Security+ Acronyms I - Review Flashcards
3DES?
Triple Digital Encryption Standard
- Deprecated and considered insecure.
- Replaced by AES
- Symmetric
- Applies the DES Cipher Algorithm 3 times to each Data Block.
AAA?
Authentication, Authorization, Accounting
- Often used to describe RADIUS, or some other form of Networking Protocl that provides Authentication, Authorization, Accounting.
ABAC?
Attribute-based Access Control
- Database and Identity service used to provide Identity Management
ACL?
Access Control List
- Set of rules that allow/permit or deny any traffic flow through Routers.
- Looks at the packet to determine whether it should be allowed or denied.
- Works at Layer 3 to provide Security by filtering and controlling the flow of traffic from one Router to another.
AES?
Advanced Encryption Standard
- Industry-standard for Data Security
- 128-bit, 192-bit, or 256-bit implementations (Strongest).
AES256?
Advanced Encrption Standard 256-bit
- This is the 256-bit implementation of AES.
- 256 references the bit size of the Keys.
AH?
Authentication Header
- Used to Authenticate origins of Packets of Data transmitted.
- These Headers don’t hide any Data from attackers, but they do provide proof that the Data Packets are from a trusted source and that the data hasn’t been tampered with.
- Helps protect against Replay Attacks.
AI?
Artificial Intelligence
- For the Exam, be aware of what’s called Data Poisoning (or Tainted Training) and adversarial AI.
AIS?
Automated Indicator Sharing
- DHS and CISA Free Program
- Enables organizations to share and receive machine-readable Cyber Threat Indicators (CTI) and Defensive Measures (DM) in Real-Time
- Useful to monitor and defend Networks against known threats.
ALE?
Annualized Loss Expectancy
- IE: Can expect X number of devices to fail per year.
AP?
Access Point
- Networking Hardware device that provides WIFI access, typically then connected via wire to the Router, or directly integrated in the Router itself.
API?
Application Programming Interface
- APIs are used to allow applicationst o talk to one another.
- For Example: An application can query an API to retrieve data and then display that data or process it in some way.
APT?
Advanced Persistent Threat
- Stealthy Threat Actor (usually Nation-State or State-Sponsored Groups) that gains unauthorized access to a system and remains undetected for a period of time.
ARO?
Annualized Rate of Occurrence
- The calculated probability that a Risk will occur in a given year.
ASLR?
Address Space Layout Randomization
- Prevent exploitation of memory corruption vulnerabilities.
ASP?
Active Server Page
- Microsoft Server-Side scripting language and engine to create dynamic Web Pages.
- Superseded by ASP.NET in 2002.
ATT&CK?
Adversarial Tactics, Techniques & Common Knowledge
- Knowledge base Framework of adversary tactics and techniques based on real-world observations.
- Helpful to build effective threat models and defenses against real threats.
AUP?
Acceptable Use Policy
- Terms that users must accept in order to use a Network, System, Website, etc…
AV?
Antivirus
- Antivirus Software
- Typically uses Signature-based detection
- Not effective against Zero-Day or Polymorphic Malware.
BASH?
Bourne Again Shell
- Powerful UNIX Shell and command language.
- Used to issue commands that get executed, which can also be turned into Shell scripts.
- Often used for Automation.
BCP?
Business Continuity Plan
- Plan used to create processes and systems of both prevention and recovery to deal with threats that a company faces.
- This plan outlines how a business can continue delivering products and services if crap hits the fan.
BIA?
Business Impact Analysis
- Used to predict the consequences a business would face if there were to be a disruption.
BGP?
Border Gateway Protocol
- The “Postal Service” of the Internet.
- BGP finds the best Route for Data to travel to reach its destination.
BIOS?
Basic Input/Output System
- Firmware that performs hardware initialization when systems are booting up, and to provide runtime services for the OS and programs.
- First software to run when you power on a Computer System.
BPA?
Business Partnership Agreement
- Defines a contract between two or more parties as to how a business should run.
