Ack Flashcards
NT LAN (NTLM)
Windows New Technology LAN Manager (NTLM) is an outmoded challenge-response authentication protocol from Microsoft. Still in use though succeeded by Kerberos, NTLM is a form of Single Sign-On (SSO) enabling users to authenticate to applications without submitting the underlying password
3DES
Triple Digital Encryption Algorithm (deprecated)
symmetric-key block cipher applies the DES cipher algorithm three times to each data block - 168 bits
AAA
Authentication, Authorization, and Accounting
It is used to refer to a family of protocols that mediate network access. Two network protocols providing this functionality are particularly popular: the RADIUS protocol, and its newer Diameter counterpart
ABAC
Attribute-based Access Control
also known as policy-based access control for IAM, defines an access control paradigm whereby access rights are granted to users through the use of policies
ACL
Access Control List
a list of permissions associated with a system resource
AD
Active Directory
access policies can be configured via GPOs Windows Active Directory network, users and devices can often auto-enroll with the CA just by authenticating to Active Directory
AES
Advanced Encryption Standard
specification for the encryption of electronic data
AES256
Advanced Encryption Standards 256bit
AES-256, which has a key length of 256 bits, supports the largest bit size and is practically unbreakable by brute force based on current computing power, making it the strongest encryption standard
AH
Authentication Header
provides message authentication and integrity but not confidentiality.
performs a cryptographic hash on the whole packet, including the IP header, plus a shared secret key (known only to the communicating hosts), and adds this HMAC in its header as an Integrity Check Value (ICV).
AIS
Automated Indicator Sharing
Threat intelligence data feed operated by the DHS.
Uses TAXII to transmit CTI data between servers and clients
ALE
Annualized Loss Expectancy
the amount that would be lost over the course of a year. This is determined by multiplying the SLE by the Annualized Rate of Occurrence (ARO)
AP
Access Point
device that provides a connection between wireless devices and can connect to wired networks. Also known as wireless access point or WAP
API
Application Programming Interface
A library of programming utilities used, for example, to enable software developers to access functions of the TCP/IP network stack under a particular operating system
APT
Advanced Persistent Threat
An attacker’s ability to obtain, maintain, and diversify access to network systems using exploits and malware.
Can evade signature-based detection
ARP
Address Resolution Protocol
maps a network interface’s hardware (MAC) address to an IP address.
ASLR
Address Space Layout Randomization
A memory-protection process - computer security technique involved in preventing exploitation of memory corruption vulnerabilities
ASP
Active Server Pages
Microsoft’s first server-side scripting language and engine for dynamic web pages.
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge
MITRE ATT&CK™ framework is a comprehensive matrix of tactics and techniques used by threat hunters, red teamers, and defenders to better classify attacks and assess an organization’s risk. Organizations can use the framework to identify holes in defenses, and prioritize them based on risk (TTP)
AUP
Acceptable Use Policy
set of rules applied by the owner, creator or administrator of a network, website, or service, that restrict the ways in which the network, website or system may be used and sets guidelines as to how it should be used
AV or A-V
Antivirus
prevent, detect, and remove malware
BASH
Bourne Again Shell
A command shell and scripting language for Unix-like system
Found in DMZ
BCP
Business Continuity Planning
identifies controls and processes that enable an organization to maintain critical workflows in the face of some adverse event
BIA
Business Impact Analysis
process of assessing what losses might occur for a range of threat scenarios
BGP
Border Gateway Protocol
exterior gateway protocol designed to exchange routing and reachability information between autonomous systems (AS) on the Internet
Decides which network your local router should hookup with. (think matchmaker)
BIOS
Basic Input/Output System
Firmware—vulnerabilities can exist in the BIOS/UEFI firmware that controls the boot process for PCs.
“the program a computer’s microprocessor uses to start the computer system after it is powered on”
BPA
Business Partnership Agreement
Agreement by two companies to work together closely
BPDU
Bridge Protocol Data Unit
Switch port security feature that disables the port if it receives BPDU notifications related to spanning tree.
This is configured on access ports where there any BPDU frames are likely to be malicious
Messages exchanged between switches inside a LAN; prevents looping
BSSID
Basic Service Set Identifier
Each WAP is identified by its MAC address, BSSID is the MAC address of a wireless point
BYOD
Bring Your Own Device
CA
Certificate Authority
entity responsible for issuing and guaranteeing certificates
CAC
Common Access Card
smart card that provides certificate-based authentication and supports two-factor authentication
CAPTCHA
Completely Automated Public Turing
Test to Tell Computers and Humans Apart
CAR
Corrective Action Report
actions adopted to eliminate the problem from occurring again
ML
Machine Learning
MMS
Multimedia Message Service
MOA
Memorandum of Agreement
written (legal) document describing a cooperative relationship between two parties wishing to work together
MOU
Memorandum of Understanding
Intent to work together (informal, not binding)
MPLS
Multiprotocol Label Switching
Developed by Cisco data forwarding technology that increases the speed and controls the flow of network traffic.
A VPN (not part of public internet) that directs data from one node to the next using short path labels instead of long network addresses.
MSA
Measurement System Analysis
Cyber, Evaluates the data collection and statistical methods used by a quality management process
MSCHAP
MS Challenge Handshake Authentication Protocol
MSP
Managed Service Provider
a third-party company that provides network, application and system management services to enterprises with a pay-as-you-go pricing model
MSSP
Managed Security Service Provider
fully outsourcing responsibility for information assurance to a third party.
Expensive but can be a good fit for an SME that has experienced rapid growth and has no in-house security capability
MTBF
Mean Time Between Failures
MTTF
Mean Time to Failure
MTTR
Mean Time to Repair
MTU
Maximum Transmission Unit
limits data packet size on a network
NAC
Network Access Control
Keeps unauthorized users and devices out of a private network
802.1X standard
NAS
Network-attached Storage
storage device connected to a network that allows storage and retrieval of data from a centralized location for authorized network users
NAT
Network Address Translation
used to enable multiple hosts on a private network to connect to the Internet using a single public IP address
NDA
Non-disclosure Agreement
