acronyms Flashcards
ACL
Access Control List
AES
Advanced Encryption Standard
API
Application Programming Interface
APT
Advanced Persistent Threat
ARP
Address Resolution Protocol
ASLR
Address Space Layout Randomization
Address space layout randomization (ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.
AV
Antivirus
BCP
Business Continuity Planning
BIOS
Basic Input/Output System
CA
Certificate Authority
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart
CER
Certificate
CIA
Confidentiality, Integrity, and Availability
CIRT
Computer Incident Response Team
CISO
Chief Information Security Officer
CMS
Content Management System
CPU
Central Processing Unit
CRC
Cyclic Redundancy Check
CSRF
Cross-Site Request Forgery
CSS
Cascading Style Sheets
CPT
Certified Penetration Tester
DAC
Discretionary Access Control
DBMS
Database Management System
DEP
Data Execution Prevention
DES
Data Encryption Standard
DHCP
Dynamic Host Configuration Protocol
DMZ
Demilitarized Zone
DNS
Domain Name System
DoS
Denial of Service
DDoS
Distributed Denial of Service
DRM
Digital Rights Management
ECC
Elliptic Curve Cryptography
EFS
Encrypting File System
EMI
Electromagnetic Interference
EULA
End User License Agreement
FDE
Full Disk Encryption
FTP
File Transfer Protocol
GPG
GNU Privacy Guard
GPS
Global Positioning System
GRE
Generic Routing Encapsulation
GRC
Governance, Risk, and Compliance
HMAC
Hashed Message Authentication Code
Here’s a concise explanation of HMAC:
Purpose: HMAC is used to verify the integrity and authenticity of a message or data by generating a fixed-size hash value (digest) based on the message and a secret key.
Process: HMAC utilizes a cryptographic hash function (e.g., SHA-256) and a secret key known only to the sender and receiver. The message is combined with the secret key, and the hash function is applied to this combination to generate the HMAC.
Properties: HMAC provides two main security properties - integrity and authenticity. Integrity ensures that the data has not been altered in transit, and authenticity ensures that the data comes from the expected sender.
Keyed Hashing: The use of a secret key distinguishes HMAC from regular hash functions. It prevents unauthorized parties from tampering with the message and generating valid HMACs.
Applications: HMAC is commonly used in various security protocols, such as SSL/TLS, IPsec, and SSH, as well as in applications like digital signatures and message authentication in web services.
Strengths: HMAC is resistant to known cryptographic attacks when using a secure hash function. It is computationally efficient and provides a high level of security.
Key Management: Proper key management is crucial for the effectiveness of HMAC. Keys must be kept secret and should be changed regularly for enhanced security.
In summary, HMAC is a widely used mechanism for ensuring the integrity and authenticity of data by generating a fixed-size hash value based on a message and a secret key. It provides a strong security foundation for many security protocols and applications, making it a fundamental tool in modern secure communication.
HTML
Hypertext Markup Language
HTTP
Hypertext Transfer Protocol
HTTPS
Hypertext Transfer Protocol Secure
ICMP
Internet Control Message Protocol
IDS
Intrusion Detection System
IPS
Intrusion Prevention System
IPsec
Internet Protocol Security
ISO
International Organization for Standardization
ITIL
Information Technology Infrastructure Library
JIT
Just-In-Time
LAN
Local Area Network
LDAP
Lightweight Directory Access Protocol
MAC
Mandatory Access Control
Strict and uses predefined based on documented security labels or classifications. like TOP Secretor Confidential.
MBR
Master Boot Record
MDM
Mobile Device Management
MFA
Multi-Factor Authentication
MITM
Man-In-The-Middle
NAC
Network Access Control
NAS
Network-Attached Storage
NAT
Network Address Translation
NIDS
Network Intrusion Detection System
NIPS
Network Intrusion Prevention System
NIST
National Institute of Standards and Technology
NTFS
New Technology File System
OAUTH
Open Authorization
OTP
One-Time Password
PaaS
Platform-as-a-Service
PAT
Port Address Translation
PBKDF2
Password-Based Key Derivation Function 2
PCI
Payment Card Industry
PII
Personally Identifiable Information
PKI
Public Key Infrastructure
POP3
Post Office Protocol version 3
PPP
Point-to-Point Protocol
PPTP
Point-to-Point Tunneling Protocol
1723 TCP
RAID
Redundant Array of Independent Disks
RAS
Remote Access Service
RDP
Remote Desktop Protocol
RF
Radio Frequency
RFI
Radio Frequency Interference
RFID
Radio Frequency Identification
RIS
Remote Installation Service
RTO
Recovery Time Objective
UTM
Unified Threat Manager
In cybersecurity, UTM stands for Unified Threat Management. It is a type of security solution that combines multiple security technologies into a single, integrated platform to protect against a wide range of threats.
UTM solutions typically include features such as firewall, intrusion prevention, anti-virus and anti-malware, virtual private network (VPN), content filtering, and application control. These technologies work together to provide comprehensive protection against threats like viruses, malware, phishing attacks, and unauthorized access.
By consolidating multiple security functions into one platform, UTM solutions offer several benefits, including simplified management and administration, reduced complexity and costs, and improved security posture. They are often used by small and medium-sized businesses that need comprehensive security but may not have the resources to manage multiple security products separately.
Cn
Common name
Idp
Identity Ptovider