BPDU?
Bridge Protocol Data Unit
- Frames that have Spanning Tree Protocol information.
- Switches send BPDUs with a unique source MAC Address to multicast address with a destination MAC.
BYOD?
Bring Your Own Device
- When employees use personal devices to connect to their organization’s Networks and access work-related Systems.
CA?
Certificate Authority
- An organization that validates the identities of entities through Cryptographic Keys by issuing digital certificates.
- If you check the padlock on a Website (next to the domain name), you’ll see that it says “Connection is Secure” and then you can click on the “Certificate is Valid”. – You’ll then see info about the Certificate, Issued To, Issued By, as well as a Valid Date Range. – If you click the “Certification Path” Tab, you’ll see the details about the Issuer, AKA the Certificate Authority.
CAC?
Common Access Card
- Smart Card for Active-Duty/Civilian Contractor Personnel
CAPTCHA?
Complete Automated Public Turing Test to Tell Computers and Humans Apart
- These are the “problems” you have to solve from time to time to make sure that you are NOT a Robot.
- Typically used for forms (signup, login, purchase, search, etc…) to defend against Bots.
CAR?
Corrective Action Report
- Lists defects that need to be rectified.
CASB?
Cloud Access Security Broker
- Acts as an intermediary between the cloud and on-prem.
- Monitors all activity.
- Enforces Security policies.
CBC?
Cipher Block Chaining
- CBC is a mode of operation for Block CIphers.
- Think of a CBC as building a chain from left to right.
- CBC does have vulnerabilities, including POODLE and Goldendoodle.
CBT?
Computer-based Training
- An online, self-paced, and interactive training system.
Studends can set their own goals and learn at their own pace.
CCMP?
Counter-Mode/CBC-Mac Protocol
- Encryption protocol designed for Wireless LAN products.
CCTV?
Closed-Circuit Television
- Camera monitoring system, especially one that transmits back to a centralized location with a limited number of monitors.
- Could be monitored by Security personnel or simply set to record.
CERT?
Computer Emergency Response Team
- Expert group that handles computer Security incidents.
- Could also be called CSIRT, which is short for COmputer Security Incident Response Team.
CIRT?
Computer Incident Response Team
- Expert group that handles computer Security incidents.
- Could also be called CSIRT, which is short for COmputer Security Incident Response Team.
CFB?
Cipher Feedback
- When a mode of operation uses the Ciphertext from the previous block in the chain.
- IE: Look up Cipher Feedback Mode (CFB)
CHAP?
Challenge Handshake Authentication Protocol
- Authenticates a user or Network host to an authenticating entity.
- Provides protection against Replay Attacks.
- Requires that both the client and server know the Plaintext of the Secret, but it’s never sent over the Network.
CIO?
Chief Information Officer
- Company executive responsible for implementing and managing IT.
- Mostly considered to be IT generalists.
- Useful way to think about it, CIO aims to improve processes within and for the company.
CTO?
Chief Technology Officer
- CTO is different from CIO, and typically focuses on development, engineering, and research and development departments.
- Useful way to think about it, CTO uses technology to improve and create products and service for customers.
CSO?
Chief Security Officer
- Executives that specialize in Security
- Much more focused of a responsibility than CIO.
CIS?
Center for Internet Security
- Non-profit organization that helps put together, validate, and promote best practices to help people, businesses, and governments protect themselves against Cyber threats.
CMS?
Content Management System
- IE: WordPress
COOP?
Continuity of Operation Planning
- Effort for agencies to make sure they continue operations during a wide range of emergencies.
- Requires planning for various types of events such as natural or human-caused disasters.
COPE?
Corporate Owned Personal Enabled
- Organization provides its employees with Mobile Computing Devices.
CP?
Contingency Planning
- Used to restore systems and information in the event that systems become compromised.
CRC?
Cyclical Redundancy Check
- Used to detect accidental changes in digital Networks and storage devices.
CRL?
