Identity theft, stealing money, stealing private information, controlling private computers.
Ransomware is a type cyber attack that threatens to publish the victim's data or block access to it unless a ransom is paid.
The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances, and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these things to connect and exchange data.
Protection of computer systems, networks, and data from digital attacks.
how company's use your data
protecting your data online
secure data transfer protocol when on the internet
Legal document outlining how a company can collect and use your data
attempting to find computer security vulnerabilities and exploit them for personal financial gain or other malicious reasons
a computer security specialist who breaks into protected systems and networks to test and assess their security
The CIA Triad is a widely-accepted security measure that should be guaranteed in every secure system. It stands for Confidentiality, Integrity, and Availability.
The protection of information from people who are not authorized to view it.
Aims at ensuring that information is protected from unauthorized or unintentional alteration.
The assurance that systems and data are accessible by authorized users when and where needed.
The information about a particular person that exists on the Internet as a result of their online activity
the use of electronic communication to bully a person
Information literacy is having the ability to find information, evaluate information credibility, and use information effectively.
A law that grants the creator of an original work exclusive rights to its use, distribution, and sale
Objects in the public domain are not subject to copyright laws, and thus may be freely used by the general public.
Open Web Application Security Project; highly-regarded organization and much used by cybersecurity professionals.
Using charts, graphs, or images to visualize complex data.
a set of data that describes and gives information about other data.
Visualizations can be misleading by skewing the axes or labels, or leaving out relevant data.
Not starting the y-axis at zero.
A connection between two things.
`lowerCamelCase` is a naming convention where the first letter is lower case, and each subsequent start of a word is upper case.
Defining a function means to teach the computer a new command and explain what it should do when receiving that command.
Calling a function actually gives the command, so the computer will run the code for that function.
Programs that "Read like a story" have good decomposition and make the code easy to follow.
Breaking down (decomposing) your code is splitting it into more functions.
Indentation is the visual structure of how your code is laid out. It uses tabs to organize code into a hierarchy.
Top down design is a method for breaking our program down into smaller parts.
The way your code is written is the style. It covers the aspects of the code that goes beyond whether or not it just works.
Assumptions we make about what must be true before the function is called.
SuperKarel is like Karel but already knows how to turnRight() and turnAround()
A control structure lets us change the flow of the code.
An if statement lets you ask a question to the program and only run code if the answer is true.
Control structure that lets us run either one section of code or another depending on a test.
A problem when using a while loop where you forget one action at the beginning or the end.
Managing complexity by "abstracting away" information and detail, in order to focus on the relevant concepts.
An error in the sequence of words or rules in a program that prevents the program from running.
errors where the expected result does not match the actual result; these errors are due to mistakes in coding logic and will not be detected by the compiler
A philosophy of making information and knowledge open and accessible to all people. A network of networks built on open, agreed upon protocols.
A widely agreed upon set of rules that standardize communication between machines.
Science that harnesses the power of many individuals to solve hard, complex problems.
A protocol that defines the structure of an Internet address and assigns a unique address to every device on the Internet.
Used to translate domain names into IP addresses.
The process of sending data between two computers on the internet. The data is sent through routers that determine the route.
When multiple paths exist between two points. This improves reliability and makes the internet fault tolerable. Makes the routing system scalable.
Packets are the units of data that are sent over the network.
HyperText Transfer Protocol is a protocol that standardizes the language for talking to web servers to send and receive web pages, or HyperText information (HTML pages).
A group of two or more computer systems linked together.
Able to send bits from router to router across long distances, but they are very expensive.
The amount of data (in bits) that can be sent in a fixed amount of time.
The capacity of data transfer in a system. Measured by bitrate.
The latency of a system is the time it takes for a bit to travel from sender to receiver. Fiber optic cables have low latency.
Protocols for encrypting/decrypting information. Most cybersecurity breaches happen due to human error, not software bugs.
Distributed Denial of Service attack. Spam a web server with so many requests so close together that it crashes. Sometimes spitting out valuable information as it crashes.
a weakness which can be exploited by a malicious actor / attacker to perform unauthorized actions within a computer system.
a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability to cause unintended or unanticipated behavior to occur on computer software, hardware, etc.
