Random Tech Terms To Know Flashcards
VPN
Virtual Private network
-encrypts your internet connection
-Internet traffic is routed through a connected tunnel so that other people can’t see your activity and information
3 types:
-Remote access VPN
-Site-to-site VPN
-Mobile VPN
IDE
Integrated Development Environment
ISP
Internet service provider
DHCP
Dynamic Host Configuration Protocol
-network server that automatically provides and assigns IP addresses, default gateways and other network parameters to client devices
MFA
Multi-factor authentication
Internet connection path
ISP>travels to…>firewall>switch>peripherals
IIS
Internet information service
-A web server hosted by Microsoft that runs on Windows
-Used to exchange web content with users
AD
Active Directory
-database and set of services that connect users with network resources
-includes users and computers and who is allowed to do what
-used by administrators to manage permissions and control access to network resources
Services (Windows)
Background apps that don’t have an interface and do a variety of things
cmdlet
a lightweight command in the Windows PowerShell environment that performs a specific action and manipulates objects
EDR
Endpoint detection and response. Security tool, firewall, etc
BitLocker
a Windows security feature that encrypts drives to protect data from theft or unauthorized access
SOC
Security operations center
SOC acts like the hub or central command post, taking in telemetry from across an organization’s IT infrastructure
Kernel
Core of an OS
-controls security, file management, platform for apps to run
-user rarely interacts with the kernel
Registry
a database that stores configuration settings and other details about the computer
Hyper-V
Windows compatible virtualization product
A-record
a type of DNS record that maps a domain name to the IP address of the computer that hosts it
A records are used when a user tries to access a website by typing in its domain name
CNAME
Maps an alias/subdomain to the primary domain name
-on DNS record
DC
Domain controller
-a server that manages a network’s security and access/identity requests. The Active Directory (AD) services database is stored on the DC
Domain
Large network
-different users have different privileges and access rights
-managed by a server called a domain controller (DC)
-manages security and authentication
-stores the shared information for the
-pcs can be on different local networks but in the same domain
-main function of an AD
Workgroups
Small networks
-each computer has its own storage, management, and the account must be on that device
-same local network
Windows ADK
Windows Assessment and Deployment Kit
-used to customize windows installation
ODD
Optical Disk drives
-tray that opens and reads DVD drives
ISO file
Copy of an entire optical disk, archived into a single file
.bat file
Batch file, it contains a series of commands that are executed in sequence when the file is run
NIC
Network interface controller
-A network interface controller is a computer hardware component that connects a computer to a computer network
System image
Exact copy of a hard drive: including OS, executable files, system settings and all files and folders
WIM
Windows imagine format
-file extension for a complete windows image
Answer/unattend file
an XML-based file that contains settings and values used to customize Windows Setup
Media/media technology/media device
Electronic devices used to store data, such as hard drives (HDD and SSD), USB drives, DVDs, CD-ROM, and floppy disks.
USMT
User state migration tool
-Windows ADK tool to move user profiles and data across
MDT
Microsoft Deployment Toolkit
-used to capture and deploy images
WinPE
Windows pre-installation environment
-barebones version of windows used to trouble shoot and deploy windows
ADK
Assessment and Deployment Kit
-windows tool that can be used to assist in the creation and management of image files
-customize windows installation
OOBE
Out-of-box-experience
-what windows users experience with their fresh, new devices
-prompts that ask about language, keyboards and other preferences that users see and go through after booting a configured device for the first time
MDM
Mobile Device Management
-a solution that can configure devices over the cloud that are apart of an Active Directory
OU
Organizational unit
-type of container/unit within an AD domain
-good for organizing domain objects
Domain objects
Different kinds of objects within a DC
-computer, printers, users
TPM chip
International standard for a secure crypto processor
-secures hardware through integrated cryptographic keys
RBAC
Role-based access control
-Security model used to control an organizations access to resources
Azure Active Directory
A cloud-based authentication service
SID
Security identifier
-string attached to each user, computer and group in Windows
SAN (domain)
Subject alternative name
