Security + Acronyms Flashcards
Need To Study 5, 6
IKE
(Internet Key Exchange)
A protocol used in IPsec VPNs to securely exchange encryption keys and establish a secure tunnel between two devices. It has two versions: IKEv1 (older) and IKEv2 (more secure and efficient).
ATT&CK
(Adversarial Tactics, Techniques, and Common Knowledge)
A cybersecurity framework developed by MITRE that maps out real-world attack techniques used by threat actors, helping organizations defend against cyber threats.
EDR
(Endpoint Detection and Response)
A security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats on endpoints (like laptops, desktops, and servers). It detects suspicious activity, investigates it, and helps remediate attacks. Think of it as a security camera and alarm system for your devices. (Example Tools: CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint)
HSM
(Hardware Security Module)
A physical device designed to generate, store, and manage encryption keys securely. It is tamper-resistant and used in high-security environments like banking and cloud services to protect sensitive data. Think of it as a super-secure USB for encryption keys that ensures no one can steal or tamper with them.
PUP
(Potentially Unwanted Program)
Software that’s not necessarily malicious but unwanted (e.g., toolbars, adware). Like junk mail that clutters your inbox, characteristic are:
* Often installed without clear user consent, but classified as an application downloaded and installed with the user’s consent.
* Can be pre-installed, downloaded, or bundled with other software.
* A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads.
SCAP
(Security Content Automation Protocol)
A set of standards for automating the management of vulnerabilities and security policies. It’s like a robot that checks your systems for weaknesses and fixes them.
FRR
(False Rejection Rate)
The rate at which a biometric system incorrectly rejects an authorized user. Think of it as a security system mistakenly locking out the right person.
SPF
(Sender Policy Framework)
An email security protocol that helps prevent email spoofing by verifying if a mail server is authorized to send emails on behalf of a domain.
MAC
(Message Authentication Code)
A cryptographic method used to verify the integrity and authenticity of a message, ensuring it was not altered during transmission and came from a trusted source.
MDM
(Mobile Device Management)
A security and management solution that allows organizations to control, monitor, and secure mobile devices like smartphones, tablets, and laptops.
ECDHE
(Elliptic Curve Diffie-Hellman Ephemeral)
A key exchange method that uses ECC and generates new keys for each session, enhancing security and efficiency.
DEP
(Data Execution Prevention)
A security feature that prevents malicious code from executing in certain memory regions meant for data storage, helping to block exploits like buffer overflow attacks.
API
(Application Programming Interface)
A set of rules that allows different software applications to communicate with each other. Think of it as a menu that lets programs request specific functions from another service.
RTBH
(Remotely Triggered Black Hole)
A DDoS mitigation technique that blocks malicious network traffic by rerouting it to a “black hole” (null route) where it is discarded before reaching the target.
SCADA
(Supervisory Control and Data Acquisition)
A supervisory control system used to control industrial processes (e.g., power plants, water treatment). Like a digital dashboard for controlling factories.
AH
(Authentication Header)
A protocol used to provide authentication and integrity for IP packets. It is often used in conjunction with ESP.
AV
(Antivirus)
Software designed to detect, prevent, and remove malware from computer systems and networks. Think of it as a digital immune system that fights off infections.
VDI
(Virtual Desktop Infrastructure)
A technology that hosts desktop environments on a central server, allowing users to access them remotely. Think of it as renting a computer in the cloud.
Bash
(Bourne Again Shell)
A command-line shell and scripting language for Unix/Linux systems. Think of it as the text-based control panel for advanced computer operations.
AP
(Access Point)
A device that allows wireless devices to connect to a wired network (e.g., Wi-Fi router). Think of it as a bridge between your devices and the internet.
COPE
(Corporate-Owned, Personally Enabled)
A mobile device management model where employers provide devices for work and personal use. Think of it as a company phone you can also use for Netflix.
CRC
(Cyclic Redundancy Check)
A method to detect errors in transmitted or stored data. Think of it as a spellchecker for digital files.
IP
(Internet Protocol)
The rules governing how data is sent over networks (e.g., IP addresses). Think of it as the postal system for the internet.
P2P
(Peer-to-Peer)
A network where devices communicate directly without a central server (e.g., torrenting). Think of it as a digital potluck where everyone shares directly.
RSA
(Rivest-Shamir-Adleman)
A widely used encryption algorithm for secure data transmission. Think of it as a mathematical lockbox for secrets.
TOTP
(Time-Based One-Time Password)
A temporary passcode (e.g., from Google Authenticator) that changes every 30-60 seconds. Think of it as a self-destructing digital key.
HA
(High Availability)
Systems designed to operate continuously without failure (e.g., backup servers). Think of it as a car with a spare engine.
SPOF
(Single Point of Failure)
A component whose failure can crash an entire system. Think of it as the one weak link that can break the chain.
PBKDF2
(Password-Based Key Derivation Function 2)
A method to securely hash passwords with added randomness. Think of it as a blender turning passwords into fortified digital mush.
CVE
(Common Vulnerabilities and Exposures)
A system that identifies, defines, and catalogues publicly known cybersecurity vulnerabilities (e.g., CVE-2023-1234). Think of it as a most-wanted list for bugs.
MTU
(Maximum Transmission Unit)
The largest data packet a network can transmit without fragmentation. Think of it as the size limit for digital shipping boxes.
PIV
(Personal Identity Verification)
A smart card standard for secure access (used by U.S. government employees). Think of it as a high-tech ID badge.
IR
(Incident Response)
The process of handling security breaches. Think of it as a digital fire drill.
NFC
(Near-Field Communication)
Short-range wireless tech for contactless payments/data transfer. Think of it as a digital handshake.
XDR
(Extended Detection and Response)
A security platform integrating multiple tools for threat detection. Think of it as a security guard with 360° vision.
UPS
(Uninterruptible Power Supply)
A battery backup for devices during power outages. Think of it as a surge protector with a built-in generator.
PAT
(Port Address Translation)
A type of NAT that maps multiple devices to a single IP using unique ports. Think of it as a shared apartment with numbered mail slots.
NTFS
(New Technology File System)
A file system format used in Windows OSs that offers improved performance, security, and file management/encryption. Think of it as a high-security filing cabinet.
PAM
(Privileged Access Management)
A security framework that controls and monitors privileged accounts to reduce risks It helps prevent unauthorized access, insider threats, and credential abuse. Often includes password vaulting, session monitoring, and least privilege enforcement. Used to secure admin accounts, service accounts, and root access in IT environments.
SAE
(Simultaneous Authentication of Equals)
A secure key agreement protocol used in Wi-Fi networks (especially WPA3) to establish encrypted connections. It replaces the older PSK (Pre-Shared Key) method with stronger protection against attacks. Think of it as a digital handshake where both sides verify each other equally, leaving no weak link.
FIM
(File Integrity Monitoring)
A security tool that continuously checks files (like system/config files) for unauthorized changes (e.g., edits, deletions). Alerts you if something suspicious happens. Think of it as a security camera for your critical files.