Traditionally the very first program you write when learning a programming language, a program that prints "Hello world" to the user.
JavaScript function that prints out a line to the user
Declaring a variable is defining it for the first time.
Initializing a variable is giving it an initial value.
A float, or floating point value, is a numeric value that can have decimal level precision (ex: 3.14)
A number in your code that appears arbitrary. These should all be replaced with calculations or constants.
A coordinate system uses numbers as coordinates to place objects in a geometric space.
JavaScript function that returns the width of the graphics canvas
JavaScript function that returns the height of the graphics canvas
The length between the center and edge of a circle
Used to make logical associations between boolean values
Logical operator that ORs two boolean values. Written as `||`. `a || b` will be true if `a` or `b` is true.
Logical operator that ANDs two boolean values. Written as `&&`. `a && b` will be true if both `a` and `b` are true.
Logical operator that negates a single boolean value. Written as `!`. `!a` will be true if `a` is false, and false if `a` is true.
To flip a boolean value, or take the opposite of a boolean value. If you negate true, you get false. If you negate false, you get true.
Documentation for the syntax and objects in Javascript that we use on CodeHS.
Not actually random, but appears to be random
An edge case is a problem in your code that only occurs in extreme situations.
A variable used to count the number of times an action has been performed
A constant that has the specific purpose of being the value that breaks out of a loop.
A loop, most often set with while(true), that has a break in the loop body.
The `break;` statement breaks out of the current loop, without executing any more code in the loop.
A loop that has no way of stopping, and will keep looping forever.
Don't repeat yourself: try to simplify your code and avoid repeating code unnecessarily.
Also called an array. A data structure that holds a collection of values in a particular order
Also called a list. A data structure that holds a collection of values in a particular order
Showing several still images one after another very quickly, to give the illusion of animated movement.
A function passed as a parameter to another function in order to be called later.
A variable that can be used throughout a program, in every scope
An event is an action (such as clicking the mouse or pressing a key on the keyboard) that a program detects and uses as input.
The value returned from a function when the function is called.
A variable that is restricted to use in a certain scope of a program
Also called a dictionary or map. Lets us store pairs of keys that are matched with a specific value.
Repetition of instructions a specified number of times, or until a condition is met.
A data structure that stores values in no particular order. Each value can only appear once in the set.
A person or device that makes calculations, stores data, and executes instructions according to a program.
The physical components of a computer
Programs that can be run on a computer
Allows adding an image to a web page. It is self-closing. The attributes of an `<img>` tag include `src`, which specifies where to get the image from (the url for an image ), and `width` and `height` attributes, which specify the size of the image in pixels.
Way to organize information with a simple structure that is easy to read and write on a webpage. There are ordered and unordered HTML lists.
Defines an unordered list in HTML.
defines a list item inside an HMTL list.
Tables display information in a grid.
Allows adding several different types of styles to HTML elements.
Cascading Style Sheets. The language for designing web pages and adding style.
Defines which HTML elements a CSS rule applies to.
`class` is an attribute we can add to HTML tags in order to style a specific group of elements.
`id` is an attribute we can add to an HTML tag to style that specific element.
Stands for Uniform Resource Locator. You are locating a resource that exists somewhere on the internet.
An encryption method in which each letter of the message is shifted by a certain amount, called the key
A physical machine used in WWII that built on the complexity of substitution ciphers.
An encryption method that uses a series of interwoven Caesar ciphers based on the letters of a keyword
Scrambling digital information into an unreadable form. Only those with verified authority (password, key, etc) can unscramble it to read it.
The process of decrypting coded messages without being told the key.
The practice of solving and writing encryptions
The same key is used to encrypt and decrypt (e.g., Caesar, Vigenere)
One key encrypts, a different key decrypts.
Public key encryption is a type of asymmetric key encryption. There’s one key that encrypts the information and there is a different key that decrypts the information.
The output from any input that has been processed through a hashing algorithm / function.
