Acronyms Flashcards

1
Q

3DES

A

Triple Digital Encryption Standard. Typically used on hardware that doesn’t support AES. Most secure mode of operation of 3DES requires 3 keys. Using a single key is insecure, using 2 keys is somewhat secure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

802.1X

A

Port based authentication protocol used in VPNs for wired and wireless networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AAA

A

Authentication, Authorization, and Accounting.

Used in remote access systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ABAC

A

Attribute-based access control
Grants access to resources based on attributes assigned to the objects and to the users too. Think Unclassified, CUI, Secret, Top Secret.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

ACE

A

Access Control Entry

Identifies a user or group that is granted permission to a resource.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ACK

A

Acknowledge.

Part of the TCP handshake.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ACL

A

Access Control List

List of rules used by routers and stateless firewalls to determine what traffic to allow access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AES

A

Advanced Encryption Standard

Symmetric key block cipher

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AH

A

Authentication Header

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ALE

A

Annualized Loss Expectancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AP

A

Access Point

also called Wireless Access Point (WAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

API

A

Application programming interface

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

APT

A

Advanced Persistent Threat

usually sponsored by a nation state, has both capability and intent to launch sophisticated and targeted attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ARO

A

Annual rate of occurrence
Number of times a loss is expected to occur in a year. used to measure risk with ALE and SLE
SLE * ARO = ALE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

ARP

A

Address Resolution Protocol
Usually in the context of ARP Poisoning, which sends false MAC address updates so that traffic is redirected through an attacker’s system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ASCII

A

American Standard Code for Information Interchange

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

AUP

A

Acceptable Use Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

BCP

A

Business continuity plan

includes disaster recovery elements used to return critical functions to operation after an outage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

BIA

A

Business impact analysis

Helps an organization identify critical systems and components, max downtime limits, potential losses from an incident.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

BIND

A

Berkeley Internet Name Domain

DNS software

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

BIOS

A

Basic Input/Output System
Computer’s firmware for the settings such as boot drive and other things outside the operating system. Designated replacement is UEFI.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

BPDU guard

A

Bridge Protocol Data Unit guard
Detects false BPDU messages, because those can indicate a switching loop problem. This guard blocks against BPDU attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

BYOD

A

Bring Your Own Device
Employees are allowed to connect to the corporate network using their own mobile devices. This has several problems both with security and with IT support.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

CA

A

Certificate Authority

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

CAN

A

Controller area network.

vehicle specific standard that allows the various components of the vehicle to communicate

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

CAPTCHA

A

Completely Automated Public Turing Test to Tell Computers and Humans Apart

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

CASB

A

Cloud Access Security Broker

enforces cloud-based security requirements. Placed between cloud and an organization’s resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

CBC

A

Cipher Block Chaining
Some symmetric encryption ciphers use this. There is an IV for the first block, and each subsequent block is combined with the previous block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

CCM

A

Cloud Controls Matrix

from Cloud Security Alliance. This is a set of best practices specifically for security controls in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

CCMP

A

Counter mode with Cipher block chaining Message authentication code Protocol
Encryption protocol based on AES. Used with WPA2 for wireless security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

CCTV

A

Closed Circuit Television

Video surveillance cameras.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

CER

A

Canonical Encoding Rules

Base format for PKI certificates. ASCII encoded.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

CERT

A

Computer Emergency Response Team

responds to security incidents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

CHAP

A

Challenge Handshake Authentication Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

CIA

A

Confidentiality, integrity, availability
security triad.
Confidentiality - look for something involving encryption
Integrity - look for a hashing algorithm
Availability - look for something with redundancy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

CIO

A

Chief Information Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

COOP

A

Continuity of Operations Planning
Setting up a set of sites to provide an alternate location for operations after a critical outage. Hot site, cold site, warm site.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

COOP

A

Continuity of Operations

Phase I - Readiness and Preparedness
Phase II - Activation and Relocation: transfer activities, personnel, records, and
equipment to alternate facilities
Phase III - Continuity Operations: full
execution of essential operations at
alternate operating facilities
Phase IV – Reconstitution: operations at
alternate facility are terminated and normal
operations resume
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

