Glossary N-O

Question 1

NAC (network access control)

Answer 1

A general term for the collected protocols, policies, and hardware that authenticate and authorize access to a network at the device level.

Question 2

narrow-band

Answer 2

Low-power cellular networks designed to provide data connectivity to IoT devices.

Question 3

NAT (network address translation)

Answer 3

A routing mechanism that conceals internal addressing schemes from the public Internet by translating between a single public address on the external side of a router and private, non-routable addresses internally.

Question 4

ncat

Answer 4

Utility for reading and writing raw data over a network connection. Also known as netcat.

Question 5

NDA (non-disclosure agreement)

Answer 5

An agreement that stipulates that entities will not share confidential information, knowledge, or materials with unauthorized third parties.

Question 6

Nessus

Answer 6

One of the best-known commercial vulnerability scanners, produced by Tenable Network Security. Also known as Tenable.

Question 7

Netflow

Answer 7

A Cisco-developed means of reporting network flow information to a structured database. NetFlow allows better understanding of IP traffic flows as used by different network applications and hosts.

Question 8

NFC (Near Field Communication)

Answer 8

A standard for peer-to-peer (2-way) radio communications over very short (around 4”) distances, facilitating contactless payment and similar technologies. NFC is based on RFID.

Question 9

NFV (network functions virtualization)

Answer 9

Provisioning virtual network appliances, such as switches, routers, and firewalls, via VMs and containers.

Question 10

NGFW (next generation firewall)

Answer 10

Advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection. Also known as layer 7 firewall.

Question 11

Nmap

Answer 11

Versatile port scanner used for topology, host, service, and OS discovery and enumeration.

Question 12

nonce

Answer 12

An arbitrary number used only once in a cryptographic communication, often to prevent replay attacks.

Question 13

non-repudiation

Answer 13

The security goal of ensuring that the party that sent a transmission or created data remains associated with that data and cannot deny sending or creating that data.

Question 14

normalization

Answer 14

A routine that applies a common consistent format to incoming data so that it can be processed safely. Normalization is referred to in the context of log collection and software coding.

Question 15

NTLM authentication (NT LAN Manager authentication)

Answer 15

A challenge-response authentication protocol created by Microsoft for use in its products.

Question 16

nxlog

Answer 16

Software optimized for multi-platform log collection and aggregation.

Question 17

OATH (Initiative for Open Authentication)

Answer 17

An industry body comprising the main PKI providers, such as Verisign and Entrust, that was established with the aim of developing an open, strong authentication framework.

Question 18

OAuth (Open Authorization)

Answer 18

Standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider.

Question 19

obfuscation

Answer 19

A technique that essentially “hides” or “camouflages” code or other information so that it is harder to read by unauthorized users.

Question 20

OCSP (online certificate status protocol)

Answer 20

Allows clients to request the status of a digital certificate, to check whether it is revoked.

Question 21

offboarding

Answer 21

The process of ensuring that all HR and other requirements are covered when an employee leaves an organization. Also known as exit interview.

Question 22

offline CA (offline certificate authority)

Answer 22

In PKI, a CA (typically the root CA) that has been disconnected from the network to protect it from compromise.

Question 23

OICD (OpenID Connect)

Answer 23

An authentication layer that sits on top of the OAuth 2.0 authorization protocol.

Question 24

OID (object identifier)

Answer 24

Numeric schema used for attributes of digital certificates. onboarding The process of bringing in a new employee, contractor, or supplier.

Question 25

OOB (out-of-band management)

Answer 25

Accessing the administrative interface of a network appliance using a separate network from the usual data network. This could use a separate VLAN or a different kind of link, such as a dial-up modem.

Question 26

Opal

Answer 26

Standards for implementing device encryption on storage devices. operational control A category of security control that is implemented by people.

Question 27

orchestration

Answer 27

The automation of multiple steps in a deployment process. order of volatility The order in which volatile data should be recovered from various storage locations and devices after a security incident occurs.

Question 28

OSINT (open-source intelligence)

Answer 28

Publicly available information plus the tools used to aggregate and search it.

Question 29

OT (operational technology)

Answer 29

A communications network designed to implement an industrial control system rather than data networking.

Question 30

OTA (over the air)

Answer 30

A firmware update delivered on a cellular data connection. output encoding Coding methods to sanitize output created from user input.

Question 31

OWASP (Open Web Application Security Project)

Answer 31

A charity and community publishing a number of secure application development resources.