Certificate Revocation List
- List of Digital Certificates that have been revoked by the issuing Certificate Authority (CA).
CSP?
Cloud Service Provider
- IE: AWS, GCP, Azure
CSR?
Certificate Signing Request
- Contains information that the Certificate Authority (CA) will use to create your Certificate.
- Contains the Public Key for which the Certificate should be issued, and other identifying information.
CSRF?
Cross-Site Request Forgery
- Unauthorized actions are performed on behalf of a legitimate user.
CSU?
Channel Service Unit
- Device used for Digital Links to transfer data.
CTM?
Counter-Mode
- Converts a Block CIpher into a Stream Cipher
- COmbines an IV with a counter and uses the result to encrypt each plaintext block.
CVE?
Common Vulnerabilities and Exposures
- List of publicaly disclosed computer security flaws.
- These security flaws get assigned a CVE ID number which people can use to reference them.
CVSS?
Common Vulnerability Scoring System
- Public framework used to rate the severity of security vulnerabilities.
- IE: If you find a vulnerability as a bug bounty or in your own organization’s systems, and you report that vulnerability, assigning a CVSS number to it will help decision makers understand the severity and impact so they can properly assign priority.
CYOD?
Choose Your Own Device
- Employees can choose a Company-Assigned device from a limited number of Company Specified options.
DAC?
Discretionary Access Control
- Restrict access based on the identity of subjects and/or groups that they belong to.
DBA?
Database Administrator
- Personnel responsible for maintaining databases and the data they contain.
DDoS?
Distributed Denial of Service
- Attack that aims to take a service offline by flooding it with an overwhelming amount of requests from multiple different locations/devices.
- Using a Zombie-Net/Botnet
DoS?
Denial of Service
- Attack which are only sending requests from one location/device to take down a system/service.
DEP?
Data Execution Prevention
- Microsoft Security feature.
- Monitors and Protects pages or regions of Memory.
- Prevents data regions from executing (potentially malicious) code.
DER?
Distinguished Encoding Rules
DES?
Digital Encryption Standard
- Weak Encryption algorithm.
DHCP?
Dynamic Host Configuration Protocol
- Used to automatically assign IP Addresses to devices on a Network.
- Doesn’t include Security features by default, which means that attackers can leverage it to launch attacks.
- x2 Examples of DHCP Attacks include:
- DHCP Starvation which causes a DoS
- DHCP Spoofing which leads to On-Path Attacks
- To prevent DHCP Attacks
- Authenticated DHCP: Replaces the normal DHCP messages with Authenticated messages.
- Port Security: limits the number of MAC addresses that can be seen through a particular Switch interface.
DHE?
Diffie-Hellman Ephemeral
- Way of securely exchanging Cryptographic Keys over public channels.
DKIM?
Domain Keys Identified Mail
- Email authenitication technique - applies signatures by the mail server of the sender’s domain.
- Used to detect email spoofing.
- Allows the receiver to make sure that an email was sent by the authorized owner of the domain via digital signatures.
DLL?
Dynamic Link Library
DLP?
Data Loss Prevention
DMARC?
Domain Message Authentication Reporting and Conformance
- Authenticates email with Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM)
- Used to prevent phishing and spoofing.
DMZ?
Demilitarized Zone
- Or Screened Subnet
- Designed to expose externally-facing services to the Internet without unnecessarily exposing resources in internal Networks.
- You may have resources that have to be exposed to the Internet, but rather than open up the internal LAN, we can create a separate Network specifically for those resources and then add Firewalls in between the Networks.
DNAT?
Destination Network Address Translation
DNS?
Domain Name Service (Server)
- TCP/UDP
- PORT 53
- Used to resolve hostnames to IP addresses and IP addresses to hostnames.
DNSSEC?
Domain Name Service Security Extensions
- Provides Cryptographic authentication of data, authenticated denial of existence, and data integrity.
DPO?
Data Privacy Officer
DRP?
Disaster Recovery Plan
DSA?
Digital Signature Algorithm
DSL?
