sec Flashcards
DAC
Discretionary Access Control
RBAC
Rule-based Access Control
SOAR
Security Orchestration Automation Response
GCM
Galois Counter Mode
OSINT
Open-source Intelligence
SQLi
SQL Injection
TOU
Time-of-use
ML
Machine Learning
RSA
Rivest Shamir & Adleman
UAT
User Acceptance Testing
HDD
Hard Disk Drive
SoC
System on Chip
XSS
Cross-site Scripting
ASLR
Address Space Layout Randomization
ISP
Internet Service Provider
NTFS
New Technology File System
UAV
Unmanned Aerial Vehicle
AP
Access Point
CIA
Confidentiality Integrity Availability
DPO
Data Privacy Officer
ISSO
Information Systems Security Officer
NDA
Non-disclosure Agreement
ROI
Return on Investment
TOTP
Time-based One-time Password
EDR
Endpoint Detection and Response
CRL
Certificate Revocation List
FRR
False Rejection Rate
MTTF
Mean Time to Failure
CTO
Chief Technology Officer
MTTR
Mean Time to Recover
MTU
Maximum Transmission Unit
SLA
Service-level Agreement
WTLS
Wireless TLS
CASB
Cloud Access Security Broker
GDPR
General Data Protection Regulation
S/MIME
Secure/Multipurpose Internet Mail Extensions
TPM
Trusted Platform Module
VLAN
Virtual Local Area Network
BCP
Business Continuity Planning
GRE
Generic Routing Encapsulation
CCMP
Counter Mode/CBC-MAC Protocol
HMAC
Hashed Message Authentication Code
ICS
Industrial Control Systems
IM
Instant Messaging
SNMP
Simple Network Management Protocol
FIM
File Integrity Management
SE
Linux Security-enhanced Linux
SED
Self-encrypting Drives
ACL
Access Control List
PFS
Perfect Forward Secrecy
AAA
Authentication Authorization and Accounting
P12
PKCS #12
SQL
Structured Query Language
STIX
Structured Threat Information eXchange
WPS
Wi-Fi Protected Setup
CA
Certificate Authority
CFB
Cipher Feedback
NTP
Network Time Protocol
SPF
Sender Policy Framework
DEP
Data Execution Prevention
MOU
Memorandum of Understanding
TSIG
Transaction Signature
LEAP
Lightweight Extensible Authentication Protocol
SDN
Software-defined Networking
OAUTH
Open Authorization
WO
Work Order
WAF
Web Application Firewall
AV
Antivirus
COOP
Continuity of Operation Planning
ECDSA
Elliptic Curve Digital Signature Algorithm
LAN
Local Area Network
OVAL
Open Vulnerability Assessment Language
RTP
Real-time Transport Protocol
SMTP
Simple Mail Transfer Protocol
DDoS
Distributed Denial of Service
IMAP
Internet Message Access Protocol
MOA
Memorandum of Agreement
PAP
Password Authentication Protocol
GPS
Global Positioning System
ICMP
Internet Control Message Protocol
SHA
Secure Hashing Algorithm
IDF
Intermediate Distribution Frame
SWG
Secure Web Gateway
CRC
Cyclical Redundancy Check
SSH
Secure Shell
CMS
Content Management System
CYOD
Choose Your Own Device
OT
Operational Technology
RACE
Research and Development in Advanced Communications Technologies in Europe
SASE
Secure Access Service Edge
CCTV
Closed-circuit Television
DoS
Denial of Service
RDP
Remote Desktop Protocol
API
Application Programming Interface
NAT
Network Address Translation
PED
Personal Electronic Device
RAD
Rapid Application Development
DBA
Database Administrator
DLL
Dynamic Link Library
DSA
Digital Signature Algorithm
MSA
Master Service Agreement
Authentication
Protocol
XDR
Extended Detection and Response
XSRF
Cross-site Request Forgery
AUP
Acceptable Use Policy
PaaS
Platform as a Service
URI
Uniform Resource Identifier
VDE
Virtual Desktop Environment
BYOD
Bring Your Own Device
TAXII
Trusted Automated eXchange of Indicator Information
DHCP
