S Flashcards

1
Q

S/MIME

A

Secure/Multipurpose Internet Mail Extensions

An email encryption and signing industry standard widely used by corporations to enhance email security. S/MIME is compatible with most enterprise email clients.

S/MIME allows for the secure transformation of ALL applications - spreadsheets, graphics, presentations, movies, etc.

PGP was only made to secure plain email or text messages.

S/MIME is considered superior to PGP from an administrative perspective because of its strength, support for centralized key management through X.509 certificate servers and extensive industry support.

PGP is more complicated from an end-user perspective, because it requires additional plug-ins or downloads to operate.

S/MIME protocol allows most vendors to send and receive encrypted email without using additional software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

SaaS

A

Software as a Service

A cloud-based method of providing software to users. SaaS users subscribe to an application rather than purchasing it once and installing it. Users can log into and use a SaaS application from any compatible device over the Internet.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

SAE

A

Simultaneous Authentication of Equals

A secure key exchange protocol used in Wi-Fi networks to prevent man-in-the-middle attacks by simultaneously authenticating both parties.

A derivation of the Diffie-Hellman key exchange with an authentication component. Everyone uses a different session key even if they each use the same pre-shared key.

Eliminates the need for four-way handshakes and hashes, so it is NOT vulnerable to brute force attacks.

At the core of SAE’s effectiveness is the innovative “Dragonfly” handshake mechanism. This sophisticated process underpins mutual authentication between a device seeking connection (e.g., a smartphone or laptop) and the wireless access point, achieving this without the actual exchange of the password itself.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

SAML

A

Security Assertions Markup Language

An open standard used for authentication. Based upon the Extensible Markup Language (XML) format, web applications use SAML to transfer authentication data between two parties - the idP and the service provider (SP).

Its primary role in online security is that it enables you to access multiple web applications using one set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

SAN
(2 acronyms)

A

Storage Area Network

Subject Alternative Name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Storage Area Network

A

A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Subject Alternative Name

A

A structured way to indicate all of the domain names and IP addresses that are secured by the certificate.

Allows administrators to create wildcard SSL/TLS certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

SASE

A

Secure Access Service Edge

An architecture that delivers converged network and security as a service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access.

SASE enables:

Centralized orchestration and real-time application optimization

Secure, seamless access for users

More secure remote and mobile access

Restriction of access based on user, device, and application identity

Centralized management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

SCADA

A

Supervisory Control and Data Acquisition

A system of software and hardware elements that allows organizations to control and monitor industrial processes by directly interfacing with plant-floor machinery and viewing real-time data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

SCAP

A

Security Content Automation Protocol

A method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation

It consolidates vulnerability information into a single language that all devices can understand. Then, because all the devices are on the same page, they can work together to automate the removal and detection of vulnerabilities in the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

SCEP

A

Simple Certificate Enrollment Protocol

A certificate management protocol that helps IT administrators issue certificates automatically.

SCEP is a protocol that allows devices to easily enroll for a certificate by using a URL and a shared secret to communicate with a PKI. MDM software commonly uses SCEP for devices by pushing a payload containing the SCEP URL and shared secret to managed devices. This can save an administrator a lot of time and effort compared to the alternative of manually enrolling their managed devices for certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

SD-WAN

A

Software-Defined Wide Area Network

A new form of WAN that is built specifically for cloud-based apps.

Instead of having all users communicating to a set of internal datacenters and servers, and from there to the cloud app–this technology allows WANs to be flexible enough to allow users to connect directly to cloud applications.

It is a way to send traffic directly over the internet from branch locations to trusted SaaS and cloud-based applications while maintaining compliance with enterprise security mandates.

An SD‑WAN assures consistent application performance and resiliency, automates traffic steering in an application-driven manner based on business intent, improves network security, and simplifies the WAN architecture.

An SD-WAN uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS and IaaS providers. This increases application performance and delivers a high-quality user experience, which increases business productivity and agility and reduces IT costs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SDK

A

Software Development Kit

A set of platform-specific building tools for developers, including components like debuggers, compilers, and libraries to create code that runs on a specific platform, operating system, or programming language. Additionally, they contain resources like documentation, tutorials, and guides as well as APIs and frameworks for faster application development.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

SDLC

A

Software Development Lifecycle

A plan for how to develop, alter, and maintain a software system.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

SDLM

A

Software Development Lifecycle Methodology

A structured framework or process used by software developers to plan, design, build, test, deploy, and maintain software applications. SDLMs guide the dev team through a series of phases, ensuring that the software is developed efficiently, with high quality, and meets the requirements of the stakeholders.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

SDN

A

Software-Defined Networking

A network architecture created by separating network devices into logical functional planes.

