38674729
Description
Flashcards by Lyndsay Badding, updated more than 1 year ago
|
Created by Lyndsay Badding
about 1 year ago
|
|
| Question | Answer |
| 3DES | Triple Data Encryption Standard type of cryptography where block cipher algorithms are applied 3 times to each data block |
| AAA | Authentication, Authorization, and Accounting security framework that controls access to computer resources, enforces policies, audits usage |
| ABAC | Attribute-Based Access Control access control based on attributes associated with the subject, object, requested operations, environment conditions |
| ACL | Access Control List set of rules to allow or deny access |
| AD | Active Directory Windows directory service used to manage users, apps, data, etc. |
| AES | Advanced Encryption Standard symmetric block cipher algorithm |
| AH | Authentication Header packet header that provides origin authentication, data integrity, and replay protection it does not provide confidentiality |
| AIS | Automated Indicator Sharing real-time exchange of machine-readable threat indicators and defensive measures |
| ALE | Annualized Loss Expectancy SLE x ARO |
| AP | Access Point 802.11 logical connection point |
| API | Application Programming Interface set of definitions and protocols for building and integrating app software |
| APT | Advanced Persistent Threat a sophisticated, sustained cyberattack threat actor remains undetected for a prolonged period of time |
| ARO | Annualized Rate of Occurrence the number of incidents per year for a risk or threat |
| ARP | Address Resolution Protocol contains the MAC table |
| ASLR | Address Space Layout Randomization randomizes the location of system executables in RAM prevents buffer overflow |
| ASP | Active Server Pages Microsoft's server-side scripting language for dynamic web pages |
| ATT&CK | Adversarial Tactics, Techniques, & Common Knowledge globally accessible knowledge database |
| AUP | Acceptable Use Policy set of rules user must accept before use of resources |
| AV | AntiVirus |
| BASH | Bourne Again SHell shell used in a text window mostly on Linux |
| BCP | Business Continuity Planning process of creating a plan to identify major risks, preventatives, and continuity of essential processes |
| BGP | Border Gateway Protocol language spoken by routers to determine how to send packets |
| BIA | Business Impact Analysis identifies critical systems, functions, and processes and how quickly they need to be recovered/restored |
| BIOS | Basic Input/Output System initializes hardware, then loads and starts the OS |
| BPA | Business Partnership Agreement legal agreement that outlines terms, conditions, and expectations |
| BPDU | Bridge Protocol Data Unit STP message unit to detect loops in network topologies contains info regarding ports, switches, port priority and addresses |
| BSSID | Basic Service Set IDentifier MAC address of AP or wireless router |
| BYOD | Bring Your Own Device |
| CA | Certificate Authority trusted entity that issues SSL certificates |
| CAPTCHA | Completely Automated Public Turing test to tell Computers and Humans Apart |
| CAR | Corrective Action Report indicates type of investigation or action taken to address the non-conformance or potential for non-conformance |
| CASB | Cloud Access Security Broker software that sits between a cloud service consumer and provider enforces org security policies through risk ID and regulation compliance |
| CBC | Cipher Block Chaining a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block |
| CBT | Computer Based Training |
| CCMP | Counter-mode/CBC-MAC Protocol used with AES 128-bit block ciphers 802.11i |
| CCTV | Closed-Circuit TeleVision |
| CERT | Computer Emergency Response Team is a registered mark by Carnegie Mellon have to apply for authorization to use this term |
| CFB | Cipher FeedBack stream mode feedback = name for chaining when used in stream modes |
| CHAP | Challenge Handshake Authentication Protocol used with PPP 3-way handshake uses an encrypted hash |
| CIO | Chief Information Officer oversees people, processes and technologies within a company's IT org |
| CIRT | Computer Incident Response Team interchangeable with CSIRT |
| CIS | Center for Internet Security non-profit org that sets standards for cyber security |
| CMS | Content Management System software platform that allows users to build and manage a website with limited technical knowledge and resources can be open source, prop., or SaaS |
| CN | Common Name also known as FQDN |
| COOP | Continuity Of Operations Planning procedures and guidance to sustain MEFs at an alternate site for up to 30 days mandated by federal directives |
| COPE | Corporate-Owned Personally Enabled employee is able to use device as their own, but company still owns it |
| CP | Contingency Planning |
| CRC | Cyclic Redundancy Check integrity check using a binary solution |
| CRL | Certificate Revocation List |
| CSA | Cloud Security Alliance organization that defines best practices for a secure cloud computing environment |
| CSIRT | Computer Security Incident Response Team interchangeable with CIRT |
