Vocab Flashcards
AAA server
Used to establish secure access in a remote access vpn network
ANT
Wireless sensor protocol that enables communication between sensors and their controllers.
Access control
Selective restriction of access to an asset or a system/network resource
Access point
Used to connect devices to a wireless/wired network
Accounting
Method of keeping track of user actions on the network.
Admin Security controls
Management limitations, operational and accountability procedures, and other controls that ensure the security of an organization.
AES(advanced encryption standard)
National institute of standards and technology (NIST) specification for the encryption of electronic data.
Alert systems
Sends an alert message when any anomaly or misuse is detected.
Alarm system
Draw attention when a breach occurs or an attempt is made at a breach
Alert
A graduated event that notifies that a particular event(or series of) has reached a set threshold and requires action.
Anomaly detection
Detects intrusions based on fixed behavioral characteristics, of users and components within the system.
Anonymous proxy
Does not transfer info about the IP address of it’s user, hiding info about said user and their history.
Antenna
Converts between radio waves and electricity.
Anything as a service(XaaS)
Cloud and remote access service that offers anything as a service based on the demands of the user.
Application Containers
Used to run a single service. Posses layered file systems and are built on top of OS container technologies.
Application level gateway
Can filter packets at the application layer of the OSI model.
Application Proxy
Application-level proxy that works as a proxy server and filters connections for specific services.
Association
Process of connecting a wireless device to an AP
Asymmetric Encryption
Used two separate keys to carry of encryption and decryption.
Audit Trials
Set of records that provide documentary evidence of a systems activity.
Authentication
Ensures the identity of an individual is verified by the system or service.
Authorization
Process of providing permission to access the resources or perform an action on the network.
Availability
Ensures info is available to authorized parties without any disruption
Banwidth
The amount of info that can be broadcast over a connection
Basic Service Set Identifier(BSSID)
Media access control (MAC) address of an access point(AP) or base station that has set up a basic service Set(BSS).
Bastion Host
A computer system designed and configured to protect network resources from attacks.
Behavior-based IDS
Behavior based intrusion detection techniques assume an intrusion can be detected by observing a deviation from normal or expected behavior of the system of users.
Biometric Authentication
A technology which identifies human characteristics for authenticating people
Biometrics
An advanced and unique security technology that utilizes an individual’s physical attributes such as fingerprint, iris, face, voice, and behavior for verifying their identity.
Bluetooth
With this tech data is transfered between cell phones, computers, and other networking devices over short distances.
Bollards
A short vertical post that controls and restricts motor vehicles.
Bring your own device(BYOD)
A policy that allows employees to bring their devices such as laptops, smartphones, and tablets to the workplace.
Business critical data
Info that contains critical data to business operations.
5G Cellular Communication
A broadband cellular network that operates at high bandwidth with low latency and provides high-speed data downloads.
CCMP
An encryption protocol used in WPA2 for stronger encryption and authentication.
Cellular Communication
Communication based on a single network tower that services devices located within it’s radius.
Centralized Authorization
A single database for authorizing all the network resources or applications
Centralized IDS
In an centralized system, the data is gathered from different sites to a centralized one
Certification authorities(CA)
Trusted entities that issue digital certificates
Choose Your Own Device(CYOD)
A policy where employees select their device of choice from a pre-approved list, to access company data according to the chosen access privilege of the organization
Ciphers
An algorithm for performing encryption and decryption
Circuit level gateway
Work at the session layer of the OSI model, or the TCP layer of TCP/IP.
Client to client(Remote access) VPNs
Allow multiple hosts or clients to establish secure connections to a companies network over the internet
Cloud auditor
A party that performs an independent examination of cloud service controls to express an opinion
Cloud Broker
An entity that manages cloud services in terms of use, performance, and delivery, while maintaining the relationship between cloud providers and consumers
Cloud carrier
An intermediary that provides connectivity and transport services between CSPs and cloud consumers
Cloud computing
An on-demand delivery of IT capabilities where IT infrastructure and applications are provided to subscribers as a metered service over a network
Cloud consumer
Person or organization that uses cloud computing services
Cloud data backup
Storing backup data on storage provided by an online backup provider
Cloud layer
Servers hosted in the cloud accept, store and process the sensor data received from IoT gateways
Cloud platform
A person or organization providing services to interested parties via network access.
Cloud storage
A data storage medium used to store digital data in logistical pools using a network
Cloud to cloud (back end data sharing) communication model
Extends the device to cloud communication type such that the data from IoT devices can be accessed by authorized users
Combination locks
It has a combination of numbers and letters, that the user must use to open the lock.
Command console
Provides a user interface to the administrator for the purpose of receiving and analyzing security events, alerts, and log files.
Communication layer
(connectivity edge computing) the components of communication protocols and networks used for connectivity and edge computing.
Community cloud
Shared infrastructure shared between several organizations from a specific community with common concerns.
Company owned, Business only(COBO)
Refers to a policy that allows employees to use and manage the devices purchased by the organization but restrict the use of the device for business use only.
Compensating controls
Used as an alternative control when the intended control fails or is unavailable
Computer fraud and abuse act
Whoever access es a computer without authorization or exceeds authorized access, and thereby obtains information from any protected computer, and if the conduct involves an interstate or foreign communication, shall be punished under the act
Confidentiality
Ensures the info is not disclosed to any unauthorized persons.
Container
Refers to the virtualization based on the operating system, in which the kernels operating system is functionally replicated on multiple instances of isolated user space
Container as a service
A cloud computing model that provides containers and clusters as a service to it’s subscribers
Containerization
A technique in which all personal and organizational data are segregated on a employees mobile device.
