ISTA 161 FINAL EXAM 2025

Hacker - -People who gain unauthorized access to computers and computer networks 3 techniques that Hackers use - - Eavesdropping Dumpster Diving Social Engineering Eavesdropping - -Looking over the shoulder of a legitimate computer user to learn his login name & password Dumpster Diving - -Looking through garbage for interesting bits of information Social Engineering - -Refers to the manipulation of a person inside the organization to gain access to confidential information Electronic Communications Privacy Act - -Makes it illegal to intercept telephone conversations, email, or any other data transmissions Wire Fraud Act (National Stolen Property Act) - -Prosecuting the use of the Internet to commit fraud or transmit funds Identity Theft and Assumption Deterrence Act - -Prosecuting adopting the identity of another person to carry out an illegal activity Encryption - -The process of protecting information by transforming it into a form that cannot be understood by anyone who does not possess the key Sidejacking - -Hijacking of an open Web session by the capturing of a user's cookies, giving the attacker the same privileges as the user on that website Malware - -Malicious software that is active on your computer Virus - -Piece of self-replicating code embedded within another program called the host Worm - -Self-containing program that spreads through a computer network by exploiting security holes in the computers connected to the network Cross-site Scripting - -Malware that gets on your computer system via websites that allow people to view what other people have written Drive-by-Download - -When malware gets on your computer system simply by visiting a website ISTA 161 ISTA 161 Trojan Horse - -Program with a benign capability that conceals a sinister purpose Backdoor Trojan - -Trojan horse that gives the attacker access to the victim's computer Rootkit - -Set of programs that provide privileged access to a computer Spyware - -Program that communicates over an Internet connection without the user's knowledge or consent Adware - -Type of spyware that displays pop-up advertisements related to what the user is doing Bot - -Type of backdoor Trojan that responds to commands sent by a command & control program located on a external computer Botnet - -Collection of bot-infected computers Bot Herder - -Person who controls a botnet 3 Defensive Measures v. Malware - - Security Patches Antimalware Firewall Security Patches - -Software makers' updates to remove vulnerabilities that have been uncovered Antimalware - -Software that scans & deletes malware from a computers' hard drive Firewall - -Software application installed on a computer that can selectively block network traffic to and from that computer Phishing - -Attack on a large-scale effort to gain sensitive information from gullible computer users Spear Phishing - -Variant of phishing in which the attacker selects email addresses that target a particular group of recipients SQL Injection - -Method of attacking a database-driven Web application that has improper security Denial-of-Service Attack (DoS) - -Intentional action designed to prevent legitimate users from making use of a computer service The goal is not to steal information, but to disrupt a computer server's ability to respond to its clients ISTA 161 ISTA 161 Distributed Denial-of-Service Attack (DDoS) - -The attacker rents access to a botnet from a BotHerder, then in which instruction is sent to the bots to launch their attack on the targeted system Cyber Attack - -Computer-to-computer attack that undermines the confidentiality, integrity, or availability of a computer or information resident of it Hacktivist - -Computer hacker whose activity is aimed at promoting a social or political cause White Hat Hacker - -To discover & fix security vulnerabilities Black Hat Hacker - -To engage in illegal or anti-social activity Embedded System - -Computer used as a component of a larger system Real-Time Systems - -Embedded systems that process data from sensors as an event occurs THERAC-25 - -Extremely unreliable X-ray system that cost 3 people their lives Race Conditions - -2+ concurrent tasks share a variable & the order in which they read or write the value of the variable can affect the behavior of the program 2 Conditions of Moral Responsibility - -Casual & Mental Casual Condition - -Action/Inaction of the agent must have caused the harm Moral Condition - -Action/Inaction must have intended or willed by the agent Identifying Race Conditions - -Extremely difficult to identify & fix because usually the tasks don't interfere with each other & nothing goes wrong Only in rare conditions will the tasks actually interfere & cause the error 2 Kinds of Data-Related Failures - -Data Entry Error Software Errors Data Entry Errors - -A computerized system may fail because the wrong data entered into it Software Errors - -A computerized system may fail because there is an error in its programming Verification - -Process of determining if the computer program correctly implements the model ISTA 161 ISTA 161 Validation - -The process of determining if the model is an accurate representation of the real system Fully Developed Professional - -Initial Professional Education Accreditation Skills Development Certification Licensing Professional Development Code of Ethics Professional Society Initial Professional Education - -Formal course work completed by candidates before they begin practicing the profession Accreditation - -Assumes that the formal course work meets the standards of the profession Skills Development - -Activities that provide candidates with the opportunity to gain practical skills needed to practice the profession Certification - -Process by which candidates are evaluated to determine their readiness to enter the profession Licensing - -The process giving candidates the legal right to practice the profession Professional Development - -Formal course work completed by professionals in order to maintain & develop their knowledge & skills Codes of Ethics - -Mechanism by which a profession ensures that its members use their knowledge & skills for the benefit of society Professional Society - -Organization promoting the welfare of the profession, typically consisting of most, it not all, members of the profession Software Engineer - -Someone engaged in the development or maintenance