The word hashing literally means to scramble. Hashing changes a message into an unreadable string of text for the purpose of verifying the message’s contents, but not hiding the message itself. It must be easy to compute the output (the digest) for any input, but hard to compute the input for any output. A hash function takes an input string of arbitrary length and produces a fixed- size, short output called a digest . It’s always the same length no matter how big the input is AND the output is always the same hash for any given input. Unlike symmetric and asymmetric algorithms, there are no “keys” in hashing functions.
whenever 2 inputs map to the same output.
whenever you can work backwards through an algorithm (like a Caesar cipher)
Finds the remainder after division of one number by another (sometimes called modulus). Example: 14 ➗ 4 = 3 remainder 2 14 mod 4 = 2 14 % 4 = 2
an object-oriented computer programming language commonly used to create interactive effects within web browsers.
in computer programming languages and especially JavaScript, is the process of removing all unnecessary characters from source code without changing its functionality.
An organized collection of data (e.g., text, images, videos, audio, geospatial, tabular) An electronic system that allows data to be easily accessed, manipulated and updated via a Database Management System (DBMS).
A set of data elements (values) using a model of vertical columns (shown by a name) and horizontal rows (fields), the cell (record) being the unit where a row and column intersect. A table has a specified number of columns by design, but can have any number of rows.
Let you quickly perform an action on a table in a database like apply changes or retrieve information.
refers to an injection attack wherein an attacker can execute malicious SQL statements (also commonly referred to as a malicious payload) that control a web application's database server (also commonly referred to as a Relational Database Management System – RDBMS).
Cross-site scripting (XSS) is a security bug that can affect websites. If present in your website, this bug can allow an attacker to add their own malicious JavaScript code onto the HTML pages displayed to your users. Once executed by the victim's browser, this code could then perform actions such as completely changing the behavior or appearance of the website, stealing private data, or performing actions on behalf of the user.
Structured Query Language; Programming language for managing and querying data from a relational database.
A question (noun) or to ask a question (verb) - often in relation to a database.
How we define what is stored in a table.
Represents a piece of information (or attribute).
A set of data elements (values) using a model of vertical columns (shown by a name) and horizontal rows (fields), the cell (record) being the unit where a row and column intersect. A table has a specified number of columns by design, but can have any number of rows.
One entry in a table. Each row has an ID that is unique to the table.
One entry in a table. Each row has an ID that is unique to the table.
A statement in SQL that allows you to ask for a row or multiple rows from a table in a database.
a clause in SQL that allows you to filter results of s SELECT with certain conditions.
Client devices are typically personal computing devices with network software applications installed that request and receive information over the network or Internet. Mobile devices like your smart phone, tablets, iPads, laptops and also desktop computers can can all function as clients.
Examples of servers include web servers, mail servers, and file servers. Each of these servers provide resources to client devices. Most servers have a one-to-many relationship with clients, meaning a single server can provide multiple resources to multiple clients at one time.
Client-server applications are programs or apps that run on our client devices AND need to access resources from a server. In other words, they need help and can’t do what they need to do alone.
A server computer program or application provides functionality for client programs or devices. So a single overall computation is distributed across multiple processes or devices. Servers can provide various functionalities, often called "services", such as sharing data or resources among multiple clients, or performing computation for a client.
Client devices and applications are often referred to as the “front end” - meaning what the user actually sees.
Server devices and applications are often referred to as the “back end” - meaning the user doesn’t actually SEE what is happening; it’s hidden from their view and they just see the results on their end.
Clients and servers communicate over a computer network on separate hardware, but both client and server may reside in the same system. A server host runs one or more server programs which share their resources with clients. A client does not share any of its resources, but requests a server's content or service function. Servers store and protect data and process requests from clients. Clients make requests and format data on the device for the end user.
An injection risk where the website returns errors that the hacker can use to explore the database more. This is the first clear test that an attacker can use to test to see if a site is vulnerable. It is usually displayed as an unhandled internal exception error. This info is meant for the developer and is not meant to go back and deliver it to a person’s webpage.
An injection risk where the attacker can add a condition that’s always true, like 1=1, often by appending it to the query to pull up even more in a results set. This fundamentally changes the query and can allow someone to pull the entire contents of the database.
Often used when error-based and union-based SQLi do not work. It essentially involves asking the database a series of targeting questions and based on the results gives clues as to how to get the DB to give up its contents.
