We will learn about important terms in information security
Before that, we learn about the elements of information security:
CONFIDENTIALITY : Confidentiality
INTEGRITY: INTEGRITY AND CONTENT INTEGRITY
AVAILABILITY: Continuity of availability of information or service
The following is a set of important terms that are used in information and data security
Threat is the work environment or situation that may lead to a potential security breach.
Exploit the program or part of the program that takes advantage of a software error, bug, vulnerability or vulnerability that leads to hacking or illegal access
Local exploit requires pre-access to the system
Remote exploit works over the network and exploits security vulnerabilities and does not require prior access to the system
Spear Phishing is sent to specific and specific targets and is sent in a thoughtful manner and not randomly
Target of evaluation Targeting the system, program, or network in which this vulnerability is located.
Attack The attacks vary, some of which use hacking code, including voyeurism to steal passwords, including physical attacks.
Spam promotional messages are sent in bulk or to a large number of emails for the purpose of advertising
Phishing is also sent to large amounts of emails randomly for the purpose of stealing their bank accounts, credit cards or private passwords
Vishing is done by calling the victim's Voice Phishing phone
Zeroday Attack vulnerabilities that affect certain applications and the vulnerability is not widespread on the Internet and the company that owns the infected application has 0 days to issue a patch for the vulnerability before publishing it on the Internet
APT stands for Advanced Persistent Threat, which is for hackers who use advanced and advanced software that allows them to stay within companies' networks and devices for a very long time without being detected.
State Sponsored Attack are the hackers who work under the umbrella of the government and intelligence agencies of their country and are supported financially, strategically, numerically and informationally by those bodies
Targeted Attack is a hack that targets a specific company, but it does not target government agencies such as State Sponsored and the purpose of this hack is always to steal data from companies
A ransomware is a type of virus that makes your computer unusable or claims that you won't be able to continue using it until you pay a certain amount of money to restore it to its original state.
Social Engineering is the art of using skill and dexterity to deceive a person so that he voluntarily reveals confidential information or gives the attacker the opportunity to gain access to confidential information.
