Acronyms Flashcards
1
Q
ABAC
A
Attribute-based access control
*typically matched to attributes other than the job role.
2
Q
AD HOC
A
A wireless network that allows easy connection establishment between wireless client devices in the same physical area without the use of an infrastructure device, such as an access point or a base station.
3
Q
AES
A
Advanced Encryption Standard
*a symmetric block cipher chosen by the U.S. government to protect classified information
4
Q
API Keys
A
Application Programming Interface
*a code used to identify and authenticate an application or user.
5
Q
APT
A
Advanced Persistent Threats
*advanced techniques that are persistent, occurring over a significant period of time.
6
Q
ARP
A
Address Resolution Protocol
*used to associate the IP address to a MAC address.
7
Q
AUP
A
Acceptable Use Policy
*an agreement between two or more parties that outlines the appropriate use of access to a corporate network or the internet
8
Q
BIOS
A
Basic Input-Output system
*a low-level software that resides in a chip on your computer’s motherboard.
9
Q
BPA
A
Business Partnership Agreements
*legal agreements between partners. This is a legal agreement that outlines the terms, conditions, and expectations between the partners.
10
Q
BYOD
A
Bring Your Own Device
*allows users to use their own device, rather than have the company provide it
11
Q
CAN bus
A
The Controller Area Network - bus is a message-based protocol designed to allow the Electronic Control Units (ECUs) found in today’s automobiles, as well as other devices, to communicate with each other in a reliable, priority-driven fashion
12
Q
CASB
A
Cloud Access Security Broker
*an intermediary between users, devices, and cloud providers that enforces security policies.
13
Q
C&C
A
Control and Command
14
Q
CCMP
A
Counter Mode CBC-MAC Protocol
*the encryption mechanism that is the security standard used with WPA2 wireless networks. A block cipher, CCMP provides confidentiality, authentication, and access control features.
15
Q
CER
A
Crossover Error Rate
*describes the overall accuracy of a biometric system.
16
Q
CIA Triad
A
Confidentiality, Integrity, Availability
17
Q
CISA
A
Cybersecurity and Infrastructure Security Agency
18
Q
COOP
A
the federal government’s standards for continuity of operations
* four phases: readiness and preparedness, activation and relocation, continuity facility operations, and reconstitution
19
Q
COPE
A
Corporate-Owned, Personally Enabled
20
Q
CRM
A
Customer relationship management
*packages offered in the cloud would be classified as software-as-a-service (SaaS), since they are not infrastructure components.
21
Q
CYOD
A
Choose Your Own Device
*allows users to choose a device but then centrally manages it.
22
Q
DAC
A
Discretionary access control
*the principle of restricting access to objects based on the identity of the subject (the user or the group to which the user belongs)
23
Q
DAD Triad
A
Disclosure, Alteration, Denial
24
Q
DDoS
A
Distributed Denial-of-Service
25
DES
Data Encryption Standard
| *an outdated symmetric key method of data encryption
26
DLP
Data Loss Prevention
27
DKIM
DomainKeys Identified Mail
*a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify.
28
DMARC
Domain-based Message Authentication Reporting and Conformance
*a free and open technical specification that is used to authenticate an email by aligning SPF and DKIM mechanisms.
29
DMZ
Demilitarized Zone
| *a secured zone exposed to a lower trust level area or population
30
DNS
Domain Name System
31
DOS
Denial of Service
| *these attacks create viruses, make a Trojan horse, or even distribute ransomware as a service.
32
DRM
Digital Rights Management
33
DROP
Don't Route or Peer Lists
34
EAP
Extensible Authentication Protocol
*an architectural framework that provides extensibility for authentication methods for commonly used protected network access technologies
35
EV
Extended validation certificates provide the highest available level of assurance
36
FAR
False Acceptance Rate
| *the percentage of identification instances in which unauthorized persons are incorrectly accepted.
37
FDE
Full-Device Encryption
38
FPGA
Field Programmable Gate Arrays
| *a hardware circuit that a user can program to carry out one or more logical operations
39
FRR
False Rejection Rate
| *the percentage of identification instances in which authorized persons are incorrectly rejected.
