Acronyms Flashcards
ACL
Access Control List used for controlling permissions to a computer system or computer network. They are used to filter traffic in and out of a specific device.
AAA
Authentication, Authorization, and
Accounting
Authentication
As the first process, authentication provides a way of identifying a user, typically by having them enter a valid username and password before access is granted. Other user authentication processes can be used instead, such as biometrics or a smart card.
Authorization
Following authentication, the user must be authorized to perform certain tasks. After logging in to a system, for instance, they might try to issue commands. The authorization process determines whether the user has the authority to issue such commands. Simply put, authorization is the process of enforcing policies by determining what types or qualities of activities, resources or services the user is permitted. Authorization and user authentication work together in the AAA model; the user is authenticated first, and only then can they be authorized for different types of access or activity.
Accounting
Accounting measures the resources the user consumes during access. This can include the amount of system time or amount of data the user has sent and received during a session. Accounting logs session statistics and usage information and is used for authorization control, billing, trend analysis, resource utilization and capacity planning activities.
AES
Advanced Encryption Standard
AES-256
Advanced Encryption Standard (AES) 256 is a virtually impenetrable symmetric encryption algorithm that uses a 256-bit key to convert your plain text or data into a cipher.
AH
Authentication Header
An Authentication Header (AH) is a security protocol in IPSec that ensures the integrity of packet headers and data, provides user authentication, and offers optional replay protection and access protection. It does not encrypt any part of the packets
AI
Artificial Intelligence
refers to the capability of computational systems to perform tasks typically associated with human intelligence, such as learning, reasoning, problem-solving, perception, and decision-making.
AIS
Automated Indicator Sharing
(AIS) is a service the Cybersecurity and Infrastructure Security Agency (CISA) provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations
ALE
Annualized Loss Expectancy
ALE is a quantitative metric used to estimate the financial impact of a potential security investment over a particular period of time. This formula assesses and prioritizes security risks by providing a monetary value that represents the expected annual cost of specific security incidents.
AP
Access Point
A wireless access point (WAP) is a networking device that allows wireless-capable devices to connect to a wired network.
API
Application Programming Interface
An API is a set of rules or protocols that enables software applications to communicate with each other to exchange data, features and functionality.
APT
Advanced persistent threat
is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.[1][2] In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals
ARO
Annualized Rate of Occurrence
the frequency with which a loss event is expected to occur over a given period. The ARO is calculated by estimating the likelihood of a threat exploiting a vulnerability and causing a loss event.
ARP
Address Resolution Protocol
protocol or procedure that connects an ever-changing Internet Protocol (IP) address to a fixed physical machine address, also known as a media access control (MAC) address, in a local-area network (LAN).
ASLR
Address Space Layout Randomization
a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.
ATT&CK
Adversarial Tactics, Techniques, and
Common Knowledge
MITRE ATT&CK a curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s attack lifecycle and the platforms they are known to target.
AUP
Acceptable Use Policy
An acceptable use policy is a set of rules applied by the owner, creator, possessor or administrator of a computer network, website, or service that restricts the ways in which the network, website or system may be used and sets guidelines as to how it should be used.
AV
Antivirus
software, also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name.
BASH
Bourne Again Shell
computing, Bash (short for “Bourne Again SHell is an interactive command interpreter and command programming language developed for UNIX-like operating systems.
BCP
Business Continuity Planning
establishing safeguards to protect the integrity of your data
It’s a multifaceted process that involves five stages:
1 Risk Analysis and Impact Assessment.
2 Strategy Design.
3 Implementation.
4 Testing and Validation.
5 Maintenance and Review.
BGP
Border Gateway Protocol
a gateway protocol that enables the internet to exchange routing information between autonomous systems (AS). As networks interact with each other, they need a way to communicate. This is accomplished through peering. BGP makes peering possible.
BIA
Business Impact Analysis
evaluates the potential risks and consequences of a breach.
BIOS
Basic Input/Output System
In computing, BIOS is a type of firmware used to provide runtime services for operating systems and programs and to perform hardware initialization during the booting process. The firmware comes pre-installed on the computer’s motherboard.
BPA
Business Partners Agreement
legal agreements between partners. This is a legal agreement that outlines the terms, conditions, and expectations between the partners.
BPDU
Bridge Protocol Data Unit
A spanning tree protocol (STP) message unit that describes the attributes of a switch port such as its MAC address, priority and cost to reach. BPDUs enable switches that participate in a spanning tree protocol to gather information about each other.
BYOD
Bring Your Own Device
employees use their own personal devices to connect to the organization’s network and access what they need to do their jobs
CA
Certificate Authority
a trusted entity that issues digital certificates to authenticate content sent from web servers. These certificates are data files used to cryptographically link an entity with a public key
CAPTCHA
Completely Automated Public Turing Test to
Tell Computers and Humans Apart
type of challenge–response test used in computing to determine whether the user is human in order to deter bot attacks and spam.
CAR
Corrective Action Report
document that details the activities taken to address and remedy a recognized problem or nonconformity within an organization. It is a methodical technique to determine the core cause of an issue and devise a strategy to prevent its recurrence in the future
CASB
Cloud Access Security Broker
type of security solution that helps protect cloud-hosted services. CASBs help keep corporate software-as-a-service (SaaS) applications, along with infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) services, safe from cyber attacks and data leaks.
CASB solutions operate based on 4 key pillars: Compliance
Visibility
Data Security
Threat Detection
CBC
Cipher Block Chaining
a block mode of DES that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. The first encrypted block is an initialization vector that contains random data
CCMP
Counter Mode/CBC-MAC Protocol
Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP) is an authenticated encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard.
CCTV
Closed-circuit Television
also known as video surveillance,[1][2] is the use of closed-circuit television cameras to transmit a signal to a specific place on a limited set of monitors. It differs from broadcast television in that the signal is not openly transmitted
CERT
Computer Emergency Response Team
A computer emergency response team (CERT) is an incident response team dedicated to computer security incidents.
CFB
Cipher Feedback
a stream mode encryption technique that utilizes feedback to eliminate patterns, similar to CBC. It employs an initialization vector to disrupt patterns and propagate errors.
CHAP
Challenge Handshake Authentication
Protocol
a challenge and response authentication method used in Point-to-Point Protocol (PPP) servers. The purpose is to verify the identity of a remote user accessing the network. CHAP authentication begins when the user of remote access initiates a PPP link
CIA Triad
Confidentiality, Integrity, Availability
CIO
Chief Information Officer
oversees the people, processes and technologies within a company’s IT organization to ensure they deliver outcomes that support the goals of the business.
CIRT
Computer Incident Response Team
a group of experts that assesses, documents and responds to a cyber incident so that a network can not only recover quickly, but also avoid future incidents.
CMS
Content Management System
web application or software that manages digital content, allowing multiple contributors to create, edit and publish from a single dashboard. Content in a CMS is typically stored in a database and displayed in a presentation layer based on a set of templates like a website.
COOP
Continuity of Operation Planning (NIST)
A predetermined set of instructions or procedures that describe how an organization’s mission-essential functions will be sustained within 12 hours and for up to 30 days as a result of a disaster event before returning to normal operations.
COPE
Corporate Owned, Personally Enabled(NIST)
device owned by an enterprise and issued to an employee. Both the enterprise and the employee can install applications onto the device.
CP
Contingency Planning(NIST)
let you respond to threats quickly and efficiently. Your security team can pinpoint attack patterns and use corrective actions to thwart cyberattacks as they happen.
CRC
Cyclical Redundancy Check
an algorithm used to detect errors in data transmission. The CRC algorithm generates a checksum, which is a fixed-size value derived from the data being transmitted. This checksum is then appended to the data and sent along with it.
CRL
Certificate Revocation List
list of digital certificates that have been revoked by the CA (Certificate Authority) before their scheduled expiration date
CSO
Chief Security Officer
executives who are responsible for all aspects of their organization’s security. This includes managing daily operations of the information technology (IT) security program and implementing and maintaining companywide security policies and procedures.
CSP
Cloud Service Provider
A cloud service provider is a third-party company offering a cloud-based platform, infrastructure, application, or storage services.
CSR
Certificate Signing Request
In public key infrastructure (PKI) systems, a certificate signing request (CSR or certification request) is a message sent from an applicant to a certificate authority of the public key infrastructure (PKI) in order to apply for a digital identity certificate. The CSR usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and a proof of authenticity including integrity protection (e.g., a digital signature). The most common format for CSRs is the PKCS #10 specification; others include the more capable Certificate Request Message Format (CRMF)[1] and the SPKAC (Signed Public Key and Challenge) format generated by some web browsers.
CSRF
Cross-site Request Forgery
a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform
CSU
Channel Service Unit
a hardware device about the size of a modem. It converts a digital data frame from local area network (LAN) communication technology into a frame appropriate for a wide area network (WAN) and vice versa.
CTM
Counter Mode
is similar to OFB, with one difference that CTR uses a counter for feedback. This method has the same advantages as OFB (patterns are destroyed and errors are not transmitted), but it also allows for parallel encryption because the feedback can be as simple as an ascending number.