COPE

A

Corporate-Owned, Personally Enabled

Mobile device deployment model. Organization purchases and issues devices to employees. Compare to BYOD and CYOD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

CRL

A

Certification Revocation List

list of certificates that a Certificate Authority has revoked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

CSA CCM

A

Cloud Security Alliance Cloud Controls Matrix

reference doc that maps cloud security controls to various regulatory standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

CSF

A

Cybersecurity Framework

Private sector equivalent of the RMF. Includes framework core, framework implantation tiers, and framework profiles

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

CSR

A

Certificate Signing Request

how you request a certificate from a CA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

CTM

A

Counter Mode

Used for encryption that combines an IV with a counter and uses that combination to encrypt blocks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

CTO

A

Chief Technology Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

CVE

A

Common Vulnerabilities and Exposures

dictionary of publicly known security vulnerabilities and exposures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

CYOD

A

Choose Your Own Device
Policy where employees can connect to the organization’s network with their own personal device but only if that device is on an approved list. This limits headaches with IT support to a few models, but still has security headaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

DAC

A

Discretionary Access Control

Files and folders have owners, and owners can modify the permissions for the objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

DDoS

A

Distributed Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

DEP

A

Data Execution Prevention
Some operating systems have this, which blocks code from executing from memory regions that are marked as nonexecutable. This blocks some types of malware.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

DER

A

Distinguished Encoding Rules

Base format for PKI certificates. BASE64 binary encoded files. Compare to CER.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

DES

A

Digital Encryption Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

DH

A

Diffie-Hellman

Asymmetic algorithm for privately sharing symmetric keys. DHE uses ephemeral keys, recreated for each session.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

DHCP

A

Dynamic Host Configuration Protocol

assigns IP addresses, subnet masks, default gateways, DNS server addresses, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

DHCP Snooping

A

used to prevent unauthorized DHCP servers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

DHE

A

Diffie-Hellman Ephemeral

DHE uses ephemeral keys, recreated for each session. Sometimes seen as EDH

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

DLL

A

Dynamic-link library

we use a LOT of .dll files!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

DLL Injection

A

attack that injects a Dynamic Link Library into memory and runs it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

DLP

A

Data Loss Prevention
End-point DLP systems can prevent users from copying or printing sensitive data, such as how A365 won’t let me download attachments. Network-based DLP systems monitor outgoing email and monitor data stored in the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

DMZ

A

Demilitarized Zone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

DNS

A

Domain Name System.
Resolves hostnams to IP addresses. DNS poisoning is an attack that modifies or corrupts DNS results. DNSSEC prevents DNS poisoning.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

DNSSEC

A

Domain Name System Security Extensions

protects a DNS server against some forms of attack

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

DoS

A

Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

DRP

A

Disaster Recovery Plan

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

DSA

A

Digital Signature Algorithm

Endorsed by the US federal government for creating digital signatures under Digital Signature Standard.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

EAP

A

Extensible Authentication Protocol

this is a framework that provides general guidance for auth methods

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

EAP-FAST

A

EAP Flexible Authentication via Secure Tunneling

Cisco designed protocol used with 802.1X. Optionally supports certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

EAP-TLS

A

EAP using Transport Layer Security
One of the most secure EAP standards. Widely implemented. Requires certificates on both the 802.1X server and each wireless client.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

EAP-TTLS

A

EAP using Tunneled Transport Layer Security
Allows systems to use older authentication methods such as PAP, within a TLS tunnel. Requires a certificate on the 802.1X server but not on the clients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

ECC

A

Elliptic Curve Cryptography
Asymmetric encryption algorithm. Common on smaller wireless devices. Uses smaller key sizes and requires less processing than most other encryption methods.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

