The stack overflow loses its charm

Internet, cyber and IT security from A-Z: Current terms briefly and simply explained - For work, study and private life [2. Ed.] 9783662609101, 9783662609118

Table of contents:
Front Matter .... Pages I-X
Introduction (Ron Porath) .... Pages 1-4
Front Matter .... Pages 5-5
0–9 (Ron Porath) .... Pages 7-8
A (Ron Porath) .... Pages 9-32
B (Ron Porath) .... Pages 33-49
C (Ron Porath) .... Pages 51-73
D (Ron Porath) .... Pages 75-94
E (Ron Porath) .... Pages 95-106
F (Ron Porath) .... Pages 107-117
G (Ron Porath) .... Pages 119-127
H (Ron Porath) .... Pages 129-143
I (Ron Porath) .... Pages 145-163
J (Ron Porath) .... Pages 165-167
K (Ron Porath) .... Pages 169-176
L (Ron Porath) .... Pages 177-184
M (Ron Porath) .... Pages 185-201
N (Ron Porath) .... Pages 203-211
O (Ron Porath) .... Pages 213-221
P (Ron Porath) .... Pages 223-248
Q (Ron Porath) .... Pages 249-254
R (Ron Porath) .... Pages 255-268
S (Ron Porath) .... Pages 269-310
T (Ron Porath) .... Pages 311-319
U (Ron Porath) .... Pages 321-329
V (Ron Porath) .... Pages 331-338
W (Ron Porath) .... Pages 339-349
X (Ron Porath) .... Pages 351-352
Y (Ron Porath) .... Pages 353-354
Z (Ron Porath) .... Pages 355-360
Front Matter .... Pages 361-361
SPECIAL TOPIC “Calling up an HTTPS website” (Ron Porath) .... Pages 363-364
SPECIAL TOPIC “Email Encryption. Free. Easy to set up and use. ”(Ron Porath) .... Pages 365-367
Tips and tricks for your own IT security (Ron Porath) .... Pages 369-373
ASCII table (Ron Porath) .... Pages 375-378
HTTP Status Code Definitions (Ron Porath) .... Pages 379-380
RegEx overview (Ron Porath) .... Pages 381-381
Markdown Overview (Ron Porath) .... Pages 383-383

Citation preview

Ron Porath

Internet, cyber and IT security from A to Z. Current terms briefly and simply explained - for work, study and private life

2nd Edition

Internet, cyber and IT security from A – Z

Ron Porath

Internet, cyber and IT security from A – Z Current terms briefly and simply explained - For work, study and private life 2nd edition

Ron Porath Wettswil, Switzerland

ISBN 978-3-662-60910-1 ISBN 978-3-662-60911-8 (eBook) https://doi.org/10.1007/978-3-662-60911-8 The German National Library lists this publication in the German National Bibliography; detailed bibliographic data are available on the Internet at http://dnb.d-nb.de. The first edition of the book was self-published by Amazon in 2018 with the title “DICTIONARY Cyber ​​and Information Security: 350 technical terms translated into English and German”. © Springer-Verlag GmbH Germany, a part of Springer Nature 2020 The work including all its parts is protected by copyright. Any use that is not expressly permitted by copyright law requires the prior consent of the publisher. This applies in particular to copying, editing, translation, microfilming and saving and processing in electronic systems. The reproduction of generally descriptive designations, brands, company names etc. in this work does not mean that they can be freely used by anyone. The authorization for use is subject to the rules of trademark law, even without separate notice. The rights of the respective owner of the mark are to be observed. The publisher, the authors and the editors assume that the details and information in this work are complete and correct at the time of publication. Neither the publisher, nor the authors or editors, expressly or implicitly, guarantee the content of the work, any errors or statements. The publisher remains neutral with regard to geographical assignments and territorial designations in published maps and institutional addresses. Planning / editing: Martin Börger Springer Vieweg is an imprint of the registered company Springer-Verlag GmbH, DE and is part of Springer Nature. The company's address is: Heidelberger Platz 3, 14197 Berlin, Germany

If we fail to protect our devices and conduct our online activities carefully, the question is not if, but when, our own data falls into the wrong hands.

For all the many people for whom knowledge is important.

Table of Contents

1 Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Part I Terms from 0–9, A – Z 2 0–9. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 3 A.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 4 B.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33 5 C.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 6 D.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 7 E.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95 8 F. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 9 G.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119 10 H.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129 11 I.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145 12 y. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165 13 K.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169 14 L.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177 15 M. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185 16 N. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 17 O. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213 18 P. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223 19 Q. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249 IX

X

Table of Contents

20 R. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 21 p. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269 ​​22 T. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311 23 U. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321 24 V. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331 25 W.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339 26 X.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351 27 Y.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353 28 lines. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355 Part II Appendix 29 SPECIAL TOPIC “Calling up an HTTPS website”. . . . . . . . . . . 363 30 SPECIAL TOPIC “E-Mail Encryption. Free. Easy to set up and use. ”. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365 31 tips and tricks for your own IT security. . . . . . . . . . . . . . . . . . . . . . . . 369 32 ASCII table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375 33 HTTP status code definitions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379 34 RegEx overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381 35 Markdown Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383

1

introduction

Digitization is making great strides. Each of us is part of it and we benefit in many areas of our lives. Starting with apps on cell phones that tell us when we will arrive at home, to personal, digital assistants who seem to know when we want to listen to which music, to the smart home, which only switches on the light when light is needed. Isn't that wonderful !? This current standard book with over 2600 terms on the Internet, IT in general and cyber and IT security in particular offers simple, short and understandable explanations and summaries of the abbreviations, functions and risks of these new digital possibilities. It offers a good first understanding of the current terms of everyday life, professional and private, without having to read long texts. For most readers of this book, the explanations it contains will be sufficient to carry on with their actual work. People who need additional, more detailed information can then find it on the Internet and understand it more quickly using the explanations in this book. New and future important Internet technologies such as HTTPS and Wi-Fi6 found their way into this lexicon, as well as terms relating to quantum computers and artificial intelligence. Readers will also find details about ransomware, Trojans, and Bitcoin, as well as common abbreviations used on social media and messengers. Experts can also discover explanations for Azure Information Protection, scrypt, Markdown, Qubit, Blockchain and SChannel. The definitions described in this book were always selected with the idea of ​​explaining to the reader the most important terms of their private, university, school and professional IT everyday life, pointing out the dangers and offering possible protective measures. This should enable the user on his PC at home on the one hand, and also the employee in the company and the professional in an IT function to quickly gain an understanding of relevant terms. © Springer-Verlag GmbH Germany, part of Springer Nature 2020 R. Porath, Internet, Cyber ​​and IT Security from A – Z, https://doi.org/10.1007/978-3-662-60911-8_1

1

2

1 Introduction

This book does not attempt to compete with online encyclopedias such as the ingenious Wikipedia, but to complement it. In contrast to internet-based lexicons, this book presents the terms linearly, briefly, without scrapping and from a single source, so that the reader understands a term of his everyday life within a few seconds without having to read long texts or find relevant websites. The interested reader who is looking for additional, in-depth information on the terms searched for, is warmly recommended to Wikipedia, which also helps the author of this book.