CTO
Chief Technology Officer
responsible for overseeing the development and distribution of technology to external customers, vendors and other clients to improve and grow the business
CVE
Common Vulnerability Enumeration
Identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
Common Vulnerabilities and Exposures (CVE) is a dictionary of common names (i.e., CVE Identifiers) for publicly known information security vulnerabilities. CVE’s common identifiers make it easier to share data across separate network security databases and tools, and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.[14]
CVSS
Common Vulnerability Scoring System
The Common Vulnerability Scoring System is a technical standard for assessing the severity of vulnerabilities in computing systems. Scores are calculated based on a formula with several metrics that approximate ease and impact of an exploit. Scores range from 0 to 10, with 10 being the most severe.
CYOD
Choose Your Own Device
an IT policy that allows employees to select from a company-approved list of devices for professional use. CYOD balances employee choice and IT control by giving your workforce a choice of pre-approved devices for work use.
DAC
Discretionary Access Control
In computer security, discretionary access control (DAC) is a type of access control defined by the Trusted Computer System Evaluation Criteria[1] (TCSEC) as a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. The controls are discretionary in the sense that a subject with a certain access permission is capable of passing that permission (perhaps indirectly) on to any other subject (unless restrained by mandatory access control).
DBA
Database Administrator
manages computer databases. The role may include capacity planning, installation, configuration, database design, migration, performance monitoring, security, troubleshooting, as well as backup and data recovery.
DDoS
Distributed Denial of Service
a cybercrime in which the attacker floods a server with internet traffic to prevent users from accessing connected online services and sites
DEP
Data Execution Prevention
a set of hardware and software technologies that perform additional checks on memory to help protect against malicious code exploits. Hardware-enforced DEP marks all memory locations in a process as non-executable unless the location explicitly contains executable code
DES
Digital Encryption Standard
algorithm is a symmetric-key block cipher created in the early 1970s by an IBM team and adopted by the National Institute of Standards and Technology (NIST). The algorithm takes the plain text in 64-bit blocks and converts them into ciphertext using 48-bit keys
DHCP
Dynamic Host Configuration Protocol
network management protocol used on Internet Protocol networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.
used to dynamically assign Internet Protocol (IP) addresses to each host on your organization’s network. In this DHCP meaning, a host can refer to any device that enables access to a network.
DHE
Diffie-Hellman Ephemeral
a mathematical method of securely generating a symmetric cryptographic key over a public channel and was one of the first public-key protocols as conceived by Ralph Merkle and named after Whitfield Diffie and Martin Hellman.[1][2] DH is one of the earliest practical examples of public key exchange implemented within the field of cryptography.
DKIM
DomainKeys Identified Mail
a protocol that allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify
DLL
Dynamic Link Library
a shared library in the Microsoft Windows or OS/2 operating system. A DLL can contain executable code, data, and resources. A DLL file often has file extension .dll even though this is not required. The extension is sometimes used to describe the content of the file.
DLP
Data Loss Prevention
software detects potential data breaches/data exfiltration transmissions and prevents them by monitoring,[1] detecting and blocking sensitive data while in use (endpoint actions), in motion (network traffic), and at rest (data storage).[2]
There are three main types of DLP solutions:
Network DLP.
Endpoint DLP.
Cloud DLP.
Domain Message Authentication Reporting
and Conformance
is an email authentication policy that protects against bad actors using fake email addresses disguised to look like legitimate emails from trusted sources
DNAT
Destination Network Address Translation
used by an external host to initiate connection with a private network. It translates the public IP address of an external host to the private IP of an internal host. DNAT can also translate the destination port in TCP/UDP headers
DNS
Domain Name System
a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol networks. It associates various information with domain names assigned to each of the associated entities.
DoS
Denial of Service
a cyberattack in which the perpetrator seeks to make a machine or network resource unavailable to its intended users by temporarily or indefinitely disrupting services of a host connected to a network.
DPO
Data Privacy Officer
ensures compliance with data protection laws and regulations, thus safeguarding the organization from hefty fines and damage to its reputation. More significantly, a DPO helps build trust among clients, stakeholders, and the public by ensuring transparent and responsible data processing.
MTTR
Mean Time to Recover
the average time it takes to recover from a product or system failure. This includes the full time of the outage—from the time the system or product fails to the time that it becomes fully operational again.
MTU
Maximum Transmission Unit
the largest packet or frame size, specified in octets (eight-bit bytes) that can be sent in a packet- or frame-based network. The internet’s transmission control protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission.
NAC
Network Access Control
also known as network admission control, is the process of restricting unauthorized users and devices from gaining access to a corporate or private network.
DRP
Disaster Recovery Plan
formal document created by an organization that contains detailed instructions on how to respond to unplanned incidents such as natural disasters, power outages, cyber attacks and any other disruptive events.
DSA
Digital Signature Algorithm
a cryptographic algorithm used to generate digital signatures, authenticate the sender of a digital message, and prevent message tampering. DSA works by having two keys: a private key owned by the sender and a public key held by the receiver.
DSL
Digital Subscriber Line
originally, a digital subscriber loop is a communication medium, which is used to transfer the internet through copper wire telecommunication lines. Along with cable internet, DSL is one of the most popular ways ISPs provide broadband internet access
EAP
Extensible Authentication Protocol
port security
an authentication framework, not a specific authentication mechanism, frequently used in wireless networks and point-to-point connections. It provides some common functions and negotiation of authentication methods called EAP methods.
ECB
Electronic Code Book
a simple mode of operation with a block cipher that’s mostly used with symmetric key encryption. It is a straightforward way of processing a series of sequentially listed message blocks. The input plaintext is broken into numerous blocks
ECC
Elliptic Curve Cryptography
a key-based technique for encrypting data. ECC focuses on pairs of public and private keys for decryption and encryption of web traffic. ECC is frequently discussed in the context of the Rivest–Shamir–Adleman (RSA) cryptographic algorithm
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral
both parties generate temporary public keys for each session, providing forward secrecy, which ensures that a compromised long-term key does not affect past session keys
ECDSA
Elliptic Curve Digital Signature Algorithm
offers a variant of the Digital Signature Algorithm (DSA) which uses elliptic-curve cryptography.
EDR
Endpoint Detection and Response
also known as Endpoint Threat Detection and Response (ETDR), is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities
EFS
Encrypted File System
provides an additional level of security for files and directories. It provides cryptographic protection of individual files on NTFS file system volumes using a public-key system
ERP
Enterprise Resource Planning
refers to a type of software that organizations use to manage day-to-day business activities such as accounting, procurement, project management, risk management and compliance, and supply chain operations.
ESN
Electronic Serial Number
A unique 32-bit number programmed into CDMA phones when they are manufactured.
other devices
ESP
Encapsulated Security Payload
a member of the Internet Protocol Security (IPsec) set of protocols that encrypt and authenticate the packets of data between computers using a Virtual Private Network (VPN).
FACL
File System Access Control List
le that informs a computer operating system of the access privileges a user has to a system object, including a single file or a file directory
In computer security, an access-control list is a list of permissions associated with a system resource. An ACL specifies which users or system processes are granted access to resources, as well as what operations are allowed on given resources. Each entry in a typical ACL specifies a subject and an operation.
FDE
Full Disk Encryption
technology which protects information by converting it into code that cannot be deciphered easily by unauthorized people or processes. Disk encryption uses disk encryption software or hardware to encrypt every bit of data that goes on a disk or disk volume.
FIM
File Integrity Management
security practice that continuously verifies the authenticity of files, operating system components, applications, and databases by comparing them to a known baseline to detect unauthorized changes or corruption.
FPGA
Field Programmable Gate Array
versatile type of integrated circuit, which, unlike traditional logic devices such as application-specific integrated circuits (ASICs), is designed to be programmable (and often reprogrammable) to suit different purposes, notably high-performance computing (HPC) and prototyping.
FRR
False Rejection Rate
Probability that the system fails to detect a match between the input fingerprint template and a matching template in the database. It measures the percent of valid inputs which are incorrectly rejected. It is sometimes denoted as False Non-Match Rate (FNMR)
FTP
File Transfer Protocol
standard network protocol used for the transfer of files from one host to another over a TCP-based network, such as the Internet. FTP works by opening two connections that link the computers trying to communicate with each other.
FTPS
Secured File Transfer Protocol
a network protocol for securely accessing, transferring and managing large files and sensitive data. Designed by the Internet Engineering Task Force as an extension of Secure Shell (SSH), SFTP enables access, transfer and management of files over a network
GCM
Galois Counter Mode
block cipher mode of operation that uses universal hashing over a binary Galois field to provide authenticated encryption. It can be implemented in hardware to achieve high speeds with low cost and low latency
GDPR
General Data Protection Regulation
a legal framework that sets guidelines for the collection and processing of personal information from individuals who live in and outside of the European Union (EU)
GPG
Gnu Privacy Guard
is a free-software replacement for Symantec’s cryptographic software suite PGP. The software is compliant with the now obsoleted[4] RFC 4880,
GnuPG is a hybrid-encryption software program because it uses a combination of conventional symmetric-key cryptography for speed, and public-key cryptography for ease of secure key exchange, typically by using the recipient’s public key to encrypt a session key which is used only once.
GPO
Group Policy Object
the Microsoft Windows NT family of operating systems that controls the working environment of user accounts and computer accounts. Group Policy provides centralized management and configuration of operating systems, applications, and users’ settings in an Active Directory environment.
GPS
Global Positioning System
a U.S.-owned utility that provides users with positioning, navigation, and timing (PNT) services.
GPU
Graphics Processing Unit
specialized electronic circuit initially designed for digital image processing and to accelerate computer graphics, being present either as a discrete video card or embedded on motherboards, mobile phones, personal computers, workstations, and game consoles.