ECDHE

A

Elliptic Curve DHE

Version of DH that uses elliptic curve cryptography to generate encryption keys

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

EF

A

Exposure factor
(also Entity Framework but that’s not relevant)
If a database server is compromised and all of the sensitive information is stolen, that would be an exposure factor of 100%. If half the customer data is all that could be stolen, that’s an EF of 50%.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

EMI

A

Electromagnetic Interference
Caused by motors, power lines, etc. EMI shielding can prevent outside interference from corrupting data and prevents data from leaking outside of a cable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

ESP

A

Encapsulating Security Protocol

part of IPsec that provides encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

ESSID

A

Extended Service Set ID
When ESSID broadcasting has been disabled, the name of the WLAN will not be listed as those available for connection. Users will need to enter the name of the WLAN manually.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

FaaS

A

Function as a Service

Cloud service model that is a subset of PaaS. The cloud service provider offers a platform that executes the customer’s code in response to discrete events. Customer is billed based on resources consumed during each code execution event.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

FAR

A

False Acceptance Rate

used for biometric authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

FDE

A

Full Disk Encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

FERPA

A

Family Educational Rights and Privacy Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

FISMA

A

Federal Information Security Management Act

Law that requires government agencies to comply with security standards

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

FRR

A

False Rejection Rate

used for biometric authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

GCM

A

Galois/Counter Mode

Used with encryption. Combines CTM mode with hashing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

GDPR

A

General Data Protection Regulation

regulation in the European Union for protecting personal data of anybody living in the EU

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

GLBA

A

Gramm-Leach-Bliley Act

Law requiring financial institutions to protect the privacy of their customers’ data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

GPS

A

Global Positioning System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

HIDS

A

Host Based Intrusion Detection System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

HIPAA

A

Health Insurance Portability and Accountability Act

Law protecting health related data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

HIPS

A

Host Based Intrusion Prevention System

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

HMAC

A

Hash Based Message Authentication Code
often combined with MD5 and SHA-1 as HMAC-MD5 and HMAC-SHA1. Used to verify integrity and authentication of a message with the use of a shared secret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

HOTP

A

HMAC-based One Time Password

HOTP passwords do not expire until they are used, unlike TOTP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

HSM

A

Hardware Security Module

removable or external device that can generate, store, and manage keys used in asymmetric encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

HTML

A

Hypertext Markup Language

who doesn’t already know this one?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

HVAC

A

Heating, Ventilation, Air Conditioning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

IaaS

A

Infrastructure as a Service

allows an organization to rent access to hardware. This was our first cloud migration, the one David did

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

IaC

A

Infrastructure as Code

think terraform, or SDN (software defined networking)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

ICMP

A

Internet Control Message Protocol
Used for diagnostics such as ping. Because some DoS attacks use ICMP, it is best to block ICMP on firewalls and routers. Does NOT use a port!

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

ICS

A

Industrial Control System

controls large systems such as power plants.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

IDS

A

Intrusion Detection System

detects but does not prevent intrusions. Can be either host-based (HIDS) or network-based (NIDS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

IEEE

A

Institute of Electrical and Electronics Engineers

often pronounced “eye triple E”. Professional organization that sets a lot of standards we use, such as 802.1X

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

IGMP

A

Internet Group Management Protocol
Used for multicasting. A computer that belongs to a multicasting group will have a multicasting IP address in addition to a standard unicast IP address

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

IIS

A

Internet Information Services

MS Windows web server. We use this for local testing on our dev VMs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

IoT

A

Internet of Things

usually refers to smart devices such as wearable tech and home automation systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

IPS

A

Intrusion Prevention System

placed inline with traffic. Compare to IDS which just reports possible issues without preventing them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

IPSec

A

Internet Protocol Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

IPv4

A

Internet Protocol version 4.

This uses a 32 bit IP address such as 192.168.1.1

106
Q

IPv6

A

Internet Protocol version 6
uses a 128-bit address and has IPSec built into it. It does not include NAT. Rules based on static IPv6 addresses may not work since dynamic addresses are heavily used in IPv6 networks. Reputation services are rare and less useful for IPv6 traffic. IPv6 traffic may bypass many existing IPv4 security tools.

