Created by Lyndsay Badding
over 1 year ago
|
||
Question | Answer |
3DES | Triple Data Encryption Standard type of cryptography where block cipher algorithms are applied 3 times to each data block |
AAA | Authentication, Authorization, and Accounting security framework that controls access to computer resources, enforces policies, audits usage |
ABAC | Attribute-Based Access Control access control based on attributes associated with the subject, object, requested operations, environment conditions |
ACL | Access Control List set of rules to allow or deny access |
AD | Active Directory Windows directory service used to manage users, apps, data, etc. |
AES | Advanced Encryption Standard symmetric block cipher algorithm |
AH | Authentication Header packet header that provides origin authentication, data integrity, and replay protection it does not provide confidentiality |
AIS | Automated Indicator Sharing real-time exchange of machine-readable threat indicators and defensive measures |
ALE | Annualized Loss Expectancy SLE x ARO |
AP | Access Point 802.11 logical connection point |
API | Application Programming Interface set of definitions and protocols for building and integrating app software |
APT | Advanced Persistent Threat a sophisticated, sustained cyberattack threat actor remains undetected for a prolonged period of time |
ARO | Annualized Rate of Occurrence the number of incidents per year for a risk or threat |
ARP | Address Resolution Protocol contains the MAC table |
ASLR | Address Space Layout Randomization randomizes the location of system executables in RAM prevents buffer overflow |
ASP | Active Server Pages Microsoft's server-side scripting language for dynamic web pages |
ATT&CK | Adversarial Tactics, Techniques, & Common Knowledge globally accessible knowledge database |
AUP | Acceptable Use Policy set of rules user must accept before use of resources |
AV | AntiVirus |
BASH | Bourne Again SHell shell used in a text window mostly on Linux |
BCP | Business Continuity Planning process of creating a plan to identify major risks, preventatives, and continuity of essential processes |
BGP | Border Gateway Protocol language spoken by routers to determine how to send packets |
BIA | Business Impact Analysis identifies critical systems, functions, and processes and how quickly they need to be recovered/restored |
BIOS | Basic Input/Output System initializes hardware, then loads and starts the OS |
BPA | Business Partnership Agreement legal agreement that outlines terms, conditions, and expectations |
BPDU | Bridge Protocol Data Unit STP message unit to detect loops in network topologies contains info regarding ports, switches, port priority and addresses |
BSSID | Basic Service Set IDentifier MAC address of AP or wireless router |
BYOD | Bring Your Own Device |
CA | Certificate Authority trusted entity that issues SSL certificates |
CAPTCHA | Completely Automated Public Turing test to tell Computers and Humans Apart |
CAR | Corrective Action Report indicates type of investigation or action taken to address the non-conformance or potential for non-conformance |
CASB | Cloud Access Security Broker software that sits between a cloud service consumer and provider enforces org security policies through risk ID and regulation compliance |
CBC | Cipher Block Chaining a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block |
CBT | Computer Based Training |
CCMP | Counter-mode/CBC-MAC Protocol used with AES 128-bit block ciphers 802.11i |
CCTV | Closed-Circuit TeleVision |
CERT | Computer Emergency Response Team is a registered mark by Carnegie Mellon have to apply for authorization to use this term |
CFB | Cipher FeedBack stream mode feedback = name for chaining when used in stream modes |
CHAP | Challenge Handshake Authentication Protocol used with PPP 3-way handshake uses an encrypted hash |
CIO | Chief Information Officer oversees people, processes and technologies within a company's IT org |
CIRT | Computer Incident Response Team interchangeable with CSIRT |
CIS | Center for Internet Security non-profit org that sets standards for cyber security |
CMS | Content Management System software platform that allows users to build and manage a website with limited technical knowledge and resources can be open source, prop., or SaaS |
CN | Common Name also known as FQDN |
COOP | Continuity Of Operations Planning procedures and guidance to sustain MEFs at an alternate site for up to 30 days mandated by federal directives |
COPE | Corporate-Owned Personally Enabled employee is able to use device as their own, but company still owns it |
CP | Contingency Planning |
CRC | Cyclic Redundancy Check integrity check using a binary solution |
CRL | Certificate Revocation List |
CSA | Cloud Security Alliance organization that defines best practices for a secure cloud computing environment |
CSIRT | Computer Security Incident Response Team interchangeable with CIRT |