GRE
Generic Routing Encapsulation
a tunneling protocol developed by Cisco Systems that can encapsulate a wide variety of network layer protocols inside virtual point-to-point links or point-to-multipoint links over an Internet Protocol network.
HA
High Availability
elimination of single points of failure to enable applications to continue to operate even if one of the IT components it depends on, such as a server, fails. IT professionals eliminate single points of failure to ensure continuous operation and uptime at least 99.99% annually.
HDD
Hard Disk Drive
is a magnetic storage device that uses rotating disks, known as platters, to store and retrieve data.
a type of data storage device that is used in laptops and desktop computers. An HDD is a “non-volatile” storage drive, which means it can retain the stored data even when no power is supplied to the device.
HIDS
Host-based Intrusion Detection System
a type of cybersecurity solution that monitors IT systems for signs of suspicious activity to detect unusual behaviors or patterns associated either with human users or applications that could be a sign of a security breach or attempted attack.
HIDS systems are so-named because they operate on individual host systems. In this context, a host could be a server, a PC, or any other type of device that produces logs, metrics, and other data that can be monitored for security purposes.
HIPS
Host-based Intrusion Prevention System
protects your system from malware and unwanted activity attempting to negatively affect your computer. HIPS utilizes advanced behavioral analysis coupled with the detection capabilities of network filtering to monitor running processes, files and registry keys. HIPS is separate from Real-time file system protection and is not a firewall; it only monitors processes running within the operating system.
HMAC
Hashed Message Authentication Code
a cryptographic authentication technique that uses a hash function and a secret key. With HMAC, you can achieve authentication and verify that data is correct and authentic with shared secrets, as opposed to approaches that use signatures and asymmetric cryptography
HOTP
HMAC-based One-time Password
a type of one-time password (OTP) algorithm that is used for authenticating users in a variety of security applications. HOTP generates a unique numeric or alphanumeric code that is single-use and used for login or transaction validation.
Hardware Security Module
a physical computing device that safeguards and manages secrets, and performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions.
hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates.
HTML
Hypertext Markup Language
text-based approach to describing how content contained within an HTML file is structured.
the standard markup language for documents designed to be displayed in a web browser. It defines the content and structure of web content. It is often assisted by technologies such as Cascading Style Sheets and scripting languages such as JavaScript, a programming language.
HTTP
Hypertext Transfer Protocol
foundation of the World Wide Web, and is used to load webpages using hypertext links. HTTP is an application layer protocol designed to transfer information between networked devices and runs on top of other layers of the network protocol stack.
HTTPS
Hypertext Transfer Protocol Secure
an Internet communication protocol used to encrypt and securely transmit information between a user’s web browser and the website they are connected to.
HVAC
Heating, Ventilation Air Conditioning
Heating, ventilation, and air conditioning (HVAC) is the use of various technologies to control the temperature, humidity, and purity of the air in an enclosed space.
IaaS
Infrastructure as a Service
a cloud computing model that provides on-demand access to computing resources such as servers, storage, networking, and virtualization. IaaS is attractive because acquiring computing resources to run applications or store data the traditional way requires time and capital.
IaC
Infrastructure as Code
the ability to provision and support your computing infrastructure using code instead of manual processes and settings. Any application environment requires many infrastructure components like operating systems, database connections, and storage.
IAM
Identity and Access Management
making sure that only the right people can access an organization’s data and resources. It’s a cybersecurity practice that enables IT administrators to restrict access to organizational resources so that only the people who need access have access.
ICMP
Internet Control Message Protocol
used for reporting errors and performing network diagnostics. In the error reporting process, ICMP sends messages from the receiver to the sender when data does not come though as it should.
ICS
Industrial Control Systems
An industrial control system consists of combinations of control components (e.g., electrical, mechanical, hydraulic, pneumatic) that act together to achieve an industrial objective (e.g., manufacturing, transportation of matter or energy).
an electronic control system and associated instrumentation used for industrial process control. Control systems can range in size from a few modular panel-mounted controllers to large interconnected and interactive distributed control systems with many thousands of field connections.
IDEA
International Data Encryption Algorithm
a symmetric key block cipher encryption algorithm designed to encrypt text to an unreadable format for transmission via the internet. It uses a typical block size of 128 bits and takes 64 bits as an input, i.e., 64-bit data
IDF
Intermediate Distribution Frame
IDF closet, is a cable rack in a central office or customer premises that cross connects and manages the IT or telecommunications cabling between a main distribution frame (MDF) and remote workstation devices.
MDF is the primary point of connectivity, linking external and internal networks, while IDF acts as a secondary point, connecting devices within a specific area to the MDF.
IdP
Identity Provider
a system that creates, stores, and manages digital identities. The IdP can either directly authenticate the user or can provide authentication services to third-party service providers (apps, websites, or other digital services).
IDS
Intrusion Detection System
a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management system.
There are three main types of IDS/IPS detection: anomaly-based, signature-based, and hybrid.
IEEE
Institute of Electrical and Electronics
Engineers
an American 501 professional association for electrical engineering, electronics engineering, and other related disciplines.
IKE
Internet Key Exchange
a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN). The protocol ensures security for VPN negotiation, remote host and network access.
IM
Instant Messaging
the exchange of near-real-time messages through a standalone application or embedded software.
IMAP
Internet Message Access Protocol
an application layer Internet protocol that allows an e-mail client to access email on a remote mail server. The current version is defined by RFC 9051. An IMAP server typically listens on well-known port 143, while IMAP over SSL/TLS (IMAPS) uses 993.
IoC
Indicators of Compromise
data that indicates a system may have been infiltrated by a cyber threat. They provide cybersecurity teams with crucial knowledge after a data breach or another breach in security.
computer forensics is an artifact observed on a network or in an operating system that, with high confidence, indicates a computer intrusion.
IoT
Internet of Things
describes the network of physical objects—“things”—that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet.
Each type of IoT—Consumer, Commercial, Industrial, and Infrastructure—offers unique benefits and applications.
IP
Internet Protocol
set of rules, for routing and addressing packets of data so that they can travel across networks and arrive at the correct destination. Data traversing the Internet is divided into smaller pieces, called packets.
network layer communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet.
IPS
Intrusion Prevention System
a network security tool (which can be a hardware device or software) that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking, or dropping it, when it does occur
system is a device or software application that monitors a network or systems for malicious activity or policy violations. Any intrusion activity or violation is typically either reported to an administrator or collected centrally using a security information and event management system.
IPSec
Internet Protocol Security
a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
IR
Incident Response
the organized process an organization uses to detect, analyze, contain, eradicate, and recover from a security incident to minimize damage and prevent future occurrences
IRC
Internet Relay Chat
a text-based chat system for instant messaging. IRC is designed for group communication in discussion forums, called channels,[1] but also allows one-on-one communication via private messages[2] as well as chat and data transfer,[3] including file sharing.[4]
Internet Relay Chat is implemented as an application layer protocol to facilitate communication in the form of text. The chat process works on a client–server networking model.
IRP
Incident Response Plan
sometimes called an incident management plan or emergency management plan, is a set of instructions to detect, respond to and limit the effects of an information security event.
ISO
International Standards Organization
an independent, non-governmental, international standard development organization composed of representatives from the national standards organizations of member countries.
ISP
Internet Service Provider
an organization that provides myriad services related to accessing, using, managing, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privately owned.
ISSO
Information Systems Security Officer
plans, implement, upgrade, or monitor security measures for the protection of computer networks and information. Assess system vulnerabilities for security risks and propose and implement risk mitigation strategies.
IV
Initialization Vector
an arbitrary number that can be used with a secret key for data encryption to foil cyber attacks. This number, also called a nonce (number used once), is employed only one time in any session to prevent unauthorized decryption of the message by a suspicious or malicious actor.
In cryptography, an initialization vector (IV) or starting variable is an input to a cryptographic primitive being used to provide the initial state. The IV is typically required to be random or pseudorandom, but sometimes an IV only needs to be unpredictable or unique.
KDC
Key Distribution Center
In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use certain services at some times and not at others.
will use cryptographic techniques to authenticate requesting users, lookup their permissions, and grant them a ticket permitting access. The user can then present the ticket to the target resource/system, which verifies it and grants the user access. Security systems using KDCs include Kerberos.
KEK
Key Encryption Key
A key that encrypts other key (typically Traffic Encryption Keys or TEKs) for transmission or storage. The key for the underlying block cipher of KW, KWP, or TKW.
L2TP
Layer 2 Tunneling Protocol
a protocol that creates a secure tunnel for sending data between two points in a network. While it doesn’t encrypt data on its own, it’s often paired with encryption protocols like IPSec. L2TP is mainly used in VPNs to secure connections over public networks.
LAN
Local Area Network
a network contained within a small geographic area, usually within the same building. Home WiFi networks and small business networks are common examples of LANs.
A local area network is a computer network that interconnects computers within a limited area such as a residence, campus, or building, and has its network equipment and interconnects locally managed. LANs facilitate the distribution of data and sharing network devices, such as printers.
LDAP
Lightweight Directory Access Protocol
a directory service protocol that runs on a layer above the TCP/IP stack. It provides a mechanism used to connect to, search, and modify Internet directories. The LDAP directory service is based on a client-server model.
is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol network.