107
Q

ISP

A

Internet Service Provider

108
Q

IV

A

Initialization Vector
provides randomization of encryption keys so that if an attacker cracks the encryption for one session, he will have to start over to crack it for a different session because the IV will be different.

109
Q

KDC

A

Key Distribution Center

aka Ticket Granting Ticket server (TGT). Part of the Kerberos protocol for network authentication

110
Q

L2TP

A

Layer 2 Tunneling Protocol

111
Q

LAN

A

Local Area Network

112
Q

LANMAN

A

Local Area Network Manager

113
Q

MAC

A

Media Access Control & Mandatory Access Control

media:
48 bit address used to identify network interface cards. Aka hardware address or physical address. Usually written as six pairs of hex digits.

mandatory:
This access control scheme restricts access based on sensitivity labels and also need to know. It is the strongest type of access control. Think “Top Secret” as one of the sensitivity labels.

114
Q

MAC cloning attack

A

attack that changes the source address to impersonate an authorized system (the MAC address)

115
Q

MAC flooding

A

attack against a switch that tries to overload the switch, by repeatedly spoofing the MAC address

116
Q

MD5

A

Message Digest 5
hashing function used to provide integrity. Creates 128-bit hashes also referred to as MD5 checksums.

this is NOT secure enough for cryptographic uses however it is still a reasonable choice when used as a checksum

117
Q

MDM

A

Mobile Device Management

118
Q

MFP

A

Multi-function printer
As long as they support TLS for web access, their encryption is not a concern. Valid concerns include exposure of sensitive data from copies and scans, acting as a reflector or amplifier for network attacks.

119
Q

ML

A

Machine Learning
System that is taught to classify items by giving it explicit classified examples, then the machine learns from that to recognize and classify items.

120
Q

MMS

A

Multimedia Messaging Service

extension of SMS, allowing users to include pictures, short videos, etc in their text messages

121
Q

MS-CHAP

A

Microsoft Challenge Handshake Authentication Protocol.

If you use this use the MS-CHAPv2 version which provides mutual authentication

122
Q

MSA

A

Master Service Agreement
provides an umbrella contract for work that a vendor does with an organization over an extended period of time. Typically this includes detailed security and privacy requirements.

123
Q

MTBF

A

Mean Time Between Failures

124
Q

MTTF

A

Mean time to failure
used when you expect failure to mean you can’t repair the device when it fails. If you can repair it, then use MTBF instead

125
Q

MTTR

A

Mean Time to Recover
Mean Time to Repair
average time needed to repair a failed component or device

126
Q

NAC

A

Network Access Control
inspects clients to ensure they are healthy before granting access to the network. Unhealthy clients are redirected to a remediation network. MAC filtering is a form of NAC.

127
Q

NAT

A

Network Address Translation

translates public IP addresses to private IP addresses and vice versa

128
Q

NDA

A

Non-disclosure Agreement

129
Q

NFC

A

Near Field Communication
allows mobile devices to communicate with nearby mobile devices. Near being a few inches, so it’s hard for a hacker to intercept.

130
Q

NIC

A

Network Interface Card

131
Q

NIDS

A

Network Based Intrusion Detection System

detects attacks and raises alerts but does not prevent attacks

132
Q

NIPS

A

Network Based Intrusion Prevention System

detects and stops attacks in progress. Placed in-band with traffic.

133
Q

NIST

A

National Institute of Standards and Technology

134
Q

NTLM

A

New Technology LAN Manager

Windows suite of protocols that provide CIA. Uses MD4 and MD5, so is not secure. Don’t use it.

135
Q

NTLM authentication

A

NT LanManager authentication. Both NTLM and NTLMv2 are insecure and should not be used. They use MD4 and MD5 hashing. Mostly found on Windows NT, but there are implementations of it on Linux.

