Security + Acronyms Flashcards
Need To Know 1,2
SSH
(Secure Shell)
A protocol for secure remote access to computers. Like a secure tunnel for logging into servers. It’s a type of cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers.
ISP
(Internet Service Provider)
A company that provides access to the internet and related services, such as email, web hosting, and domain registration. Think of it as the company that connects you to the internet, like your gateway to the online world.
AUP
(Acceptable Use Policy)
A document stipulating a set of rules that define how users can and cannot use an organization’s IT resources, such as networks, devices, and software. Think of it as a rulebook for using company technology responsibly.
RBAC
(Role-Based Access Control)
Permissions are assigned based on roles instead of individuals. Users are grouped into roles (e.g., “Admin,” “HR,” “Finance”), and roles determine what actions they can perform. Common in enterprise environments.
SSO
(Single Sign-On)
A system that allows users to log in once and gain access to multiple applications without needing to log in again for each service. Common in corporate environments, it simplifies login processes while improving security by centralizing authentication.
PKI
(Public Key Infrastructure)
A framework that uses cryptographic keys and digital certificates to secure communications and verify identities. It enables secure data exchange, encryption, and authentication. Think of it as a digital ID system that ensures secure online interactions.
BPA
(Business Partnership Agreement)
A formal agreement between two or more businesses that defines how they will work together, including profit-sharing, decision-making, and dispute resolution.
HTTPS
(Hypertext Transfer Protocol Secure)
A secure version of HTTP that encrypts data between a web browser and a website using SSL/TLS. It protects sensitive information like passwords and credit card details from being intercepted by attackers. Look for the padlock icon in the browser to know a site is using HTTPS.
HTTP
(Hypertext Transfer Protocol)
The standard protocol used for transmitting web pages and other data over the internet. It is not encrypted, making it susceptible to attacks like MITM (Man-in-the-Middle) and eavesdropping.
UEFI
(Unified Extensible Firmware Interface)
A modern replacement for BIOS that provides faster boot times, support for larger hard drives, and improved security features like Secure Boot. Think of it as the upgraded, smarter version of BIOS.
BIOS
(Basic Input/Output System)
Firmware used to perform hardware initialization during the boot process and to provide runtime services for operating systems. It’s the first software that runs when a computer starts. Think of it as the computer’s “wake-up call” to get everything ready.
SDLC
(Software Development Life Cycle)
The process used to design, develop, test, and deploy software. It includes phases like planning, design, coding, testing, and maintenance. Think of it as the roadmap for building and maintaining software.
UTM
(Unified Threat Management)
A comprehensive security solution that combines multiple security features into a single device or platform, such as a firewall, antivirus, intrusion detection, and content filtering. Think of it as an all-in-one security appliance for your network.
WTLS
(Wireless Transport Layer Security)
A security protocol for wireless networks, similar to TLS but optimised for mobile devices. Like HTTPS for older mobile networks. It’s a protocol designed to secure data transmitted over WLANs.
DPO
(Data Protection Officer)
A specialist who ensures that a company complies with data privacy laws (e.g., GDPR, HIPAA).
DNS
(Domain Name System)
A system that translates human-readable domain names (like www.example.com) into IP addresses that computers use to identify each other on the network. Think of it as the phonebook of the internet.
OSINT
(Open Source Intelligence)
The collection and analysis of information from publicly available sources, such as social media, websites, and news articles, for intelligence or investigative purposes. Think of it as detective work using publicly available clues.
PSK
(Pre-Shared Key)
A shared secret authentication method used in (WPA, WPA2, and EAP). Like a secret handshake for a club.
NAT
(Network Address Translation)
A technique used to map private IP addresses on a local network to a single public IP address for communication over the internet. It helps conserve IP addresses and adds a layer of security. Think of it as a translator that lets multiple devices share one public address.
HDD
(Hard Disk Drive)
A traditional storage device that uses spinning magnetic disks to store and retrieve data. It’s slower than SSDs but offers larger storage capacities at a lower cost. Think of it as a library with spinning shelves for storing data.
DHCP
(Dynamic Host Configuration Protocol)
A network protocol that automatically assigns IP addresses and other network configuration settings (like subnet mask and gateway) to devices on a network. Think of it as an automatic address book for devices joining a network.
MD5
(Message Digest 5)
A cryptographic hash function that produces a 128-bit hash value, often used for file checksums. However, it’s no longer secure for cryptographic purposes due to vulnerabilities.
POP3
(Post Office Protocol version 3)
A protocol used to retrieve emails from a mail server to a local device. It typically downloads and deletes emails from the server, storing them locally. Think of it as a one-way email delivery system.
WPA
(Wi-Fi Protected Access)
A security protocol designed to protect wireless networks. It replaced WEP and introduced stronger encryption and authentication to prevent hacking. Uses TKIP (Temporal Key Integrity Protocol) for better security than WEP but is still outdated. (Encryption Protocol) Better diary lock (still not great).
SDN
(Software-Defined Networking)
A networking approach where software controls the traffic flow instead of traditional hardware. Like a traffic cop that can instantly change road layouts.
ACL
(Access Control List)
A set of rules that controls who or what can access a resource (such as files, networks, or systems). It defines permissions like read, write, or execute for users or groups. Think of it as a VIP list that determines who gets in and what they can do, routers, switches and firewalls are examples of rule-based access control mechanisms.
DLP
(Data Loss Prevention)
A set of tools and policies designed to prevent sensitive data from being leaked or stolen. It’s like putting a lock on your filing cabinet to keep important documents safe.
