Leon Reznik

Intelligent Security Systems


Скачать книгу

Cyber crime Criminal activities carried out by means of computers or the Internet. 1.1 Ex. 5.2 Hacker Unauthorized user who attempts to or gains access to an information system. NIST SP 800‐12 5.1 Ex. 5.1, 5.2 Malware Hardware, firmware, or software that is intentionally included or inserted in a system for a harmful purpose. NIST SP 800‐12 4 Adware Software that automatically displays or downloads advertising material (often unwanted) when a user is online. 4.2.6 Ex.4.11 Botnet Attack conducted with the help of more traditional malware types, such as worms and Trojans. 4.2.9 Ex.4.15, 4.16, Ransomware Type of malware, which prevents users from accessing their system functionality or data, either by locking the system's screen or by locking the users' files unless a ransom is paid. 1.3, 4.2.7 Ex. 1.3, 1.4, 4.12, 4.13 Rootkit A set of tools used by an attacker after gaining root‐level access to a host to conceal the attacker’s activities on the host and permit the attacker to maintain root‐level access to the host through covert means. NIST SP 800‐150 4.2.8 Ex. 4.14 Spyware Software that is secretly or surreptitiously installed into a system to gather information on individuals or organizations without their knowledge; a type of malicious code. NIST SP 800‐12 1.3 4.2.5 Ex.4.10 Trojan horse A computer program that appears to have a useful function, but also has a hidden and potentially malicious function that evades security mechanisms, sometimes by exploiting legitimate authorizations of a system entity that invokes the program. NIST SP 800‐12 4.2.4 Ex.4.9 Virus A computer program that can copy itself and infect a computer without permission or knowledge of the user. A virus might corrupt or delete data on a computer, use email programs to spread itself to other computers, or even erase everything on a hard disk. NIST 800‐12 4.2.2 Ex. 4.3, 4.4, 4.5, 4.6 Worm A computer program that can run independently, can propagate a complete working version of itself onto other hosts on a network, and may consume computer resources destructively. NIST 800‐82 4.2.3 Ex.4.1, 4.2, 4.7, 4.8 Risk The risk to organizational operations (including mission, functions, image, reputation), organizational assets, individuals, other organizations, and the Nation due to the potential for unauthorized access, use, disclosure, disruption, modification, or destruction of information and/or a system. NIST 800‐12 1.3 Spam Electronic junk mail or the abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages. NIST 800‐12 4.3 Threat Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, individuals, other organizations, or the Nation through a system via unauthorized access, destruction, disclosure, modification of information, and/or denial of service. NIST 800‐12 1.2 Destruction The process of overwriting, erasing, or physically destroying information (e.g. a cryptographic key) so that it cannot be recovered. NIST 800‐88 Disclosure Divulging of, or provision of access to, data. NISTIR 8053 Unauthorized access A person gains logical or physical access without permission to a network, system, application, data, or other resource. NIST 800‐82 1.3 Ex. 5.2 Vulnerability Weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source. NIST 800‐53 4.4. Ex. 4.17, 4.18 Defense Computer security or Cybersecurity The ability to protect or defend the use of cyberspace from cyberattacks. NISTIR 8170 under Cybersecurity CNSSI 4009 1.1 Computer security policy Security policies define the objectives and constraints for the security program. Policies are created at several levels, ranging from organization or corporate policy to specific operational constraints (e.g. remote access). In general, policies provide answers to the questions “what” and “why” without dealing with “how.” Policies are normally stated in terms that are technology‐independent. NIST 800‐82