if both; frequently used to prevent
Instant Message - Answers Common communication using a computer
ICMP - Answers Internet Control Message Protocol. Used by a router to exchange information with
other routers
Configuration Management - Answers The process of keeping track of changes to the system, if needed,
approving them.
Packet Sniffer - Answers A device or program that monitors the data traveling between computers on a
network
Gateway - Answers A bridge two networks
Keywords - Answers will block any website that to deal with certain predetermined keywords
Risk Analysis - Answers The process of identifying security risks, determining their magnitude, and
identifying areas needing safeguards
Packet Filtering or Packet Purity - Answers analyzed against a set of filters. That make it through the
filters are sent to the requesting system and others are discarded
Telnet - Answers used to perform commands on a remote computers
Spyware - Answers any software using someone's Internet connection in the background without their
knowledge or explicit permission. These applications are typically bundled as a hidden component of
freeware or shareware programs that can be downloaded from the Internet; however, it should be
noted that majority of shareware and freeware do not come with this. Once installed, this monitors user
activity on the Internet and transmits that information in the background to someone else. IT can also
gather information about e-mail addresses and even passwords and credit card numbers.
SMTP Session Hijacking - Answers by gaining access to a list of e-mail addresses a person can send spam
to thousands of users
Distributed Tool - Answers A tool that can be distributed to multiple hosts, which can then be
coordinated to anonymously perform an attack on the target host simultaneously after some time delay
Operation Controls - Answers Security methods that focus on mechanisms that primarily are
implemented and executed by people (as opposed to systems)
Encryptions - Answers the translation of data into a secret code; the most effective way to achieve data
security. To read these files, you must have access to a secret key or password that enables you to
decrypt it
, Audit Trail - Answers A record showing who has accessed a computer system and what operations he or
she has performed during a given period of time. Useful both for maintaining security and for recovering
lost transactions
Mobile Code - Answers Software moduels obtained from remote systems, transferred across a network,
and then downloaded and executed on a local system without explicit installation or execution by the
recipient, Malicious types of this are designed, employed, distributed, or activated with the intention of
compromising the performance or security of information systems and computers, increasing access to
those systems disclosing unauthorized information, corrupting information, denying service, or stealing
resources.
Data Integrity - Answers The state that exists when automated data is the same as that in source
documents, or has been correctly computed from source data, and has not been exposed to alteration
or destruction
Digital Signature - Answers A way to verify that an email message is really from the person who
supposedly sent it and that it hasn't been changed. You may have received emails that have a block of
letters and numbers at the bottom of the message - this mathematical algorithm is used to combine the
information in the message. The result is a random-looking string of letters and numbers.
Dictionary Attack - Answers An attack that uses a brute-force technique of successively trying all the
words in some large, exhaustive list
SNMP - Answers Simple Network Management Protocol. Used to collect system information from a
remote computer
EULA - Answers A contract between you and the software's vendor or developer. Some software
packages state that you agree to the contract by removing the shrink-wrap on the package. However,
you may be more familiar with the type of this that is presented as a dialog box that appears the first
time you open the software. It usually requires you to accept the conditions of the contract before you
can proceed
Backup - Answers A copy of data and/or applications contained in the IT stored on magnetic media
outside of the IT to be used in the event IT data are lost.
DNS Spoofing - Answers Assuming the name of another system by either corrupting the name service
cache of a victim system, or by compromising a domain name server for a valid domain
Operating System Bugs - Answers operating systems backdoors
Replicator - Answers Any program that acts to produce copies of itself. Examples include; a program, a
worm, or virus
Firewall - Answers A system designed to prevent unauthorized access to or from a private network; can
be implemented in both hardware and software, or a combination if both; frequently used to prevent
