[Cisspstudy] Computer Jargon in Plain English
Hammond, Stanley
shammond at capecod.edu
Wed Dec 9 11:13:05 EST 2009
Is the hacker/cracker definition listed correct in general or correct
for CISSP/CISA/CISM?
It seems that these terms get used interchangeably yet according to RFC
1392, they have different meanings.
RFC 1392 states the following for cracker and hacker:
cracker
A cracker is an individual who attempts to access computer systems
without authorization. These individuals are often malicious, as
opposed to hackers, and have many means at their disposal for
breaking into a system.
hacker
A person who delights in having an intimate understanding of the
internal workings of a system, computers and computer networks in
particular. The term is often misused in a pejorative context,
where "cracker" would be the correct term.
The definitions for these as I understood them was a hacker became a
cracker when they accessed a computer system without authorization
and/or the intent was malicious.
Stan
From: cisspstudy-bounces at cccure.org
[mailto:cisspstudy-bounces at cccure.org] On Behalf Of Prakash
Sent: Saturday, December 05, 2009 2:55 PM
To: cisspstudy at cccure.org
Subject: [Cisspstudy] Computer Jargon in Plain English
Hello all,
I am sharing Computer Jargon in Plain English, You can use it as ready
reference for CISA, CISM & CISSP exams.
BROADBAND: Broad bandwidth networking. High-speed Internet connections,
like DSL (Digital Subscriber Line), Cable Internet, and 3G (Third
Generation) cellular services.
DSL: Digital Subscriber Line. One of the most common ways to bring
Internet to homes and small businesses over a telephone line at up to
12 Megabits/second.
CABLE OR CABLE INTERNET: The other most common way to bring Internet to
homes over cable TV lines at speeds ranging from 1.5 to 50
Megabits/second.
FiOS: Fiber-Optic Service. An emerging technology that provides Internet
to homes and offices over fiber-optic cables at speeds from 15 to 50
Megabits/second.
WI-FI: Wireless Fidelity. The most common kind of short-range wireless
networking--about 300 feet--at speeds of up to 108 Megabits/second.
EDGE or EVDO: An older kind of wide-area wireless networking-like a
whole city--based on first and second generation cellphone technology
with speeds ranging from 300 to 400 kilobits/second.
3G: Third Generation cellular service. Enhanced wide-area wireless
networking at speeds of up to 14 Megabits/second.
4G: Fourth Generation cellular service or WIMAX. An emerging wide-area
networking technology that promises a range of 10 miles and speeds of
up to 100 Megabits/second.
ETHERNET: A way of connecting computers to networks using a cable at
speeds ranging from 10 to 10,000 Megabits/second.
FIREWALL: Software or hardware that prevents outsiders from accessing a
computer or network.
ROUTER: A device that finds the best route for sending information
between networks.
IP ADDRESS: Internet Protocol Address. Every computer on the Internet is
identified by a unique set of numbers known as an Internet Protocol
address--usually four numbers separated by dots, for example:
74.125.53.100. These numerical addresses are normally invisible to users
and are translated into familiar Web addresses, like
http://www.google.com.
VIRUS: A self-replicating program designed to cause damage or mischief
that inserts itself into a software program on your computer. Viruses
spread from computer to computer, most often through infected emails or
websites.
WORM: Similar to a virus, but worms are self-contained, spread via
networks, and do not need to become part of another program in order to
spread. Worms infect your operating system and act like a program.
TROJAN HORSE: A malicious program that may appear harmless-or even
useful-but can also conceal and download other malware that compromises
the security and functioning of your computer.
RANSOMWARE: A cyber-extortion scheme in which thieves use malware--like
phony security programs--to take control of your computer and demand
that you pay a ransom to regain control.
SPYWARE and ADWARE: Spyware is a malicious program that installs itself
on your computer surreptitiously and monitors and reports your
activities and personal information to third parties. Adware is a kind
of spyware that generates annoying popup ads.
KEYLOGGERS: Spyware that monitors your keystrokes surreptitiously and
sends the information to a "Bad Guy."
HACKERS AND CRACKERS: Individuals who break into systems with malicious
intent, destroy data, steal copyrighted software or confidential
information, and perform other destructive or illegal acts with
computers and networks.
VULNERABILITIES AND EXPLOITS: Your computer is vulnerable when a
hardware or software flaw makes it possible to compromise its security
and smooth operation. An exploit is a software application or program
that takes advantage of a vulnerability to attack your system.
SNIFFING: Listening in on a network in order to capture and steal
sensitive information.
SPOOFING: An attack in which a person or program you shouldn't trust
masquerades as a person or program you do trust. For example, an
attacker forges an email address in order to make you believe it's from
someone you know and trust.
PHISHING: A widespread form of Internet fraud that aims to steal
valuable information such as credit card and social security numbers and
usernames and passwords, by sending you misleading emails designed to
lure you into visiting phony or rigged websites.
IDENTITY THEFT: Cybercriminals steal identities by overhearing
conversations on cellphones, intercepting faxes and emails, hacking into
computers, employing telephone and email scams, and phishing the users
of online services.
SOCIAL ENGINEERING: Deceptions by criminals posing as someone you trust
in order to get you to divulge sensitive information.
SOURCE - SANS
- Prakash
http://www.linkedin.com/in/prakashp
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20091209/6b1551b1/attachment.html>
More information about the cisspstudy
mailing list