LEAP
Lightweight Extensible Authentication
Protocol
a protocol designed to support multiple authentication methods. EAP specifies the structure of an authentication communication between a client and an authentication server, without defining the content of the authentication data.
a proprietary wireless LAN authentication method developed by Cisco Systems. Important features of LEAP are dynamic WEP keys and mutual authentication (between a wireless client and a RADIUS server)
MaaS
Monitoring as a Service
a cloud-based framework for the deployment of monitoring functionalities for various other services and applications within the cloud. The most common application for MaaS is online state monitoring, which continuously tracks certain states of applications, networks, systems, instances or any element that may be deployable within the cloud.
MAC
Mandatory Access Control
a model of access control where the operating system provides users with access based on data confidentiality and user clearance levels. In this model, access is granted on a need-to-know basis: users must prove their need for information before gaining access.
In computer security, mandatory access control refers to a type of access control by which a secured environment constrains the ability of a subject or initiator to access or modify on an object or target.
MAC
Media Access Control
refers to the methods and protocols used to control access to a communication medium in a computer network. It is a sublayer of the Data Link Layer in the OSI model and is responsible for the transmission of data packets over a shared network medium.
MAC
Message Authentication Code
also referred to as a tag, is used to authenticate the origin and nature of a message. MACs use authentication cryptography to verify the legitimacy of data sent through a network or transferred from one person to another.
In cryptography, a message authentication code, sometimes known as an authentication tag, is a short piece of information used for authenticating and integrity-checking a message. In other words, it is used to confirm that the message came from the stated sender and has not been changed.
MAN
Metropolitan Area Network
a computer network that is larger than a single building local area network (LAN) but is located in a single geographic area that is smaller than a wide area network (WAN). Generally, it is several LANs interconnected by dedicated backbone connections.
a computer network that is larger than a single building local area network (LAN) but is located in a single geographic area that is smaller than a wide area network (WAN). Generally, it is several LANs interconnected by dedicated backbone connections.
MBR
Master Boot Record
The MBR contains a partition table, which stores information on which primary partitions have be created on the hard disk so that it can then use this information to start the machine.
MD5
Message Digest 5
a cryptographic hash function that takes an input of any length and produces a fixed-length output (128 bits or 32 hexadecimal characters) used for verifying data integrity and authentication
MDF
Main Distribution Frame
often serves as a nerve center of a building’s telecommunications network. It ensures seamless and efficient network connectivity and is crucial for managing complex network infrastructures.
In telephony, a main distribution frame is a signal distribution frame for connecting equipment to cables and subscriber carrier equipment.
MDM
Mobile Device Management
tools (MDMs) manage and monitor virtually any mobile device type, including notebooks, tablets, smartphones, and other mobile devices, often using a third-party dedicated management platform. Despite the misleading name, many MDM platforms, particularly those in the Apple ecosystem, also manage desktops. Mobile device management software ensures users can access company resources, such as corporate data and authorized applications while protecting sensitive data from mobile security threats.
MFA
Multifactor Authentication
an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN.
s an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism.
MFD
Multifunction Device
an office machine which incorporates the functionality of multiple devices in one and generally provides centralized document management/ distribution/production in an office setting.
MFP
Multifunction Printer
device that consolidates the functionality of a printer, copier, scanner and/or fax into one machine. Multifunction printers are a common choice for budget-minded businesses that want to consolidate assets, reduce costs and improve workflow.
ML
Machine Learning
enables computers to learn from data and make decisions or predictions without being explicitly programmed to do so. At its core, machine learning is all about creating and implementing algorithms that facilitate these decisions and predictions.
subset of AI
MMS
Multimedia Message Service
enables users to embed media into messages, including videos and GIFs. The recipients don’t have to click on links to websites to see images, and it’s easy to send audio clips.
a standard way to send messages that include multimedia content to and from a mobile phone over a cellular network. Users and providers may refer to such a message as a PXT, a picture message, or a multimedia message.
MOA
Memorandum of Agreement
a document written between parties to cooperatively work together on an agreed upon project or meet an agreed upon objective.
type of intra-agency, interagency, or National Guard agreement between two or more parties, which includes specific terms that are agreed to, and a commitment by at least one party to engage in action. It includes either a commitment of resources or binds a party to a specific action.
MOU
Memorandum of Understanding
a type of agreement between two or more parties. It expresses a convergence of will between the parties, indicating an intended common line of action.
MPLS
Multi-protocol Label Switching
a networking technology that routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks.
MSA
Master Service Agreement
sometimes known as a framework agreement, is a contract reached between parties, in which the parties agree to most of the terms that will govern future transactions or future agreements.
sometimes known as a framework agreement, is a contract reached between parties, in which the parties agree to most of the terms that will govern future transactions or future agreements.
MSCHAP
Microsoft Challenge Handshake
Authentication Protocol
a secure authentication method used in Point-to-Point Protocol (PPP) where an authenticator challenges a peer to prove its identity using a shared secret, without ever transmitting the secret itself.
a widely used authentication protocol primarily used for securing remote access connections in Virtual Private Networks (VPNs). It is an extension of the original MSCHAP protocol developed by Microsoft.
MSP
Managed Service Provider
delivers outsourced services, such as network, application, infrastructure and security, via ongoing and regular support and active administration on customers’ premises, in their MSP’s data center (hosting), or in a third-party data center.
MSSP
Managed Security Service Provider
provides outsourced monitoring and management of security devices and systems. Common services include managed firewall, intrusion detection, virtual private network, vulnerability scanning and anti-viral services.
MTBF
Mean Time Between Failures
a measure of the reliability of a system or component. It’s a crucial element of maintenance management, representing the average time that a system or component will operate before it fails.
MTTF
Mean Time to Failure
MTTF deals with non-repairable assets, whereas MTBF deals with assets that can be quickly repaired without spending a lot of money when they break down. The mean time to failure (MTTF) is a statistic for non-repairable devices, such as light bulbs, that have a useful life before being discarded once they fail.
MTTR
Mean Time to Recover
the average time it takes to recover from a product or system failure. This includes the full time of the outage—from the time the system or product fails to the time that it becomes fully operational again.
MTU
Maximum Transmission Unit
the largest packet or frame size, specified in octets (eight-bit bytes) that can be sent in a packet- or frame-based network. The internet’s transmission control protocol (TCP) uses the MTU to determine the maximum size of each packet in any transmission.
NAC
Network Access Control
the process of restricting unauthorized users and devices from gaining access to a corporate or private network.
NAT
Network Address Translation
a process that enables one, unique IP address to represent an entire group of computers. In network address translation, a network device, often a router or NAT firewall, assigns a computer or computers inside a private network a public address.
NDA
Non-disclosure Agreement
a legal document between two or more parties who agree not to disclose any sensitive information revealed over the course of doing business together.
NFC
Near Field Communication
a set of communication protocols that enables communication between two electronic devices over a distance of 4 cm or less. NFC offers a low-speed connection through a simple setup that can be used for the bootstrapping of capable wireless connections.
NGFW
Next-generation Firewall
monitor for potentially malicious activity based on specific behavior signatures or anomalies and then block suspicious traffic from the network. These capabilities are referred to as intrusion detection services (IDS) and intrusion prevention services (IPS).
NIDS
Network-based Intrusion Detection System
ide continuous network monitoring across on-premise and cloud infrastructure to detect malicious activity like policy violations, lateral movement or data exfiltration. NIDS security technologies are ‘passive’ rather than ‘active’ in nature.
NIPS
Network-based Intrusion Prevention System
monitors network traffic continuously, looking for patterns or anomalies that may indicate an attack or unauthorized access. When a potential threat is detected, the system takes immediate action to block the IP addresses of questionable traffic or otherwise mitigate the attack, preventing further damage.
NIST
National Institute of Standards & Technology
promotes U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
NTFS
New Technology File System
a journaling file system that stores metadata through the use of a partition boot sector, a master file table, and system files. Explore more about NTFS and its features. New Technology File System or NT file system (NTFS) provides virtual space to organize and store files.N
NTLM
New Technology LAN Manager
a suite of security protocols offered by Microsoft to authenticate users’ identity and protect the integrity and confidentiality of their activity.
NTP
Network Time Protocol
a networking protocol for clock synchronization between computer systems over packet-switched, variable-latency data networks. In operation since before 1985, NTP is one of the oldest Internet protocols in current use.
OAUTH
Open Authorization
an open standard for access delegation, commonly used as a way for internet users to grant websites or applications access to their information on other websites but without giving them the passwords.[3][4] This mechanism is used by companies such as Amazon,[5] Google, Meta Platforms, Microsoft, and X (formerly Twitter) to permit users to share information about their accounts with third-party applications or websites.
OCSP
Online Certificate Status Protocol
an Internet protocol used for obtaining the revocation status of an X.509 digital certificate. It is described in RFC 6960 and is on the Internet standards track.
OID
Object Identifier
In computing, object identifiers or OIDs are an identifier mechanism standardized by the International Telecommunication Union and ISO/IEC for naming any object, concept, or “thing” with a globally unambiguous persistent name.
OS
Operating System
system software that manages computer hardware and software resources, and provides common services for computer programs.
It manages the computer’s memory and processes, as well as all of its software and hardware. It also allows you to communicate with the computer without knowing how to speak the computer’s language.
