Acronyms Flashcards
3DES
Triple Digital Encryption Standard
- Deprecated and considered insecure. Replaced by AES
- Symmetric
- Applies the DES cipher algorithm 3 times to each data block
AAA
-Authentication, Authorization, and Accounting)
- Often used to describe RADIUS, or some other form of networking protocol that provides Authentication, Authorization, and Accounting
ABAC
Attribute Based Access Control
Rights granted through policies that combine attributes together
Active Directory
Database and identity service used to provide identity management
ACL
Access Control List
- Set of rules that allow/permit or deny any traffic flow through routers
- Looks at the packet to determine whether it should be allowed or denied
- Works at layer 3 toprovide security by filtering & controlling the flow of trafficfrom one router to another
AES
Advanced Encryption Standard
- Industry-standard for data security
- 128-bit, 192-bit, or 256-bit (strongest) implementations
AES256
Advanced Encryption Standard 256 bits
AH
Authentication Header
- Used to authenticate origins of packets of data transmitted
- These headers don’t hide any data from attackers, but they do provide proof that the data packets are from a trusted source and that the data hasn’t been tampered with
- Helps protect against replay attacks
AIS
Automated Indicator Sharing
- DHS and CISA free program
- Enables organizations to share and receive machine-readable cyber threat indicators (CTIs) and defensive measures (DMs) in real-time
- Useful to monitor and defend networks against known threats
ALE
Annualized Loss Expectancy
ie: can expect x number of devices to fail per year
AP
Access Point
Networking hardware device that provides Wi-Fi access, typically then connected via wire to the router, or directly integrated in the router itself
APT
Advanced Persistent Threat
Stealthy threat actor (usually nation-state or state-sponsored group) that gains unauthorized access to a system and remains undetected for a period of time
ARO
Annualized Rate of Occurrence
The calculated probability that a risk will occur in a given year
ARP
Address Resolution Protocol
Connects IP address with MAC address
ASLR
Address Space Layout Randomization
Prevent exploitation of memory corruption vulnerabilities
ASP
Active Server Page
- Microsoft server-side scripting language and engine to create dynamic web pages
- Superseded by ASP.NET in 2002
ATT&CK
Adversarial Tactics, Techniques, and Common Knowledge
Knowledge base framework of adversary tactics and techniques based on real-world observations
AUP
Acceptable Use Policy
Terms that users must accept in order to use a network, system, website, etc…
AV
Antivirus
- Antivirus software
- Typically uses signature-based detection
- Not effective against zero-days or polymorphic malware
BASH
Born Again Shell
Powerful UNIX shell and command language
BCP
Business Continuity Planning
- Plan used to create processes and systems of both prevention and recovery to deal with threats that a company faces
- This plan outlines how a business can continue delivering products and services if crap hits the fan
BIA
Business Impact Analysis
Used to predict the consequences a business would face if there were to be a disruption
BGP
Border Gateway Protocol
- “The postal service of the Internet”
- BGP finds the best route for data to travel to reach its destination
BIOS
Basic Input Output System
- Firmware that performs hardware initialization when systems are booting up, and to provide runtime services for the OS and programs
- First software to run when you power on a device
BPA
Business Partnership Agreement
Defines a contract between two or more parties as to how a business should run
BPDU
Bridge Protocol Data Unit
- Frames that have spanning tree protocol information
- Switches send BPDUs with a unique source MAC address to a multicast address with a destination MAC
BYOD
Bring your own device
CA
Certificate Authority
An organization that validates the identities of entities through cryptographic keys by issuing digital certificates
CAC
Common Access Card
Smart card for active duty personnel
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart
CAR
Corrective Action Report
Lists defects that need to be rectified
CASB
Cloud Access Security Broker
- Acts as an intermediary between the cloud and on-prem
- Monitors all activity
- Enforces security policies
CBC
Cipher Block Chaining
- CBC is a mode of operation for block ciphers
- Block ciphers (for encryption) by themselves would only work for a single block of data…a mode of operation like CBC can be used to give instructions on how to apply encryption to multiple blocks of data
- CBC helps prevent issues of identical blocks, even if you have identical inputs. It does that by using an operation called XOR (exclusive-OR)
CBT
Computer Based Training
CCMP
Counter-Mode/CBC-Mac Protocol
Encryption protocol designed for Wireless LAN products
CCTV
Closed Circuit Television
CERT
Computer Emergency Response Team
CIRT
Computer Incident Response Team
CFB
Cipher Feedback
When a mode of operation uses the ciphertext from the previous block in the chain
CHAP
Challenge Handshake Authentication Protocol
- Authenticates a user or network host to an authenticating entity
- Provides protection against replay attacks
- Requires that both the client and server know the plaintext of the secret, but it’s never sent over the network
CIO
Chief Information Officer
CTO
Chief Technology Officer