136
Q

NTP

A

Network Time Protocol

137
Q

OAuth

A

Open source standard for Authorization and Internet based SSO. Focus is on authorization not authentication.

138
Q

OCSP

A

Online Certificate Status Protocol
alternative to using CRL. You can query a CA with the serial number of a cert, and it will reply with good, revoked, or unknown

139
Q

OIDC

A

OpenID Connect

open source standard used for identification on the Internet. Builds on OpenID and uses OAuth2. Uses a JSON token.

140
Q

OpenID

A

Authentication standard maintained by the OpenID Foundation. Provider holds the user’s credentials and websites that support OpenID prompt users to enter their OpenID

141
Q

OSI

A

Open Systems Interconnection
OSI model divides different networking requirements into seven layers: physical, data link, network, transport, session, presentation, application. Good mnemonic: Please Do Not Throw Sausage Pizza Away.

142
Q

OSINT

A

Open Source Intelligence

method of gathering data using public sources such as social media and news outlets

143
Q

P12

A
PKCS#12
DER based (binary) format for PKI certificates
144
Q

P7B

A
PKCS#7
CER based (ASCII) format for PKI certificates.  Used to share public keys
145
Q

PaaS

A

Platform as a Service
Cloud computing where cloud vendor provides and maintains the hardware and operating system. This is what we have on MADE now.

146
Q

PAM

A

Privileged Access Management
protects access to privileged accounts. implements just-in-time administration, where users get elevated privileges for a short time only when needed

147
Q

PAP

A

Password Authentication Protocol

Insecure authentication protocol, where passwords are sent across the network in cleartext. Don’t use it.

148
Q

PAT

A

Port Address Translation (aka NAT Overload)

149
Q

PBKDF2

A

Password-Based Key Derivation Function 2

Key stretching algorithm which adds a salt to the password.

150
Q

PDF

A

Portable Document Format

type of file for documents. Think Adobe Acrobat Reader

151
Q

PEAP

A

Protected Extensible Authentication Protocol

Extension of EAP. Requires certificate on the 802.1X server.

152
Q

PEM

A

Privacy Enhanced Mail

Common format for PKI certificates. Can use either CER or DER.

153
Q

PFX

A

Personal Information Exchange
format for PKI certificates, from before P12 format. This is used in Windows for storing certificates in binary format. P7B is similarly used in Windows for storing certificates in text format.

154
Q

PGP

A

Pretty Good Privacy

155
Q

PHI

A

Personal Health Information

156
Q

PII

A

Personally Identifiable Information

157
Q

PIN

A

Personal Identification Number

158
Q

PIV

A

Personal Identity Verification card

similar to our CAC cards, but CAC are DoD only and PIV is not specifically DoD but is federal govt

159
Q

PKI

A

Public Key Infrastructure

160
Q

POP3

A

Post Office Protocol v3

email on port 110 (unencrypted) and port 995 (encrypted)

161
Q

PSK

A

Preshared Key

162
Q

PUPs

A

Potentially Unwanted Programs

installed on users’ systems without their awareness or consent. Sometimes legit, sometimes Trojans or spyware.

163
Q

RA

A

Recovery Agent
Designated person who can recover or restore cryptographic keys. In some cases an RA will recover a private key from a key escrow, in others they will recover data without recovering the private key.

164
Q

RADIUS

A

Remote Authentication Dail-in User Service
central auth for remote access clients
only encrypts the password packets, uses UDP

165
Q

RAID

A

Redundant Array of Inexpensive Disks
Multiple disks used together to increase performance and/or prevent single points of failure
RAID-0 - disk striping. Improves performance, no fault tolerance
RAID-1 - disk mirroring. Provides fault tolerance, no better performance.
RAID-5 - disk striping with parity, uses 3+ disks
RAID-6 - disk striping with parity, uses 4+ disks
RAID-10 - disk mirroring with striping. Needs at least 4 disks, always uses even number of disks.

