Glossary 299 column player: the player in a normal form game listed on the top (the columns) (6) command and control (C2): the ability to remotely issue commands to the compromised device (4) command-line interface (CLI): a purely text-based interface that enables users to type in commands and read typed output (2) Common Vulnerabilities and Exposures (CVE): the main classifier and catalog of cybersecurity vulnerabilities (9) Common Weakness Enumeration (CWE): a publicly available catalog of software and hardware-related flaws that can lead to vulnerabilities (5) compartment (DOD classification): a category of sensitive information (9) compartmentalization: a principle of cybersecurity that states access to resources should be segmented (9) compiler: a program that transforms source code into machine code (2) Computer Fraud and Abuse Act (CFAA): a United States umbrella anti-hacking law (10) conditional statements: statements that define alternate execution paths (2) Condor: the hacker nicked used by Kevin Mitnick, a phone phreaker and famous social engineer (3) Conficker Worm: a worm that exploited the MS08-067 vulnerability to create a large-scale botnet (4) Confidential (C): a United States Department of Defense classification for information that could reasonably be expected to cause identifiable damage if it was disclosed (8) confidentiality: preventing the unauthorized reading of data (4) connected graph: a graph where there exists at least one path between any pair of nodes (2) connection handshake: part of a network protocol that establishes the parameters for a connection (8) control: a measure taken to reduce risk (5) cookie stealing attack: an attack where a user’s web browser authentication cookies are copied, allowing an attacker to impersonate the user (8) cooperating: a game theory strategy of being loyal to the other player (6) core: a processing unit controlled by the CPU capable of executing instructions (2) corporate espionage: spying conducted by a business competitor (3) corporate sabotage: impairing a business competitor’s ability to operate (3) corrective controls: measures taken to recover after a cyber incident (5) cost center: a part of a business that is not revenue producing (5)
RkJQdWJsaXNoZXIy MTM4ODY=