1.1 Instructions for use The order of the terms in this book corresponds to the German alphabet, hyphens, slashes, punctuation and spaces are not regarded as separate characters. Some longer, compound terms have been separated by a hyphen to make them easier to read and find, for example "software development" instead of "software development". If terms have several common meanings, these are separated with 1)…, 2)… etc. In order not to interrupt the flow of reading, as in many other lexicons, arrows for references to other terms have not been used. However, the reader can easily find these terms at the appropriate place in the book. Many English terms are used in everyday Internet and IT and have therefore been included in this book. If their German translations are also familiar, the English words refer to the German detailed explanations, otherwise the English terms contain their own explanations. See example A. Example A HONEYPOT Exercise. HONEY POT HONEY POT 1) File with an interesting sounding name intended to attract hackers. If hackers then access this file, control over the hacker's computer can be obtained in the best case scenario. 2) Virtual replica of a real network, e.g. an industrial plant, a waterworks or a power plant. If a hacker attacks the supposed network, the attacker can be observed and traced. Terms that only have a synonym or a translation as an explanation are used under the synonym resp. explained in more detail in the translation. See example B.

1.1 Instructions for use

3

Example B ONE-WAY FUNCTIONS Disposable functions. Syn. To trapdoor functions ONE-WAY FUNCTIONS Syn. To trapdoor functions. Mathematical calculations that can be carried out quickly, but deliver results that can only be calculated back with a lot of effort. Such functions are used in the computation of asymm. Encryption used. Two large prime numbers are multiplied with one another. The product obtained in this way can only be broken down into the two prime numbers again with a great deal of computing effort. Abbreviations of terms refer to the detailed notation, under which detailed explanations of terms can be found. See Example C. Example C DRM Abbreviation for Digital Rights Management DIGITAL RIGHTS MANAGEMENT [DRM] 1) Ugs. For programs and systems for the protection of information. This protection is more precisely called “Information Rights Management” (IRM). 2) Software solutions to avoid pirated copies of digital products such as software, books, music. Abbreviations aba. also known as Abbreviation Abbreviation Current Time of printing of this book gen. general Num. Number of app. Application, software, program, system asymm. asymmetrical or approx. approx. cm centimeters engl. English etc. et ceterea (Latin), and the others possibly especially in particular

4

including at least million million PC personal computers, general computers resp. respectively so-called so-called symm. symmetric Syn. Synonym System IT system, computer, PC, device, infrastructure, trans. Translation colloquial, etc. and so on, among others. among others, and other (s) and the like. and the like u. u. and vice versa v. a. especially z. B. for example z. T. partly z. Currently

1 Introduction

Part I Terms from 0–9, A – Z

2

0–9

1FA Abbreviation for one-factor authentication, one-factor authentication 2D Abbreviation for two-dimensional 2FA Abbreviation for two-factor authentication, two-factor authentication 2-FACTOR-AUTHENTICATION [2FA]. Two-factor authentication 2-STEP VERIFICATION [2SV] Exercise. 2 step review. Syn. To 2FA 2SV Abbrev. For 2-Step Verification 3D Abb. For three-dimensional 3DES Syn. To Triple-DES, DESede. Encryption algorithm. Successor to DES. In mathematical terms, encryption takes place, followed by “decryption” with another key and finally renewed encryption with another key (Encrypt-Decrypt-Encrypt). © Springer-Verlag GmbH Germany, part of Springer Nature 2020 R. Porath, Internet, Cyber ​​and IT Security from A – Z, https://doi.org/10.1007/978-3-662-60911-8_2

7

8

2 0–9

3-D SECURE International security standard for credit card transactions. Not only information is used that is noted on the credit card, but also secret information that is only known to the owner, such as. B. a password. 404 NOT FOUND One of the HTTP standard error messages. This HTTP status code means that the website, the URI or the resource was not found (see the list of HTTP status codes in the appendix in chapter 33). 4K Abbreviation for 4K resolution, i. H. a horizontal image resolution of approx. 4000 pixels. Most televisions and computers use a resolution of 3840 × 2160 ("4K UHD"). 51% ATTACK Attack on a blockchain by attackers who have more than 50% computing power of all those involved in blockchain mining and can thus change transactions. 802.11 Abbreviation for IEEE 802.11

3

A.

AAA Abbreviation for Automated Active Attack AAD Abbreviation for Azure Active Directory AADRM 1) Original, unofficial abbreviation for Microsoft Azure Active Directory Rights Management. 2) PowerShell module for Microsoft Azure Rights Management. ABANDONED WEB APPLICATIONS Abandoned web software. Old, still installed, but no longer managed, but possibly still accessible web applications and websites. These pose a risk, as they often contain outdated, out-of-date software that can be a gateway for hackers. QUERY-ANSWER-AUTHENTICATION Syn. To Challenge-Response Authentication. Authentication method of a user on a system or generally between two parties, based on shared knowledge, also called shared secret. Party A gives party B a task to solve.Since party B knows the solution and can respond, party B can use it to authenticate with party A.

© Springer-Verlag GmbH Germany, part of Springer Nature 2020 R. Porath, Internet, Cyber ​​and IT Security from A – Z, https://doi.org/10.1007/978-3-662-60911-8_3

9

10

3 A

BUGGING A method of intercepting sensitive data in order to exploit it with dishonorable intentions. The types of eavesdropping are varied, mostly in the form of tapping telephone or internet lines, physical or digital. ABNORMAL BEHAVIOR Syn. To abnormalities. Term for irregularities in the operation of systems. Anomalies in logs can be an indication of manipulation. DEFENSE OF CYBER-ATTACKS Procedures within companies and, on a smaller scale, also by private individuals to ward off cyber-attacks. Defense usually takes place in four ways: a) Constant or selective analysis of systems, software or network traffic to identify abnormalities and weak points. b) Continuous protection of systems, e.g. B. using anti-virus software. c) Detection of attacks, e.g. B. by seamless monitoring of the online activities of the users by anti-malware tools. d) Correct response to attacks, e.g. For example, by disconnecting the attacked system from the network in order to prevent further spread of malware. AC Abbreviation for Access Control ACCESS CONTROL [AC]. Access control ACCESS CONTROL LISTS [ACL] Access lists ACCESS MANAGEMENT (Eng.) Access management ACCESS REVIEW (Eng.) Verification of access rights. Regular process in companies with the aim of checking the access rights of employees to the various resources (computers, networks, servers, applications, etc.) and then either extending or withdrawing these access rights. In larger companies, the "need-to-know" principle is taken into account and only those access rights are kept active that are currently necessary for the current activity of the employee.

3 A

11

ACCESS TOKEN Access object. Hardware or software containing information about the user, such as his identity and his access rights in the current context, e.g. B. within a website. In many systems, a software access token is created once the user's password has been entered and verified. Every resource called up by the user in the same context receives this access token to check the user rights. ACCIDENTAL DISCLOSURE OF INFORMATION Accidental, unintentional disclosure of information. ACCIDENTAL LOSS (Eng.) Accidental loss, e.g. B. of information. This can happen, for example, through hardware errors on the hard drive or through malware. ACCOUNT (Eng.) ACCOUNT ACCESS account Access to an online or system account ACL Abbreviation for Access Control Lists ACTIVE DIRECTORY [AD] Term used by Microsoft for Windows server-based personal, group and infrastructure directories in networks. The data contained therein is used for the authentication and authorization of users and resources in Windows applications and for the central administration of the network. ACTIVE DIRECTORY DOMAIN SERVICES [AD DS] Main component of Active Directory for the administration of domain controllers and resources. ACTIVE DIRECTORY FEDERATION SERVICES [ADFS] Software for providing single sign-on for Windows servers. This enables login and application security through distributed (connected) identities of the users across multiple systems.