An approach to networking that uses APIs or software-based controllers to communicate with underlying hardware infrastructure and direct traffic on a network.

This model differs from that of traditional networks, which use dedicated hardware devices (i.e., routers and switches) to control network traffic. SDN can create and control a virtual network – or control a traditional hardware – via software.

It controls the routing of data packets through a centralized server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

SE Linux

A

Security-Enhanced Linux

Patches that enhance the security of Linux, including the addition of:

Mandatory access control
Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

SED

A

Self-Encrypting Drives

A type of hard drive with encryption and decryption capabilities built into the drive hardware. The process is handled directly by the drive rather than by software on the host device.

SEDs can automatically encrypt and decrypt data as it is written to and read from the drive, making it more secure and convenient.

This can provide an added layer of security, as it eliminates the need for software that could be vulnerable to malware or other types of attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

SEH

A

Structured Exception Handler

A Microsoft extension to C and C++ to handle certain exceptional code situations, such as hardware faults, gracefully.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

SFTP

A

Secured File Transfer Protocol

A secure transfer protocol based on FTP that uses SSH encryption.

It is considered more secure than FTPS, but is slower.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

SHA

A

Secure Hashing Algorithm

A family of cryptographic functions designed to keep data secured. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions.

A modified version of MD5.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

SHTTP

A

Secure Hypertext Transfer Protocol

An earlier security protocol that provided secure transactions over the Web. It works at the application layer rather than the transport layer.

This means that it secures individual messages, while HTTPS creates a secure connection for all transmitted data.

Because of this, it is best applied in situations where only certain parts of the communication need to be secured.

It is not as widely adopted or used as HTTPS because it requires more computational resources than HTTPS; it is less efficient for securing large volumes of data.

23
Q

SIEM

A

Security Information and Event Management

A central place to collect, aggregate, and analyze volumes of data across an enterprise, effectively streamlining security workflows.

It is security software that gives organizations a bird’s-eye-view of activity across their entire network so they can respond to threats faster—before business is disrupted.

24
Q

SIM

A

Subscriber Identity Module

A smart card necessary to make use of a mobile phone for communication. The SIM is an integrated circuit that is intended to securely store the international mobile subscriber identity (IMSI) number, which are used to identify and authenticate subscribers on mobile telephone systems. Memory is also available on the SIM for personalized data, such as a telephone book and messages.

A SIM card contains its unique serial number (ICCID), international mobile subscriber identity (IMSI) number, security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to, and two passwords: a personal identification number (PIN) for ordinary use, and a personal unblocking code (PUC) for PIN unlocking.

25
Q

SLA

A

Service-Level Agreement

A document that lists the minimum terms for services provided. Typically used between customers and service providers.

Ex. Level of uptime, response time agreement, requirements of both the customer and the service provider (ex. customer is required to keep spare parts onsite)

26
Q

SLE

A

Single Loss Expectancy

The monetary loss if a single event occurs

27
Q

SMS

A

Short Message Service

A text messaging service that allows the exchange of short text messages between mobile devices.

28
Q

SMTP

A

Simple Mail Transfer Protocol

A networking standard for sending emails over the internet. It is unencrypted.

SMTP only works when sending text without attachments.

MIME is what enables attachments, message bodies exceeding the character limits imposed by SMTP, messages in languages other than English, and HTML/CSS formats.

MIME is an extension protocol; it enhances SMTP, but does not operate separately.

29
Q

SMTPS

A

Simple Mail Transfer Protocol Secure

A protocol that sends emails over the internet, but also encrypts, authenticates, and prevents data tampering by using the TLS protocol.

30
Q

SNMP

A

Simple Network Management Protocol

A protocol used to transfer network information. It is used by SNMP agents installed on devices, which send SNMP messages to a centralized management device.

31
Q

SOAP

A

Simple Object Access Protocol

A lightweight XML-based protocol that is used for the exchange of information in decentralized, distributed application environments. It is used to build APIs.

You can transmit SOAP messages in any way that the applications require, as long as both the client and the server use the same method. The current specification describes only a single transport protocol binding, which is HTTP.

SOAP differs from REST in that the SOAP approach is highly structured and uses XML data format. REST is more flexible and allows applications to exchange data in multiple formats.

32
Q

SOAR

A

Security Orchestration, Automation, Response

Software that enables security teams to integrate and coordinate separate tools into streamlined threat response workflows.

33
Q

SoC

A

System on Chip

An integrated circuit that integrates most or all components of a computer or other electronic system on a single piece of silicon.

By eliminating the need for separate and large system components, SoCs help simplify circuit board design, resulting in improved power and speed without compromising system functionality.

In a SoC, the CPU is fully integrated with memory, GPUs, and more on a single chip. You can think of it as fully functional computer in a tiny, tiny box.

