Per favore, ruota il tuo smartphone.

Cracker, Honeypot, Zombie: Cybersecurity Glossary

honeypot cracker zombie

Cyber security is a daily topic in the news. Being a relatively new discipline, we have selected a sample of terms that will help veterans and rookies gain a better understanding of this topic.

For example “Security” and “Safety” may seem interchangeable. Yet “security” means the safety of people, organizations and assets; while “safety” refers instead to the act of prevention from any damage factors.

Access Control Mechanism: a range of security safeguards – that could include a combination of hardware and software features, physical controls, operating procedures, management procedures – designed to detect and deny unauthorized access and permit authorized access to an information system.

Active Cyber Defense (ACD): synchronized, real-time capability to discover, detect, analyze, and mitigate threats and vulnerabilities.

Advanced Encryption Standard (AES): A U.S. Government-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a cipher that can encrypt (encipher) and decrypt (decipher) information.

Attack: any kind of malicious activity that attempts to collect, disrupt, deny, degrade, or destroy information system resources or the information itself.

Authentication:1. Verifying the identity of a user, process, or device, often as a prerequisite to allowing access to resources in an information system. 2. A security measure designed to protect a communications system against acceptance of fraudulent transmission or simulation by establishing the validity of a transmission, message, originator, or a means of verifying an individual’s eligibility to receive specific categories of information.

Backdoor: an undocumented way of gaining access to computer system. A backdoor is a potential security risk.

Backup: a copy of files and programs made to facilitate recovery, if necessary.

Blended Attack: a hostile action to spread malicious code via multiple methods.

Certificate:a digitally signed representation of information that 1) identifies the authority issuing it, 2) identifies the subscriber, 3) identifies its valid operational period (date issued / expiration date).

Certificate Status Authority (CSA): a trusted entity that provides on-line verification to a relying party of a subject certificate’s trustworthiness, and may also provide additional attribute information for the subject certificate.

Cloud computing: a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.

Configuration control / Controllo della configurazione: process of controlling modifications to hardware, firmware, software, and documentation to protect the information system against improper modifications prior to, during, and after system implementation.

Cracker: is a term used to describe someone who broke into computer systems, bypassed passwords or licenses in computer programs, or in other ways intentionally breached computer security. The motivation could be malicious intent, profit or just because the challenge is there.

Cyber Attack: an attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.

Cybercrime: cybercrime is a crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Cybercrime may harm someone’s security and financial health.

Cybersecurity: cybersecurity is the act of protecting networks, devices, and data from unauthorized access or criminal use and the practice of ensuring confidentiality, integrity, and availability of information.

Data Integrity:The property that data has not been altered in an unauthorized manner. Data integrity covers data in storage, during processing, and while in transit. Data Integrity means that the data has not been changed, destroyed, or lost in an unauthorized or accidental manner. Data integrity covers data in storage, during processing, and while in transit. Data Integrity means that the data has not been changed, destroyed, or lost in an unauthorized or accidental manner.

Digital Signature: an asymmetric key operation where the private key is used to digitally sign data and the public key is used to verify the signature. Digital signatures provide authenticity protection, integrity protection, and non-repudiation (meaning that someone cannot deny the validity of the signature)

Firewall: a gateway that limits access between networks in accordance with local security policy.

Flooding: an attack that attempts to cause a failure in a system by providing more input than the system can process properly.

Honeypot: a system (e.g., a web server) or system resource (e.g., a file on a server) that is designed to be attractive to potential crackers and intruders, like honey is attractive to bears.

Incident: an occurrence that results in actual or potential jeopardy to the confidentiality, integrity, or availability of an information system or the information the system processes, stores, or transmits or that constitutes a violation or imminent threat of violation of security policies, security procedures, or acceptable use policies.

Information security: the protection of information and information systems from unauthorized access, use, disclosure, disruption, modification, or destruction in order to provide confidentiality, integrity, and availability. This is related to the agreed timeframe and the transfer of information across technologies.

Multi-level security (MLS): concept of processing information with different classifications and categories that simultaneously permits access by users with different security clearances and denies access to users who lack authorization.

Patch:a software component that, when installed, directly modifies files or device settings related to a different software component without changing the version number or release details for the related software component.

Penetration Test (Pen Test): a test methodology in which assessors, typically working under specific constraints, attempt to circumvent or defeat the security features of an information system.

Personal Identification Number (PIN): a secret that a claimant memorizes and uses to authenticate his or her identity. PINs are generally only decimal digits.

Privileged process: a computer process that is authorized (and, therefore, trusted) to perform security relevant functions that ordinary processes are not authorized to perform.

Risk Assessment Report (RAR): the report which contains the results of performing a risk assessment or the formal output from the process of assessing risk.

Risk Management / Gestione del rischio: the program and supporting processes to manage information security risk to organizational operations, organizational assets, individuals, other organizations, and includes: (i) establishing the context for risk-related activities; (ii) assessing risk; (iii) responding to risk once determined; and (iv) monitoring risk over time.

Safeguards / Salvaguardie: the protective measures prescribed to meet the security requirements (i.e., confidentiality, integrity, and availability) specified for an information system.

Social Engineering / Ingegneria sociale: a general term for attackers trying to trick people into revealing sensitive information or performing certain actions, such as downloading and executing files that appear to be benign but are malicious.

Spoofing: “IP spoofing” refers to sending a network packet that appears to come from a source other than its actual source.

Spyware: software that is secretly installed into an information system to gather information on individuals or organizations without their knowledge, a type of malicious code.

Threat assessment: process of formally evaluating the degree of threat to an information system or enterprise and describing the nature of the threat.

Trojan horse: a computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program.

Zombie: a program that is installed on a system to cause it to attack other systems.

Eight Twenty is the certified technology partner that simplifies the transformation and innovation process of companies. Thanks to the proprietary hardware and software, combined with the strength and flexibility of Business Process Management (BPM), the cloud and EDGE technology.
820 Eight Twenty delivers solutions with simplificity, security and time in mind. The contribution of Eight Twenty allows, thanks to technology, to stabilize and optimize processes, thus obtaining a series of activities and automations for continuous improvement.
Eight Twenty offers proven solutions, ranging from purchasing to billing departments, or develops tailor-made solutions together with customers and partners.