Ack6 Flashcards
SAML
Security Assertions Markup Language
An XML-based data format used to exchange authentication information between a client and a service
SCADA
Supervisory Control and Data Acquisition
A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas
SCAP
Security Content Automation Protocol
A NIST framework that outlines various accepted practices for automating vulnerability scanning
SCEP
Simple Certificate Enrollment Protocol
widely used to make digital certificate issuance at large organizations easier, more secure, and scalable. Using this protocol, SCEP servers issue a one-time password (OTP) to the user transmitted out-of-band (OOB)
SDK
Software Development Kit
SDLC
SDLM
Software Development Life Cycle
Software Development Life-Cycle Methodology
SDN
Software-defined Networking
APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems
SDP
Service Delivery Platform
i.e Netflix
SDV
Software-Defined Visibility
Incident Response
SED
Self-Encrypting Drives
Data-at-rest is stored securely
SEH
Structured Exception Handling
Script for what the app should do
SFTP
SSH File Transfer Protocol
SHA
Secure Hashing Algorithm
S-HTTP or HTTPS
Secure Hypertext Transfer Protocol
SIEM
Security Information & Event Management
SIM
Subscriber Identity Module
A small chip card that identifies the user and phone number of a mobile device, via an International Mobile Subscriber Identity (ISMI)
SIP
Session Initiation Protocol
Id endpoints & setup VoIP calls
SLA
Service-level Agreement
SLE
Single Loss Expectancy
SMB
Server Message Block
Windows File Sharing
S/MIME
Secure/Multipurpose Internet Mail Extentions
SMS
Short Message Service
SMTP
Simple Mail Transfer Protocol
how mail is sent from one system to another…secured with TLS
Port 25, 587, 465 (deprecated)
SMTPS
Simple Mail Transfer Protocol Secure
aka implicit TLS
SNMP
Simple Networking Management Protocol
SOAP
Simple Object Access Protocol
XML format messaging
built-in error handling, tightly specified protocol
SOAR
Security, Orchestration, Automation, Response
SoC
System on Chip
SOC
Security Operations Center
SPF
Sender Policy Framework
Email Authenticator to detect forged emails
SPIM
Spam over Internet Messaging
SQL
Structured Query Language
SQLi
SQL Injection
SRTP
Secure Real-time Transport Protocol
Used to send encrypted VoIP data
SSD
Solid State Drive
quicker, more reliable than HDDs
SSID
Service Set Identifier
A character string that identifies a particular wireless LAN (WLAN)
LAN needs NAT which lets computer’s with a private IP connect to the public internet
SSL
Secure Sockets Layer
SSO
Single Sign-on
STIX
Structured Threat Information eXpression
STP
UTP
Shielded Twisted Pair (wire used in LAN)
Unshielded Twisted Pair (this is so dumb)
Spanning Tree Protocol A switching protocol that prevents network loops by dynamically disabling links as needed
SWG
Secure Web Gateway
Filter malware
TACACS+
Terminal Access Controller Access Control System
AAA, TCP, Encrypts Header & Payload
TAXII
Trusted Automated eXchange of Indicator Information
TCP/IP
Transmission Control Protocol/Internet Protocol
TGT
Ticket Granting Ticket
TKIP
Temporal Key Integrity Protocol
used in first WPA over flawed WEP
replaced by ccmp
TLS
Transport Layer Security
TOTP
Time-based One Time Password
improvement on HOTP
TPM
Trusted Platform Module
A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information. transit gateway In cloud computing, a virtual router deployed to facilitate connections between VPC subnets and VPN gateways
TSIG
Transaction Signature
TTP
Tactics, Techniques, & Procedures
UAT
User Acceptance Testing
UAV
Unmanned Aerial Vehicle
UDP
User Datagram Protocol
UEBA
User & Entity Behavior Analytics
Automated Id suspicious behavior
UEFI
Unified Extensible Firmware Interface
Enforce boot integrity checks, configured with digital certificates, no TPM needed, uses measured boot to validate boot report
UEM
Unified Endpoint Management
Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices
UPS
Uninterruptable Power Supply
URI
URL
Uniform Resource Identifier
Universal Resource Locator
USB
USB OTG
Universal Serial Bus
USB On-The-Go
UTM
Unified Threat Management
Downside: single point of failure, latency issues
VBA
Visual Basic
Programming languages used to implement macros and scripting in Office document automation
VDE
VDI
Virtual Desktop Environment
Virtual Desktop Infrastructure
VLAN
Virtual Local Area Network
A logically separate network, created by using switching technology. Even though hosts on two VLANs may be physically connected to the same cabling, local traffic is isolated to each VLAN so they must use a router to communicate
VLSM
Variable-length subnet masking
VPC
Virtual Private Cloud
VTC
Video teleconferencing
WAF
Web Application Firewall
protect from DoS & code injection attacks
WAP
Wireless Access Point
WEP
Wired Equivalent Privacy
outdated for encrypting data over a wireless connection, WPA stronger, WEP is 40-104 bit
WIDS
WIPS
Wireless Intrusion Detection System
Wireless Intrusion Prevention System
WORM
Write Once Read Many
WPA
WPS
Wifi Protect Access
auth & encrypt
Wifi Protected Setup
feature of WPA, enroll with 8-digit pin
WTLS
Wireless TLS
XSS
Cross-site Scripting
Needs no user interaction
Allows an attacker to execute arbitrary JavaScript within the browser of a victim user.
XSRF, an attacker to induces a victim-user to perform actions that they do not intend to…
XSRF needs an authenticated session, trick a user to click a link or access a page