-alternative name for a FQDN (fully qualified domain name)
MMC
Microsoft management console
-tool that can be used for many purposes in Windows
LSDOU
Stands for Local, Site, Domain, Organizational Units (in that order)
-this is the order of processing for GPOs
-ones processed later will override earlier ones and will be applied to those under that tree
CIDR
Classless Inter-Domain Routing
-denoting sub masks by the number of 1s in the subnet mask
-example: 255.255.0.0 would be denoted as “/16”
RU or U
“Rack unit” or “Unit”
Unit of measurement indicating one server rack slot/space
-1 RU= 1.75” in height or of vertical space
NIC
Network interface card
-hardware component that allows a computer to connect to a network and exchange data with other devices
ADDS
Active Directory domain services
-on premise AD services with domain controllers
ICMP (echo and response)
Set of packets being sent or received, can be used by sending “ping” commands in command line/powershell
PAAS
Platform as a service
-platform is ready to use, has to be administered before being used
SAAS
Software as a service
-a fully functional app that is ready to use
IAAS
Infrastructure as a service
-I.e. Azure, AWS (Amazon Web Services), GCE (Google)
SSO
Single-sign on
-used to have only one account to logon to cloud apps and even on-Prem services
-Azure AD connect/Entra connect
MAC address
Unique identifier assigned to NIC (network interface controller) for use as a network address in communications within a network segment
-also used to identify a device on a network
ISATAP
Intra-site automatic tunnel addressing protocol
-type of tunneling method used when two sites in the same network are using different kinda of networks (IPv4 and IPv6)
-Needs an ISATAP router, can go both ways
What 4 addresses does a computer need to function on a network?
- IP address
- Subnet mask
- Default gateway (router) address
- DNS (domain name system) server address
SSID
Service Set Identifier
-name of a wireless network
-most routers have a default name, it’s a good idea to change this to something different
RBAC
Role-based access control
-rights and permissions in an environment are based on the roles given to the user (when using RBAC)
UAC
User access control
-can be edited in a GPO
-standard users get a standard user token when logging in
-admins get an admin user token when logging in
-when standard user tries to do something that requires admin credentials, UAC is activated and prompts for admin credential input
-4 levels of UAC
Open network
Wireless network open to public, often used a captive portal (portal that must be used/gone through to access the network, sometimes makes you pay)
-no authentication required
PSK network
Pre-shared key network
-most common wireless network
-pre configured password to access
WPS method
Method of accessing a wireless network by pushing WPS button on AP (access point), or by using NFC (near-field communication)
802.1x standard
Network security standard, usually used at an enterprise level
-uses three components
-supplicant-user requesting access
-Authenticator-device (typically a
switch in wired networks or an access
point in wireless networks) that
controls network access
-Authentication server- server (usually
RADIUS server) that verifies users
creds
RADIUS
Remote authentication dial-in service
-open authentication standard
-credential sent in UDP packet
-uses port 1812 for authentication and authorization
-uses port 1813 for accounting
-only encrypts passwords
TACACS+
Terminal access controller access-control system
-type of authentication method
-better than RADIUS
-creds sent in TCP packet
-uses port 49
-all data is encrypted
TKIP
Temporal key integrity protocol
-older, used with WPA2 and 3
-each packet gets its own encryption key
-Vulnerable
AES
Advanced encryption standard
-block ciphers or 128 bits
-keys up to 256 bits in length
-based on the Rijndael algorithm
-one of the strongest encryption protocols available
Kerberos
Windows Authentication method
-only authenticates, DOES NOT authorize or account
-often used alongside TACACS+ or RADIUS
UDP and TCP
UDP (user datagram protocol)
TCP (transmission control protocol)
Both are protocols
-both are protocols that operate at the transport level of the OSI model and apart of the IP (Internet protocol) suite
TCP/IP
Internet protocol (IP) suite, organizes communication protocols for the Internet
PIM
Privileged identity management
-tech that allows you to manage, control, and monitor access to resources in your organization.
Source anchor
Immutable attribute that is the same attribute in AD and Azure
-links AD and Azure together for syncing and other scenarios (recovery, rebuilding of sync server)
TPM
Trust platform module
-chip on the MB that secures hardware through cryptographic keys
UPN
User principal name
-username followed by an “@“ symbol followed by the Active Directory internet domain