| CSO | Chief Security Officer responsible for the physical security and safety of employees, facilities, and assets |
| CSP | Cloud Service Provider |
| CSR | Certificate Signing Request created on the server where the cert will be installed |
| CSRF | Cross-Site Request Forgery also XSRF attack that forces users to submit a request to a web app that they are already authenticated to |
| CSU | Channel Service Unit used to convert digital signals from a router to a network circuit such as T1 similar to a modem |
| CTM | CounTer-Mode turns a block cipher into a stream cipher adds a counter to each block, which is also encrypted |
| CTO | Chief Technology Officer responsible for settings security standards that dictate how the org chooses to work with or acquire tools form vendors |
| CVE | Common Vulnerabilities and Exposures a glossary that classifies vulnerabilities |
| CVSS | Common Vulnerability Scoring System a method used to supply a qualitative measure of severity |
| CYOD | Choose Your Own Device |
| DAC | Discretionary Access Control identity-based access control |
| DBA | DataBase Administrator ensures the security of a database |
| DDoS | Distributed Denial of Service multiple systems target a single system |
| DEP | Data Execution Prevention built into Windows to prevent malicious code from being executed from system memory |
| DER | Distinguished Encoding Rules key file format for cryptographic data |
| DES | Data Encryption Standard outdated symmetric key method of data encryption block cipher that encrypts in 64-bit blocks |
| DHCP | Dynamic Host Configuration Protocol assigns IP addresses |
| DHE | Diffie-Hellman Ephemeral securely establishes a channel to create and share a key for symmetric key algorithms |
| DKIM | Domain Keys Identified Mail email authentication method using a digital signature |
| DLL | Dynamic-Link Library contains the resources an app needs to run successfully could include images and a library of executable functions |
| DLP | Data Loss Prevention implements a set of processes, procedures, and tools to prevent the loss, misuse, or unauthorized access of sensitive info |
| DMARC | Domain Message Authentication Reporting and Conformance email validation system that detects and prevents email spoofing |
| DNAT | Destination Network Address Translation changes the destination address in the IP header for packets coming into the LAN |
| DNS | Domain Name System translates FQDN to IP address |
| DNSSEC | Domain Name System SECurity extensions suite of extensions that improve DNS security by verifying that DNS results have not been tampered with |
| DoS | Denial of Service |
| DPO | Data Protection Officer ensures the org processes personal data in compliance with applicable data protection rules |
| DRP | Disaster Recovery Plan |
| DSA | Digital Signature Algorithm cryptographic algorithm used to generate digital signatures, authenticate the sender of a digital message, and prevent tampering |
| DSL | Digital Subscriber Line |
| EAP | Extensible Authentication Protocol protocol that acts as a framework and transport for other authentication protocols |
| ECB | Electronic Code Book legacy to CBC symmetric encryption scheme which replaces each block of clear text with block of ciphertext |
| ECC | Elliptic-Curve Cryptography public key cryptographic algorithm used to perform critical security functions, including encryption, authentication, and digital signatures more secure than RSA or DSA |
| ECDHE | Elliptic-Curve Diffie-Hellman Ephemeral key exchange algorithm that allows 2 parties to establish a shared secret over an insecure communication channel |
| ECDSA | Elliptic-Curve Digital Signature Algorithm DSA which uses keys derived from ECC |
| EDR | Endpoint Detection and Response an endpoint security solution that continuously monitors end-user devices to detect and respond to cyber threats like malware |
| EFS | Encrypted File System provides cryptographic protection of individual files on NTFS volumes using a public-key system |
| EIP | Extended Instruction Pointer used to track the address of the current instruction running inside the application |
| EOL | End Of Life ending of patches, updates, and sale of equipment |
| EOS | End Of Service ending of services and updates for server, storage, and network equipment |
| ERP | Enterprise Resource Planning the practice of taking effective security measures to prevent infiltration inside of ERP systems ERP systems unify all different platforms and departments |
| ESN | Electronic Serial Number used in mobile phones |
| ESP | Encapsulating Security Payload only authenticates the IP datagram portion of the IP packet can be used with AH |
| ESSID | Extended Service Set IDentifier a set of wireless networks that have the same SSID |
| FACL | File system Access Control List a table that informs the OS of access privileges a user has to a system object |
| FDE | Full Disk Encryption |
| FIM | File Integrity Monitoring |
| FPGA | Field Programmable Gate Array hardware circuit that a user can program to carry out logical operations |