Dynamic Host Configuration Protocol
DRP
Disaster Recovery Plan
HTTP
Hypertext Transfer Protocol
SHTTP
Secure Hypertext Transfer Protocol
NIPS
Network-based Intrusion Prevention System
NTLM
New Technology LAN Manager
ARP
Address Resolution Protocol
BIOS
Basic Input/Output System
MAN
Metropolitan Area Network
UEM
Unified Endpoint Management
CHAP
Challenge Handshake Authentication Protocol
MD5
Message Digest 5
PTZ
Pan-tilt-zoom
SAE
Simultaneous Authentication of Equals
SEH
Structured Exception Handler
OSPF
Open Shortest Path First
IAM
Identity and Access Management
SDLC
Software Development Lifecycle
VBA
Visual Basic
WIPS
Wireless Intrusion Prevention System
ARO
Annualized Rate of Occurrence
CSP
Cloud Service Provider
ISO
International Standards Organization
PCI
DSS Payment Card Industry Data Security Standard
SSO
Single Sign-on
VPC
Virtual Private Cloud
MFD
Multifunction Device
UEFI
Unified Extensible Firmware Interface
IRC
Internet Relay Chat
OID
Object Identifier
CVE
Common Vulnerability Enumeration
HOTP
HMAC-based One-time Password
PAM
Pluggable Authentication Modules
SMS
Short Message Service
FDE
Full Disk Encryption
IPSec
Internet Protocol Security
RTBH
Remotely Triggered Black Hole
SMTPS
Simple Mail Transfer Protocol Secure
WIDS
Wireless Intrusion Detection System
BASH
Bourne Again Shell
ERP
Enterprise Resource Planning
IoC
Indicators of Compromise
PPP
Point-to-Point Protocol
PUP
Potentially Unwanted Program
TACACS+
Terminal Access Controller Access Control System
WPA
Wi-Fi Protected Access
AI
Artificial Intelligence
URL
Universal Resource Locator
DSL
Digital Subscriber Line
SCEP
Simple Certificate Enrollment Protocol
TCP/IP
Transmission Control Protocol/Internet Protocol
TGT
Ticket Granting Ticket
ESN
Electronic Serial Number
MTBF
Mean Time Between Failures
OTA
Over the Air
TKIP
Temporal Key Integrity Protocol
BIA
Business Impact Analysis
CAR
Corrective Action Report
IEEE
Institute of Electrical and Electronics Engineers
PAT
Port Address Translation
POP
Post Office Protocol
BPA
Business Partners Agreement
COPE
Corporate Owned Personally Enabled
VLSM
Variable Length Subnet Masking
WAP
Wireless Access Point
DES
Digital Encryption Standard
MPLS
Multi-protocol Label Switching
PEAP
Protected Extensible Authentication Protocol
VPN
Virtual Private Network
XML
Extensible Markup Language
ESP
Encapsulated Security Payload
GPU
Graphics Processing Unit
CSR
Certificate Signing Request
IaaS
Infrastructure as a Service
IdP
Identity Provider
NFC
Near Field Communication
NIST
National Institute of Standards & Technology
RA
Registration Authority
IRP
Incident Response Plan
RADIUS
Remote Authentication Dial-in User Service
AH
Authentication Header
MBR
Master Boot Record
CP
Contingency Planning
RC4
Rivest Cipher version 4
TOC
Time-of-check
VM
Virtual Machine
DNAT
Destination Network Address Translation
PEM
Privacy Enhanced Mail
CBC
Cipher Block Chaining
ECB
Electronic Code Book
HIPS
Host-based Intrusion Prevention System
MDF
Main Distribution Frame
PBX
Private Branch Exchange
DKIM
DomainKeys Identified Mail
PII
Personally Identifiable Information
PKI
Public Key Infrastructure
RAT
Remote Access Trojan
BPDU
Bridge Protocol Data Unit
CSU
Channel Service Unit
HSM
Hardware Security Module
IR
Incident Response
XOR
Exclusive Or
DLP
Data Loss Prevention
SOC
Security Operations Center
SPIM
Spam over Internet Messaging
AES-256
Advanced Encryption Standards 256-bit
OCSP
