Ack6 Flashcards

1
Q

SAML

A

Security Assertions Markup Language

An XML-based data format used to exchange authentication information between a client and a service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SCADA

A

Supervisory Control and Data Acquisition

A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SCAP

A

Security Content Automation Protocol

A NIST framework that outlines various accepted practices for automating vulnerability scanning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SCEP

A

Simple Certificate Enrollment Protocol

widely used to make digital certificate issuance at large organizations easier, more secure, and scalable. Using this protocol, SCEP servers issue a one-time password (OTP) to the user transmitted out-of-band (OOB)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SDK

A

Software Development Kit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

SDLC

SDLM

A

Software Development Life Cycle

Software Development Life-Cycle Methodology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

SDN

A

Software-defined Networking

APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SDP

A

Service Delivery Platform

i.e Netflix

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SDV

A

Software-Defined Visibility

Incident Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SED

A

Self-Encrypting Drives

Data-at-rest is stored securely

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SEH

A

Structured Exception Handling

Script for what the app should do

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SFTP

A

SSH File Transfer Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SHA

A

Secure Hashing Algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

S-HTTP or HTTPS

A

Secure Hypertext Transfer Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SIEM

A

Security Information & Event Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SIM

A

Subscriber Identity Module
A small chip card that identifies the user and phone number of a mobile device, via an International Mobile Subscriber Identity (ISMI)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

SIP

A

Session Initiation Protocol

Id endpoints & setup VoIP calls

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

SLA

A

Service-level Agreement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

SLE

A

Single Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

SMB

A

Server Message Block

Windows File Sharing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

S/MIME

A

Secure/Multipurpose Internet Mail Extentions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

SMS

A

Short Message Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

SMTP

A

Simple Mail Transfer Protocol
how mail is sent from one system to another…secured with TLS
Port 25, 587, 465 (deprecated)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

SMTPS

A

Simple Mail Transfer Protocol Secure

aka implicit TLS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
SNMP
Simple Networking Management Protocol
26
SOAP
Simple Object Access Protocol XML format messaging built-in error handling, tightly specified protocol
27
SOAR
Security, Orchestration, Automation, Response
28
SoC
System on Chip
29
SOC
Security Operations Center
30
SPF
Sender Policy Framework Email Authenticator to detect forged emails
31
SPIM
Spam over Internet Messaging
32
SQL
Structured Query Language
33
SQLi
SQL Injection
34
SRTP
Secure Real-time Transport Protocol Used to send encrypted VoIP data
35
SSD
Solid State Drive | quicker, more reliable than HDDs
36
SSID
Service Set Identifier A character string that identifies a particular wireless LAN (WLAN) LAN needs NAT which lets computer's with a private IP connect to the public internet
37
SSL
Secure Sockets Layer
38
SSO
Single Sign-on
39
STIX
Structured Threat Information eXpression
40
STP | UTP
Shielded Twisted Pair (wire used in LAN) Unshielded Twisted Pair (this is so dumb) Spanning Tree Protocol A switching protocol that prevents network loops by dynamically disabling links as needed
41
SWG
Secure Web Gateway Filter malware
42
TACACS+
Terminal Access Controller Access Control System AAA, TCP, Encrypts Header & Payload
43
TAXII
Trusted Automated eXchange of Indicator Information
44
TCP/IP
Transmission Control Protocol/Internet Protocol
45
TGT
Ticket Granting Ticket
46
TKIP
Temporal Key Integrity Protocol used in first WPA over flawed WEP replaced by ccmp
47
TLS
Transport Layer Security
48
TOTP
Time-based One Time Password improvement on HOTP
49
TPM
Trusted Platform Module A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information. transit gateway In cloud computing, a virtual router deployed to facilitate connections between VPC subnets and VPN gateways
50
TSIG
Transaction Signature
51
TTP
Tactics, Techniques, & Procedures
52
UAT
User Acceptance Testing
53
UAV
Unmanned Aerial Vehicle
54
UDP
User Datagram Protocol
55
UEBA
User & Entity Behavior Analytics Automated Id suspicious behavior
56
UEFI
Unified Extensible Firmware Interface Enforce boot integrity checks, configured with digital certificates, no TPM needed, uses measured boot to validate boot report
57
UEM
Unified Endpoint Management Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices
58
UPS
Uninterruptable Power Supply
59
URI | URL
Uniform Resource Identifier | Universal Resource Locator
60
USB | USB OTG
Universal Serial Bus | USB On-The-Go
61
UTM
Unified Threat Management Downside: single point of failure, latency issues
62
VBA
Visual Basic Programming languages used to implement macros and scripting in Office document automation
63
VDE | VDI
Virtual Desktop Environment | Virtual Desktop Infrastructure
64
VLAN
Virtual Local Area Network A logically separate network, created by using switching technology. Even though hosts on two VLANs may be physically connected to the same cabling, local traffic is isolated to each VLAN so they must use a router to communicate
65
VLSM
Variable-length subnet masking
66
VPC
Virtual Private Cloud
67
VTC
Video teleconferencing
68
WAF
Web Application Firewall protect from DoS & code injection attacks
69
WAP
Wireless Access Point
70
WEP
Wired Equivalent Privacy outdated for encrypting data over a wireless connection, WPA stronger, WEP is 40-104 bit
71
WIDS | WIPS
Wireless Intrusion Detection System | Wireless Intrusion Prevention System
72
WORM
Write Once Read Many
73
WPA | WPS
Wifi Protect Access auth & encrypt Wifi Protected Setup feature of WPA, enroll with 8-digit pin
74
WTLS
Wireless TLS
75
XSS
Cross-site Scripting Needs no user interaction Allows an attacker to execute arbitrary JavaScript within the browser of a victim user. XSRF, an attacker to induces a victim-user to perform actions that they do not intend to... XSRF needs an authenticated session, trick a user to click a link or access a page