# Glossary terms from week 2

## <span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Terms and definitions from Course 1, Week 2**</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Adversarial artificial intelligence (AI):**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently </span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Business Email Compromise (BEC):** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Computer virus:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> Malicious code written to interfere with computer operations and cause damage to data and software</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Cryptographic attack:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> An attack that affects secure forms of communication between a sender and intended recipient</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Hacker:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> Any person who uses computers to gain access to computer systems, networks, or data</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Malware:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> Software designed to harm devices or networks</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Password attack:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> An attempt to access password secured devices, systems, networks, or data</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Phishing:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> The use of digital communications to trick people into revealing sensitive data or deploying malicious software</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Physical attack:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> A security incident that affects not only digital but also physical environments where the incident is deployed</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Physical social engineering:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">An attack in which a threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Social engineering:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A manipulation technique that exploits human error to gain private information, access, or valuables</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Social media phishing:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Spear phishing:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Supply-chain attack:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">An attack that targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**USB baiting:**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;"> An attack in which a threat actor strategically leaves a malware USB stick for an employee to find and install to unknowingly infect a network</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Virus:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">refer to “computer virus”</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Vishing:** </span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source</span>

<span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">**Watering hole attack**</span><span style="box-sizing: border-box; -webkit-font-smoothing: antialiased;">: A type of attack when a threat actor compromises a website frequently visited by a specific group of user</span>