166
Q

RAM

A

Random Access Memory

167
Q

RAS

A

Remote Access Service

168
Q

RAT

A

Remote Access Trojan

169
Q

RBAC

A

Role Based Access Control & Rule Based Access Control

170
Q

RCS

A

Rich Communication Services
extension of SMS and MMS
RCS supports everything MMS does and adds a few additional features

171
Q

RDP

A

Remote Desktop Protocol

uses port 3389

172
Q

RFI

A

Radio Frequency Interference

173
Q

RFID

A

Radio Frequency Identification

often used for inventory control

174
Q

RMF

A

Risk Management Framework
identifies and manages risk. Seven steps: prepare, categorize info sys, select security controls, assess security controls, authorize info sys, monitor security controls

175
Q

rogue AP

A

rogue access point

176
Q

ROI

A

Return on Investment

177
Q

ROT13

A

Substitution cipher that uses a key of 13. Rotate letters through the alphabet 13 spaces, encryption forward, decryption backward, wrapping as needed.

178
Q

RPO

A

Recovery Point objective
amount of data you can afford to lose
used to determine where data loss is acceptable, and in the case where new data was lost because you restored from a backup, the timeframe in which your operations must be restored following a disruptive event. See also RTO which is similar.

179
Q

RSA

A

Rivest, Shamir, Adleman

Asymmetric encryption algorithm, using public and private key pairs.

180
Q

RSTP

A

Rapid Spanning Tree Protocol

often enabled on switches to protect against switching loops

181
Q

RTO

A

Recovery Time Objective

Max amount of time it should take to restore a system after an outage

182
Q

RTOS

A

Real Time Operating System

183
Q

S/MIME

A

Secure/Multipurpose Internet Mail Extensions
Used to secure email, both at rest and in transit. uses RSA with public and private keys, so sender and receiver need each other’s public key.

184
Q

SaaS

A

Software as a Service
Cloud computing model
this is something like O365 or webmail

185
Q

SAE

A

Simultaneous Authentication of Equals
Wifi auth protocol introduced with WPA3. Uses DH to avoid sending a preshared key over the network. Does not send a password over the network, even encrypted.

186
Q

SAML

A

Security Assertions Markup Language
XML based standard used to exchange authentication and authorization info between different parties. Provides SSO for web-based applications.

187
Q

SAN

A

Storage Area Network
also
Subject Alternate Name, which is an attribute of web certificates that lists additional domains allowed to use the certificate.

188
Q

SCADA

A

Supervisory Control and Data Acquisition
typically a SCADA is in an isolated network, no direct access to the internet, and manages multiple industrial controls such as for a power plant

189
Q

SCP

A

Secure Copy

based on SSH port 22, allows users to copy encrypted files over a network

190
Q

SDN

A

Software Defined Network

replaces hardware routers

191
Q

SDV

A

Software Defined Visibility

allows viewing of all cloud based traffic so it can be analyzed

192
Q

SED

A

Self Encrypting Drive

drive that includes hardware and software needed to encrypt itself, built into the drive

193
Q

SELinux

A

Security Enhanced Linux

194
Q

SHA

A

Secure Hash Algorithm

hashing function used to provide integrity. Don’t use SHA-1, use SHA-2 (Sha-256, SHA-512, SHA-224, SHA-384) or SHA-3.

195
Q

shadow IT

A

Shadow information technology

Unauthorized systems or applications installed on a network. This increases risks because these systems aren’t managed.

196
Q

SIEM

A

Security Information and Event Management

centralized solution for collecting, analyzing, and managing log data from multiple sources

197
Q

SIM

A

Subscriber Identity Module

SIM card in a mobile device. Identifies what countries or networks the device will use.

198
Q

SIP

A

Session Initiation Protocol

Used to establish and maintain network sessions related to voice and video such as VoIP

199
Q

SLA

A

Service Level Agreement

stipulates performance expectations, such as maximum downtime levels

200
Q

SLE

A

Single Loss Expectancy

monetary value of a single loss. Used to measure risk in a quantitative risk assessment.

