csc final

DDoS

A (distributed) denial of service attack that targets websites and web servers with the intention of bringing the services they provide to a halt. If one host is involved in the attack, the attack is considered to be a DoS attack. If multiple hosts are involved, it is a DDoS attack.

Packet

Small units of data, transmitted on a network. Collected together, they compose some larger data, such as a document, a website, a movie, etc.

Site Certificate

A site certificate, also called a security certificate, is a small data file that is validated by a "certificate authority". It allows an organization to have a secure website.

Decrypt

Reverse the encryption process, making the data human-readable again.

Penetration Test

Performing a computer attack to evaluate the security of a system.

Forceful Browsing

When hackers can use their knowledge of a web server's directory structure to craft URL addresses and navigate to locations that are unreferenced and unlinked in a web site .

Virtual Machine

An emulation of a computer system.

Host

A computer, typically one on a network. A host can also be referred to as a machine or a system.

Hardening

In terms of computer science, hardening a system means to increase its security and reduce its vulnerabilities.

Attack Surface

The sum of all the vulnerabilities that allow unauthenticated users to attack a network. The smaller the attack surface, the more secure is the network.

Client

In a client-server model, a client is the device that is requesting information or services from a server on a network.

Abstraction

Abstraction is a very common concept in computer science and information technology; it means that a lot of the detail of a system or a process is hidden, allowing the user to focus on the details that are important for the task at hand.

Exploit

A piece of software or a sequence of commands that takes advantage of a vulnerability in a computer system to cause unexpected behavior to occur.

HTML tag

A code that defines every structure on an HTML page, such as text, images, and links. HTML tags begin with the less-than (

Comment

A note in a program that describes what the code is doing. Adding comments is very good programming practice, because it helps the reader of the program understand the code, especially when working on code with other people.

Cross-site scripting

A type of exploit in which the attacker inserts malicious client-side code into webpages to steal data, take control of a computer, run malicious code, or achieve a phishing scam.

Linux

An operating system similar in concept to the Windows OS but used more often to host routers and web servers.

LAN

A small local area network of computers and devices.

Routing Table

Data that is stored in a router in table format. It contains addresses of known networks (other routers), ones that have already been discovered and used. When a new, unknown network destination is discovered, the router will update its routing table.

Packet sniffer

Refers to the action of watching and analyzing network traffic at the packet level.

Packet Filtering

In network security, it allows or denies packets based on source and destinations addresses, ports, or protocols.

MAC Address

A media access control (MAC) addresses is unique numeric code that is assigned to networking hardware components (typically a network interface card or NIC) that is built into computers and mobile devices. The code is assigned by the manufacturer, includes their unique identification number, and never changes.

Front-end

A part of a process or system that is seen by the user and typically provides functionality to the user.

Back-end

A part of a process or system that is not seen by the user. It provides a supporting function on behalf of the main process.

Pcap file

A Wireshark data capture file that contains packet information of network traffic.

Hexadecimal

Often referred to as hex, hexadecimal is a base-16 number system. The extra digits are represented by the letters a through f, so all digits in hex are 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f. You can also see hex numbers in all capitals A through F.

OUI

The Organizationally Unique Identifier is the first half of the MAC address, designating the manufacturer of the network device. Each manufacturer has their own, individual OUI for each device they produce.

NIC

A network interface card is a physical component on a computer or device that provides connectivity to a network.

IEEE

The Institute of Electrical and Electronic Engineers. They are best known for developing standards in the computer and electronics industries.

Protocol

An agreed-upon method for communication.

TCP

Transmission Control Protocol used to establish and maintain connections over a computer network.

TCP Handshake

A three-way communication method using SYN (synchronize), SYN-ACK (synchronize=acknowledge), and ACK (acknowledge) to establish a connection between hosts.

TLS

Transport Layer Security is a security protocol that uses encryption at a lower level of abstraction.