Glossary S Flashcards
S/MIME (Secure/Multipurpose Internet Mail Extensions)
An email encryption standard that adds digital signatures and public key cryptography to traditional MIME communications.
SaaS (Software as a Service)
A computing method that uses the cloud to provide application services to users.
SAE (Simultaneous Authentication of Equals)
Personal authentication mechanism for Wi-Fi networks introduced with WPA3 to address vulnerabilities in the WPA-PSK method.
salt
A security countermeasure that mitigates the impact of a rainbow table attack by adding a random value to (“salting”) each plaintext input.
SAML (Security Assertion Markup Language)
An XML-based data format used to exchange authentication information between a client and a service.
SAN (subject alternative name)
Field in a digital certificate allowing a host to be identified by multiple host names/subdomains.
sandbox
A computing environment that is isolated from a host system to guarantee that the environment runs in a controlled, secure fashion. Communication links between the sandbox and the host are usually completely prohibited.
sanitization
The process of thorough and completely removing data from a storage medium so that file remnants cannot be recovered.
SAS (Serial Attached Small Computer Systems Interface)
Developed from parallel SCSI, SAS represents the highest performing hard disk interface available.
SCADA (Supervisory Control and Data Acquisition)
A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas.
scalability
The property by which a computing environment is able to gracefully fulfill its ever-increasing resource needs.
scanless
Utility that runs port scans through third-party websites to evade detection.
SCAP (Security Content Automation Protocol)
A NIST framework that outlines various accepted practices for automating vulnerability scanning.
screened host
A dual-homed proxy/gateway server used to provide Internet access to other network nodes, whileprotecting them from external attack.
script kiddie
An inexperienced, unskilled attacker that typically uses tools or scripts created by others
SDK (software development kit)
Coding resources provided by a vendor to assist with development projects that use their platform or API.
SDN (software defined networking)
APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems.
SDV (software defined visibility)
APIs for reporting configuration and state data for automated monitoring and alerting.
SE (secure erase)
A method of sanitizing a drive using the ATA command set.
SEAndroid (Security-Enhanced Android)
Since version 4.3, Android has been based on Security-Enhanced Linux, enabling granular permissions for apps, container isolation, and storage segmentation.
SECaaS (Security as a Service)
A computing method that enables clients to take advantage of information, software, infrastructure, and processes provided by a cloud vendor in the specific area of computer security.
secure boot
A UEFI feature that prevents unwanted processes from executing during the boot operation.
security control
A technology or procedure put in place to mitigate vulnerabilities and risk and to ensure the confidentiality, integrity, and availability (CIA) of information.
SED (self-encrypting drive)
A disk drive where the controller can automatically encrypt data that is written to it.
segment
A portion of a network where all attached hosts can communicate freely with one another.
SEH (structured exception handler)
A mechanism to account for unexpected error conditions that might arise during code execution. Effective error handling reduces the chances that a program could be exploited.
self-signed certificate
A digital certificate that has been signed by the entity that issued it, rather than by a CA.
sentiment analysis
Devising an AI/ML algorithm that can describe or classify the intention expressed in natural language statements.
separation of duties
A concept that states that duties and responsibilities should be divided among individuals to prevent ethical conflicts or abuse of powers.
server certificate
A digital certificate that guarantees the identity of e-commerce sites and other websites that gather and store confidential information.
serverless
A software architecture that runs functions within virtualized runtime containers in a cloud rather than on dedicated server instances.
server-side
In a web application, input data that is executed or validated as part of a script or process running on the server.
service account
A host or network account that is designed to run a background service, rather than to log on interactively.
session affinity
A scheduling approach used by load balancers to route traffic to devices that have already established connections with the client in question. Also known as source IP affinity.
session hijacking
A type of spoofing attack where the attacker disconnects a host then replaces it with his or her own machine, spoofing the original host’s IP address. sflow Web standard for using sampling to record network traffic statistics.
SFTP (Secure File Transfer Protocol)
A secure version of the File Transfer Protocol that uses a Secure Shell (SSH) tunnel as an encryption method to transfer, access, and manage files.
SHA (Secure Hash Algorithm)
A cryptographic hashing algorithm created to address possible weaknesses in MDA. The current version is SHA-2.
shadow IT
Computer hardware, software, or services used on a private network without authorization from the system owner.
shared account
An account with no credential (guest) or one where the credential is known to multiple persons.
shellcode
Lightweight block of malicious code that exploits a software vulnerability to gain initial access to a victim system.
shimming
The process of developing and implementing additional code between an application and the operating system to enable functionality that would otherwise be unavailable.
shoulder surfing
A social engineering tactic to obtain someone’s password or PIN by observing him or her as he or she types it in.