34
Q

SOC

A

Security Operations Center

A team of IT security professionals that protects the organization by monitoring, detecting, analyzing, and investigating cyber threats.

35
Q

SOW

A

Statement of Work

A document that includes a detailed breakdown that lists what services will be provided and when. it lists specific items that need to be completed.

Used in conjunction with the MSA to avoid renegotiating basic terms of the contract, instead focusing on detailed, specific tasks.

It helps evaluate whether the job was done properly.

Ex. The scope of the job, the location, deliverables schedule, acceptance criteria, etc.

36
Q

SPF

A

Sender Policy Framework

An email authentication system that aids in identifying which mail servers are allowed to deliver emails for a specific domain.

An administrator lists which servers are authorized to deliver emails on the organization’s behalf, and email recipients can check this list to make sure the email they received is legitimate.

37
Q

SPIM

A

Spam over Internet Messaging

Unsolicited messages, often advertisements, over IM.

Note that this is different from smishing, which uses SMS to attempt phishing.

38
Q

SQL

A

Structured Query Language

A standard language for database creation and manipulation

39
Q

SQLi

A

SQL Injection

A web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

40
Q

SRTP

A

Secure Real-Time Protocol

An extension of RTP that adds message authentication, confidentiality, and replay protection (mostly intended for VoIP comms), among other security features.

It uses AES as its default encryption cipher.

41
Q

SSD

A

Solid State Drive

A storage device containing nonvolatile flash memory, used in place of a hard disk because of its much greater speed.

SSDs store data in flash memory, while HDDs store data in magnetic disks.

42
Q

SSH

A

Secure Shell

A software package that enables secure system administration (remote logins) and file transfers over insecure networks through secure tunnels.

While VPNs establish tunnels between your device and a VPN server, SSH establishes tunnels between your device directly to the remote target machine for file transfer/code execution.

43
Q

SSL

A

Secure Sockets Layer

A deprecated encryption-based Internet security protocol. It works by binding the identities of entities such as websites and companies to cryptographic key pairs via digital documents known as X.509 certificates.

44
Q

SSO

A

Single Sign-On

An identification method that enables users to log in to multiple applications and websites with one set of credentials.

45
Q

STIX

A

Structured Threat Information eXchange

A standardized language that uses a JSON-based lexicon to express and share threat intelligence information in a readable and consistent format.

STIX provides a common syntax so users can describe threats consistently by their motivations, abilities, capabilities, and responses.

46
Q

SWG

A

Structured Web Gateway

An SWG is NOT a firewall.

However, it is very similar to one. It mainly focuses on filtering unsafe content from web traffic to stop cyber threats and data breaches. It operates between company employees and the internet.

It may also include DLP, content filtering, and other features.

47
Q

Difference between SCAP and OVAL

A

OVAL is the declarative language for making logical assertions about the state of the system. It is the main component of the SCAP standard.

SCAP is a family of standards comprised of multiple component standards.

48
Q

Differences between SFTP and FTPS:

Encryption
Port
Firewall
Platform
Authentication

A

Encryption:
SFTP - SSH
FTPS - SSL/TLS

Port:
SFTP - 22
FTPS - 21 and 990

Firewall:
SFTP - easy to config behind a firewall bc it uses a single port
FTPS - requires 2 ports by default, making it more difficult to config behind a firewall

Platform:
SFTP - platform-independent
FTPS - platform-dependent; may require FTP clients/servers to be installed

Authentication:
SFTP supports more authentication methods than FTPS

49
Q

Why would one choose to use FTPS over SFTP, considering SFTP is generally more secure, easier to configure, and supports more authentication methods?

A

You are using an FTP client/server and need to upgrade the security, or if your org has existing SSL/TLS infrastructure.

50
Q

Difference between SHTTP and HTTPS

A

HTTPS encrypts the entire connection; SHTTP encrypts individual messages.

SHTTP is less widely adopted and used than HTTPS.

SHTTP is less efficient for encrypting large volumes of data because it encrypts each message separately.

51
Q

Difference between STIX and TAXII

A

STIX is a standardized language; TAXII is the format through which threat intelligence data is transmitted.

While TAXII supports sending STIX, they are two independent standards. STIX does not rely specifically on TAXII for transport; and TAXII can transport non-STIX data.

52
Q

Difference between SWG and NGFW

A

SWGs have more functionality and reporting options than a NGFW.

A NGFW enforces security policies and examines network packets.

A SWG focuses on filtering and managing web traffic.

A NGFW is focused on identifying and securing traffic.

An SWG is focused on identifying users, authenticating users, and recording all web access.

53
Q

Difference between SWG and WAF

A

SWG filters unwanted software/internet traffic

WAF protects web applications from attacks