Online Certificate Status Protocol
SSD
Solid State Drive
UPS
Uninterruptable Power Supply
APT
Advanced Persistent Threat
DMARC
Domain Message Authentication Reporting and Conformance
NIDS
Network-based Intrusion Detection System
PHI
Personal Health Information
POTS
Plain Old Telephone Service
EAP
Extensible Authentication Protocol
IDEA
International Data Encryption Algorithm
MSSP
Managed Security Service Provider
IV
Initialization Vector
SaaS
Software as a Service
SOAP
Simple Object Access Protocol
VoIP
Voice over IP
SAML
Security Assertions Markup Language
SLE
Single Loss Expectancy
WEP
Wired Equivalent Privacy
GPO
Group Policy Object
CIRT
Computer Incident Response Team
CTM
Counter Mode
GPG
Gnu Privacy Guard
HA
High Availability
PKCS
Public Key Cryptography Standards
SD-WAN
Software-defined Wide Area Network
FTP
File Transfer Protocol
HIDS
Host-based Intrusion Detection System
HTTPS
Hypertext Transfer Protocol Secure
UTM
Unified Threat Management
IaC
Infrastructure as Code
LDAP
Lightweight Directory Access Protocol
SDLM
Software Development Lifecycle Methodology
SOW
Statement of Work
AIS
Automated Indicator Sharing
ATT&CK
Adversarial Tactics Techniques and Common Knowledge
L2TP
Layer 2 Tunneling Protocol
MAC
Message Authentication Code
MFA
Multifactor Authentication
NAC
Network Access Control
PDU
Power Distribution Unit
SFTP
Secured File Transfer Protocol
RAS
Remote Access Server
SIEM
Security Information and Event Management
CSO
Chief Security Officer
DNS
Domain Name System
MMS
Multimedia Message Service
CERT
Computer Emergency Response Team
UDP
User Datagram Protocol
CSRF
Cross-site Request Forgery
ECC
Elliptic Curve Cryptography
IKE
Internet Key Exchange
MDM
Mobile Device Management
RTO
Recovery Time Objective
SCAP
Security Content Automation Protocol
P2P
Peer to Peer
PPTP
Point-to-Point Tunneling Protocol
RAID
Redundant Array of Inexpensive Disks
SIM
Subscriber Identity Module
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart
SDK
Software Development Kit
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral
TTP
Tactics Techniques and Procedures
EFS
Encrypted File System
RTOS
Real-time Operating System
CVSS
Common Vulnerability Scoring System
PAC
Proxy Auto Configuration
VDI
Virtual Desktop Infrastructure
HVAC
Heating Ventilation Air Conditioning
KDC
Key Distribution Center
SCADA
Supervisory Control and Data Acquisition
ALE
Annualized Loss Expectancy
HTML
Hypertext Markup Language
MFP
Multifunction Printer
NGFW
Next-generation Firewall
RFID
Radio Frequency Identifier
SRTP
Secure Real-Time Protocol
DHE
Diffie-Hellman Ephemeral
IoT
Internet of Things
PSK
Pre-shared Key
SSL
Secure Sockets Layer
TLS
Transport Layer Security
IPS
Intrusion Prevention System
MSCHAP
Microsoft Challenge Handshake
RIPEMD
RACE Integrity Primitives Evaluation Message Digest
RPO
Recovery Point Objective
OS
Operating System
PCAP
Packet Capture
USB
OTG USB On the Go
CIO
Chief Information Officer
FACL
File System Access Control List
FPGA
Field Programmable Gate Array
IDS
Intrusion Detection System
KEK
Key Encryption Key
PBKDF2
Password-based Key Derivation Function 2
PGP
Pretty Good Privacy
PIV
Personal Identity Verification
AES
Advanced Encryption Standard
BGP
Border Gateway Protocol
IP
Internet Protocol
MaaS
Monitoring as a Service
MSP
Managed Service Provider
SAN
Subject Alternative Name
UTP
Unshielded Twisted Pair
FTPS
Secured File Transfer Protocol
VTC
Video Teleconferencing