| FRR | False Rejection Rate (FRR = FAR) = CER |
| FTP | File Transfer Protocol transfer files between computer systems and servers via the internet |
| GCM | Galois/Counter Mode mode of operation for AES algorithm symmetric-key cryptographic block ciphers |
| GDPR | General Data Protection Regulation an EU law that governs the way we can use, process, and store personal data (PII) |
| GPG | GNU Privacy Guard software replacement for PGP security tool for encrypting files |
| GPO | Group Policy Object collection of settings that define what a system will look like and how it will behave for a defined group of computers or users |
| GPS | Global Positioning System |
| GPU | Graphics Processing Unit |
| GRE | Generic Routing Encapsulation tunneling protocol used to transport multicast, broadcast, and non-IP packets like IPX |
| HA | High Availability 99.9% 8h 45m 57s 99.99% 52m 35.7s 99.999% 5m 15.6s 99.9999% 31.6s 99.99999% 3.2s |
| HDD | Hard Disk Drive non-volatile memory has moving parts to write data |
| HIDS | Host-based Intrusion Detection System monitor the system and detect anomalies |
| HIPS | Host-based Intrusion Prevention System behavioral analysis and network filtering to monitor running processes, files and registry keys prevents unknown malicious attacks |
| HMAC | Hash-based Message Authentication Code cryptographic authentication technique that uses a hash function and a secret key |
| HOTP | HMAC-based One-Time-Password |
| HSM | Hardware Security Module device that generates and stores cryptographic keys, and digital signatures encrypts and decrypts data |
| HSMaaS | Hardware Security Module as a Service |
| HTML | HyperText Markup Language language used to create webpages |
| HTTP | HyperText Transfer Protocol how resources are exchanged between client devices and servers over the internet |
| HVAC | Heating, Ventilation, Air Conditioning referring to the monitoring system attached to these functions |
| IaaS | Infrastructure as a Service pay-as-you-go services for using virtual equipment like servers, storage, network devices, VMs |
| IAM | Identity and Access Management framework of policies, processes, and technologies that enable orgs to manage digital identities and control user access to critical corporate info |
| ICMP | Internet Control Message Protocol used to troubleshoot and report error conditions transfers info about other protocols |
| ICS | Industrial Control Systems |
| IDEA | International Data Encryption Algorithm block cipher that operates on 64-bit plaintext and 128-bit key reversible |
| IDF | Intermediate Distribution Frame a remote room or closet connected to MDF houses hubs and patch panels |
| IdP | Identity Provider a service that stores and verifies user identity |
| IDS | Intrusion Detection System monitoring system that detects suspicious activities and generates alerts when they are detected |
| IEEE | Institute of Electrical and Electronics Engineers sets standards for many industries publishes journals, magazines, and conference proceedings |
| IKE | Internet Key Exchange IPSec-based tunneling protocol that provides a secure VPN communication channel |
| IM | Instant Messaging |
| IMAP4 | Internet Message Access Protocol version 4 how you view your email enables the use of folders |
| IoC | Indicators of Compromise clues and evidence of a security breach |
| IoT | Internet of Things devices embedded with sensors, software, and other technologies for the purpose of exchanging data with other devices and systems over the internet |
| IP | Internet Protocol communication standard used to uniquely identify systems on a computer network or across the internet |
| IPS | Intrusion Prevention System hardware or software network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it |
| IPSec | Internet Protocol Security suite of protocols between 2 communication points across the network that provide data CIA defines the encrypted, decrypted and authenticated packets |
| IR | Incident Response |
| IRC | Internet Relay Chat text-based chat system for IM |
| IRP | Incident Response Plan |
| ISA | Interconnection Security Agreement specifies the technical and security requirements of interconnection between organizations |
| ISFW | Internal Segmentation FireWall meant to protect network if an attacker breaches the perimeter can be placed anywhere inside network |
| ISO | International Organization for Standardization provides a security framework that orgs can tailor to specific security risks |
| ISP | Internet Service Provider |
| ISSO | Information Systems Security Officer maintains the appropriate security posture for an information system or program |
| ITCP | IT Contingency Plan |
| IV | Initialization Vector arbitrary number used with a secret key for data encryption to foil cyber attacks IV = nonce |
| KDC | Key Distribution Center an authentication server that performs the initial authentication and issues TGTs for users Kerberos is a KDC |
| KEK | Key Encryption Key key that encrypts other key stored in DES key storage for local use organization retains the KEK |
