3. α An action or event that might
compromise security. A threat is a
potential violation of security.
α A threat is an object, person, or
other entity that represents a
constant danger to an asset.
α A potential cause of an incident, that
may result in harm of systems and
organization.
α It is Noun.
4. α Vulnerability could be defined as ‚a
flaw or weakness in hardware, software
or process that exposes a system to
compromise‛.
α It is Adjective
α A vulnerability is that quality of a
resource or its environment that
allows the threat to be realized.
7. α Malicious code is the term used to
describe any code in any part of a
software system or script that is
intended to cause undesired
effects, security breaches or damage to
a system.
α It describes a broad category of system
security terms that includes attack
scripts, viruses, worms, Trojan
horses, backdoors, and malicious active
content.
8. α Malicious Code can take the form of:
1. Java Applets
2. ActiveX Controls
3. Scripting languages
4. Browser plug-ins
5. Pushed content
α Malicious Code can give a user remote
access to a computer.
α This is known as an application
backdoor.
9. α Phishing is an internet scam where the
user is convinced to give valuable
information.
α Phishing will redirect the user to a
different website through emails, instant
messages, spywares etc.
α Phisher offer illegitimate websites to
the user to fill personal information.
α The main purpose of phishing is to get
access to the customer's bank
accounts, passwords and other security
information
10. α Identity theft is a form of stealing
someone's identity in which someone
pretends to be someone else by assuming
that person's identity, usually as a
method to gain access to resources or
obtain credit and other benefits in that
person's name.
11.
12. α scammers may use spyware or some other
scam to obtain your credit card details.
α A scammer might steal or trick you into
telling them your security code (the
three or four digit code on your card)
and then make purchases over the internet
or the telephone.
α The purpose may be to obtain goods
without paying, or to obtain unauthorized
funds from an account.
13. α If they know your PIN, they could get
cash advances from an ATM using a
‘cloned’ credit card
α Between Nov. 27, 2013 and Dec. 15, 2013 a
breach of systems at Target Corporation
exposed data from about 40 million credit
cards. The information stolen included
names, account number, expiry date and
Card security code.
14. α Denial of service Attack (Dos)
α It is an attack through which a person
can render a system unusable, or
significantly slow it down for legitimate
users, by overloading its resources.
15. α Distributed Denial of service Attack
(DDos)
α On the Internet, a distributed denial-of-
service attack is one in which a
multitude of compromised systems attack a
single target, thereby causing denial of
service for users of the targeted system
16. α It is an attempt to make a machine or
network resource unavailable to its
intended users.
α Perpetrators of DoS attacks typically
target sites or services hosted on high-
profile web servers such as banks, credit
card payment gateways, and even root name
servers.
17. α It is a program that may be
unwanted, despite the possibility that
users consented to download it.
α UPs include spyware, adware, and
dialers, and are often downloaded in
conjunction with a program that the user
wants.
18. α vandalism is the act of editing the
project in a malicious manner that is
intentionally disruptive. Vandalism
includes the addition, removal, or other
modification of the text or other
material that is either
humorous, nonsensical, a hoax, or that is
of an offensive, humiliating, or
otherwise degrading nature.
19. α Spoofing is when an attacker pretends to
be someone else in order gain access to
restricted resources or steal
information. This type of attack can take
a variety of different forms; for
instance, an attacker can impersonate the
Internet Protocol (IP) address of a
legitimate user in order to get into
their accounts advantage.
α IP spoofing, Email Spoofing
20. α ‚Website spam or webspam is the term for
web pages that are designed by webmasters
to trick search engine robots and direct
traffic to their websites.
An armed bank robber is an example of a threat. A bank teller is an example of a valuable resource that may be vulnerable during a bank robbery. Bullet-proof glass between the robber and the teller denies the robber the opportunity to shoot the teller. The threat remains present, but one of its harmful effects (a gun shot) has been mitigated by a protection mechanism
Backdoors may be created with malicious intent, to gain access to confidential company or customer information. But they can also be created by a programmer who wants quick access to an application for troubleshooting purposes. They can even be created inadvertently through programming errors.
Phishing attacks can target the audience through mass mailing millions of email addresses around the world
TypesApplication FraudApplication takeover
Phishing attacks can target the audience through mass mailing millions of email addresses around the worldUse netcraft
Phishing attacks can target the audience through mass mailing millions of email addresses around the world
Phishing attacks can target the audience through mass mailing millions of email addresses around the world
Phishing attacks can target the audience through mass mailing millions of email addresses around the world
Phishing attacks can target the audience through mass mailing millions of email addresses around the world