Chapter 8 Securing Information Systems


The potential for unauthorized access is usually limited to the communications
lines of a network.

Large public networks, such as the Internet, are less vulnerable than internal
networks because they are virtually open to anyone.

Malicious software programs are referred to as badware and include a variety of
threats, such as computer viruses, worms, and Trojan horses.

A computer bacteriais a rogue software program that attaches itself to
other software programs or data files in order to be executed, usually without
user knowledge or permission.

Web 2.0 applications, such as blogs, wikis, and social networking sites such as
Facebook and MySpace, have are not conduits for malware or spyware.

A Trojan horseis a software program that appears threatening but is
really benign.

Keyloggersrecord every keystroke made on a computer to steal serial
numbers for software, to launch Internet attacks, to gain access to e-mail
accounts, to obtain passwords to protected computer systems, or to pick up
personal information such as credit card numbers.

A hackeris an individual who intends to gain unauthorized access to a
computer system.

The term “cracker”is typically used to denote a hacker with
criminal intent.

The term “cybervandalism” is the intentional disruption, defacement, or
even destruction of a Web site or corporate information system.

Computer crimeis defined as “any criminal activity involving the
copy of, use of, removal of, interference with, access to, manipulation of
computer systems, and/or their related functions, data or programs.”

Identity theft is a crime in which an imposter obtains key pieces of personal
information, such as social insurance numbers, driver’s licence numbers, or
credit card numbers, to impersonate someone else.

Pharming redirects users to a bogus Web page, even when the individual types
the correct Web page address into his or her browser.

One increasingly popular tactic is a form of spoofing called phishing.