12

3 A

ACTIVE DIRECTORY GROUP [AD GROUP] Syn. To Windows Security Group. Such groups are virtual containers for user or computer objects. By combining them in a group, all users or computers contained therein can be assigned the same access rights. ACTIVE DIRECTORY RIGHTS MANAGEMENT SERVICES [ADRMS] Client-server-based software solution from Microsoft to apply Information Rights Management, i. H. for encryption and the restriction of usage rights for files and e-mails. Syn. To Active Directory Rights Management System ACTIVE DIRECTORY RIGHTS MANAGEMENT SYSTEM [ADRMS] (engl.) Server-client solution developed by Microsoft for the encryption and decryption of e-mails and Office documents within the Windows environment as well as for assigning rights to them encrypted emails and documents. This ensures that, for example, an e-mail cannot be forwarded or that an encrypted document cannot be read by anyone outside the company who cannot receive a digital key and thus no authorization for decryption from the server. ADRMS builds on the original Rights Management System (RMS) for Windows Server. It is used in large and small companies to prevent data loss and protect intellectual property. ACTIVE SETUP Active setup. Windows method for copying values ​​from the registry database from HKLM to HKCU and making them available to the user when the user logs on or when starting an application. ACTIVEX CONTROLS software that is loaded and executed within Internet browsers on Windows systems and consists of compiled machine code, in contrast to JavaScript programs, for example, which are interpreted in Internet browsers at runtime. AD 1) Abbreviation for Active Directory. 2) Abbreviation for advertisement, trans. Advertising. ADBLOCKER Ad blocker ADDITIONAL DECRYPTION KEY [ADK] Additional decryption key. Emergency key to be able to decrypt data in case the master key is lost or becomes unusable. Sometimes ADKs are also installed as back doors to gain access to the data, even without having the master key.

3 A

13

ADDRESS RESOLUTION PROTOCOL [ARP] Data transfer protocol in a local network. This is used to assign MAC addresses to the individual devices within the network. AD DS Abbreviation for Active Directory Domain Services ADFS Abbreviation for Active Directory Federation Services AD GROUP Abbreviation for Active Directory Group ADK 1) Abbreviation for Additional Decryption Key. 2) Abbreviation for Windows Assessment and Deployment Kit. ADMIN ACCESS (Eng.) Admin access ADMIN ACCOUNT (Eng.) Admin account ADMINISTRATION Activities of an administrator on systems, mostly within an internal network. ADMINISTRATOR Person who provides, updates and maintains one or more computers or networks. For this, the administrator needs secure admin access to a special admin account, which provides him with the required extended access rights on the system or systems and the files and resources contained therein. Ugs. Every authorized user of the admin account is referred to as an administrator. ADMINISTRATOR GROUP A user group account usually available on systems, which was created when the operating system was installed and which gives members of this group local admin rights for the system. ADMIN ACCOUNT User account of a system administrator. Extended access rights are assigned to this account in order to give the administrator the ability to maintain and provision the systems in the network.

14

3 A

ADMIN ACCESS In order to carry out installations, settings or maintenance on private computers or in centrally managed computer systems, for example in companies, the administrator logs on to the specially available admin account and thus receives extended access rights. This login enables him to use extended modification rights to manage the computer (s). Because of these extended change rights, with which, among other things, protective measures can be switched off, the admin passwords are popular targets of attack by hackers and must be protected as well as possible. ADOBE FLASH PLAYER Software from Adobe for playing multimedia content in web browsers. Due to some Flash Player attacks in recent years, some sites and web browsers are blocking Flash content from running. ADRMS Abbreviation for Active Directory Rights Management System, Active Directory Rights Management Services. ADVANCED ENCRYPTION STANDARD [AES] (English) Cryptographic algorithm to protect sensitive information. This is used in many products, e.g. in WPA2 with Wi-Fi, with SSH and with Skype. AES is a symmetrical encryption method, so it uses the same key for encryption and decryption. It is based on a block cipher calculation in which several characters are encrypted at the same time. CPUs are now equipped with special functions for AES so that encryption and decryption can be carried out more quickly. If the expected development of quantum computers is taken into account, AES is considered to be secure against quantum computer attacks for data that will be created up to approx Quantum computers will quickly be possible. This is in contrast to asymm. Algorithms in which the key consists of the multiplication of prime factors and which can be factored quickly with quantum computers by around 2030. ADVANCED PERSISTENT THREAT [APT] Secretly conducted, extensive and continuous hacking attacks carried out by a person or a group of people against a system. Often such APTs are carried out by state-controlled groups of hackers.

3 A

15

example

Examples of advanced persistent threat methods: Privilege Escalation, Lateral Movement, Data Exfiltration. ADVANCED RANSOMWARE INTRUSION Extensive ransomware attack ADVANCED SPEAR PHISHING ATTACK Fraud attack via e-mail or other electronic communication, which occurs on the basis of collected, personal information about certain people, organizations or selected companies. This personal data can be used to simulate familiarity and thus achieve a high success rate in phishing in order to gain unauthorized access to sensitive information. ADWARE (Eng.) Software that displays advertisements. AES Abbreviation for Advanced Encryption Standard AFAIK Abbreviation for "As far as I know" used in SMS, Internet comments, Internet forums and in social media. "As far as I know". AGENT 1) Abbreviation for software agent. 2) Abbreviation for hardware agent. AGENT FORWARDING Method used in SSH to establish access to more than one server without having to re-enter the password for the protected private key. The client and server authentication to the additional servers takes place on the basis of prior authentication on the first server. AGILE MODEL Exercise Agile project method AGILE PROJECT METHOD Dynamic project procedure method in which all phases of development are carried out several times, e.g. once every two weeks or once a month, including requirements definition, design, development, validation and implementation. The aim is the quick delivery of the first results and the quick inclusion of change requests from future users.

16

3 A

AGILE SOFTWARE DEVELOPMENT Project method that enables faster development cycles to be carried out and the first functions to be offered to users at an early stage. Involving users reduces the risks in the development process and increases user satisfaction. AGNOSTIC Syn. Too independent, imperceptible. For example, a browser-agnostic solution is a website that runs on all Internet browsers. AI Abbreviation for Artificial Intelligence AIA Abbreviation for Automatic Information Exchange AIM Abbreviation for AOL Instant Messenger AIOPS Abbreviation for Artificial Intelligence for IT Operations AIP Abbreviation for Azure Information Protection AI SECURITY Abbreviation for Artificial Intelligence Security. Processes and software products for data security based on artificial intelligence methods. ACTIVE ATTACK Attack in which systems or files are manipulated. ACOUSTIC COUPLER Device used in the 1970s and 1980s to transmit digital data via the receiver of an analog telephone. ALERT Alarm, warning ALEXA Amazon's virtual assistant, which is used in products such as Amazon Echo and Amazon Echo Dot. The name is based on the library of Alexandria.

