surreptitiously watching a user's monitor to gather information

  surreptitiously watching a user's monitor to gather information

Tailgating

 

·         using access opened for another person, to enter an area in an unauthorized fashion, such as following someone through an opened security door

 

pop up

 

·         code that can open an unwanted browser window that displays advertisements or other content

 

biometric device

 

·         appliance that uses unique personal characteristics, such as fingerprints, to confirm a user's identity

 

shoulder surfing

 

·         surreptitiously watching a user's monitor to gather information

 

virus

 

·         malicious software that attaches to other programs which, when launched, triggers its negative action

 

anti virus

 

·         software that can detect, prevent, or remove infectious programs in a computer

 

local security policy

 

·         access controls applied to all accounts of a given windows computer

 

process of scrambling data so that it can only be unscrambled and read by someone with the appropriate key

 

·         encryption

 

access control

 

·         managing the type and degree of access that a user has to a resource

 

spyware

 

·         software that is installed into a computer to gather and disseminate information about a user

 

social engineering

 

·         using direct person to person contact to extract information from a person that can lead to or provide direct access to secure data or assets

 

firewall

 

·         hardware or software based device to filter threatening incoming and outgoing ntwork traffic

 

Trojan horse

 

·         malicious software, disguised as another program, that entices a user to install or operate it

 

malware

 

·         any program that attempts to intrude, damage, or compromise data or hardware of a computer

 

dumpster diving

 

·         searching discarded documents and data to gather information that can be directly or indirectly used to compromise system security

 

anti malware

 

·         software that prevents attacks by a wide range of destructive, malicious, or intrusive programs

 

chain of custody

 

·         documentation showing the seizure, custody, control, transfer, analysis, and disposition of evidence

 

definition file

 

·         regularly updated data that is used to identify the unique characteristics that differentiate viruses

 

phishing

 

·         technique used to gather valuable information from a user through trickery

 

authentication

 

·         process to confirm the identity of a user

 

unauthorized access

 

·         entering an area or using a resource in any unapproved manner

 

incidence reporting

 

·         corporate policy to communicate any non standard computer symptoms and actions to higher authority for diagnosis and remediation

 

virus shield

 

·         software that attempts to prevent infectious programs from entering a computer or attach to an existing code

 

port triggering

 

·         router setting that opens a particular incoming port when it detects that a host is passing through traffic using a specified outgoing port

 

worm

 

·         self replicating malware that spreads to other computers

 

group policy

 

·         feature of windows to control the working environment of user and computer accounts

 

grayware

 

·         classification for applications that behave in an annoying or undesirable manner, but are not considered malicious or destructive

 

peer-to-peer network

 

·         any network without a central file server and in which all computers in the network have access to the public files located on all other workstations