40
HIPS
Host Intrusion Prevention System
41
HOTP
Hash-based one-time password
| *it is based on hash-based message authentication codes.
42
HMAC-based
Hash-based message authentication code is a cryptographic authentication technique that uses a hash function and a secret key.
43
HSM
Hardware Security Module
| *used to create, manage, and store cryptographic certificates as well as perform and offload cryptographic operations
44
HTTP or HTTPS (secure)
Hypertext Transfer Protocol
| *an application-layer protocol for transmitting hypermedia documents, such as HTML.
45
IoCs
Indicators of Compromise
*the telltale signs that an attack has taken place and may include file signatures, log patterns, and other evidence left behind by attackers.
46
IKE
Internet Key Exchange
| *the standard used for remote host, network access, and virtual private network (VPN) access.
47
IMAP or IMAPs (Secure)
Internet Message Access Protocol
* a method of accessing and storing mail on a mail server.
* runs on TCP Port 993
48
IPS
Intrusion Prevention System
49
IPv6
Internet Protocol version 6
*the sixth revision to the Internet Protocol and the successor to IPv4. It functions similarly to IPv4 in that it provides the unique IP addresses necessary for Internet-enabled devices to communicate.
50
IRC
Internet Relay Chat
| *was frequently used to manage client-server botnets in the past
51
ISAKMP
Internet Security Association and Key Management Protocol
| *used for negotiating, establishing, modification and deletion of SAs and related parameters.
52
ISACs
Information Sharing and Analysis Centers
| *help infrastructure owners and operators share threat information and provide tools and assistance to their members
53
IV
```
Initialization Vector (or starting variable (SV))
*an input to a cryptographic primitive being used to provide the initial state.
```
54
LDAP
Lightweight Directory Access Protocol
* an open and cross platform protocol used for directory services authentication.
* runs on TCP Port 636
55
MAC
Mandatory access control
*a method of limiting access to resources based on the sensitivity of the information that the resource contains and the authorization of the user to access information with that level of sensitivity.
56
MFA
Multifactor Authentication
57
MFP
Multifunction Printer
58
MOU
Memorandum of Understanding
*has its purpose in promoting cooperation in the field of cyber security between the Participants according to the relevant laws and regulations of their two countries, and based on the principle of equal benefit and mutual interest.
59
MSP
managed service provider
60
MSSP
managed security service provider
61
NAC
Network access control (also called network admission control)
*a method to bolster the security, visibility and access management of a proprietary network.
62
NAT
Network Address Translation
| *a way to map multiple local private addresses to a public one before transferring the information.
63
NFC
Near-field communications
* most frequently used for wireless payment systems
* provides short-range, low-bandwidth wireless connection
64
NGFW
Next-generation firewall
65
OSINT
Open Source Intelligence
66
OASIS
Organization for the Advancement of Structured Information Standards
*an internal nonprofit consortium that maintains many other projects related to information formatting, including XML and HTML.
67
OpenIOC
Open Indicators of Compromise
| *an XML-based framework
68
PaaS
Platform as a service
*a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.
69
PBL
Policy Block List
70
PCI DSS
Payment Card Industry Data Security Standard
71
PEAP
Protected Extensible Authentication Protocol
| *a version of EAP, the authentication protocol used in wireless networks and Point-to-Point connections.
72
POP or POPS (secure)
Post Office Protocol
*POP works by contacting your email server and downloading all of your new messages from it. Once they are downloaded, they disappear from the server.
73
PR
Privileges Required
| *metric that indicates the type of system access that an attacker must have to execute the attack.
74
PSK
Preshared Key
75
PUPs
Potentially Unwanted Programs
| *programs that may bot be wanted by the user but are not as dangerous as other types of malware
76
RAID
Redundant array of independent disks
*a way of storing the same data in different places on multiple hard disks or solid-state drives (SSDs) to protect data in the case of a drive failure.
77
RATs
Remote Access Trojans
| *provide attackers with remote access to systems
78
RBAC
Role-based access control
| *sets permissions based on an individual’s role, which is typically associated with their job.
79
RCS
Rich Communication Services
| *a next generation SMS protocol that upgrades text messaging.
