Study the 21 vocabulary terms below. Then continue to the activities.
- Biometric authentication
- Botnet
- Brute force attack
- CISO (Chief Information Security Officer)
- Compromise
- Credentials
- Cybersecurity specialist
- Data breach
- Exploit
- Joe job
- MFA (multi-factor authentication)
- Piggybacking
- Ransomware
- Replay attack
- Salami shaving
- Script kiddie
- Spoofing
- Tailgating
- Trojan horse
- Worm
- Zero-day
Noun (thing)
a method of identity verification using biological means such as fingerprinting, retinal scanning, or face recognition
Despite its convenience, biometric authentication is seen by many people as an intrusive and dehumanizing alternative to standard username and password verification.
Noun (thing)
a network of malware-infected computers ready to obey the commands of the perpetrator
Botnets can contain thousands of compromised machines, and are mainly used for spamming, and Denial of Service (DOS) attacks.
Noun (concept)
a popular cracking technique using both "raw speed" and "trial-and-error" to guess a user's password
The computer hacker stole the server's password file and then used a brute force attack to crack the password encryption algorithm.
Noun (person)
an executive-level position responsible for the integrity of all digital assets and routines
The CISO was instructed to develop a plan to prevent, detect, and recover from potential attacks at all 10 of the company's data centers.
Verb (infinitive)
to damage the integrity of something security-related, such as a computer system or a secret identity
Using weak passwords is a sure way to compromise your digital safety.
Noun (thing)
proof of specific identity such as keycard, photo identification, or password
Tailgating attacks work because people are often afraid or uncomfortable to ask others for their credentials.
Noun (person)
a senior IT role responsible for protecting computer networks, nodes, and data from unauthorized access
When the company fell victim to a bitcoin ransomware attack, they called in a cybersecurity specialist to help them recover their data.
Noun (thing)
when sensitive internal data is exposed by hackers
Data breaches are dangerous because hackers can gain access to sensitive data such as credit cards, home addresses, receipts, and passwords.
Verb (infinitive)
to use something or someone unfairly
In the 1990's even amateur hackers could exploit security holes in Windows 95 to quickly compromise a remote machine.
Noun (thing)
an attack designed to harm the reputation of a third party
Joe jobs do not directly benefit the perpetrator— they are mainly tools of revenge, misguided pranksters, or blackmail artists.
Noun (thing)
a method where a user must perform two or more consecutive steps in order to prove their identity
All banking websites should implement MFA techniques such as Digipass, FaceID, or some other form of OTP in order to reduce fraud caused by weak passwords.
Verb (present tense)
closely following an authorized person (with their knowledge) in order to gain access to a secure area
When a tailgating attack fails there may be an attempt to compromise an employee and then perform a piggybacking attack.
Noun (thing)
a potentially costly and catastrophic form of malware which encrypts its victim's hard drive and then demands money to un-encrypt it
In 2021 there were more than 2,000 ransomware attacks reported to the FBI, some demanding as much as $50 million.
Noun (thing)
an attack where an authorization routine or other technique is maliciously recorded and then run by another user
Replay attacks can be prevented by tagging login attempts with a quickly expiring session ID or token.
Noun (thing)
a type of computer fraud where very small amounts of money are stolen repeatedly over a period of time
In the movie Office Space, the character Michael Bolton creates a salami shaving virus as an act of revenge when he gets fired.
Noun (person)
an amateur hacker who uses well-known cracks simply to gain the attention of their peers
Although script kiddies may only possess half the cracking knowledge of their elite peers, they can still do a lot of damage to unpatched servers.
Verb (present tense)
using fake data such as email headers or IP addresses in order to appear as legitimate
As many popular Internet protocols are still vulnerable to spoofing attacks, the general rule of programming is still: "trust nothing".
Verb (present tense)
closely following an authorized person (without their knowledge) in order to gain access to a secure area
The spy agency hired a young thief for a tailgating attack where she would follow a man into a datacenter and steal a laptop.
Noun (thing)
an innocent looking program acting as a decoy for malware hidden inside it
The company's annual security audit revealed that their new groupware calendar app was actually a trojan horse allowing their main competitor to access sensitive data.
Noun (thing)
a type of malware that can infect a host and even spread without any interaction by the end user
The boy was completely unaware that a simple picture attached to an email could contain a worm designed to steal passwords.
Adjective
describing a brand new or previously unknown software vulnerability
Stuxnet was a computer worm that used multiple zero-day exploits to infiltrate Iranian nuclear enrichment facilities and sabotage their centrifuges.