ITM 100 Final Exam Review By: Omar Q o Identity theft – the forging of someone’s identity for the purpose of fraud o Phishing – a technique to gain personal information for the purpose of identity theft, usually by means of fraudulent e-mail  Tokens and Smart Cards o Smart cards and tokens are more effective than a user ID and a password.  Tokens – Small electronic devices that change user passwords automatically.  Smart card – A device that is around the same size as a credit card, containing embedded technologies that can store information and small amounts of software to perform some limited processing.  Biometrics o This is by far the best and most effective way to manage authentication.  Biometrics – The identification of a user based on a physical characteristic, such as a fingerprint, iris, face, voice, or handwriting. o Unfortunately, this method can be costly and intrusive.  Prevention and Resistance o Downtime can cost an organization anywhere from $1000$1 million/hour o Technologies available to help prevent and build resistance to attacks include  Content filtering, Encryption, Firewalls  Content Filtering o Content filtering - prevents emails containing sensitive information from transmitting and stops spam and viruses from spreading. o Spam – is a form of unsolicited email.  Encryption o Encryption—is a method of transforming a message into an alternative form that requires a key or password to make it readable. o Public key encryption (PKE)—is a method where the key to scramble the message is known to everyone but the key to unscramble it is held by the recipient only.  Firewalls o One of the most common defenses for preventing a security breach is a firewall o Firewall – Hardware and/or software that guards a private network by analyzing the information leaving and entering the network  Detection and Response o If prevention and resistance strategies fail and there is a security breach, an organization can use detection and response technologies to mitigate the damage o Antivirus software is the most common type of detection and response technology.  Hackers

ITM 100 Final Exam Review By: Omar Q o Hackers—are experts in technology who use their knowledge to break into computers and computer networks, either for profit or just motivated by the challenge  Black-hat hacker  Cracker  Cyber terrorist  Hactivist  Script kiddies or script bunnies  White-hat hacker  Computer viruses and worms o Virus—malicious software that spreads from computer to computer by a user activating the file in which it resides.  Backdoor program, Denial-of-service (DoS), distributed denial-of-service (DDoS), Polymorphic virus, Trojan-horse virus o Worm—a type of malicious software that spreads across networks and does not need a user to activate it.