OSINT
Open-source Intelligence
the practice of gathering, analyzing, and disseminating information from publicly available sources to address specific intelligence requirements. Of all the threat intelligence subtypes, open source intelligence (OSINT) is perhaps the most widely used, which makes sense
OSPF
Open Shortest Path First
a link-state routing protocol that was developed for IP networks and is based on the Shortest Path First (SPF) algorithm. OSPF is an Interior Gateway Protocol (IGP).
OTA
Over the Air
OTA (Over-The-Air in full form) is a wireless technology used to: communicate with a SIM card, download applications to a SIM card, and manage a SIM card.
OT
Operational Technology
hardware and software that detects or causes a change, through the direct monitoring and/or control of industrial equipment, assets, processes and events.
OVAL
Open Vulnerability Assessment Language
an international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services.
P12
PKCS #12
defines an archive file format for storing many cryptography objects as a single file. It is commonly used to bundle a private key with its X.509 certificate or to bundle all the members of a chain of trust. A PKCS #12 file may be encrypted and signed.
P2P
Peer to Peer
a distributed application architecture that partitions tasks or workloads between peers. Peers are equally privileged, equipotent participants in the network, forming a peer-to-peer network of nodes.
PaaS
Platform as a Service
platform-based service is a cloud computing service model where users provision, instantiate, run and manage a modular bundle of a computing platform and applications, without the complexity of building and maintaining the infrastructure associated with developing and launching application(s), and to allow developers to create, develop, and package such software bundles.[1][2]
PAM
Privileged Access Management
a type of identity management and branch of cybersecurity that focuses on the control, monitoring, and protection of privileged accounts within an organization.
PAC
Proxy Auto Configuration
a JavaScript function that determines whether web browser requests (HTTP, HTTPS, and FTP) go directly to the destination or are forwarded to a web proxy server.
PAM
Pluggable Authentication Modules
a mechanism to integrate multiple low-level authentication schemes into a high-level application programming interface (API). PAM allows programs that rely on authentication to be written independently of the underlying authentication scheme.
PAP
Password Authentication Protocol
a point-to-point protocol (PPP) authentication method that uses passwords to validate users. It is an internet standard (RFC 1334), password-based authentication protocol. Using PAP, data is not encrypted. It is sent to the authentication server as plain text.
PAT
Port Address Translation
translates many client private addresses to one public IP address, making many TCP sessions from different clients look like many TCP sessions from one client. This does not affect the server side.
PBKDF2
Password-based Key Derivation Function 2
typically used for deriving a cryptographic key from a password. It may also be used for key storage, but an alternate key storage KDF such as Scrypt is generally considered a better solution.
a widely adopted standard defined in RFC 2898. It enhances the security of hashed passwords in two significant ways: by using salts and by applying many iterations of the hashing process.
Salting: PBKDF2 adds a random string, known as a salt, to the password before hashing it. This approach ensures that the same password will produce different hashes on each use, defeating rainbow table attacks.
Iteration: PBKDF2 applies the hash function multiple times (thousands or even millions of rounds) to the password and salt combination. This process, called stretching, makes the computation of the hash slow, significantly reducing the feasibility of brute-force attacks.
PBX
Private Branch Exchange
a business telephone system that offers multiple inbound and outbound lines, call routing, voicemail, and call management features.
PCAP
Packet Capture
a networking term for intercepting a data packet that is crossing a specific point in a data network. Once a packet is captured in real-time, it is stored for a period of time so that it can be analyzed, and then either be downloaded, archived or discarded.
PCI DSS
Payment Card Industry Data Security
Standard
a set of rules and guidelines designed to help organizations that handle credit card information keep that information safe and secure. These guidelines are essential to protect against data breaches and credit card fraud.
PDU
Power Distribution Unit
controlling electrical power in a data center. The most basic PDUs are large power strips without surge protection. They are designed to provide standard electrical outlets for data center equipment and have no monitoring or remote access capabilities.
PEAP
Protected Extensible Authentication
Protocol
extends the Extensible Authentication Protocol (EAP) by encapsulating the EAP connection within a Transport Layer Security (TLS) tunnel. PEAP was designed to provide authentication for 802.11 wireless local area networks (WLANs) to achieve greater security than what could be realized with EAP alone.
PED
Personal Electronic Device
a privately-owned device that is used for audio, video, text communication or any other type of computer-like instrument.
PEM
Privacy Enhanced Mail
defined in a sequence of RfCs (Request for Comments) specifying methods and formats for securing the authenticity and confidentiality of emails. The term “privacy-enhanced mail” is also used as a synonym for secure email in general.
PFS
Perfect Forward Secrecy
an encryption system that changes the keys used to encrypt and decrypt information frequently and automatically. This ongoing process ensures that even if the most recent key is hacked, a minimal amount of sensitive data is exposed.
PGP
Pretty Good Privacy
an encryption program that uses a combination of public, private, and random keys to block data from prying eyes. If you have sensitive data moving from one place to another, PGP could block it from view.
an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications.
PHI
Personal Health Information
any data that relates to an individual’s past, present, or future physical or mental health, the provision of healthcare, or payment for healthcare, and that can be used to identify the individual.
PII
Personally Identifiable Information
any information connected to a specific individual that can be used to uncover that individual’s identity, such as their social security number, full name, email address or phone number.
PIV
Personal Identity Verification
request and validate multiple forms of identification, including at least one with a photo. Examples include a driver’s license, Social Security card, valid passport, or military ID.
PKCS
Public Key Cryptography Standards
are a group of public-key cryptography standards devised and published by RSA Security LLC, s
PKI
Public Key Infrastructure
governs the issuance of digital certificates to protect sensitive data, provide unique digital identities for users, devices and applications and secure end-to-end communications.
set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption.
The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred.
POP
Post Office Protocol
widely used e-mail application protocol that can be used to retrieve e-mail from an e-mail server for the client application, such as Microsoft Outlook. The current version of POP is POP3. POP servers set up mailboxes (actually directories or folders) for each e-mail account name.
POTS
Plain Old Telephone Service
the traditional, analog voice transmission phone system implemented over physical copper wires (twisted pair). Simply put, POTS is the basic telephone call service that individuals and businesses have been using since the 1880s.
PPP
Point-to-Point Protocol
a data link layer (layer 2) communication protocol between two routers directly without any host or any other networking in between.
provides a standard method for transporting multiprotocol datagrams over point-to-point links. In the context of a network application, PPP allows IP datagrams to be exchanged with a node at the other end of a point-to-point link.
Point-to-Point Tunneling Protocol
a network protocol used to create VPN tunnels between public networks. PPTP servers are also known as Virtual Private Dialup Network (VPDN) servers. PPTP is preferred over other VPN protocols because it is faster and it has the ability to work on mobile devices.
a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks.
PSK
Pre-shared Key
A secret key that has been established between the parties who are authorized to use it by means of some secure method (e.g., using a secure manual-distribution process or automated key-establishment scheme).
PTZ
Pan-tilt-zoom
Pan means to rotate, Tilt to move the lens up and down and Zoom to zoom in or out on a part of the image you’re trying to capture. In short, a PTZ camera is a controllable camera that can move over 3 axes.
PUP
Potentially Unwanted Program
a program that may be unwanted, despite the possibility that users consented to download it. PUPs include spyware, adware and dialers, and are often downloaded in conjunction with a program that the user wants.
RA
Recovery Agent
Windows security feature that helps organizations recover data locked away by the Encrypting File System (EFS). The data encryption agent is the user account entrusted with the organization’s EFS decryption keys.
RA
Registration Authority
An entity authorized by the certification authority system (CAS) to collect, verify, and submit information provided by potential Subscribers which is to be entered into public key certificates. The term RA refers to hardware, software, and individuals that collectively perform this function.
RACE
Research and Development in Advanced
Communications Technologies in Europe
a program launched in 1980s by the Commission of European Communities to pave the way towards commercial use of Integrated Broadband Communication (IBC) in Europe in late 1990s.
RAD
Rapid Application Development
an adaptive software development model based on prototyping and quick feedback with less emphasis on specific planning. In general, the RAD approach prioritizes development and building a prototype rather than planning.
RADIUS
Remote Authentication Dial-in User Service
a networking protocol that provides centralized authentication, authorization, and accounting management for users who connect and use a network service. RADIUS was developed by Livingston Enterprises in 1991 as an access server authentication and accounting protocol.
an Internet standard protocol that provides centralized authentication, accounting and IP management services for remote access users in a distributed dial-up network.
RAID
Redundant Array of Inexpensive Disks
a method that combines multiple physical disks into a single logical unit. It includes different levels such as RAID 0, RAID 1, and RAID 5, each offering unique benefits in terms of speed, reliability, and data protection.
a data storage virtualization technology that combines multiple physical data storage components into one or more logical units for the purposes of data redundancy, performance improvement, or both.
RAS
Remote Access Server
allows users to connect to a network from a remote location. Remote access servers are commonly used to provide remote employees with access to a company’s internal network and resources or to allow users to connect to a private network from a public internet connection.
RAT
Remote Access Trojan
gain full administrative privileges and remote control of a target computer.
a form of malware that provides the perpetrator remote access and control of the infected computer or server. Once the hacker gains access, they can use the infected machine for several illegal activities, such as harvesting credentials from the keyboard or clipboard, installing or removing software, stealing files, and hijacking the webcam. The hacker can do all this without the owner’s consent or knowledge.
RBAC
Role-based Access Control
a model for authorizing end-user access to systems, applications and data based on a user’s predefined role. For example, a security analyst can configure a firewall but can’t view customer data, while a sales rep can see customer accounts but can’t touch firewall settings.
