S Flashcards
S/MIME
Secure/Multipurpose Internet Mail Extensions
An email encryption and signing industry standard widely used by corporations to enhance email security. S/MIME is compatible with most enterprise email clients.
S/MIME allows for the secure transformation of ALL applications - spreadsheets, graphics, presentations, movies, etc.
PGP was only made to secure plain email or text messages.
S/MIME is considered superior to PGP from an administrative perspective because of its strength, support for centralized key management through X.509 certificate servers and extensive industry support.
PGP is more complicated from an end-user perspective, because it requires additional plug-ins or downloads to operate.
S/MIME protocol allows most vendors to send and receive encrypted email without using additional software.
SaaS
Software as a Service
A cloud-based method of providing software to users. SaaS users subscribe to an application rather than purchasing it once and installing it. Users can log into and use a SaaS application from any compatible device over the Internet.
SAE
Simultaneous Authentication of Equals
A secure key exchange protocol used in Wi-Fi networks to prevent man-in-the-middle attacks by simultaneously authenticating both parties.
A derivation of the Diffie-Hellman key exchange with an authentication component. Everyone uses a different session key even if they each use the same pre-shared key.
Eliminates the need for four-way handshakes and hashes, so it is NOT vulnerable to brute force attacks.
At the core of SAE’s effectiveness is the innovative “Dragonfly” handshake mechanism. This sophisticated process underpins mutual authentication between a device seeking connection (e.g., a smartphone or laptop) and the wireless access point, achieving this without the actual exchange of the password itself.
SAML
Security Assertions Markup Language
An open standard used for authentication. Based upon the Extensible Markup Language (XML) format, web applications use SAML to transfer authentication data between two parties - the idP and the service provider (SP).
Its primary role in online security is that it enables you to access multiple web applications using one set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application.
SAN
(2 acronyms)
Storage Area Network
Subject Alternative Name
Storage Area Network
A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.
Subject Alternative Name
A structured way to indicate all of the domain names and IP addresses that are secured by the certificate.
Allows administrators to create wildcard SSL/TLS certificates.
SASE
Secure Access Service Edge
An architecture that delivers converged network and security as a service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access.
SASE enables:
Centralized orchestration and real-time application optimization
Secure, seamless access for users
More secure remote and mobile access
Restriction of access based on user, device, and application identity
Centralized management
SCADA
Supervisory Control and Data Acquisition
A system of software and hardware elements that allows organizations to control and monitor industrial processes by directly interfacing with plant-floor machinery and viewing real-time data.
SCAP
Security Content Automation Protocol
A method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation
It consolidates vulnerability information into a single language that all devices can understand. Then, because all the devices are on the same page, they can work together to automate the removal and detection of vulnerabilities in the network.
SCEP
Simple Certificate Enrollment Protocol
A certificate management protocol that helps IT administrators issue certificates automatically.
–
SCEP is a protocol that allows devices to easily enroll for a certificate by using a URL and a shared secret to communicate with a PKI. MDM software commonly uses SCEP for devices by pushing a payload containing the SCEP URL and shared secret to managed devices. This can save an administrator a lot of time and effort compared to the alternative of manually enrolling their managed devices for certificates.
SD-WAN
Software-Defined Wide Area Network
A new form of WAN that is built specifically for cloud-based apps.
Instead of having all users communicating to a set of internal datacenters and servers, and from there to the cloud app–this technology allows WANs to be flexible enough to allow users to connect directly to cloud applications.
–
It is a way to send traffic directly over the internet from branch locations to trusted SaaS and cloud-based applications while maintaining compliance with enterprise security mandates.
An SD‑WAN assures consistent application performance and resiliency, automates traffic steering in an application-driven manner based on business intent, improves network security, and simplifies the WAN architecture.
An SD-WAN uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS and IaaS providers. This increases application performance and delivers a high-quality user experience, which increases business productivity and agility and reduces IT costs.
SDK
Software Development Kit
A set of platform-specific building tools for developers, including components like debuggers, compilers, and libraries to create code that runs on a specific platform, operating system, or programming language. Additionally, they contain resources like documentation, tutorials, and guides as well as APIs and frameworks for faster application development.
SDLC
Software Development Lifecycle
A plan for how to develop, alter, and maintain a software system.
SDLM
Software Development Lifecycle Methodology
A structured framework or process used by software developers to plan, design, build, test, deploy, and maintain software applications. SDLMs guide the dev team through a series of phases, ensuring that the software is developed efficiently, with high quality, and meets the requirements of the stakeholders.
SDN
Software-Defined Networking
A network architecture created by separating network devices into logical functional planes.
An approach to networking that uses APIs or software-based controllers to communicate with underlying hardware infrastructure and direct traffic on a network.
This model differs from that of traditional networks, which use dedicated hardware devices (i.e., routers and switches) to control network traffic. SDN can create and control a virtual network – or control a traditional hardware – via software.
It controls the routing of data packets through a centralized server.
SE Linux
Security-Enhanced Linux
Patches that enhance the security of Linux, including the addition of:
Mandatory access control
Least privilege
SED
Self-Encrypting Drives
A type of hard drive with encryption and decryption capabilities built into the drive hardware. The process is handled directly by the drive rather than by software on the host device.
SEDs can automatically encrypt and decrypt data as it is written to and read from the drive, making it more secure and convenient.
This can provide an added layer of security, as it eliminates the need for software that could be vulnerable to malware or other types of attacks.
SEH
Structured Exception Handler
A Microsoft extension to C and C++ to handle certain exceptional code situations, such as hardware faults, gracefully.
SFTP
Secured File Transfer Protocol
A secure transfer protocol based on FTP that uses SSH encryption.
It is considered more secure than FTPS, but is slower.
SHA
Secure Hashing Algorithm
A family of cryptographic functions designed to keep data secured. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions.
A modified version of MD5.