CSO | Chief Security Officer responsible for the physical security and safety of employees, facilities, and assets |
CSP | Cloud Service Provider |
CSR | Certificate Signing Request created on the server where the cert will be installed |
CSRF | Cross-Site Request Forgery also XSRF attack that forces users to submit a request to a web app that they are already authenticated to |
CSU | Channel Service Unit used to convert digital signals from a router to a network circuit such as T1 similar to a modem |
CTM | CounTer-Mode turns a block cipher into a stream cipher adds a counter to each block, which is also encrypted |
CTO | Chief Technology Officer responsible for settings security standards that dictate how the org chooses to work with or acquire tools form vendors |
CVE | Common Vulnerabilities and Exposures a glossary that classifies vulnerabilities |
CVSS | Common Vulnerability Scoring System a method used to supply a qualitative measure of severity |
CYOD | Choose Your Own Device |
DAC | Discretionary Access Control identity-based access control |
DBA | DataBase Administrator ensures the security of a database |
DDoS | Distributed Denial of Service multiple systems target a single system |
DEP | Data Execution Prevention built into Windows to prevent malicious code from being executed from system memory |
DER | Distinguished Encoding Rules key file format for cryptographic data |
DES | Data Encryption Standard outdated symmetric key method of data encryption block cipher that encrypts in 64-bit blocks |
DHCP | Dynamic Host Configuration Protocol assigns IP addresses |
DHE | Diffie-Hellman Ephemeral securely establishes a channel to create and share a key for symmetric key algorithms |
DKIM | Domain Keys Identified Mail email authentication method using a digital signature |
DLL | Dynamic-Link Library contains the resources an app needs to run successfully could include images and a library of executable functions |
DLP | Data Loss Prevention implements a set of processes, procedures, and tools to prevent the loss, misuse, or unauthorized access of sensitive info |
DMARC | Domain Message Authentication Reporting and Conformance email validation system that detects and prevents email spoofing |
DNAT | Destination Network Address Translation changes the destination address in the IP header for packets coming into the LAN |
DNS | Domain Name System translates FQDN to IP address |
DNSSEC | Domain Name System SECurity extensions suite of extensions that improve DNS security by verifying that DNS results have not been tampered with |
DoS | Denial of Service |
DPO | Data Protection Officer ensures the org processes personal data in compliance with applicable data protection rules |
DRP | Disaster Recovery Plan |
DSA | Digital Signature Algorithm cryptographic algorithm used to generate digital signatures, authenticate the sender of a digital message, and prevent tampering |
DSL | Digital Subscriber Line |
EAP | Extensible Authentication Protocol protocol that acts as a framework and transport for other authentication protocols |
ECB | Electronic Code Book legacy to CBC symmetric encryption scheme which replaces each block of clear text with block of ciphertext |
ECC | Elliptic-Curve Cryptography public key cryptographic algorithm used to perform critical security functions, including encryption, authentication, and digital signatures more secure than RSA or DSA |
ECDHE | Elliptic-Curve Diffie-Hellman Ephemeral key exchange algorithm that allows 2 parties to establish a shared secret over an insecure communication channel |
ECDSA | Elliptic-Curve Digital Signature Algorithm DSA which uses keys derived from ECC |
EDR | Endpoint Detection and Response an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like malware |
EFS | Encrypted File System provides cryptographic protection of individual files on NTFS volumes using a public-key system |
EIP | Extended Instruction Pointer used to track the address of the current instruction running inside the application |
EOL | End Of Life ending of patches, updates, and sale of equipment |
EOS | End Of Service ending of services and updates for server, storage, and network equipment |
ERP | Enterprise Resource Planning the practice of taking effective security measures to prevent infiltration inside of ERP systems ERP systems unify all different platforms and departments |
ESN | Electronic Serial Number used in mobile phones |
ESP | Encapsulating Security Payload only authenticates the IP datagram portion of the IP packet can be used with AH |
ESSID | Extended Service Set IDentifier a set of wireless networks that have the same SSID |
FACL | File system Access Control List a table that informs the OS of access privileges a user has to a system object |
FDE | Full Disk Encryption |
FIM | File Integrity Monitoring |
FPGA | Field Programmable Gate Array hardware circuit that a user can program to carry out logical operations |
FRR | False Rejection Rate (FRR = FAR) = CER |