RBAC
Rule-based Access Control
used to manage access to locations, databases and devices according to a set of predetermined rules and permissions that do not account for the individual’s role within the organization.
RC4
Rivest Cipher version 4
the generation of a pseudorandom keystream, which is then XORed with the plaintext to deliver the ciphertext. It initiates with a variable-length key, ranging from 1 to 256 bytes, to initialize a 256-byte state table.
RDP
Remote Desktop Protocol
cure network communication protocol offered by Microsoft, allows users to execute remote operations on other computers. It facilitates secure information exchange between remotely connected machines over an encrypted communication channel.
RFID
Radio Frequency Identifier
a wireless technology that uses radio waves to identify objects, animals, or people. RFID is similar to barcodes, but it can read data from tags without requiring a line of sight.
RIPEMD
RACE Integrity Primitives Evaluation
Message Digest
as a cryptographic hash function, used to generate a unique fixed-size signature (or “fingerprint”) of data, primarily for verifying data integrity and detecting tampering.
ROI
Return on Investment
the ratio between net income and investment. A high ROI means the investment’s gains compare favorably to its cost. As a performance measure, ROI is used to evaluate the efficiency of an investment or to compare the efficiencies of several different investments.
RPO
Recovery Point Objective
the maximum amount of data – as measured by time – that can be lost after a recovery from a disaster, failure, or comparable event before data loss will exceed what is acceptable to an organization.
RSA
Rivest, Shamir, & Adleman
a public-key cryptosystem, one of the oldest widely used for secure data transmission. The initialism “RSA” comes from the surnames of Ron Rivest, Adi Shamir and Leonard Adleman, who publicly described the algorithm in 1977
RTBH
Remotely Triggered Black Hole
mitigate a distributed denial-of-service (DDoS) attack.
filtering technique that provides the ability to drop undesirable traffic before it enters a protected network. This document describes RTBH filtering and its merits, operational gains, applications, and deployment considerations and provides sample router configurations.
RTO
Recovery Time Objective
the maximum acceptable amount of time for restoring a network or application and regaining access to data after an unplanned disruption. Loss of revenue and the extent to which a disrupted process impacts business continuity can both have an impact on RTO.
RTOS
Real-time Operating System
an OS that guarantees real-time applications a certain capability within a specified deadline.
processes data and events that have critically defined time constraints.
RTP
Real-time Transport Protocol
a network protocol used for delivering audio and video data over the internet in real time.
a network protocol for delivering audio and video over IP networks. RTP is used in communication and entertainment systems that involve streaming media, such as telephony, video teleconference applications including WebRTC, television services and web-based push-to-talk features.
S/MIME
Secure/Multipurpose Internet Mail
Extensions
a type of public encryption and signing of MIME data (a.k.a. email messages) to verify a sender’s identity. With S/MIME, it is possible to send and receive encrypted emails.
SaaS
Software as a Service
a cloud computing service model where the provider offers use of application software to a client and manages all needed physical and software resources. SaaS is usually accessed via a web application.
SAE
Simultaneous Authentication of Equals
a secure password-based authentication protocol used in Wi-Fi Protected Access 3 (WPA3) networks. SAE protects against offline dictionary attacks by enabling a secure exchange that doesn’t expose passwords, thus ensuring a more secure connection than traditional methods.
SAML
Security Assertions Markup Language
an open federation standard that allows an identity provider (IdP) to authenticate users and then pass an authentication token to another application known as a service provider (SP).
XML-formatted documents that contain the claims or SAML assertions that one entity makes about another. For example, an identity provider can claim or assert that a user is indeed who they say they are. Its security token service digitally signs the SAML token as proof to the service provider.
SAN
Storage Area Network
dedicated, independent high-speed network that interconnects and delivers shared pools of storage devices to multiple servers. Each server can access shared storage as if it were a drive directly attached to the server.
SAN
Subject Alternative Name
anything that your CA allows
an extension used in digital certificates that allows a single certificate to secure multiple domain names, subdomains, or IP addresses.
SASE
Secure Access Service Edge
a framework for network architecture that brings cloud native security technologies—SWG, CASB, ZTNA, and FWaaS in particular—together with wide area network (WAN) capabilities to securely connect users, systems, and endpoints to applications and services anywhere.
SCADA
Supervisory Control and Data Acquisition
a comprehensive hardware and software solution that controls and manages high-level industrial processes without human intervention. SCADA works by gathering real-time data remotely to process it and control conditions and equipment.
control system architecture comprising computers, networked data communications and graphical user interfaces for high-level supervision of machines and processes. It also covers sensors and other devices, such as programmable logic controllers, which interface with process plant or machinery.
SCAP
Security Content Automation Protocol
se SCAP for vulnerability measurement and scoring. SCAP enables quantitative and repeatable measurement and scoring of software flaw vulnerabilities across systems through the combination of the Common Vulnerability Scoring System (CVSS), CVE, and CPE.
SCEP
Simple Certificate Enrollment Protocol
allows you to securely issue certificates to large numbers of network devices using an automatic enrollment technique.
SD-WAN
Software-defined Wide Area Network
a virtual WAN architecture that allows enterprises to leverage any combination of transport services—including MPLS, LTE and broadband internet services—to securely connect users to applications.
uses software-defined networking technology, such as communicating over the Internet using overlay tunnels which are encrypted when destined for internal organization locations.[1]
If standard tunnel setup and configuration messages are supported by all of the network hardware vendors, SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism. This concept is similar to how software-defined networking implements virtualization technology to improve data center management and operation.[1] In practice, proprietary protocols are used to set up and manage an SD-WAN, meaning there is no decoupling of the hardware and its control mechanism.
SDK
Software Development Kit
set of platform-specific building tools for developers. You require components like debuggers, compilers, and libraries to create code that runs on a specific platform, operating system, or programming language. SDKs put everything you need to develop and run software in one place.
SDLC
Software Development Lifecycle
the cost-effective and time-efficient process that development teams use to design and build high-quality software. The goal of SDLC is to minimize project risks through forward planning so that software meets customer expectations during production and beyond. This methodology outlines a series of steps that divide the software development process into tasks you can assign, complete, and measure.
SDLM
Software Development Lifecycle
Methodology
This methodology outlines a series of steps that divide the software development process into tasks you can assign, complete, and measure.
SDN
Software-defined Networking
a network architecture that uses software to control and manage network traffic, separating the control plane from the data plane, allowing for centralized and programmable network management.
approach to network management that uses abstraction to enable dynamic and programmatically efficient network configuration to create grouping and segmentation while improving network performance and monitoring in a manner more akin to cloud computing than to traditional network management.[1] SDN is meant to improve the static architecture of traditional networks and may be employed to centralize network intelligence in one network component by disassociating the forwarding process of network packets (data plane) from the routing process (control plane).[2] The control plane consists of one or more controllers, which are considered the brains of the SDN network, where the whole intelligence is incorporated. However, centralization has certain drawbacks related to security,[1] scalability and elasticity.[1][3]
SE Linux
Security-enhanced Linux
a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls. SELinux is a set of kernel modifications and user-space tools that have been added to various Linux distributions.
SED
Self-encrypting Drives
a critical component of safeguarding sensitive information in the current digital age, where data security is paramount. These advanced storage solutions integrate encryption directly into the hardware, ensuring data remains encrypted throughout its lifecycle—from storage to retrieval.
SEH
Structured Exception Handler
mechanism for handling both hardware and software exceptions. Therefore, your code will handle hardware and software exceptions identically. Structured exception handling enables you to have complete control over the handling of exceptions, provides support for debuggers, and is usable across all programming languages and machines. Vectored exception handling is an extension to structured exception handling.
SFTP
Secured File Transfer Protocol
a network protocol for securely accessing, transferring and managing large files and sensitive data. Designed by the Internet Engineering Task Force as an extension of Secure Shell (SSH), SFTP enables access, transfer and management of files over a network.
SHA
Secure Hashing Algorithm
a family of cryptographic functions designed to keep data secured. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions. The hash function then produces a fixed-size string that looks nothing like the original. These algorithms are designed to be one-way functions, meaning that once they’re transformed into their respective hash values, it’s virtually impossible to transform them back into the original data.
SHTTP
Secure Hypertext Transfer Protocol
an obsolete alternative to the HTTPS protocol for encrypting web communications carried over the Internet. It was developed by Eric Rescorla and Allan M. Schiffman at EIT in 1994[1] and published in 1999 as RFC 2660 Netscape’s dominance of the browser market led to HTTPS becoming the de facto method for securing web communications.
SIEM
Security Information and Event Management
a field within computer security that combines security information management and security event management to enable real-time analysis of security alerts generated by applications and network hardware.
A robust SIEM solution is built on several key components that work together to provide comprehensive security monitoring.
Log management
SIEM systems collect and analyze logs from across the entire organization, including servers, network devices, firewalls, other security solutions, and cloud applications. The goal of this data collection is to uncover anomalies that indicate a potential threat. Many SIEM solutions also ingest threat intelligence feeds, which allow security teams to identify and block emerging cyberthreats.
Event correlation
SIEM solutions are effective because they bring together data from multiple systems across an enterprise. They analyze that data and look for patterns across different entities. For example, if there’s evidence of a compromised account and also unusual network traffic, a SIEM might identify that these two events are related and generate an alert for security teams to further investigate. Event correlation helps detect activity that seems benign on its own, but when combined with other activity, can be an indicator of compromise.
