third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
third Cyber Security Assessment Netherlands - NCSC
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Spoofing/IP spoofing<br />
SQL injection<br />
State secret<br />
Stepping stone<br />
Tablet<br />
Threat<br />
TNO<br />
Tool<br />
Two-factor authentication<br />
UMTS<br />
USB<br />
USB stick<br />
Vulnerability<br />
Web application<br />
Wifi/Wi-Fi<br />
Zero-day exploit<br />
Spoofing means ‘impersonating another person’, usually in a malicious sense. IP spoofing uses the<br />
IP address of another computer, either to mask the origin of the network traffic or to use one computer<br />
to impersonate actually another computer.<br />
An attack mechanism that influences the communication between an application/device and a database<br />
used with the prime aim of manipulating or stealing data held in that database.<br />
Special information kept secret in the interests of the state or its allies.<br />
A stepping stone attack is perpetrated through a number of systems and/or organisations. It is also called<br />
a chain attack. A malicious party will use a series of previously hacked machines to achieve its ultimate<br />
goal. The stepping stone attack is a tool also used to hide a party’s true identity.<br />
A portable computer with a screen that is also the main input device.<br />
The <strong>Cyber</strong> <strong>Security</strong> <strong>Assessment</strong> defines goal and threat as follows:<br />
» The higher goal (intention) could be to strengthen the competitive position; political and national gain,<br />
social disruption, to prevent the threat to life, etc.<br />
» Threats in the assessment have been classified as follows, for instance: digital espionage, digital<br />
sabotage, the publication of confidential data, digital disruption, cyber crime and indirect disruptions.<br />
<strong>Netherlands</strong> Organisation for Applied Scientific Research.<br />
A technology or computer program used by an attacker to abuse or magnify existing vulnerabilities.<br />
A method of authentication requiring two independent factors of an identity. These factors may be:<br />
knowledge, possession or biometric properties that prove the identity of the requester.<br />
Universal Mobile Telecommunications System; see 2G/3G.<br />
Universal Serial Bus (USB) is a specification of a standard for the communication between a device,<br />
generally a computer, and peripherals.<br />
Portable storage medium that can be connected to computers by a USB port.<br />
A characteristic of a society, organisation or information system (or part of these) that provides a malicious<br />
party with the opportunity to block and impact on legitimate access to information or functionality or to<br />
access these without authorisation.<br />
The term used to designate the totality of software, databases and systems involved in the proper<br />
functioning of a website, the website being the visible portion.<br />
A trademark of the Wi-Fi Alliance. A device with Wi-Fi can communicate wirelessly with other devices<br />
at a range of up to several hundred metres.<br />
An exploit that takes advantage of a vulnerability for which no patch is as yet available.<br />
110