3 A

17

ALGORITHM A sequence of mathematical operations applied to data. For example, the steps to be performed to add two numbers describe a simple algorithm. Encryption algorithms use mathematical processes to transform plain text into secret text. In combination with large amounts of data, algorithms are used for climate prediction, purchase recommendations and much more. ALIAS (Eng.) Pseudonym, deputy. Example: To address the servers behind a load balancer, the address of the load balancer is used as an alias for the addresses of the individual servers. ALTAVISTA search engine for websites. It was operated from December 1995 to July 2013. OLD, NO LONGER MANAGED WEB APPLICATION Previously used software, possibly replaced by newer applications, which is no longer kept up-to-date, but is still stored on the system and can be called up. This is a growing security problem for companies and hosting providers. Syn. To App-Leiche. AMA Abbreviation for Authentication Mechanism Assurance AMAZON WEBSERVICES [AWS] Amazon's cloud computing and cloud service offering. This is rented by many companies for their online services. AMERICAN STANDARD CODE FOR INFORMATION INTERCHANGE [ASCII] Standardized character coding for data processing and data exchange. Originally defined from 128 different 7-bit values, later expanded to 256 different 8-bit values, by 128 resp. To be able to use 256 different, clearly defined letters, numbers and special characters in different programs and systems (see ASCII table in the appendix under Tab. 32.1). ANATOVA Malicious software in the form of ransomware CHANGING A CRYPTOGRAPHIC KEY Section in the life cycle of cryptographic keys. When a cryptographic key is changed, properties of the key, e.g. the key

18

3 A

length, changed and the public key republished. This is not possible for every key type, so that the current key may have to be canceled and a new one created with the properties to be changed. See additional details under the term key. REQUEST FOR CERTIFICATE SIGNING Electronic request to a certification authority (CA) for the creation of a new, signed certificate. To do this, the applicant first creates a pair of private and public keys on his system and from this a precisely specified digital form file (“CRS file”) which contains the public key. This is sent to the CA, which checks the CRS file and thus the identity of the applicant or the system. If the check is positive, the CA sends back the signed certificate to the applicant. ATTACK Syn. To attack. Method of gaining access to computers, cell phones, computer networks or online accounts. The attackers are mostly concerned with data theft, identity theft or the crippling of systems and websites, for example by means of automatic mass inquiries (DDoS attack). Possible attack methods include hacking and using stolen passwords, stealing login data (“phishing”) by imitating real websites, or injecting malware into weakly secured routers, webcams or temperature controllers. ATTACK DETECTION SYSTEM Syn. To Intrusion Detection System. System for detecting attacks against computers and networks. Such a detection system can be used on all computers in the network or as a sensor within the network traffic. A combination of both methods is also used. ATTACK SURFACE Syn. To attack surface. The entirety of all attack options that allow a hacker to access a system or its data. ATTACK POINT Syn. To Attack Vector. Possibility of attack that allows a hacker to access a system or data. APPENDIX Abbreviation for e-mail attachment. File that is sent with an email text. Since e-mail attachments can contain macros, viruses and other malware, if the attachment is opened carelessly, there is a risk of impairing your system and other systems, as is the case with the “IloveYou” virus, for example.

3 A

19

LOGIN DATA Login data is used to log in to a system, program or online service. Examples: Username with password, digital certificate, etc. LOGIN DATA MEMORY Syn. To safe and password manager. Database on operating systems such as Android, Windows and iOS, in which login data, i.e. user names with passwords or certificates, are stored. By logging on to an operating system or directly to the login data store, this safe is opened and subsequently relieves the user of the task of having to re-enter the login data each time he logs on to applications and other systems. LOGIN METHODS Methods with which users log on to a system, an application or an online service. The most common methods are entering a user name with a password, using a smart card with a PIN or using an authenticator application with a master password.LOGIN Action taken by a user after starting or reactivating a computer, mobile phone, or online service in order to gain access to their account or the system. The combination of username and password is usually used, or the more secure 2FA. CANCELLATION OF A CRYPTOGRAPHIC KEY Section in the life cycle of cryptographic keys. In the event of cancellation, a previously used key will be declared invalid. See additional details under the term key. ANOMALIES Conspicuousness and abnormal behavior ANONYMIZATION Abbreviation for data anonymization. ANONYMITY Situation and behavior in which a person cannot be identified. The Internet allows seemingly anonymous behavior, but data is usually transmitted unnoticed, such as the IP address of the computer user.

20

3 A

ANONYMIZATION (Eng.) Data anonymization ANONYMIZED DATA Anonymized data ANONYMOUS Anonymous. In IT, a user is called anonymous if he or she uses guest or anonymous access and therefore does not reveal or have to reveal his or her identity. No user names and passwords are used and no authentication takes place. Users who are logged on anonymously usually assign limited guest access to systems, with which at least public information that is on the system or accessible from it can be viewed or downloaded. For example, public keys can be downloaded and installed anonymously as they do not contain any secret data. Product providers also often offer operating instructions for their products on their website without the user having to register. ANSI 1) Abbreviation for American National Standards Institute. 2) Character codes with 8-bit per character. The first 127 characters correspond to the ASCII characters (see the ASCII table in the appendix under Tab. 32.1). 3) Abbreviation for ANSI escape sequences. Codes based on the ANSI.SYS driver in MS-DOS and corresponding implementations in other operating systems, with which the cursor position and color and other display functions are possible on text-based displays. ANSI escape sequences were widely used in BBS mailboxes in the 1980s and are still used in terminal emulators today. ANTI-SPAM-FILTER Software on servers, computers, routers and cell phones to prevent unwanted e-mails, v. a. Promotional emails to block. Such filters mostly work with machine learning algorithms, so that new emails marked as spam by the user continuously improve the algorithm. ANTI-SPYWARE SOFTWARE Anti-espionage software. Program on servers, computers, routers and cell phones to block infected apps or executable scripts before they are downloaded. ANTI-TAMPERING Sabotage protection

3 A

21

ANTI-VIRUS SCANNER Software on servers, computers and cell phones to scan and analyze files in the system and to remove viruses found in them. ANTI-VIRUS SOFTWARE Software on servers, computers and cell phones to keep viruses away or to remove them. Today's PCs and cell phones are frequently or permanently connected to the Internet and are therefore constantly exposed to the dangers of new viruses and other malware. Viruses can take root in your own PC in a variety of ways, for example when you accidentally click on links on infected websites, when you carelessly open e-mail attachments or when you automatically run macros within documents. An anti-virus program should always be running on every device that stores personal or important data. APPLICATION FOR CERTIFICATION Process with which internet server operators can have their server's public key signed by a certification authority by issuing a digital certificate for it. A signed certificate makes it possible, for example, to offer an HTTPS website instead of just an HTTP website. The key pair required for this is generated with OpenSSL or similar software or directly using a web form from the certification authority. APPLICATION PROGRAMMING INTERFACE Syn. To Application Programming Interface (API). This interface represents a connection from a program to a function collection. It contains functions that are made available by a software product or operating system for other programs. For example, Microsoft offers Windows functions in so-called libraries in order to be able to create windows in the typical Windows style. In the case of online services, which are usually set up as server-client applications, such APIs are used e.g. Sometimes also referred to as web service. AOB Abbreviation for "Any other Business", meaning "Any other business to discuss?" AOL Originally an abbreviation for America Online. At times one of the largest providers of Internet services. AOL INSTANT MESSENGER [AIM] Instant messaging service from AOL. Operated between 1997 and 2017.