80
RDP
Remote Desktop Protocol
| *operate over an encrypted channel, preventing anyone from viewing your session by listening on the network.
81
RFID
Radio frequency identification
| *commonly used for entry access cards.
82
RSA
Rivest–Shamir–Adleman
| *a public-key cryptosystem that is widely used for secure data transmission.
83
RTOS
A real-time operating system
*is an OS that is designed to handle data as it is fed to the operating system, rather than delaying handling it as other processes and programs are run.
84
SaaS
Software as a Service
| *on-demand software that you would simply log in to the system and begin to use.
85
SAE
Simultaneous Authentication of Equals
| *a password-based authentication and password-authenticated key agreement method.
86
SBL
Spamhaus Block List
87
SCADA
Supervisory Control and Data Acquisition
*a system architecture that combines data acquisition and control devices with communications methods and interfaces to oversee complex industrial and manufacturing processes, just like those used in utilities.
88
SFTP
Secure File Transfer Protocol
*a secure file transfer protocol that uses secure shell encryption to provide a high level of security for sending and receiving file transfers.
89
SIEM
Security Information and Event Management
90
SLA
Service Level Agreement
| *a negotiated agreement between two parties that outlines expectations of service.
91
S/MIME
Secure/Multipurpose internet Mail Extensions
| *a widely accepted protocol for sending digitally signed and encrypted messages.
92
SNMPv3
Simple Network Management Protocol version 3
| *predominantly used for monitoring and performance management.
93
SOAR
Security orchestration, automation, and response
*tools designed to automate security responses, to allow centralized control of security settings and controls, and to provide strong incident response capabilities.
94
SoC
System on a Chip
95
SPF
Sender Policy Framework
| *an email authentication protocol and part of email cybersecurity used to stop phishing attacks
96
SPIM
Spam over Instant Messaging
97
SQL injection
*a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.
98
SRTP
Secure Real-Time Transfer Protocol
* used for media streaming in many VoIP implementations.
* runs on UDP 5004
99
SSH
Secure Shell
*a network communication protocol that enables two computers to communicate (c.f http or hypertext transfer protocol, which is the protocol used to transfer hypertext such as web pages) and share data
100
STIX
Structured Threat Information eXpression
* an XML language originally sponsored by the US Dept. of Homeland Security.
* In its current version, STIX 2.0 defines 12 STIX domain objects, including things like attack patterns, identities, malware, threat actors, and tools.
101
SWG
A secure web gateway
| *protects users from web-based threats in addition to applying and enforcing corporate acceptable use policies.
102
TAXII
Trusted Automated eXchange of Indicator Information
* intended to allow cyber threat information to be communicated at the application layer via HTTPS.
* specifically designed to support STIX data exchange.
103
TKIP
Temporal Key Integrity Protocol
| *an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs (WLANs).
104
TLS
Transport Layer Security
*commonly used to wrap (protect) otherwise insecure protocols. In fact, many of the secure protocols simply add TLS to protect them.
105
TOTP
Time-based one-time password
| *a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors.
106
TPM
Trusted Platform Module
| *commonly used to provide the hardware root of trust
107
TTPs
Tactics, Techniques, and Procedures
108
UEFI
Unified Extensible Firmware Interface
*defines a new method by which OSes and platform firmware communicate, providing a lightweight BIOS alternative that uses only the information needed to launch the OS boot process.
109
VBA
Visual Basic for Applications
110
VDI
Virtual Desktop Infrastructure
| *used to provided controlled virtual systems for productivity and application presentation among other users
111
VPC
Virtual private cloud
| *a virtual network dedicated to your AWS account.
112
WEP
Wired Equivalent Privacy
| *the oldest and most common Wi-Fi security protocol.
113
WPA2
Wi-Fi Protected Access 2
| *the second generation of the Wi-Fi Protected Access wireless security protocol.
114
WPS
Wi-Fi Protected Setup
| *a network security standard to create a secure wireless home network.
115
XBL
Exploits Block List
116
XML
eXtensible Markup Language
*a simple text-based format for representing structured information: documents, data, configuration, books, transactions, invoices, and much more
117
XSS
Cross site scripting
| *an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website.
118
3DES
Triple Data Encryption Algorithm
| *a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block.
