Network Security Flashcards
SIM
Subscriber Identity Module/SIM Card
- Integrated circuit useed to securely store the data used to identify and authenticate mobile subscribers
- SIM also stores personalized data, such as a telephone book and messages
SATCOM
Satellite Communications or Communications Satellite
A method for mobile devices to connect to networks
DMZ
Demilitarized Zone
A physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted usually larger network such as the Internet. The purpose of a DMZ is to add an additional layer of security to an organization’s local area network (LAN).
CAN
Controller Area Network
Vehicle bus standard designed to allow microcontrollers and devices to communicate with each other’s applications without a host computer.
Used in the automotive industry, aircraft, and medical devices
GPS
Global Positioning System
A satellite-based radionavigation system created and maintained by the US government.
Provides free geolocation and time information to a GPS receiver anywhere on or near the Earth with is an unobstructed line of sight to four or more GPS satellites.
CYOD
Choose Your Own Device
A mobile deployment model that allows employees to select a mobile device from a list of accepted devices to use for work purposes.
HDD
Hard Disk Drive
An electro-mechanical data storage device that stores and retrieves digital data using magnetic storage and one or more rigid rapidly rotating platters coated with magnetic material.
UPS
Uninterruptible Power Supply
Increase power related fault tolerance
CAPTCHA
Completely Automated Public Turing test to tell Computers and Humans Apart
A type of challenge–response test used in computing to determine whether or not the user is human.
RAS
Remote Access Server
- Server that provides a suite of services to remotely connected users over a network or the Internet.
- Operates as a remote gateway or central server that connects remote users with an organization’s internal local area network (LAN).
ICS
Industrial Control System
A networked system that controls critical infrastructure such as water electrical transportation and telecommunication services
DSL
Digital Subscriber Line
Used to transmit digital data over telephone lines.
The term DSL is widely understood to mean asymmetric digital subscriber line (ADSL) the most commonly installed DSL technology for Internet access.
DSL can be delivered simultaneously with wired telephone service on the same telephone line since DSL uses higher frequency bands for data.
UTM
Unified Threat Management
A group of security controls combined in a single solution. UTM appliances can inspect data streams for malicious content and block it.
WIPS
Wireless Intrusion Prevention System; An active inline security device that monitors suspicious network and/or system traffic on a wireless network and reacts in real time to block it
VLSM
Variable Length Subnet Masking
A subnet design that uses more than one mask in the same network which means more than one mask is used for different subnets of a single class A, B, C or a network
It is used to increase the usability of subnets as they can be of variable size.
GPG
Gnu Privacy Guard
A free open-source version of Symantec’s PGP crytographic software suite that provides equivalent encryption and authentication services.
TOS
Trusted Operating System
Operating system that meets a set of predetermined requirements with heavy empasis on authentication and authorization
CASB
Cloud Access Security Broker
A software tool or service that enforces cloud-based security requirements.
It is placed between an organization’s resources and the cloud.
Monitors all network traffic and can enforce security policies.
MDM
Mobile Device Management
A group of applications and/or technologies used to manage mobile devices.
MDM tools can monitor mobile devices to ensure security policy compliance.
VPN
Virtual Private Network
A method of extending a private network by tunneling though a public network such as the Internet
VDI
Virtual Desktop Infrastructure
A virtualization implementation that separates the personal computing environment from a user’s physical computer
NIPS
Network-based Intrusion Prevention System
An active inline security device that monitors suspicious network and/or system traffic and reacts in real time to block it
ESN
Electronic Serial Number
Unique identifier for mobile devices.
COPE
Corporate Owned Personally Enabled
A mobile device deployment model.
The organization purchases and issues devices to employees.
Employees to use them as if they were personally-owned notebook computers, tablets or smartphones.
Compare with BYOD and CYOD.
URL
Universal Resource Locator
- Commonly called web address
- Reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it
- Specific type of Uniform Resource Identifier (URI)
SCAP
Security Content Automation Protocol
- Standard used by vulnerability scanners
- Utilizes the National Vulnerability Database (NVD), which includes:
- Lists of common misconfigurations
- Security-related software flaws
- Impact ratings or risk scores
AP
Access Point
A networking hardware device that allows other Wi-Fi devices to connect to a wired network.
AKA Wireless Access Point (WAP).
FDE
Full Disk Encryption
- Entire hard drive is encrypted
- Several software applications such as Veracrypt can do this
- Hardware-based full disk encryption also available
IPS
Intrusion Protection System
- Device or software application that can detect, react to, and prevent attacks.
- Placed inline with traffic
- Has protocol analyzing capabilities
- Reacts to attacks in progress and prevents them from reaching systems and networks
HIDS
Host-based Intrusion Detection System
A type of IDS that monitors all traffic on a single host systems like a server or workstation.
EFS
Encrypted File System
A technology enables files to be transparently encrypted to protect confidential data from attackers with physical access to the computer.
It is used in Microsoft Windows NTFS-based public key encryption.