Incident response and monitoring
To detect threats early and minimize damage, SIEM solutions monitor digital and on-premises systems continuously. Analysis is displayed in a central dashboard, and the SIEM solution will also send alerts to security analysts based on pre-defined rules.
Many SIEM solutions also include automated response capabilities. In certain instances, the SIEM can take action automatically based on rules defined by the SOC. For example, if the SIEM solution detects possible malware, it could take steps to isolate the infected system based on predefined rules. Automation helps accelerate response and frees up security analysts to focus on more complex tasks and issues.
The key to an effective SIEM system is data. SIEM solutions continuously gather data from various sources, including firewalls, cloud apps, security systems, and endpoints. The aggregated data is then normalized to standard formats and parsed to extract relevant information. Using algorithms and correlation rules, the SIEM is able to identify patterns and anomalies in the normalized data and surface potential threats. A centralized dashboard and alerts help security analysts identify events that require further investigation.
SIM
Subscriber Identity Module
a removable smart card for mobile cellular telephony devices such as mobile computers and mobile phones. SIM cards securely store the service-subscriber key (IMSI) used to identify a GSM subscriber.
SLA
Service-level Agreement
a contract between a service provider and its customers that documents what services the provider will furnish and defines the service standards the provider is obligated to meet.
SLE
Single Loss Expectancy
The total amount of revenue that is lost from a single occurrence of a risk. Threat—A potential cause of an unwanted impact to a system or organization. (ISO 13335–1).
the amount of money you expect to lose each time a specific asset is lost or compromised. For instance, you may expect to lose $300 each time your business server breaks down, or you might lose $1,500 every time a laptop is lost or stolen.
SMS
Short Message Service
a text messaging service that allows the exchange of short text messages between mobile devices. SMS messages typically have a maximum length of 160 characters and can be sent and received on various mobile networks.
SMTP
Simple Mail Transfer Protocol
an Internet standard communication protocol for electronic mail transmission. Mail servers and other message transfer agents use SMTP to send and receive mail messages.
SMTPS
Simple Mail Transfer Protocol Secure
a method for securing the SMTP using transport layer security. It is intended to provide authentication of the communication partners, as well as data integrity and confidentiality. SMTPS is neither a proprietary protocol nor an extension of SMTP.
SNMP
Simple Network Management Protocol
an application-layer protocol that transmits management data between network devices. SNMP belongs to the Transmission Control Protocol/Internet Protocol (TCP/IP) family.
SOAP
Simple Object Access Protocol
a lightweight XML-based protocol that is used for the exchange of information in decentralized, distributed application environments. You can transmit SOAP messages in any way that the applications require, as long as both the client and the server use the same method.
SOAR
Security Orchestration, Automation,
Response
seeks to alleviate the strain on IT teams by incorporating automated responses to a variety of events. A SOAR system can also be programmed to custom-fit an organization’s needs.
SoC
System on Chip
integrates multiple components of a computer or electronic system, like a CPU, memory, and I/O, onto a single chip, resulting in smaller, more efficient, and cost-effective devices.
SOC
Security Operations Center
a team of IT security professionals that monitors, detects, analyzes, and responds to cybersecurity threats and incidents, protecting an organization’s data and systems.
SOW
Statement of Work
details what the developer must do in the performance of the contract. Documentation developed under the contract, for example, is specified in the SOW. Security assurance requirements, which detail many aspects of the processes the developer follows and what evidence must be provided to assure the organization that the processes have been conducted correctly and completely, may also be specified in the SOW.
SPF
Sender Policy Framework
an email authentication method that helps to identify the mail servers that are allowed to send email for a given domain. By using SPF, ISPs can identify email from spoofers, scammers and phishers as they try to send malicious email from a domain that belongs to a company or brand.
SPIM
Spam over Internet Messaging
the equivalent of spam email but on instant messaging platforms. Users receive unwanted and unsolicited messages, often from bots or compromised accounts. These can include promotions, advertisements, or links to malicious websites.
It mostly goes after large groups of people to get clicks, spread malware, or support scams. Even though it’s annoying, SPIM is usually less targeted and easy to spot with basic knowledge.
SQL
Structured Query Language
a programming language for storing and processing information in a relational database. A relational database stores information in tabular form, with rows and columns representing different data attributes and the various relationships between the data values.
a standard language used to store, retrieve, and manipulate data in relational databases. It allows end-users to communicate with databases and perform tasks like creating, updating, and deleting databases.
SQLi
SQL Injection
SQL injection is a code injection technique that might destroy your database.
SQL injection is one of the most common web hacking techniques.
SQL injection is the placement of malicious code in SQL statements, via web page input.
a code injection technique used to attack data-driven applications, in which malicious SQL statements are inserted into an entry field for execution (e.g. to dump the database contents to the attacker).[1][2] SQL injection must exploit a security vulnerability in an application’s software, for example, when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
SQL injection attacks allow attackers to spoof identity, tamper with existing data, cause repudiation issues such as voiding transactions or changing balances, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. Document-oriented NoSQL databases can also be affected by this security vulnerability
SRTP
Secure Real-Time Protocol
a profile for Real-time Transport Protocol (RTP) intended to provide encryption, message authentication and integrity, and replay attack protection to the RTP data in both unicast and multicast applications. It was developed by a small team of Internet Protocol and cryptographic experts from Cisco and Ericsson. It was first published by the IETF in March 2004 as RFC 3711.
Since RTP is accompanied by the RTP Control Protocol (RTCP) which is used to control an RTP session, SRTP has a sister protocol, called Secure RTCP (SRTCP); it securely provides the same functions to SRTP as the ones provided by RTCP to RTP.
SSD
Solid State Drive
a type of solid-state storage device that uses integrated circuits to store data persistently. It is sometimes called semiconductor storage device, solid-state device, or solid-state disk. SSDs rely on non-volatile memory, typically NAND flash, to store data in memory cells.
SSH
Secure Shell
a cryptographic network protocol for operating network services securely over an unsecured network. Its most notable applications are remote login and command-line execution.
is often used for controlling servers remotely, for managing infrastructure, and for transferring files.
SSL
Secure Sockets Layer
standard technology for securing an internet connection by encrypting data sent between a website and a browser (or between two servers). It prevents hackers from seeing or stealing any information transferred, including personal or financial data.
SSL (Secure Sockets Layer) certificate is a digital certificate used to secure and verify the identity of a website or an online service. The certificate is issued by a trusted third-party called a Certificate Authority (CA), who verifies the identity of the website or service before issuing the certificate.
SSO
Single Sign-on
an authentication method that allows users to access multiple applications and websites using a single set of credentials (like a username and password), streamlining the login process and improving user experience.
STIX
Structured Threat Information eXchange
a standardized Extensible Markup Language (XML) programming language for conveying data about cybersecurity threats in a way that can be easily understood by both humans and security technologies.
SWG
Secure Web Gateway
an on-premise or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible.
TACACS+
Terminal Access Controller Access Control
System
a network protocol designed for centralized authentication, authorization, and accounting (AAA) services for network devices, such as routers, switches, and firewalls. Developed by Cisco Systems, TACACS allows network administrators to manage and control user access to network devices and resources.
TAXII
Trusted Automated eXchange of Indicator
Information
a protocol used to exchange cyber threat intelligence (CTI) over HTTPS. TAXII enables organizations to share CTI by defining an API that aligns with common sharing models.
TCP/IP
Transmission Control Protocol/Internet
Protocol
a communications standard that enables application programs and computing devices to exchange messages over a network. It is designed to send packets across the internet and ensure the successful delivery of data and messages over networks.
four layers of the TCP/IP model: network access, internet, transport, and application. Used together, these layers are a suite of protocols.
a suite of communication protocols used to interconnect network devices on the internet. TCP/IP is also used as a communications protocol in a private computer network – an intranet or extranet.
TGT
Ticket Granting Ticket
files created by the key distribution center (KDC) portion of the Kerberos authentication protocol. They are used to grant users access to network resources. TGT files can provide secure data protection once the user and server authenticate them.
TKIP
Temporal Key Integrity Protocol
a security protocol used in the IEEE 802.11 wireless networking standard. It was designed to provide more secure encryption than the earlier Wired Equivalent Privacy (WEP), without needing to replace existing hardware.
TLS
Transport Layer Security
encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence.
TOC
Time-of-check
a race condition where a system checks a condition (like a file’s existence or permissions) and then, before using the result of that check, the condition changes, leading to potential security breaches.
TOTP
Time-based One-time Password
uses time as a moving factor, and passwords typically expire within 30-240 seconds. The temporary password is generated by an algorithm that uses the current time of day as one of its factors.
a common form of two-factor authentication (2FA). Unique numeric passwords are generated with a standardized algorithm that uses the current time as an input.
TOU
Time-of-use
a class of software bugs caused by a race condition involving the checking of the state of a part of a system (such as a security credential) and the use of the results of that check.
a race condition is the condition of an electronics, software, or other system where the system’s substantive behavior is dependent on the sequence or timing of other uncontrollable events, leading to unexpected or inconsistent results. It becomes a bug when one or more of the possible behaviors is undesirable.
TPM
Trusted Platform Module
hardware-based security chip that provides a secure environment for storing cryptographic keys, passwords, and digital certificates, enhancing a system’s overall security.
TTP
Tactics, Techniques, and Procedures
The behavior of an actor.
