A Flashcards
AAA
Authentication, Authorization, and Accounting
A security framework that controls access to computer resources, enforces policies, and audits usage
ACL
Access Control List
A set of rules that can be used to control access to digital environments and network traffic in computer security
AES
Advanced Encryption Standard
A symmetric block cipher chosen by the US govt to protect classified information. One of the most robust encryption methods.
AES-256
Advanced Encryption Standard 256-bit
A symmetric block cipher used to protect sensitive information. One of the most robust encryption methods. The key size is 256 bits.
AH
Authentication Header
An HTTP header that verifies the identity and permissions of the requester. It carries authentication credentials or access tokens to authorize and validate requests. This proves the sender’s identity.
This header also contains a checksum that can verify the message’s integrity.
AI
Artificial Intelligence
The simulation of human intelligence processes by machines
AIS
Automated Indicator Sharing
A free service that allows the real-time exchange of cyber threat indicators (CTIs) and defensive measures (DMs)
ALE
Annualized Loss Expectancy
A quantitative metric used to estimate the impact of potential cybersecurity threats/vulnerabilities over a year
AP
Access Point
A device that logically connects wireless client devices to one another and provides access to a distribution system, usually an organization’s enterprise wired network
API
Application Programming Interface
A mechanism that enables software components to communicate with each other using a set of definitions and protocols
APT
Advanced Persistent Threat
An attack campaign in which an intruder or team of intruders establishes an illicit, long-term presence on a network in order to mine highly sensitive data
ARO
Annualized Rate of Occurrence
The likelihood of a risk/threat occurring in a given year
ARP
Address Resolution Protocol
A network protocol that maps IP addresses to MAC addresses
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge
A curated knowledge base and model for cyber adversary behavior. Used for threat modeling and security defense.
AUP
Acceptable Use Policy
A document that outlines guidelines for how an organization’s resources should be used.