Digital Subscriber Line
EAP?
Extensible Authentication Protocol
- Authentication Framework used in LANs
ECB?
Electronic Code Book
- DOesn’t hide data patterns well, so it wouldn’t work to Encrypt images for example.
ECC?
Elliptic Curve Cryptography
- Good for mobile devices because it can use smaller keys.
ECDHE?
Elliptic Curve Diffie-Hellman Ephemeral
- Key Exchange mechanism based on elliptic curves but with Diffie-Hellman over public channels.
- Cloudflare uses this for example.
ESDSA?
Elliptic Curve Digital Signature Algorithm
- Digital Signature algorithm based on elliptic curve Cryptography (ECC)
- Uses Digital Signatures
EDR?
Endpoint Detection and Response
EFS?
Encrypted File System
EOL?
End of Life
- Data set where manufacturers will no longer create the product.
EOS?
End of Service
- Original manufacturer no longer offers updates, support, or service.
ERP?
Enterprise Resource Planning
- Software used by orgs to manage day-to-day business activities.
ESN?
Electronic Serial Number
ESP?
Encapsulated Security Payload
- Member of IPsec set of protocols.
- Encrypts and authenticates packets of data between computers using VPNs
FACL?
File System Access Control List
FCIP?
Fiber Channel Internet Protocol
- TCP/UDP
- PORT 3225
- Used to encapsulate Fiber Channel frames within TCP/IP Packets
- Usually used for Storage Area Networks (SAN) as well.
FDE?
Full Disk Encryption
FPGA?
Field Programmable Gate Array
- Integrated circuit designed to be configured by a customer or designer after manufacturing.
FRR?
False Rejection Rate
- Liklihood that a biometric Security system will incorrectly reject an acess attempt by an Authorized user.
FTP?
File Transfer Protocol
- TCP
- PORT 21
- Used to transfer files from Host to Host
- UNSECURED
FTPS?
Secured File Transfer Protocol
- TCP
- PORT/s 989/990
- Used to transfer files from Host to Host over an Encrypted connection.
GCM?
Galois Counter Mode
- High speeds with low cost and low latency.
- Provides authenticated encryption.
GDPR?
General Data Protection Regulation
GPG?
Gnu Privacy Guard
GPO?
Group Policy Object
- Contains two nodes: A user configuration and a computer configuration.
- Collection of Group Policy settings.
GPS?
Global Positioning System
GPU?
Graphics Processing Unit
GRE?
Generic Routing Encapsulation
- Tunneling Protocol
HA?
High Availability
HDD?
Hard Disk Drive
HIDS?
Host-based Intrusion Detection System
- Detects and Alerts upon detecting an intrusion in a Host as well as Network Packets in Network Interfaces - similar to NIDS (Network-based Intrusion Detection System)
- Detects and Alerts, can’t take action on it.
HIPS?
Host-based Intrusion Protection System
- Like HIDS, but it CAN take Action towards mitigating a detected threat.
HMAC?
Hashed Message Authentication Code
- Combines a shared secret Key with hashing.
- Can be used to verify data integrity and authenticity of a message.
HOTP?
HMAC One Time Password
- One-Time Password algorithm based on Hash-based Message authentication codes.
- Event-based OTP (One-Time Password)
- Yubikey is an example of an OTP generator that uses HOTP
- Not time based (Has a longer window before expiration.)
HSM?
Hardware Security Module
- Physical device that safeguards and manages digital keys (IE: Private CA Keys)
- Performs encryption/decryption functions for Digital Signatures.
HTML?
HyperText Markup Language
HTTP?
HyperText Transfer Protocol
- TCP
- PORT 80
- Used to transmit web page data to a Client for UNSECURE web browsing.
HTTPS?
HyperText Transfer Protocol Secure - over SSL/TLS
- TCP
- PORT 443
- Used to transmit web page data to client over an SSL/TLS Encrypted connection.
HVAC?
Heating, Ventilation, Air Conditioning
IaaS?
