Unauthenticated Scan

A program used to detect weaknesses within an organization. Vulnerability scans and vulnerability assessments are two common elements of a vulnerability management program. Vulnerability scans are technical scans performed regularly, and vulnerability assessments are normally combined with a risk assessment.
[view]

A skill by which an unauthorized person gains the trust of someone inside an organization and encourages the victim to make a change to the IT system in order to grant the attacker access. It can also be used as a means to trick a victim into disclosing information to the attacker. An attack based on deceiving users or administrators at the target site. For example, a person who illegally enters computer systems by persuading an authorized person to reveal IDs, passwords, and other confidential information.
[view]

A test performed on a system to find weaknesses in the security infrastructure. Vulnerability scans automatically probe systems, applications, and networks looking for weaknesses that may be exploited by an attacker. The scanning tools used in these tests provide quick point-and-click tests that perform otherwise tedious tasks without requiring manual intervention.
[view]

A model that employs a directed graph to dictate how rights can be passed from one subject to another or from a subject to an object. Simply put, a subject with the grant right can grant another subject or another object any other right they possess. Likewise, a subject with the take right can take a right from another subject.
[view]

A form of password attack in which a dictionary attack is first attempted and then a type of brute-force attack is performed. The follow-up brute-force attack is used to add prefix or suffix characters to passwords from the dictionary in order to discover one- upped constructed passwords, two-upped constructed passwords, and so on.
[view]