CSO
Chief Security Officer
CIS
Center of Internet Security
CMS
Content Management System
COOP
Continuity of Operation Planning
Effort for agencies to make sure they can continue operations during a wide range of emergencies
COPE
Corporate Owned Personal Enabled
Organization provides its employees with mobile computing devices
CP
Contingency Planning
CRC
Cyclical Redundancy Check
Used to detect accidental changes in digital networks and storage devices
CRL
Certificate Revocation List
CSP
Cloud Service Provider
CSR
Certificate Signing Request
- Contains information that the Certificate Authority (CA) will use to create your certificate
- Contains the public key for which the certificate should be issued, and other identifying information
CSRF
Cross Site Request Forgery
Unauthorized actions are performed on behalf of a legitimate user
CSU
Channel Service Unit
Device used for digital links to transfer data
CTM
Counter Mode
- Converts a block cipher into a stream cipher
CVE
Common Vulnerabilities Exposure
List of publicly disclosed computer security flaws
These security flaws get assigned a CVE ID number which people can use to reference them
CVSS
Common Vulnerability Scoring System
Public framework used to rate the severity of security vulnerabilities
CYOD
Choose your own device
DAC
Directory Access Control
Restriction of access based upon the identity of subjects and the groups they belong to
DBA
Database Administrator
DEP
Data Exclusion Prevention
- Microsoft security feature
- Monitor and protects pages or regions of memory
- Prevents data regions from executing (potentially malicious) code
DER
Distinguished Encoding Rules
DES
Digital Encryption Standard
DHE
Diffe Hellman Ephemeral
Way of securely exchanging cryptographic keys over public channels
DKIM
Domain Key Identified Mail
Email authentication technique - applies signatures by the mail server of the sender’s domain
DLL
Dynamic Link Library
- Library that contains code and data that can be used by programs to function in Windows
- DLL injections can run malicious code within an application by exploiting DLLs
DMARC
Domain Message Authentication Reporting and Conformance
- Authenticates emails with SPF and DKIM
- Used to prevent phishing and spoofing
DNAT
Destination Network Address Transcation
DPO
Data Privacy Officer
DRP
Disaster Recovery Plan
DSA
Digital Signature Algorithm
EAP
Extensible Authentication Protocol
Authentication framework used in LAN’s
ECB
Electronic Code Book
Doesn’t hide data patterns well, so it wouldn’t work to encrypt images for example
ECC
Elliptic Curve Cryptography
Good for mobile devices because it can use smaller keys
ECDHE
(Elliptic Curve Diffie-Hellman Ephemeral)
ECDSA
Elliptic Curve Digital Signature Algorithm
EDR
Endpoint Detection and Response
Technology that continuously monitors endpoints to mitigate cyber threats
EFS
Encrypted File System
EOL
End of Life
Date set where manufacturer will no longer create the product
EOS
End of Service
Original manufacturer no longer offers updates, support, or service
ERP
Enterprise Resource Planning
ESN
Electronic Serial Number
ESP
Encapsulated Security Payload
- Member of IPsec set of protocols
- Encrypts and authenticates packets of data between computers using VPNs
FACL
File System Access Control List
FDE
Full Disk Encryption
FPGA
FPGA (Field Programmable Gate Array)
Integrated circuit designed to be configured by a customer or designer after manufacturing
FRR
False Rejection Rate
Likelihood that a biometric security system will incorrectly reject an access attempt by an authorized user
GCM
Galois Counter Mode
- High speeds with low cost and low latency
- Provides authenticated encryption
GPO
Group Policy Object
- Contains two nodes: a user configuration and computer configuration
- Collection of group policy settings
GRE
Generic Routing Encapsulation
Tunneling Protocol
HA
High Availability
HIDS
Host-Based Intrusion Detection System
HIPS
Host-Based Prevention Detection System
HMAC
Hashed Message Authentication Code
combines shared secret key with hashing
HOTP
HMAC based One Time Password
- One-time password algorithm based on hash-based message authentication codes
HSM
Hardware Security Module
ICS
Industrial Control System
IDEA
International Data Encryption Algorithm
IDF
Intermediate Distribution Frame
Cable rack in a central office that cross connects and manages IT or telecom cabling between a main distribution frame (MDF) and remote workstation devices
IdP
Identity Provider
Service that stores and manages digital identities
IEEE
Institute of Electrical and Electronics Engineers
IKE
Internet Key Exchange
IoC
Indicators of Compromise
IR
Incident Response
IRP
Incident Response Plan
ISO
International Organization for Standardization
ISSO
Information Systems Security Officer
ITCP
IT Contingency Plan
IV
Initialization Vector
- Used in cryptography is an input to a cryptographic primitive
- Used to provide the initial state
KDC
Key Distribution Center
- Used to reduce risks in exchanging keys
- A user requests to use a service. The KDC will use cryptographic techniques to authenticate requesting users as themselves, and it will check whether a user has the right to access the service requested
KEK
Key Encryption Key
LEAP
Lightweight Extensible Authentication Protocol
- Wireless LAN authentication method
- Dynamic WEP keys and mutual authentication (b/t a wireless client and a RADIUS server)
MaaS
Monitoring as a Service
MAC
Mandatory Access Control