Infrastructure as a Service
- Hardware ONLY
- No specific purposes other than offloading responsibility and resources to the Cloud.
ICMP?
Internet Control Message Protocol
- Used by Network devices such as Routers to send error messages or other operational information indicating success/failure when communicating with another IP Address.
ICS?
Industrial Control System
- General term to describe control systems associated with industrial proceses.
IDEA?
International Data Encryption Algorithm
- Symmetric-Key block CIpher
IDF?
Intermedia Distribution Frame
- Cable Rack in a central office that cross connects and manages IT or telecom cabling between a Main Distribution Frame (MDF) and remote workstation devices.
- Used for WAN and LAN environments for example.
IdP?
Identity Provider
- Service that stores and manages digital identities
- Provides authentication services to apps within a federation or distributed Network.
- User Authentication as a Service/User Adoption as a Service (UAaaS)
IDS?
Intrusion Detection System
- Detects and Alerts
- Does not Prevent or Fix
IEEE?
Institute of Electrical and Electronics Engineers
IKE?
Internet Key Exchange
- UDP Port 500
- Protocol used to set up a Security Association (SA) in the IPsec Protocol suite.
IM?
Instant Messaging
IMAP4?
Internet Message Access Protocol v4
- API that enables email programs to access the Mail Server.
- Example: Outlook can be configured to retrieve email via IMAP4 or POP3.
IMAP4 SSL/TLS - Internet Message Access Protocol v4 Secure
- TCP
- PORT 993
IoC?
Indicators of Compromise
- Forensic data found in systems via log entries or files that identify potentially malicious activity on a System or Network.
IoT?
Internet of Things
IP?
Internet Protocol
IPsec?
Internet Protocol Security
- In the Internet Layer of the TCP/IP stack.
- Secure Network Protocol suite that authenticates and encrypts the packets of data to provide encrypted communication.
- Used in VPNs
- Can be used to protect data flows between two Hosts (Host-to-Host), two Networks (Network-to-Network) or between a Security gateway and host (Network-to-Host).
- Protects against Replay Attacks
IR?
Incident Response
IRC?
Internet Relay Chat
IRP?
Incident Response Plan
- Preparation
- Detection & Analysis
- Containment, Eradication, and Recovery
- Post-Incident Activity
ISO?
International Organization for Standardization
- Organization that develops and published International Standards
ISP?
Internet Service Provider
ISSO?
Information Systems Security Officer
ITCP?
Information Technology Contingency Plan
- Plans, Policies, Procedures, and technical measures that enable the recovery of IT Operations after unexpected incidents.
IV?
Initialization Vector
- Used in cryptography is an input to a cryptographic primitive.
- Used to provide the initial state.
KDC?
Key Distribution Center
- Used to reduce risks in exchanging keyes.
- A user requests to use a service. The KDC will use cryptographic techniques to authenticate requesting users as themselves, and it will check whether a user has the right to access the service requested.
- If the user has the right, the KDC can issue a ticket permitting access.
KEK?
Key Encrypting Key
- A Key that Encrypts another Key for transmission or storage.
L2TP?
Layer 2 Tunneling Protocol
- UDP
- PORT 1701
- Used to support VPNs or as part of the delivery of services by ISPs.
- Uses encryption only for its own control messages, not for content itself.
- Uses IPsec for data encryption over Layer 3
LAN?
Local Area Network
LDAP?
Lightweight Directory Access Protocol
- TCP/UDP
- PORT 389
- Unencrypted
- Open and vendor-neutral application protocol for managing and interacting with directory servers.
- Often used for authentication and storing information about users, groups, and applications.
- Can be susceptible to LDAP injections.
LDAP SSL/TLS - Lightweight Directory Access Protocol Secure
- TCP/UDP
- PORT 636
LEAP?
Lightweight Extensible Authentication Protocol
- Wireless LAN authentication method.
- Dynamic WEP keys and mutual authentication (Between a Wireless Client and a RADIUS Server)