201
Q

SMS

A

Short Message Service

text messaging

202
Q

SOAR

A

Secure Orchestration, Automation, and Response
Tools used to automatically respond to low-level security events. Runbooks are checklists that create automated responses, and playbooks are the automated actions created from the runbooks.

203
Q

SoC

A

System on a chip
integrated circuit that includes a computing system (often entire OS) in the hardware. Many mobile devices include one. Think Raspberry Pi for other uses.

204
Q

SPIM

A

Spam over Instant Messaging

205
Q

SPOF

A

Single Point of Failure
any component whose failure results in the failure of an entire system. We want to avoid this, so we use RAID, failover clustering, UPS, redundancy, etc.

206
Q

SQL

A

Structured Query Language

207
Q

SRTP

A

Secure Real-time Transport Protocol

secure version of RTP. used for audio/video streaming

208
Q

SSD

A

Solid state drive

209
Q

SSID

A

Service Set Identifier
the name of a wireless network
don’t use the default name or a name that identifies you. Disabling SSID broadcast prevents casual users from finding you but an attack can still do find the network. Keeping the default name gives an attacker clues as to what vulnerabilities you might have.

210
Q

SSL

A

Secure Sockets Layer

predecessor to TLS. Don’t use SSL any more - it’s too easy to crack.

211
Q

SSO

A

Single Sign On

212
Q

SSRF

A

Server-side request forgery. This tricks a server into visiting a URL based on user-supplied input. Only possible when a web application accepts URLs from a user as input and then retrieves information from that URL. If the server has access to non-public URLs, this kind of attack can disclose that non-public information to an attacker.

213
Q

STP

A

Spanning Tree Protocol

214
Q

SYN

A

Synchronize
first packet in a TCP handshake. In a SYN flood attack, attackers send SYN packet but don’t reply to the SYN/ACK packet.

215
Q

TACACS+

A

Terminal Access Controller Access-Control System+

alternative to RADIUS. Encrypts the entire authentication process, using multiple challenges and responses.

216
Q

TAXII

A

Trusted Automated eXchange of Intelligence Information

a major technical specification for automated indicator sharing

217
Q

TCO

A

Total Cost of Ownership

218
Q

TCP

A

Transmission Control Protocol

provides guaranteed delivery of IP traffic

219
Q

TGT

A

Ticket Granting Ticket

used with Kerberos. a KDC or TGT server issues timestamped tickets that expire after a certain time period

220
Q

TLS

A

Transport Layer Security

encrypts data in transit. Replacement for SSL. Uses certificates issued by CAs.

221
Q

TOTP

A

Time-based One-Time Password

open standard for creating a one time password. TOTP passwords expire in 30 seconds.

222
Q

TPM

A

Trusted Platform Module
hardware chip found on many newer motherboards. Includes a unique RSA asymmetric key. Generates and stores other keys used for encryption. Provides full disk encryption.

223
Q

UAVs

A

Unmanned aerial vehicles

224
Q

UDP

A

User Datagram Protocol
Delivers packets more quickly than TCP but without any guarantee that they will arrive. Useful for sending character position info in a game when that is being sent every 50ms, because even if half the packets are dropped the humans might not even notice.

225
Q

UEFI

A

Unified Extensible Firmware Interface

used to boot some systems instead of a BIOS

226
Q

UPS

A

Uninterruptible Power Supply

battery backup with line conditioning

227
Q

URI

A

Uniform Resource Identifier

similar to a URL, slightly different format

228
Q

URL

A

Uniform Resource Locator

a type of URI. Used by browsers to locate webpages

229
Q

URL hijacking

A

the purchase of a domain name that is very close to a legitimate domain name. AKA typo squatting

230
Q

URL redirection

A

redirects web traffic to a different page or different site

231
Q

USB

A

Universal Serial Bus
serial connection used to connect things like keyboard, mouse, printer, etc. When using a USB drive it is best to encrypt any data stored on them. Don’t ever connect a strange USB drive to your computer - that’s often a trick with the drive containing malware.