| L2TP | Layer 2 Tunneling Protocol an extension of PPTP used by ISPs to enable VPNs |
| LAN | Local Area Network |
| LDAP | Lightweight Directory Access Protocol makes it possible for apps to query user info rapidly designed to maintain and access directories services within a network |
| LEAP | Lightweight Extensible Authentication Protocol Cisco proprietary version of EAP encrypts data using WEP keys uses username and password for authentication |
| MaaS | Monitoring as a Service |
| MAC | Media Access Control |
| MAM | Mobile Application Management |
| MAN | Metropolitan Area Network |
| MBR | Master Boot Record |
| MD5 | Message Digest 5 cryptographic hash algorithm used to generate 128-bit digest from a string of any length provides the means for digital signature verification |
| MDF | Main Distribution Frame demarcation point that interconnects public and private lines in a building |
| MDM | Mobile Device Management |
| MFA | MultiFactor Authentication |
| MFD | MultiFunction Device device that can print, copy, scan, and fax usually larger in size with more features than a MFP |
| MFP | MultiFunction Printer print, copy, scan, and fax |
| ML | Machine Learning |
| MMS | Multimedia Message Service extension of SMS |
| MOA | Memorandum Of Agreement a written formal understanding of an agreement establishes a legal conditional agreement |
| MOU | Memorandum Of Understanding common=cause agreement, not legally binding used to demonstrate the orgs have consulted and coordinated |
| MPLS | MultiProtocol Label Switching networking technology that routes traffic using the shortest path based on labels |
| MSA | Measurement Systems Analysis a tool used to determine a selected measurement systems' accuracy |
| MS-CHAP | Microsoft Challenge Handshake Authentication Protocol challenge and response authentication method that PPP servers use to verify the identity of a remote user |
| MSP | Managed Service Provider delivers services via ongoing and regular support and active administration on customers' premises, MSP's data center, or third party data center |
| MSSP | Managed Security Service Provider offers network security services to an organization |
| MTBF | Mean Time Between Failures what is broken is repaired (total hrs of operation)/(# of failures) |
| MTTF | Mean Time To Failure what is broken is replaced (total hrs of operation)/(total # assets) |
| MTTR | Mean Time To Repair (total reactive maintenance time)/(# of reactive maintenance actions) [during a given time period] |
| MTU | Maximum Transmission Unit a measurement in bytes of the largest data packets that an internet connected device can accept |
| NAC | Network Access Control the process of restricting unauthorized users and devices from gaining access to a corporate or private network |
| NAS | Network-Attached Storage a file-dedicated storage device that makes data continuously available for employees to collaborate effectively over a network |
| NAT | Network Address Translation translating private IP addresses to public, and vice versa |
| NDA | Non-Disclosure Agreement |
| NFC | Near Field Communication technology that enables 2 devices to exchange data when in close proximity |
| NFV | Network Function Virtualization the replacement of network appliance hardware with VMs |
| NGFW | Next-Generation FireWall operates on all 7 layers of OSI model stateful inspection of network traffic |
| NG-SWG | Next Generation Secure Web Gateway cloud-based security solution similar to a firewall, but used with a firewall inspects apps, not packets |
| NIC | Network Interface Card |
| NIDS | Network-based Intrusion Detection System monitors and detects malicious activity on a network |
| NIPS | Network-based Intrusion Prevention System monitors, detects, and prevents malicious activity on a network |
| NIST | National Institute of Standards and Technology helps businesses better understand, manage, and reduce their cybersecurity risk and protect networks and data |
| NOC | Network Operations Center responsible for maintaining a company's computer system's technical infrastructure |
| NTFS | New Technology File System Windows process used for storing, organizing, and finding files on a hard disk efficiently |
| NTLM | New Technology LAN Manager challenge-response authentication protocol used to authenticate a client to a resource on an AD domain |
| NTP | Network Time Protocol used to synchronize with computer clock time sources in a network |
| OCSP | Online Certificate Status Protocol alternative to CRL to check the validity of a certificate |
| OID | Object IDentifier a globally unique identifier of a data object |
| OS | Operating System |
| OSI | Open Systems Interconnection model of layers 1-7 |
| OSINT | Open Source INTelligence |
| OSPF | Open Shortest Path First |
| OT | Operational Technology use of hardware and software to monitor and control physical processes, devices, and infrastructure |
| OTA | Over-The-Air refers to the distribution of information wirelessly |
Want to create your own Flashcards for free with GoConqr? Learn more.