22

3 A

APACHE STRUTS Framework for the simplified development of Java web applications. APACHE STRUTS BUG Software bug discovered in 2018, which was quickly fixed. Due to incorrect handling of content-type headers within Apache Struts 2, an attacker could remotely execute malware on infected systems. API Abbreviation for Application Programming Interface, ex. Application programming interface. API-ECONOMY Newer, vaguely defined term for the interaction of networked devices and services. The aim is to offer “business APIs”, i.e. interfaces between users and systems, in order to simplify complex controls. For example, the control of the light and room temperature switches via an app on the mobile phone. APP Abbreviation for application. Syn. To software, program. APP LEICHE Previously used software, possibly replaced by newer applications, which is no longer kept up-to-date, but is still stored on the system and can be called up. This represents a growing security problem for companies and hosting providers. APPLE MAC OS operating system from Apple, which runs on iMac, for example. It is based on FreeBSD and Mach. APPLICATION POOL Software and configuration method within a server for separating applications so that they do not influence each other. If an application stops on the server, for example due to an error, the other applications can continue to run independently on the same server. APPLICATION PROGRAMMING INTERFACE [API] Application programming interface

3 A

23

APPLICATION SECURITY Sub-area of ​​IT security that deals with the protection of (company-relevant) applications in order to secure them against internal and external attacks, data theft and other misuse. Application security is achieved, for example, by checking the data entered, by using 2FA within the application or by using firewalls, encryption and the like. APPLICATION SHARING 1) Joint use of programs for online games, online whiteboards, etc. 2) Presentation of an application on several computers at the same time, e.g. for video telephony. APPSENSE software product from Ivanti for the virtualization of user accounts and user settings, so that they can be used more easily in several systems so that the user can find the same settings on each of these systems. APP TO APP COMMUNICATION (Eng.) Communication between applications to exchange data. For example, a music app can tell another app what music z. Z. is played so that the second app can use it to generate statistics and music suggestions. The communication, especially the input and output description, must follow a precisely specified syntax, which is also referred to as a protocol. In addition, API functions and libraries offered by the operating system or web server can help the programmer to establish the connection and exchange data between the apps. APP TO ENDPOINT COMMUNICATION (Eng.) Communication between a server application and associated clients. APP-V Abbreviation for Microsoft Application Virtualization APT Abbreviation for Advanced Persistent Threat ARC4 Syn. To Arcfour ARCFOUR Syn. To ARC4. Open source stream cipher and stream encryption algorithm based on the officially secret RC4.

24

3 A

ARCHIVING A CRYPTOGRAPHIC KEY Section in the life cycle of cryptographic keys. Such archiving is necessary in order to still be able to validate or decrypt previous data that was encrypted with this key, although newer versions of the key may already be available. ARCHIVING INFORMATION Section in the information lifecycle. For certain types of information there is a legal obligation to archive for a certain archiving period. ARCHIVING OF A CRYPTOGRAPHIC KEY (Eng.) Archiving of a cryptographic key ARMS RACE SECURITY Symbolic arms race in IT security. A system designer designs a system in which the attacker then finds a weak point, which the designer then repairs, whereupon the attacker finds a weak point again, which the designer repairs, etc. ARP Abbreviation for Address Resolution Protocol ARPANET Abbreviation for Advanced Research Projects Agency Network. Computer network established over telephone lines in the late 1960s. Forerunner of the internet. ARP PACKAGE Compilation of data that is sent via the Address Resolution Protocol (ARP) in the network. ARP REQUEST POISONING Syn. To ARP spoofing ARP-SPOOFING Syn. To ARP request poisoning. Method to change and abuse ARP packets in the transfer between two PCs, e.g. during an RDP session. ARTIFICIAL INTELLIGENCE [AI] (Eng.) artificial intelligence

3 A

25

ASAP Abbreviation for "As soon as possible" used in SMS, Internet comments, Internet forums and in social media. "As soon as possible". ASCII Abbreviation for American Standard Code for Information Interchange. Originally 7-bit character coding, later expanded to 8-bit, for the unambiguous definition of 128, later 256 letters, numbers and special characters (see ASCII table in the appendix under Tab. 32.1). ASCII TABLE List of the unique coding of letters, numbers and special characters (see ASCII table in the appendix under Tab. 32.1). ASMR Abbreviation for Autonomous Sensory Meridian Response. Tingling sensation on the scalp, neck and spine. Can be triggered by noise and is therefore a trend on YouTube. ASN1 Abbreviation for Abstract Syntax Notation One. International standard for the description of data types and structures to be transmitted. This is used in the development of software products or in mobile communications. It allows the information exchanged to be described independently of the type of information presented by the communicating systems. ASP.NET Abbreviation for Active Server Page .NET. Programming environment from Microsoft, which makes it possible to use different .NET languages ​​to develop and execute programs on servers and thus to create dynamic websites and apps. ASPOSE API function libraries to edit, convert, create or automatically read and change file formats. The functions within these libraries can edit Microsoft Office formats and other formats and also offer OCR. ASSERTIONS Statement, assertion ASSET CLASSIFICATION Classification of systems

26

3 A

ASTAROTH malware in the form of a Trojan, which among other things. the anti-virus program attacks Avast, thereby making it possible to steal login and other user data. ASYMMETRIC CRYPTOGRAPHY (Eng.) Asymmetric Cryptography ASYMMETRIC ENCRYPTION (Eng.) Asymmetric encryption. Syn. To public key encryption. ASYMMETRIC COMMUNICATION Communication between different types of communication participants. Example: Client-server system in which the server serves several clients. ASYMMETRIC CRYPTOGRAPHY Syn. To public key encryption. Generic term for methods of asymmetric encryption in which different keys are used for encryption and decryption. ASYMMETRIC ENCRYPTION Syn. To public key encryption. Cryptographic method for encrypted communication without the need for a shared secret key. Each communication partner uses a combination of a private key and a public key. This avoids a major disadvantage of symmetrical encryption, in which the same key is used by both parties for encryption and decryption and therefore has to be agreed first. Principle of asymmetrical encryption: A sender A uses the public key of recipient B to encrypt the message and can then send it via unsecured channels. Only recipient B, who has his private key, can decrypt the message. ASYNCHRONOUS COMMUNICATION Communication which is not synchronized via a clock signal and in which the response from the other party is not waited for, in contrast to synchronous communication. Example of asynchronous communication: Conversation between people who interrupt each other. ATTACHMENT (Eng.) Email notes

3 A

27

ATTACK AGAINST CLIENTS Attack on the PCs of customers of selected companies, e.g. with the help of e-banking Trojans or phishing. The aim is to harm both customers and the selected companies. ATTACK Attacks on computers and systems by exploiting technical or social security gaps. Bad programming is often the cause of technical security gaps. ATTACK SURFACE (Eng.) Attack surface ATTACK SURFACE MODEL (engl.) Stage model of possible attacks in order to get to a target system: 1st stage: Attack on people 2nd stage: Attack on the network 3rd stage: Attack on the target system ATTACK VECTOR (Eng.) Ex . ATTRIBUTION point of attack Recognition and assignment of features, e.g. for identification, classification and defense against malware. AUDIO DATA ENCODING Process in communications and sound technology for modulating and demodulating audio data, such as speech or music, on a high-frequency carrier signal. The audio data is either added to the amplitude ("AM") or the frequency of the carrier signal is changed according to the audio data ("FM"). AUDIO STREAM ENCRYPTION (Eng.) Encryption of an audio stream. This is used, for example, for the encrypted transmission of communication in IP telephony. A frequently used protocol is the Secure Real-Time Transport Protocol (SRTP), based on AES encryption. AUDIT TRAIL Procedure and documentation to prove compliance with internal or regulatory processes and standards. The aim is to document complete proof of the correct implementation of the processes or standards.

