Acronyms S-Z Flashcards
S/MIME
Secure/Multipurpose Internet Mail Extensions - standard for secure email messaging that provides encryption and digital signing capabilities.
SAN
Storage Area Network - specialized, high-speed network that provides network access to storage devices. SANs are typically composed of hosts, switches, storage elements, and storage devices that are interconnected using a variety of technologies, topologies, and protocols
SaaS
Software as a Service - a cloud computing model in which a third-party provider offers software applications.
SAE
Simultaneous Authentication of Equals - key exchange protocol that provides stronger security and that replaced PSK in WPA2.
SATCOM
Secure Satellite Communications - refers to the use of satellite technology for communication purposes, including voice, data, and video transmission.
SCADA
Supervisory Control and Data Acquisition - a system used to control and monitor industrial processes.
SCP
Secure Copy Protocol - a protocol used to securely transfer files between two devices.
SHA
Secure Hash Algorithm - SHA stands for secure hashing algorithm. SHA is a modified version of MD5 and used for hashing data and certificates. A hashing algorithm shortens the input data into a smaller form that cannot be understood by using bitwise operations, modular additions, and compression functions.
SID
Security Identifier - a unique identifier used to identify a user or group in Windows operating systems.
SIEM
Security Information and Event Management - type of security solution that provides real-time analysis of security alerts and events generated by network hardware and applications.
SLA
Service Level Agreement - a contract between a client and a service provider that defines cybersecurity expectations and responsibilities. Security standards: Minimum service levels, incident response times, and protection against cyber threats
SNMP
Simple Network Management Protocol - a protocol used to manage and monitor network devices.
SMTP
Simple Mail Transfer Protocol - a protocol used to send email messages between servers
SOAR
Security Orchestration, Automation and Response - security technology that helps organizations automate and streamline their security operations and incident response processes.
SoC
System on Chip - integrated circuit (IC) that combines various components of a computer or electronic system into a single chip
SQL
Structured Query Language - a programming language used for managing and manipulating data in relational databases.
SQLi
SQL Injection)- SQL injection is a code injection technique that might destroy your database. SQL injection is one of the most common web hacking techniques. SQL injection is the placement of malicious code in SQL statements, via web page input.
SSH
Secure Shell - a protocol used for secure remote access to a device. Uses Port 22
SSL
Secure Sockets Layer - SSL, or Secure Sockets Layer, is an encryption-based Internet security protocol. It was first developed by Netscape in 1995 for the purpose of ensuring privacy, authentication, and data integrity in Internet communications. SSL is the predecessor to the modern TLS encryption used today. A website that implements SSL/TLS has “HTTPS” in its URL instead of “HTTP”
SSO
Single Sign-On - an authentication method that lets users access multiple applications and services using a single set of login credentials.
STP
Spanning Tree Protocol - a protocol used to prevent loops in a network topology.
STIX
Structured Threat Information Exchange - designed to support the sharing of cybersecurity threat intelligence between different organizations and cybersecurity technologies.
TACACS+
Terminal Access Controller Access Control System Plus) - protocol used for providing centralized authentication, authorization, and accounting (AAA) services for network devices such as routers, switches, and firewalls.
TAXII
Trusted Automated Exchange of Indicator Information - application protocol for exchanging Cyber Threat Intelligence over HTTPS. It works with STIX.
TCP
Transmission Control Protocol - a protocol used to establish a reliable connection between two devices. Uses three way handshake.
TOTP
Time Based One Time Password - TOTP uses a timestamp and a time-based factor to generate the password. Specifically, TOTP calculates the message authentication code based on the current time and a time interval (usually 30 seconds).
TPM
Trusted Platform Module - chip on motherboard that can be used to store critical information such as encryption keys. TPM can be used for FDE (Full Disk Encryption).
UAT
User Acceptance Testing - the final phase of the software testing process. In the UAT phase, real users test the software to ensure it works as expected in real-world scenarios.
UBA
User Behaviour Analysis - checks whether user activity sticks out from their usual activity.
UDP
User Datagram Protocol - a protocol used for sending datagrams over a network. Connectionless.
UEFI
Unified Extensible Firmware Interface - modern version of BIOS. UEFI can be used for securely starting a device.
URL
Uniform Resource Locator - a unique identifier used to locate a resource on the Internet. It is also referred to as a web address.
VLAN
Virtual Local Area Network - a logical grouping of devices on a network that are grouped together based on factors such as function, department, or location, rather than physical location.
VM
Virtual Machine - a software environment that emulates a physical computer.
VPN
Virtual Private Network - a virtual private network, or VPN, is an encrypted connection over the Internet from a device to a network. The encrypted connection helps ensure that sensitive data is safely transmitted. It prevents unauthorized people from eavesdropping on the traffic and allows the user to conduct work remotely. VPN technology is widely used in corporate environments.
VTP
VLAN Trunking Protocol - proprietary protocol used by Cisco switches to exchange VLAN information. With VTP, you can synchronize VLAN information (such as VLAN ID or VLAN name) with switches inside the same VTP domain.
WAF
Web Application Firewall - firewall used to protect web applications.
WAP
Wireless Access Point) - network device that receives and transmits data over WLAN
WEP
Wired Equivalent Privacy - wired equivalent privacy is meant to protect Wi-Fi transmissions by encrypting the data so outsiders who are not inside the encrypted network will not be able to read the messages or data contained within. WEP is better than no security at all, and it is still used on older devices that do not support WPA or WPA2.
WIDS
Wireless Intrusion Detection System - a system used to detect unauthorized access to a wireless network.
WPA
Wi-Fi Protected Access - a security protocol used for wireless networks. There is WPA, WPA2, WPA3.
X.509
a standard for public key certificates used for authentication in network communication.
XML
Extensible Markup Language - a markup language used for encoding documents in a format that is both human-readable and machine-readable.
XSS
Cross-Site Scripting - a type of attack in which an attacker injects malicious code into a web page viewed by other users. Usually this code is javascript code. There are 3 main versions of XSS: DOM Based, Stored and Reflected XSS.
SASE
Secure Access Service Edge - technology used to deliver wide area network and security controls as a cloud computing service
SCAP
Security Content Automation Protocol - a set of open standards used to organize and express security-related information, enabling automated vulnerability management, policy compliance evaluation, and security measurement across different systems within an organization
SLE
Single Loss Expectancy - estimated monetary loss an organization could expect to incur from a single occurrence of a specific security incident
SPF
Sender Policy Framework - an email authentication protocol designed to prevent email spoofing by allowing domain owners to specify which mail servers are authorized to send emails on their behalf