FTP | File Transfer Protocol transfer files between computer systems and servers via the internet |
GCM | Galois/Counter Mode mode of operation for AES algorithm symmetric-key cryptographic block ciphers |
GDPR | General Data Protection Regulation an EU law that governs the way we can use, process, and store personal data (PII) |
GPG | GNU Privacy Guard software replacement for PGP security tool for encrypting files |
GPO | Group Policy Object collection of settings that define what a system will look like and how it will behave for a defined group of computers or users |
GPS | Global Positioning System |
GPU | Graphics Processing Unit |
GRE | Generic Routing Encapsulation tunneling protocol used to transport multicast, broadcast, and non-IP packets like IPX |
HA | High Availability 99.9% 8h 45m 57s 99.99% 52m 35.7s 99.999% 5m 15.6s 99.9999% 31.6s 99.99999% 3.2s |
HDD | Hard Disk Drive non-volatile memory has moving parts to write data |
HIDS | Host-based Intrusion Detection System monitor the system and detect anomalies |
HIPS | Host-based Intrusion Prevention System behavioral analysis and network filtering to monitor running processes, files and registry keys prevents unknown malicious attacks |
HMAC | Hash-based Message Authentication Code cryptographic authentication technique that uses a hash function and a secret key |
HOTP | HMAC-based One-Time-Password |
HSM | Hardware Security Module device that generates and stores cryptographic keys, and digital signatures encrypts and decrypts data |
HSMaaS | Hardware Security Module as a Service |
HTML | HyperText Markup Language language used to create webpages |
HTTP | HyperText Transfer Protocol how resources are exchanged between client devices and servers over the internet |
HVAC | Heating, Ventilation, Air Conditioning referring to the monitoring system attached to these functions |
IaaS | Infrastructure as a Service pay-as-you-go services for using virtual equipment like servers, storage, network devices, VMs |
IAM | Identity and Access Management framework of policies, processes, and technologies that enable orgs to manage digital identities and control user access to critical corporate info |
ICMP | Internet Control Message Protocol used to troubleshoot and report error conditions transfers info about other protocols |
ICS | Industrial Control Systems |
IDEA | International Data Encryption Algorithm block cipher that operates on 64-bit plaintext and 128-bit key reversible |
IDF | Intermediate Distribution Frame a remote room or closet connected to MDF houses hubs and patch panels |
IdP | Identity Provider a service that stores and verifies user identity |
IDS | Intrusion Detection System monitoring system that detects suspicious activities and generates alerts when they are detected |
IEEE | Institute of Electrical and Electronics Engineers sets standards for many industries publishes journals, magazines, and conference proceedings |
IKE | Internet Key Exchange IPSec-based tunneling protocol that provides a secure VPN communication channel |
IM | Instant Messaging |
IMAP4 | Internet Message Access Protocol version 4 how you view your email enables the use of folders |
IoC | Indicators of Compromise clues and evidence of a security breach |
IoT | Internet of Things devices embedded with sensors, software, and other technologies for the purpose of exchanging data with other devices and systems over the internet |
IP | Internet Protocol communication standard used to uniquely identify systems on a computer network or across the internet |
IPS | Intrusion Prevention System hardware or software network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it |
IPSec | Internet Protocol Security suite of protocols between 2 communication points across the network that provide data CIA defines the encrypted, decrypted and authenticated packets |
IR | Incident Response |
IRC | Internet Relay Chat text-based chat system for IM |
IRP | Incident Response Plan |
ISA | Interconnection Security Agreement specifies the technical and security requirements of interconnection between organizations |
ISFW | Internal Segmentation FireWall meant to protect network if an attacker breaches the perimeter can be placed anywhere inside network |
ISO | International Organization for Standardization provides a security framework that orgs can tailor to specific security risks |
ISP | Internet Service Provider |
ISSO | Information Systems Security Officer maintains the appropriate security posture for an information system or program |
ITCP | IT Contingency Plan |
IV | Initialization Vector arbitrary number used with a secret key for data encryption to foil cyber attacks IV = nonce |
KDC | Key Distribution Center an authentication server that performs the initial authentication and issues TGTs for users Kerberos is a KDC |
KEK | Key Encryption Key key that encrypts other key stored in DES key storage for local use organization retains the KEK |