232
Q

USB OTG

A

USB On the Go

cable used to connect mobile devices to other devices such as external media.

233
Q

UTM

A

Unified Threat Management
Security appliance that combines multiple security controls into a single solution. Often includes URL filtering, malware inspection, content inspection, and inspection of data streams for malicious content.

234
Q

VDI

A

Virtualized Desktop Infrastructure
reproduces a desktop operating system as a virtual machine on a remote server. Accessed using a desktop PC or a mobile device. AVD would be one example.

235
Q

VLAN

A

Virtual Local Area Network
used to logically group several different computers together or logically separate them, no matter their physical location. A single switch can create multiple VLANs. A virtual switch can also create VLANs.

236
Q

VM

A

Virtual Machine

237
Q

VM escape

A

At attack that allows an attacker to access the host system from within a virtual machine.

238
Q

VM sprawl

A

Vulnerability that occurs when there are VMs that aren’t being managed. Typically a user creates a VM without getting official permission to do so, so the IT doesn’t know it needs to apply patches, etc.

239
Q

VoIP

A

Voice over IP

240
Q

VPN

A

Virtual Private Network

241
Q

WAF

A

Web Application Firewall
inspects contents of traffic to a web server, can detect and block some types of malicious content such as cross-scripting attacks

242
Q

WAN

A

Wide Area Network

243
Q

WAP

A

Wireless Access Point

244
Q

WAP

A

Wireless Access Point

aka Access Point

245
Q

WEP

A

Wired Equivalent Privacy

246
Q

WLAN

A

Wireless Local Area Network

247
Q

WPA

A

Wi-Fi Protected Access

248
Q

WPA2

A

WiFi Protected Access 2
Secure version of WPA. Supports CCMP for encryption, which uses AES. In Enterprise mode it uses an 802.1X server for authentication. In personal mode (WPA2-PSK) it uses a preshared key.

249
Q

WPA3

A

WiFi Protected Access 3
newest wireless cryptographic protocol. uses Simultaneous Authentication of Equals (SAE) instead of PSK. SAE is based on DH key exchange.

250
Q

WPS

A

WiFi Protected Setup
Allows users to easily configure a wireless network but is open to attack. WPS brute force attacks can discover the PIN used with WPA2.

251
Q

WPS Attack

A

Wifi Protected Setup attack
an attack against an access point that discovers the 8 digit WPS PIN and then uses it to discover the AP passphrase. WPA3 is resistant to this type of attack.

252
Q

XaaS

A

Anything As A Service

Cloud computing model that covers those models that don’t fit into IaaS, PaaS, or SaaS.

253
Q

XSRF

A

Cross-Site Request Forgery
Web application attack to trick users into performing actions on websites without their knowledge (such as making purchases). Sometimes allows the attacker to steal cookies and harvest passwords.

254
Q

XSS

A

Cross-site Scripting
Web application vulnerability that allows attackers to inject scripts into webpages. Often used to capture cookies. Input validation on the server side helps prevent this, or a web app firewall.

255
Q

CFB

A

Cipher Feedback Mode

each previous block ciphertext is encrypted and fed into the algorithm to encrypt the next block

256
Q

ECB

A

Electronic Code Book

Given the same plaintext, always gives the same ciphertext. NOT secure.

257
Q

OFB

A

Output Feedback Mode
AES block cipher mode similar to the CFB mode. What mainly differs from CFB is that the OFB mode relies on XOR-ing plaintext and ciphertext blocks with expanded versions of the initialization vector.

258
Q

PLC

A

Programmable Logic Controller

specialized computer interface that controls industrial devices such as manufacturing robots and centrifuges.

259
Q

APIPA

A

Automatic Private IP Assignment
protocol used to assign an IP address from the range of 169.254.0.0/16 when the system can’t find a DHCP server or static assignment. So if you see a question showing a computer that has IP address of 169.254.188.19 or something similar, then it was assigned by APIPA.

260
Q

MSSP

A

Managed security service provider

Outsourcing some of your security work