MAM
Mobile Application Management
MAN
Metropolitan Area Network
MBR
Master Boot Record
- Special type of boot sector at the very beginning of partitioned storage
- Holds information about how logical partitions are organized
MDM
Mobile Device Management
MFD
Multi Function Device
MFP
Multi Function Printer
MITM
Man in the Middle
MMS
Multimedia Message Service
MOA
Memorandum of Agreement
Legally-binding agreement between two parties
MOU
Memorandum of Understanding
- Non-legally binding agreement
- Used to signal willingness between parties to move forward with a contract
MPLS
Multi-Protocol Label Switching
Routing technique to direct data from one note to the next based on the short path labels
MSA
Measurement Systems Analysis
Mathematical method of determining the amount of variation that exists within a measurement process
MSCHAP
Microsoft Challenge Handshake
MSP
Managed Service Provider
MSSP
Managed Security Service Provider
MTBF
Mean Time Between Failures
MTTF
Mean Time To Failure
MTTR
Mean Time To Recover
MTU
Maximum Transmission Unit
Largest packet or frame size that can be sent in a packet or frame-based network such as the Internet
NAC
Network Access Control
NAS
Network Attached Storage
NAT
Network Address Translation
NFC
Near Filed Communication
NFV
Network Functions Virtualization
Virtualizes entire classes of network node functions into building blocks
NIC
Network Interface Card
NIDS
Network Based Intrusion Detection System
NIPS
Network Based Intrusion Prevention System
NTFS
New Technology File System
NTLM
New Technology LAN Manager
NTP
Network Time Protocol
port 123 udp
OAUTH
Open Authorization
OCSP
Online Certificate Status Protocol
Used by CAs to check the revocation status of an X.509 digital certificate
OID
Object Identifier
OSI
Open Systems Interconnection
OSINT
Open Source Intelligence
OSPF
Open Shortest Path First
OT
Operational Technology
OTA
Over the air
OTG
On the go
OVAL
Open Vulnerability Assessment Language
OWASP
Open Web Application Security Project
P2P
peer to peer
PAC
Proxy Auto Configuration
- Used to define how web browsers and other user agents can automatically choose the appropriate proxy server for fetching URLs
- Contains a JavaScript function that returns a string with one or more access method specifications
PAM
Privileged Access Management
PAP
Password Authentication Protocol
PBKDF2
Password Based Key Derivative Function 2
- Key derivation functions with a sliding computation cost, which is used to reduce vulnerabilities of brute-force attacks
- Applies a pseudorandom function (like HMAC) to the input password along with a salt value, and repeats this process multiple times to produce a derived key
PBX
Private Branch Exchange
PDU
Power Distribution Unit
PEAP
Protected Extensible Authentication Protocol
PED
Personal Electronic Device
PEM
Privacy enhance mail
PFS
Perfect Forward Security
Feature of specific key agreement protocols that give assurances that session keys will not be compromised, even if long-term secrets used in the session key exchange are compromised
PHI
Personal Health Information
PII
Personal Identity Information
PKI
Public Key Infrastructure
PSK
Pre Shared Key
QoS
Quality of Service
PUP
Potentially Unwanted Program
RA
Recovery Agent
RAD
Rapid Application Development
RAS
Remote Access Server
RAT
Remote Access Trojan
RBAC
Role Based Access Control
RPO
Recovery Point Objective
The maximum amount of data (measured by time) that can be lost after a recovery from a disaster or failure
RTBH
Remote Triggered Black Hole
- Can be used to drop traffic before it enters a protected network
- A common use is to mitigate DDoS
RTOS
Real Time Operating System
RTP
Real Time Transport Protocol
SAE
Simultaneous Authentication of Equals
Secure password-based authentication and password-authenticated key agreement method
SAML
Security Assertions Markup Language
- XML-based markup language for security assertions
- Allows an IdP to authenticate users and then pass an auth token to another application (service provider)
SAN
Storage Area Network
SCADA
System Control and Data Acquisition
SCEP
Simple Certificate Enrollment Protocol
Makes the request and issuing of digital certificates as simple as possible
SDN
Software Defined Networking
Makes networking a bit more like cloud computing than traditional network management by defining network technology via software
SED
Self Encrypting Drives
SEH
Structured Exception Handler
SLE
Single Loss Expectancy
SOAP
Simple Object Access Protocol
SoC
System on a chip
STP
Shield Twisted Pair
TTP
tactics techniques procedures
UAT
user acceptance testing
Last phase of the software testing process
UEFI
Unified Extensible Firmware Interface
UPS
uninterruptible power supply
URI
Uniform Resource Identifier
URL
Uniform Resource Locator
UTM
Unified Threat Management
- When a single hardware or software provides multiple security functions
- This is in contrast of having individual solutions for each security function
UTP
unshielded twisted pair
VDE
Virtual Desktop Environment
VDI
Virtual Desktop Infrastructure
VLSM
Variable Length Subnet Masking
VTC
Virtual Teleconferencing
WAF
Web Application Firewall
WAP
Wireless Access Point
WEP
Wired Equivalent Privacy
WIDS
Wireless Intrusion Detection System
WORM
write once read many
Data storage device where information, once written, can’t be modified
WPS
WiFi Protected Setup
XSRF
Cross site request forgery
X.509
Standard for defining the format of public key sharing
