Lesson 8 - Vulnerability Management Flashcards
SMB
Server Message Block
- a client-server communication protocol that allows computers on a network to share files, printers, and other resources
RCE
Remote Code Execution
- an attack is where an attacker runs malicious code on an organization’s network
EOL
End-of-Life
- specific product or version of a product that the manufacturer or vendor has publicly declared as no longer supported
UEFI
Unified Extensible Firmware Interface
- a specification for the firmware architecture of a computing platform.
KRACK
Key Reinstallation Attacks
- a type of on-path attack that exploits a vulnerability in protected WiFi, resulting in data breaches.
BEAST
Browser Exploit Against SSL/TLS
- a vulnerability that exists in all cipher block chaining (CBC) ciphers in SSL V3/TLS 1.0 and its lower versions
POODLE
Padding Oracle On Downgraded Legacy Encryption
- a security vulnerability that exploits the fallback to SSL 3.0, allowing attackers to decrypt network traffic by forcing browsers to downgrade to the vulnerable protocol.
TOCTOU
Time-of-Check to Time-of-Use
- refers to a vulnerability that arises when a system checks the state of a resource and then uses that resource, but the resource’s state changes between the check and the use, leading to unexpected or incorrect actions.
ASLR
Address Space Layout Randomization
- a cybersecurity technique that randomizes the memory addresses of a process and its libraries, making it harder for attackers to exploit memory corruption vulnerabilities like buffer overflows
DEP
Data Execution Prevention
- a Microsoft security feature that monitors and protects certain pages or regions of memory, preventing them from executing (usually malicious) code.
XSS
Cross-Site Scripting
- A malicious script hosted on the attacker’s site or coded in a link injected onto a trusted site designed to compromise clients browsing the trusted site, circumventing the browser’s security model of trusted zones.
DOM
Domain Object Model
SQLi
SQL Injection
- An attack that injects a database query into the input data directed at a server by accessing the client side of the application.
CASB
Cloud Access Security Broker
- Enterprise management software designed to mediate access to cloud services by users across all types of devices.
SBOM
Software Bill of Materials
- a comprehensive inventory of all components in a software product.
SCA
Software Composition Analysis
- a cybersecurity process that identifies and manages open-source components within software applications, detecting vulnerabilities, license compliance issues, and outdated libraries to mitigate risks and maintain security.
SPDX
Software Package Data Exchange
- an open standard for communicating Software Bill of Materials (SBOM) data, plays a crucial role in cybersecurity by enabling organizations to identify, manage, and mitigate risks associated with software supply chains, including licensing and security vulnerabilities.
SCA
Software Composition Analysis
- Tools designed to assist with identification of third-party and open-source code during software development and deployment.
NVD
National Vulnerability Database
- a U.S. government repository of publicly disclosed cybersecurity vulnerabilities, maintained by the National Institute of Standards and Technology (NIST), serving as a central resource for vulnerability information and aiding in cybersecurity efforts.
OTX
Online Threat Exchange
- a free, crowd-sourced cybersecurity platform, developed by AlienVault (now AT&T Cybersecurity), that enables security professionals to share and collaborate on threat intelligence, including Indicators of Compromise (IOCs), to enhance cybersecurity across the community.
CTI
Cyber Threat Intelligence
- The process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources.
TTP
Tactics, Techniques and Procedures
- Analysis of historical cyberattacks and adversary actions.
ISAC
Information Sharing and Analysis Centers
- A not-for-profit group set up to share sector-specific threat intelligence and security best practices among its members.
OSINT
Open-Source Intelligence
- Publicly available information plus the tools used to aggregate and search it.