28

3 A

RETENTION PERIOD Specification of how long certain data should be kept at least (e.g. in the case of contracts) or at most (e.g. in the case of digital certificates), in accordance with regulatory or technical requirements. For example, the retention period of a digital certificate should be set as short as possible and the certificate should be renewed after this time has elapsed, since technical progress allows ever faster hacking methods. CONCLUSIONS Syn. To abnormal behavior. Term for irregularities in the operation of systems. Anomalies in logs can be an indication of manipulation. FAILSAFE Syn. To failover. Manual or automatic action in which the data communication between systems is rerouted if a communication partner fails. For example, servers are often set up twice so that the client-server communication can be rerouted to the second server if the first server fails. AUTH Abbreviation for Authentication. Term is i.a. used for User Auth Certificate. AUTHENTICATION (Eng.) Authentication AUTHENTICATION ASSURANCE Strength of the authentication method a user uses to log on to a system. For example, logging in using a user name and password is riskier than logging in using 2FA methods. AUTHENTICATION DATABASE Database within a cell phone, computer or server, or within an application, in which the user name is stored together with the user authorizations. AUTHENTICATION MECHANISM ASSURANCE [AMA] Function in Windows Active Directory to allow a user specific access based on the type of authentication that person was using. In detail, AMA allows adding a group membership identifier to the user's Kerberos token. AUTHENTICATION PROCESS Procedure for authentication.

3 A

29

AUTHENTICATOR (English) Syn. To authentication app AUTHENTICATOR APP (English) ex. Authentication app AUTHENTICATOR SECRET CODE The secret presented by the online service or system for registering this online service or system in an authentication app. Mostly in the form of a QR code or text. AUTHENTICATOR THREATS Attacks on authentication apps. E.g.by modifying or generating false confirmation codes, by stealing the mobile phone, by duplicating the secret, by eavesdropping on the transmission, by brute force attacks, by reading out the memory, by phishing or by other social engineering methods. AUTHENTICATION MECHANISMS Process for the authentication of users or systems using protocols, signatures, tokens and the like. MESSAGE AUTHENTICATION Method for verifying the origin of messages. This can be done, for example, by means of a digital signature of the message, which is created using the sender's private key. AUTHENTICATION Syn. To Authentication. In the case of authentication, party B verifies the authenticity of party A. The result is usually an authorization from party A, so that party A is allowed to use the system or the files and other resources it contains. Use of language: • Party A authenticates itself with party B • Party B authenticates party A Example

Application examples for authentication: Party A can be a user who authenticates himself on an authentication system (Party B) using a combination of:

30

3 A

Username and a) a password (entered via the keyboard or the on-screen keyboard), b) his fingerprint or other biometric recognition, c) his private key, d) his position via geolocation recognition or IP address, e) a trustworthy certificate, f ) an app that uses the programming interfaces (GSSAPI), g) an authentication service that creates a token and a session ID for both party B and party A, which can then be used for the transaction between A and B and guarantee authenticity (Kerberos). Most of these combinations mentioned (except fingerprint and other biometric recognition) can also be used for authentication between two servers. AUTHENTICATION Verification of the authenticity of a party, e.g. in preparation for a communication or in order to access files on the server. A user authenticates himself on a server with a user name and password or with a certificate. The server authenticates the information provided by the user and, if the authentication is positive, allows further communication between the user and the server. Usage: • Party A authenticates with Party B • Party B authenticates Party A AUTHENTICATION APP Mobile phone software to enable two-step authentication (2FA) for multiple systems or online services using one-time passwords. To do this, a secret is first presented by the system or online service in the form of a QR code and then scanned with the mobile phone app. Afterwards, the user name with password and the synchronously generated one-time password in the system or online service and on the mobile phone app are sufficient to authenticate the user. Many companies that offer online purchases or transactions can be linked to such an authentication app. Examples of authentication apps: a) Google Authenticator, b) Microsoft Authenticator, c) Symantec VIP Access. AUTHENTICITY The totality of the three properties of authenticity, verifiability and trustworthiness of users, data origin or devices. With the help of encryption and signature processes, the authenticity can be ensured and checked at any time using authentication methods.

3 A

31

AUTHORIZATION Authorization for AUTOMATIC EXCHANGE OF INFORMATION [AIA] Global standard of the OECD for the automatic exchange of information of financial account data between participating countries. AUTOMATIC LEARNING Syn. To deep learning AUTOMATED ACTIVE ATTACK [AAA] Attack that can be automated to attack and change many systems or files with little effort. AUTONOMOUS ROBOT Syn. To hardware agent. Combination of software agent, sensors and actuators that together perform actions and change the environment. AUTHORIZATION (digital) access right granted to a user or system to use a specific computer, a specific system or files and other resources on it. Authentication usually precedes it in order to check whether the authenticity of the user or system is guaranteed. AUTOSPLOIT Software that uses the Shodan API and Metasploit to carry out automatic attacks. With 400 lines of Python code, this software is very simple and is therefore seen as malware on the one hand, and as an easy-to-understand lesson against hacking on the other. AVAILABILITY (Eng.) Availability AVALANCHE 1) Network of cyber criminals who carried out several large phishing, spam and ransomware attacks from 2009 to 2016. 2) Name of a botnet AVATAR 1) Graphic representation of a person, e.g. as a profile picture instead of the real picture. 2) Artificial person in movies, games or other media. AWARENESS (Eng.) Awareness

32

3 A

AWS Abbreviation for Amazon Web Services AZURE Platform for cloud services operated by Microsoft. AZURE ACTIVE DIRECTORY [AAD] Directory within the Microsoft Azure Cloud to enable authentication and authorization of cloud users, e.g. for the use of Microsoft Azure Information Protection. AZURE ACTIVE DIRECTORY RIGHTS MANAGEMENT [AADRM] Syn. To Windows Azure AD Rights Management. A cloud and AD-based service within the Microsoft Azure environment. This service is used by Azure Information Protection to apply encryption as well as rule and label-based usage restrictions to data. Successor to Microsoft's ADRMS. AZURE AD Abbreviation for Azure Active Directory AZURE INFORMATION PROTECTION [AIP] Cloud-based software solution from Microsoft to apply classification, tracking and information rights management (IRM) to files and e-mails. IRM is implemented using ADRMS and AzureRMS encryption, authorization and usage restrictions. AIP can be combined with Office 365 labeling to create Microsoft Information Protection (MIP). AZURE IP [AIP] Abbreviation for Azure Information Protection AZURE KEY VAULT Microsoft product for managing digital keys within Microsoft's Azure cloud. The keys can include be backed up in cloud HSMs. AZURE RIGHTS MANAGEMENT SYSTEMS [AZURERMS] (Eng.) A cloud-based service within the Microsoft Azure environment. This service is used by Azure Information Protection to apply encryption of data and rule-based usage restrictions to data. Successor to ADRMS. AZURERMS Abbreviation for Azure Rights Management Systems

4

B.