L2TP | Layer 2 Tunneling Protocol an extension of PPTP used by ISPs to enable VPNs |
LAN | Local Area Network |
LDAP | Lightweight Directory Access Protocol makes it possible for apps to query user info rapidly designed to maintain and access directories services within a network |
LEAP | Lightweight Extensible Authentication Protocol Cisco proprietary version of EAP encrypts data using WEP keys uses username and password for authentication |
MaaS | Monitoring as a Service |
MAC | Media Access Control |
MAM | Mobile Application Management |
MAN | Metropolitan Area Network |
MBR | Master Boot Record |
MD5 | Message Digest 5 cryptographic hash algorithm used to generate 128-bit digest from a string of any length provides the means for digital signature verification |
MDF | Main Distribution Frame demarcation point that interconnects public and private lines in a building |
MDM | Mobile Device Management |
MFA | MultiFactor Authentication |
MFD | MultiFunction Device device that can print, copy, scan, and fax usually larger in size with more features than a MFP |
MFP | MultiFunction Printer print, copy, scan, and fax |
ML | Machine Learning |
MMS | Multimedia Message Service extension of SMS |
MOA | Memorandum Of Agreement a written formal understanding of an agreement establishes a legal conditional agreement |
MOU | Memorandum Of Understanding common=cause agreement, not legally binding used to demonstrate the orgs have consulted and coordinated |
MPLS | MultiProtocol Label Switching networking technology that routes traffic using the shortest path based on labels |
MSA | Measurement Systems Analysis a tool used to determine a selected measurement systems' accuracy |
MS-CHAP | Microsoft Challenge Handshake Authentication Protocol challenge and response authentication method that PPP servers use to verify the identity of a remote user |
MSP | Managed Service Provider delivers services via ongoing and regular support and active administration on customers' premises, MSP's data center, or third party data center |
MSSP | Managed Security Service Provider offers network security services to an organization |
MTBF | Mean Time Between Failures what is broken is repaired (total hrs of operation)/(# of failures) |
MTTF | Mean Time To Failure what is broken is replaced (total hrs of operation)/(total # assets) |
MTTR | Mean Time To Repair (total reactive maintenance time)/(# of reactive maintenance actions) [during a given time period] |
MTU | Maximum Transmission Unit a measurement in bytes of the largest data packets that an internet connected device can accept |
NAC | Network Access Control the process of restricting unauthorized users and devices from gaining access to a corporate or private network |
NAS | Network-Attached Storage a file-dedicated storage device that makes data continuously available for employees to collaborate effectively over a network |
NAT | Network Address Translation translating private IP addresses to public, and vice versa |
NDA | Non-Disclosure Agreement |
NFC | Near Field Communication technology that enables 2 devices to exchange data when in close proximity |
NFV | Network Function Virtualization the replacement of network appliance hardware with VMs |
NGFW | Next-Generation FireWall operates on all 7 layers of OSI model stateful inspection of network traffic |
NG-SWG | Next Generation Secure Web Gateway cloud-based security solution similar to a firewall, but used with a firewall inspects apps, not packets |
NIC | Network Interface Card |
NIDS | Network-based Intrusion Detection System monitors and detects malicious activity on a network |
NIPS | Network-based Intrusion Prevention System monitors, detects, and prevents malicious activity on a network |
NIST | National Institute of Standards and Technology helps businesses better understand, manage, and reduce their cybersecurity risk and protect networks and data |
NOC | Network Operations Center responsible for maintaining a company's computer system's technical infrastructure |
NTFS | New Technology File System Windows process used for storing, organizing, and finding files on a hard disk efficiently |
NTLM | New Technology LAN Manager challenge-response authentication protocol used to authenticate a client to a resource on an AD domain |
NTP | Network Time Protocol used to synchronize with computer clock time sources in a network |
OCSP | Online Certificate Status Protocol alternative to CRL to check the validity of a certificate |
OID | Object IDentifier a globally unique identifier of a data object |
OS | Operating System |
OSI | Open Systems Interconnection model of layers 1-7 |
OSINT | Open Source INTelligence |
OSPF | Open Shortest Path First |
OT | Operational Technology use of hardware and software to monitor and control physical processes, devices, and infrastructure |
OTA | Over-The-Air refers to the distribution of information wirelessly |
Want to create your own Flashcards for free with GoConqr? Learn more.