SID (security identifier)
The value assigned to an account by Windows and that is used by the operating system to identify that account.
SIEM (security information and event management)
A solution that provides real-time or near-real-time analysis of security alerts generated by network hardware and applications.
signature-based detection
A network monitoring system that uses a predefined set of rules provided by a software vendor or security personnel to identify events that are unacceptable.
SIM (subscriber identity module)
A small chip card that identifies the user and phone number of a mobile device, via an International Mobile Subscriber Identity (ISMI).
sinkhole
A DoS attack mitigation strategy that directs the traffic that is flooding a target IP address to a different network for analysis.
SIP (Session Initiation Protocol)
Used to establish, disestablish, and manage VoIP and conferencing communications sessions. It handles user discovery (locating a user on the network), availability advertising (whether a user is prepared to receive calls), negotiating session parameters (such as use of audio/ video), and session management and termination.
SLA (service level agreement)
Operating procedures and standards for a service contract.
SLE (single loss expectancy)
The amount that would be lost in a single occurrence of a particular risk factor.
smart card
A device similar to a credit card that can store authentication information, such as a user’s private key, on an embedded microchip.
smart meter
A utility meter that can submit readings to the supplier without user intervention.
SMiShing
A form of phishing that uses SMS text messages to trick a victim into revealing information.
sn1per
software utility designed for penetration testing reporting and evidence gathering that can also run automated test suites.
SNMP (Simple Network Management Protocol)
Protocol for monitoring and managing network devices. SNMP works over UDP ports 161 and 162 by default.
SOA (service-oriented architecture)
A software architecture where components of the solution are conceived as loosely coupled services not dependent on a single platform type or technology.
SOAP (Simple Object Access Protocol)
An XML-based web services protocol that is used to exchange messages.
SOAR (security orchestration, automation, and response)
A class of security tools that facilitates incident response, threat hunting, and security configuration by orchestrating automated runbooks and delivering data enrichment.
SoC (system-on-chip)
A processor that integrates the platform functionality of multiple logical controllers onto a single chip.
spear phishing
An email-based or web-based form of phishing which targets specific individuals
SPIM (spam over internet messaging)
A spam attack that is propagated through instant messaging rather than email.
split tunnel
VPN configuration where only traffic for the private network is routed via the VPN gateway.
SPoF (single point of failure)
A component or system that would cause a complete interruption of a service if it failed.
SQL injection (Structured Query Language injection)
An attack that injects a database query into the input data directed at a server by accessing the client side of the application.
SSAE SOC (Statements on Standards for Attestation Engagements Service Organization Control)
Audit specifications designed to ensure that cloud/hosting providers meet professional standards. A SOC2 Type II report is created for a restricted audience, while SOC3 reports are provided for general consumption.
SSH (Secure Shell)
A remote administration and file-copy program that supports VPNs by using port forwarding, and that runs on TCP port 22.
SSID (service set identifier)
A character string that identifies a particular wireless LAN (WLAN)
SSO (single sign-on)
An authentication technology that enables a user to authenticate once and receive authorizations for multiple services.
SSTP (Secure Socket Tunneling Protocol)
A protocol that uses the HTTP over SSL protocol and encapsulates an IP packet with a PPP header and then with an SSTP header.
standard naming convention
Applying consistent names and labels to assets and digital resources/identities within a configuration management system.
stapling
Mechanism used to mitigate performance and privacy issues when requesting certificate status from an OCSP responder.
state actor
A type of threat actor that is supported by the resources of its host country’s military and security services. Also known as nation state actor.
state table
Information about sessions between hosts that is gathered by a stateful firewall.
stateful inspection
A technique used in firewalls to analyze packets down to the application layer rather than filtering packets only by header information, enabling the firewall to enforce tighter and more security.
steganography
A technique for obscuring the presence of a message, often by embedding information within a file or other entity.
STIX (Structured Threat Information eXpression)
A framework for analyzing cybersecurity incidents.
stored procedure
One of a set of pre-compiled database statements that can be used to validate input to a database.
STP (Spanning Tree Protocol)
A switching protocol that prevents network loops by dynamically disabling links as needed.
stream cipher
A type of symmetric encryption that combines a stream of plaintext bits or bytes with a pseudorandom stream initialized by a secret key.
stress test
A software testing method that evaluates how software performs under extreme load.
supplicant
In EAP architecture, the device requesting access to the network.
SWG (secure web gateway)
An appliance or proxy server that mediates client connections with the Internet by filtering spam and malware and enforcing access restrictions on types of sites visited, time spent, and bandwidth consumed.
symmetric encryption
A two-way encryption scheme in which encryption and decryption are both performed by the same key. Also known as shared-key encryption.
syslog
A protocol enabling different appliances and software applications to transmit logs or event records to a central server.