BAAS Abbreviation for Blockchain as a Service BACKDOOR. Back door BACKEND (Eng.) Substructure, rear end. The server component and programs running on it of a client-server system. BACKUP Method for backing up data so that it can be restored in the event of a destructive event. For companies, backups and the verification of backups are vitally important. Private individuals are also recommended to provide their data, such as B. to regularly save your pictures, your documents and your digital bank receipts on external, not constantly attached hard drives or on trustworthy cloud storage so that they are not lost forever. BADRABBIT malware in the form of ransomware BANNER 1) A large advertising area on websites. 2) Metadata that is transmitted first when a server, system or device is logged on and accessed. This can be a simple technical greeting, but it can also be information about the existing server software packages or other information that might be of interest to clients. © Springer-Verlag GmbH Germany, part of Springer Nature 2020 R. Porath, Internet, Cyber ​​and IT Security from A – Z, https://doi.org/10.1007/978-3-662-60911-8_4

33

34

4 B

BASE32 ENCODED BINARY FILE Binary file that is available in Base32 coding. BASE32 ENCODING Algorithm for converting binary data of any length (e.g. images, Z IP files) into a string of ASCII characters, which can be processed and sent more easily. The binary data are converted into packets of five. The length of the generated ASCII character string is not fixed. example

Binary code “00000” = Base32 “0” Binary code “00001” = Base32 “1” Binary code “00002” = Base32 “2”… Binary code “11111” = Base32 “V” BASE64 ENCODED BINARY FILE Binary file that is stored in Base64 -Coding is available. BASE64 ENCODING Algorithm for converting binary data of any length (e.g. images, ZIP files) into a string of ASCII characters, which can be processed and sent more easily. The binary data are converted into packets of six. The length of the generated ASCII character string is not fixed. example

Binary code "000000" = Base32 "A" Binary code "000001" = Base32 "B" Binary code "000002" = Base32 "C" ... Binary code "111111" = Base32 "/" BASH BUNNY hacking tool, which can be accessed via a USB stick System is brought in and carried out. BASIC Higher programming language, which is available in many variants for almost all operating systems and is very easy to learn and use because the command set was derived from English words.

4 B

35

example

Example of a basic program line that checks a simple calculation and displays a result: IF 1 + 2 = 3 THEN PRINT "1 + 2 = 3" BASIC programs can be completely converted into machine language (compiled) and interpreted at runtime . BCM Abbreviation for Business Continuity Management BCMUPNP_HUNTER IoT botnet, which attacks routers that have a weak point in the UPnP function. This means, for example, that large amounts of spam e-mails are sent. BCP Abbreviation for Business Continuity Planning BCRYPT Cryptographic hash function, which was developed for passwords. In contrast to other hash functions such as MD5 and SHA, which can be guessed using brute force attacks or rainbow tables, Bcrypt incorporates an adjustable amount of work for calculating hash values, so that the calculation takes artificially longer, which counteracts attacks. EDITING A CRYPTOGRAPHIC KEY Changing the data of a key, e.g. B. to update the expiration date. Section in the cryptographic key life cycle. See additional details under the term key. EDITING INFORMATION Any change to information. Section in the life cycle of information. BEAST ATTACKE Abbreviation for Browser Exploit Against SSL / TLS attack. Attack on a vulnerability in the CBC mode of the Secure Sockets Layer protocol (SSL3.0 and TLS1.0). This enables man-in-the-middle attackers to access the authentication token or the HTTP cookie and thereby gain access to the data transmitted between the web server and the web browser.

36

4 B

BEC Abbreviation for Business E-Mail Compromise. A social engineering method for stealing corporate systems. TERMINATION OF A USER AUTHORIZATION A granted access authorization to a system or online service is withdrawn due to a timeout or other reasons. The user has to log in again if the access should continue to be used. AUTHORIZATION AUTHORITY Syn. To Certification Authority and Certification Authority (CA). Trusted organization or company that issues or signs digital certificates to confirm the authenticity of electronic signatures and public-private key pairs. TREATMENT OF CYBER THREATS Generic term for the identification, risk analysis, logging, monitoring and mitigation of cyber threats. BENCHMARK Test or analysis of apps, processes, procedures or companies with regard to a certain status or a certain property, with the aim of comparing them with other, similar apps, processes, procedures or companies. USER ACCOUNT Data within a system or online service, which assign a registered user a unique identity with user name, password, access rights and possibly other data. USERNAME AND PASSWORD Syn. To username and password. Combination for registering a user with a system or online service with which he has already registered. Modern systems also require a confirmation with a 2FA procedure, such as an SMS code or a one-time password from an authenticator program, for registration. USER VIRTUALIZATION User virtualization software decouples the user profiles, settings and data as well as any other existing user-specific information from the operating system and enables this information to be stored and managed centrally. This information can then be applied to different desktops, e.g. on a physical PC or on a virtual system in the cloud.

4 B

37

USE OF A CRYPTOGRAPHIC KEY Cryptographic keys are used among other things. required to log on to a system and to authenticate a user. Section in the cryptographic key life cycle. See additional details under the term key. AUTHORIZATION Syn. To approval, authorization. Permission given to a user on the basis of his / her previously defined rights to access data, to a system or to a network and to make any changes to it. PROOF OF AUTHORIZATION Syn. To Security Token. Is issued by the operating system or a credential service provider as confirmation of previously authenticated login data of a user, and passed on to systems or apps so that they do not have to ask the user for his login data again. AUTHORIZATION SYSTEM Syn. To Entitlement Management System. Software for managing authorizations of multiple users for different data, systems or networks. When a user logs on to a system or network, he is provided with the access rights associated with his user account. By defining user roles for the same tasks, authorizations can be managed centrally and efficiently and JML processes can be implemented. REMOVAL OF INFORMATION Information is removed, for example, by masking data or by deleting information. Section in the life cycle of information. BETA VERSION Mostly finished software, which has not yet been fully tested and ready for delivery and is therefore to be regarded as an experimental and risky version. See also Cutting Edge Technology, Leading Edge Technology. BUSINESS CONTINUITY MANAGEMENT Syn. To Business Continuity Management (BCM). Strategies and actions to get a company, a network or an individual system back up and running as quickly as possible after a failure. OPERATING SYSTEM Syn. To OS, Operating System. Software that is loaded when the system is started and has two main goals:

38

4 B

a) To offer the users of the system a digital working environment in order to work with data, documents, programs and connected devices such as a printer. b) To manage the memory, the hard drives, the graphics card and all other resources of the system and to make them available to other programs. OPERATING SYSTEM AND APPLICATION UPDATES Syn. To software updates APPROVAL Syn. To authorization, authorization. Permission granted to a user based on his / her previously defined rights to access data, a system or a network and, if necessary, make changes to it. BGP Abbreviation for Border Gateway Protocol LIBRARY 1) Collection of program functions (so-called "API") which are made available to other programs. Such libraries are integrated into the source code of a new program and thus offer functions to simplify and accelerate the development of new software, since the functions do not have to be developed again. For example, optimized functions for cryptographic calculations can be integrated that have been checked several times by different people and optimized for speed. 2) System that provides systematically ordered information. BIG ENDIANS (Eng.) Big-ending. Order of byte usage starting with the highest byte, comparable to the time in the German language, which starts with the largest specification (hour - minute - second). Opposite: Little Endians. example

Big Endians 0x23lFE343 is transmitted or saved as 23 1F E3 43 Little Endians 0x23lFE343 is transmitted or saved as 43 E3 1F 23 SCREEN SAVER 1) Program which, after a predefined duration, the so-called timeout period, covers the other programs and the system only after reactivation, e.g. by moving the mouse or after entering the login data.

4 B

39

This enables resources to be saved and security to be increased. It is recommended to activate timeouts and screensavers on all computers and cell phones and to only unlock the system after entering the login data. 2) Program which, after a predefined duration, the so-called timeout period, covers the other programs and constantly colors different areas of the screen and thus prevents parts of the luminescent layer of the (cathode ray) screen from being "burned in" by continuous electron radiation, i . H. can no longer regenerate. This risk has hardly existed since the use of flat screens. BINARY CODE Numbers or information that are only stored or used with the values ​​"0" and "1".Example: The letter "A" corresponds to the binary code "0100 0001" in the ASCII character set. BINARY FILE The content of which only contains binary codes and is therefore not human readable. Executable files, for example with the ending “.exe” on Windows, are examples of binary files. BINARY (Eng.) 1) Exerc. Binary number, binary code. Numbers or information that are only stored or used with the values ​​“0” and “1”. Example: The letter "A" corresponds to the number "65" in the ASCII character set, which corresponds to the binary number "0100 0001". 2) Compiled, executable program code. Also called "Executable". BINARY HARDENING Software protection method in which executable files are analyzed and optimized so that they are immune to known attacks. BING.COM Internet search engine from Microsoft BIOMETRIC AUTHENTICATION (Eng.) Biometric authentication BIOMETRIC IDENTIFICATION (Eng.) Biometric identification BIOMETRIC INFORMATION (Eng.) Biometric information

40

4 B

BIOMETRIC AUTHENTICATION Verification of the authenticity of a person using biometric features such as fingerprint, iris image, face shape. BIOMETRIC IDENTIFICATION Verification of user identity using biometric features such as fingerprint, iris image, face shape. BIOMETRICAL INFORMATION Biometric features such as fingerprint, iris image, face shape, voice structure, etc. BIOS Abbreviation for Basic Input / Output System. First program that is loaded and executed when the computer is switched on to check the configuration of the computer's hardware components so that they can then be used. BIT Abbreviation for "Binary Digit", trans. Binary digit. Smallest storage unit for data. The sequence of 8 bits form a 1 byte and allow the storage of 256 different values ​​(see additional information under the term "Byte" and in the ASCII table, Tab. 32.1). BITCOIN Most famous cryptocurrency BITHUMB South Korean exchange for cryptocurrencies. BITLOCKER hard disk encryption software. This program starts before the operating system is actually started and uses a Trusted Platform Module (TPM) to validate whether any hardware on the system has been changed. BITTORRENT software and protocol to distribute and share files. When using it, care must be taken not to upload or download illegal, copyright-protected or virus-contaminated files.

4 B

41

BKA-TROJANER malware, in the form of a blackmail Trojan, which improperly uses the logos of the Federal Police and the Federal Office for Information Security (BSI) and achieved worldwide distribution. This malware claims to have detected illegal content on the infected computer and blocks access to this content until an amount has been paid. This Trojan can be circumvented and removed with the help of information easily found on Internet sites. BLACK HAT HACKERS (Eng.) Hackers with "black hats". Hackers employed by governments and organizations with criminal intent. BLACKHOLE Collection of tools in the hacker scene, with the help of which malware and attacks are carried out. BLACKLIST Blacklist BLACKSHEEP Internet browser extension that warns against eavesdropping by Firesheep. BLADE Ugs. For a computer on which virtual machines (VMs) are operated. BLEEDING EDGE TECHNOLOGY Largely finished software, which has not yet been fully tested and is ready for delivery and is therefore to be regarded as an experimental and risky version. Often used as a synonym for beta version. See also Cutting Edge Technology, Leading Edge Technology. BLEICHENBACHER ATTACK An attack on an SSL / TLS connection, etc., in which a weak point in the padding is exploited when encrypting with RSA in accordance with PKCS # 1 (v1.5). BLOATWARE For many users, useless software that is preinstalled on newly purchased PCs and uses up unnecessary storage space.

42

4 B

BLOB Abbreviation for Binary Large Object. Exercise Big binary object. In the case of databases, large amounts of data in binary code, such as video, image or audio files, can be saved completely as field contents of the BLOB type. BLOCK Combination of consecutive characters into a unit, which are processed simultaneously. I.a. used in block cipher processes in which the message is divided into blocks of equal length, which are each encrypted as a whole, in contrast to stream cipher processes in which each character is individually encrypted BLOCKCHAIN ​​(Eng.) Block chain. Development of distributed systems with distributed bookkeeping (also called distributed ledger) to ensure guarantees, e.g. B. a cryptocurrency like Bitcoin. Each new transaction, e.g. B. the purchase of a bitcoin, is cryptographically linked as a new chain link with the existing data blocks of previous transactions (see block chaining, Merkle Tree). By synchronizing the new chain on all distributed systems, manipulations can be detected, since each transaction can be checked for consistency by means of back-calculation. The decision as to whether a new transaction may be appended to the blockchain is made by the "consensus algorithm" used. The data of a transaction basically contain the sender signature secured with the private key, a transaction value, a transaction date, the recipient address and possibly other information. BLOCKCHAIN ​​AS A SERVICE [BAAS] Solution offered by Microsoft, Oracle and other companies to set up blockchain in companies without having to worry about the basics. BLOCKCHAIN ​​SECURITY Blockchain security. Methods to protect a blockchain, e.g. by using asymmetric cryptography. BLOCKCHIFFRE Syn. To Block Cipher. Algorithm in cryptography for performing encryption and decryption, in which the message is divided into blocks of characters or bits, usually a constant number, which are each encrypted together. In contrast to stream cipher processes, in which each character or bit is individually encrypted. See also cipher.

4 B

43

example

Examples of block cipher schemes are AES and DES. Operating modes for block ciphers: a) Electronic Codebook Mode (ECB) b) Cipher Block Chaining Mode (CBC) c) Counter Mode (CTR) d) Galois / Counter Mode (GCM) e) Cipher Feedback Mode (CFB) f) Output Feedback Mode (OFB)