A tactic is the highest-level description of the behavior;
techniques provide a more detailed description of the behavior in the context of a tactic;
procedures provide a lower-level, highly detailed description of the behavior in the context of a technique.
TSIG
Transaction Signature
a computer-networking protocol defined in RFC 2845. Primarily it enables the Domain Name System to authenticate updates to a DNS database. It is most commonly used to update Dynamic DNS or a secondary/slave DNS server.
UAT
User Acceptance Testing
to validate and ensure that a software application meets the specific needs and requirements of its intended users before its official release, ensuring a high level of functionality, usability, and alignment with real-world scenarios.
a phase of software development in which the software is tested in the real world by its intended audience.
UAV
Unmanned Aerial Vehicle
commonly known as a drone, is an aircraft with no human pilot, crew, or passengers onboard, but rather is controlled remotely or is autonomous.
UDP
User Datagram Protocol
a communications protocol for time-sensitive applications like gaming, playing videos, or Domain Name System (DNS) lookups. UDP results in speedier communication because it does not spend time forming a firm connection with the destination before transferring the data.
UEFI
Unified Extensible Firmware Interface
is a specification for a software program that connects a computer’s firmware to its operating system (OS). UEFI is expected to eventually replace basic input/output system (BIOS) but is compatible with it.
UEM
Unified Endpoint Management
that enables IT and security teams to monitor, manage and secure all of an organization’s end-user devices, such as desktops and laptops, smartphones, tablets, wearables and more, in a consistent manner with a single tool, regardless of operating system or location.
UPS
Uninterruptable Power Supply
allows a computer to keep running for at least a short time when incoming power is interrupted. Provided utility power is flowing, it also replenishes and maintains energy storage.
URI
Uniform Resource Identifier
a unique sequence of characters that identifies an abstract or physical resource, such as resources on a webpage, mail address, phone number, books, real-world objects such as people and places, concepts.
URL
Universal Resource Locator
is a web address that provides a unique, specific location for a particular resource on the internet.
USB
Universal Serial Bus
allows easy, high-speed connections of peripherals to PCs that, once plugged in, configure automatically.
a standard that mentions the specifications used by cables, ports, and protocols that enable simple and universally accepted connectivity between a host and peripheral device.
USB OTG
USB On the Go
(sometimes called an OTG cable, or OTG connector) allows you to connect a full sized USB flash drive or USB A cable to your phone or tablet through the Micro USB or USB-C charging port
UTM
Unified Threat Management
when multiple security features or services are combined into a single device within your network. Using UTM, your network’s users are protected with several different features, including antivirus, content filtering, email and web filtering, anti-spam, and more.
a security solution that consolidates multiple security features to reduce total cost of ownership (TCO) and offers a single point of defense against a range of security vulnerabilities like viruses, worms, malware, spyware, and other network attacks.
UTP
Unshielded Twisted Pair
a type of copper cable that consists of pairs of wires twisted together. UTP cables are commonly used for networking and are the backbone of many computer networks.
VBA
Visual Basic
an object-oriented language and development environment developed by Microsoft in 1991. It has evolved from the earlier version of ‘BASIC’ language, which stands for ‘Beginners All-purpose Symbolic Instruction Code.
used for creating Windows desktop applications, web applications, and automating tasks within Microsoft Office applications (VBA)
VDE
Virtual Desktop Environment
a workstation that exists virtually and can be accessed from any location via the Internet. The virtual desktop has an image of an operating system which is shared by other virtual machines on a central network.
VDI
Virtual Desktop Infrastructure
IT infrastructure that lets you access enterprise computer systems from almost any device (such as your personal computer, smartphone, or tablet), eliminating the need for your company to provide you with—and manage, repair, and replace—a physical machine.
VLAN
Virtual Local Area Network
a virtualized connection that connects multiple devices and network nodes from different LANs into one logical network.
any broadcast domain that is partitioned and isolated in a computer network at the data link layer. In this context, virtual refers to a physical object recreated and altered by additional logic, within the local area network.
VLSM
Variable Length Subnet Masking
a computer networking technique to divide an IP network into subnets with different subnet masks. VLSM allows network designers to give each subnet a different number of IP addresses, ultimately resulting in less network congestion and wasted IPs.
VM
Virtual Machine
People use virtual machines (VMs) to run multiple operating systems and applications on a single machine. This can save money, increase efficiency, and simplify disaster recovery.
a software-based computer that functions like a physical computer. VMs can run programs, store data, and connect to networks.
Voice over IP
Voice over IP
a technology that allows you to make voice calls using a broadband Internet connection instead of a regular (or analog) phone line.
VPC
Virtual Private Cloud
a secure, isolated private cloud hosted within a public cloud. VPC customers can run code, store data, host websites, and do anything else they could do in an ordinary private cloud, but the private cloud is hosted remotely by a public cloud provider.
What is the difference between VPC and VPN? A VPC creates a private cloud within a public cloud, while a VPN secures connections to and from a network over the internet.
VPN
Virtual Private Network
a network architecture for virtually extending a private network across one or multiple other networks which are either untrusted or need to be isolated.
VPNs encrypt your data, ensuring that your ISP cannot view your online activity. At the same time, a VPN hides your IP address, making it impossible to trace your internet traffic back to you.
What is the difference between VPC and VPN? A VPC creates a private cloud within a public cloud, while a VPN secures connections to and from a network over the internet.
VTC
Video Teleconferencing
live, visual connection between two or more remote parties over the internet that simulates a face-to-face meeting. Video conferencing is important because it joins people who would not normally be able to form a face-to-face connection
WAF
Web Application Firewall
protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application, and prevents any unauthorized data from leaving the app. It does this by adhering to a set of policies that help determine what traffic is malicious and what traffic is safe.
WAFs offer a specialized layer of security for web applications, while firewalls provide general-purpose network security and traffic filtering.
WAP
Wireless Access Point
a device that allows you to connect wirelessly to a network, such as the internet or a local area network (LAN). It acts as a central hub for wireless communication and enables devices like smartphones, tablets, and laptops to access the network without the need for wired connections.
What is the difference between a WiFi router and a wireless access point?
What is the Difference Between Access Point and Router?
Main Differences.
The router acts as a hub that sets up a local area network and manages all of the devices and communication in it. An access point, on the other hand, is a sub-device within the local area network that provides another location for devices to connect from and enables more devices to be on the network.
WEP
Wired Equivalent Privacy
WEP was replaced by Wi-Fi Protected Access (WPA), and later by WPA2, both offering improved security over the vulnerabilities of the original WEP standard.
is no longer used because it was found to be easily cracked due to its weak encryption and static keys, making it vulnerable to various attacks.
an obsolete, severely flawed security algorithm for 802.11 wireless networks. Introduced as part of the original IEEE 802.11 standard ratified in 1997, its intention was to provide security/privacy comparable to that of a traditional wired network.
WIDS
Wireless Intrusion Detection System
a technology designed to protect wireless networks from unauthorized access. It does this by monitoring traffic on the network to identify any suspicious activity that may indicate a security breach.
WIPS
Wireless Intrusion Prevention System
a network device that monitors the radio spectrum for the presence of unauthorized access points (intrusion detection), and can automatically take countermeasures (intrusion prevention).
primary purpose of a WIPS is to prevent unauthorized network access to local area networks and other information assets by wireless devices.
WO
Work Order
document that provides all the information about a maintenance task and outlines a process for completing that task. Work orders can include details on who authorized the job, the scope, who it’s assigned to, and what is expected.
WPA
Wi-Fi Protected Access
a security standard for computing devices equipped with wireless internet connections. WPA was developed by the Wi-Fi Alliance to provide more sophisticated data encryption and better user authentication than Wired Equivalent Privacy (WEP), the original Wi-Fi security standard.
WPS
Wi-Fi Protected Setup
allows the owner of Wi-Fi privileges to block other users from using their household Wi-Fi. The owner can also allow people to use Wi-Fi. This can be changed by pressing the WPS button on the home router.
WTLS
Wireless TLS (Transport Layer Security)
Wireless Transport Layer Security is a security protocol, part of the Wireless Application Protocol stack. It sits between the WTP and WDP layers in the WAP communications stack.
encrypts data sent over the Internet to ensure that eavesdroppers and hackers are unable to see what you transmit which is particularly useful for private and sensitive information such as passwords, credit card numbers, and personal correspondence.
XDR
Extended Detection and Response
collects threat data from previously siloed security tools across an organization’s technology stack for easier and faster investigation, threat hunting, and response
XML
Extensible Markup Language
a markup language that provides rules to define any data. Unlike other programming languages, XML cannot perform computing operations by itself. Instead, any programming language or software can be implemented for structured data management.
XOR
Exclusive Or
the simplest XOR gate is a two-input digital circuit that outputs a logical “1” if the two input values differ, i.e., its output is a logical “1” if either of its inputs are 1, but not at the same time (exclusively).
a logical operator whose negation is the logical biconditional.
XSRF
Cross-site Request Forgery
also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a web browser into executing an unwanted action in an application to which a user is logged in. A successful CSRF attack can be devastating for both the business and user.
XSS
Cross-site Scripting
type of security vulnerability that can be found in some web applications. XSS attacks enable attackers to inject client-side scripts into web pages viewed by other users. A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same-origin policy.
a web security vulnerability where attackers inject malicious scripts into legitimate websites, enabling them to compromise user interactions and potentially steal sensitive information.