Context aware authentication
A type of enhanced security technique that uses the contextual information of a user for enhancing data security decisions.
Contraband
Materials banned from entering the environment
Corporate owned, personally enabled(COPE)
Refers to a policy that enables employees to use and manage devices purchased by the organization.
Cross-container attacks
Gaining access to a container and utilizing it to attack other containers of the same host or within the local network.
Cryptography
The practice of concealing info by converting it from plain text (readable format) into cyphertext (unreadable format) using a key or encryption scheme.
Data access control
Enables authentication and authorization of users access to data.
Data backup strategy
An ideal back up strategy involves steps ranging from selecting the right data to conducting a test data restoration drill.
Data backup
The process of making backup data of critical data such as physical and computer records.
Data destruction
Involves destroying the data so that it cannot be recovered and used for the wrong motive.
Data encryption standard(DES)
Designed to encipher and decipher blocks of data consisting of 64bits under control of a 56 bit key.
Data encryption
Protecting information so that it becomes unreadable for an unauthorized party
Data loss prevention(DPL)
A set of software products and processes that do not allow users to send confidential corporate data outside of the organization.
Data masking
Protecting information by obscuring specific areas of data with random characters or codes.
Data protection act of 2018(DPA)
An act to make provision for the regulation of the processing of information relating to individuals
Data resilience and backup
Making duplicates of critical data to be used for restoring and recovering purposes
Data retention
Securing data securly for compliance or business requirements
Data security
Involves the application of several security protocols to prevent any (un)intentional acts of data misuse, destruction, or modification.
Database honey pots
Employ fake databases that are vulnerable to perform database related attacks such as SQL injection and database enumeration
Decentralized authorization
Maintains a separate database for each resource
Demilitarized zone(DMZ)
A subnetwork is placed between the organizations private network such as a lan, and an outside network like the internet, and acts as another security layer.
Denial of service traffic signatures
Traffic containing certain traffic signatures that indicate a DoS attempt that floods a server with a large number of requests.
Detection controls
Used to detect unauthorized access attempts
Deterrence controls
Used to discourage the violation of security policies
Device layer
Layer of IoT that consists of hardware
Device to cloud communication
Devices communicate with the cloud directly, rather than communicating with a client to send or receive data commands.
Device to device communication
Inter connected devices interact with each other through the internet, but they predominantly use protocols such as ZigBee, zwave or bluetooth
Device to gateway communication
The IoT device communicates with an intermediate device called a gateway, which in turn communicates with a cloud device.
Differential data backup
All the data that has been changed since the last backup is copied over to the backup data.
Digital certificates
Allow a secure exchange of info between a sender and a reciever
Digital locks
Use fingerprint, smartcard, or pin on a keypad to unlock
Digital signature algorithm(DSA)
A federal information processing standard(FIPS) for digital signatures.
Digital Signature
Use of the asymmetric key algorithms to provide data integrity.
Dipole antenna
A straight electrical conductor measuring half a wavelength from end to end, and it is connected at the center of the radio frequency (RF) feed line.
Direct-sequence spread spectrum
DSSS is a spread spectrum technique that multiplies the original data signature with a pseudo random noise spreading code.
Directional antenna
Can broadcast and receive radio waves from a single direction.
Discretionary access control(DAC)
Determines the access control taken by any processor of an object in order to decide the access control of an subject on that object.
Disk encryption
Encryption of data stored in a physical or logical disk.
Distributed IDS
A distributed intrusion detection system (dIDS) consists of multiple IDSs over a large network.
Docker Networking
This type of networking architecture is developed on a set of interfaces known as container network model (CNM). Which provides application portability across heterogeneous infastuctures.
Docker Registry Attacks
Gaining access to the docker Registry.
Docker
An open source technology used for developing, packaging, and running applications and all it’s dependencies in the form of containers, to ensure that the application works in a seamless environment.
Duel Firewall DMZ
The duel Firewall approach uses two firewalls to create a DMZ
EAP
The extensible authentication protocol(EAP) supports multiple authentication methods, such as token cards, kerberos and certificates.
Fabric virtualization
This level of virtualization makes the virtualization independent of the physical computer hardware.
EDGE
The EDGE is the main physical device in the IoT ecosystem that interacts with it’s surroundings and contains various components like sensors, actuators, operating systems, hardware and network, and communication capabilities.
Face recognition
Compares and identifies a person on the basis of the facial features from an image or a video source.
Electric/Electro magnetic Locks
A locking mechanism that operates on an electrical current.
False-Negative (Attack -No Alert)
A condition that occurs when an IDS fails to react to an attack event.
Electromagnetic interface(EMI)
Occurs when an electronic device’s performance is interrupted or degraded due to electromagnetic radiation or conduction.
False positive (No attack- alert)
Occurs if an event triggers an alarm without an actual attack occuring.
Email honeypots
Also known as email traps. These are fake emails designed to attract fake and malicious emails from advertiser’s.
Fences/Electric Fences/Metal Rails
General marks of a restricted area, controlled areas and prevent unwanted access.
Encapsulation
The method in which protocols have separate functions to communicate among each other by hiding the data.
File system virtualization
Refers to virtualization at the layer where the filing system is present.
Encryption
The practice of concealing information by converting a plain text(readable format) into a cypher text (unreadable format) using a key or encryption scheme.
File level encryption
Encryption of data stored in files/folders.
Endpoint
This connects a sandbox to a network and abstracts the actual network from the application.
Fingerprint scanning
Compares two fingerprints for verification and identification on the basis of the patterns on the finger.
Enterprise information security policy
EISP drives an organizations scope and provides direction is there security policies.
Firewall
A software or, hardware or combination of both, which is generally used to separate a protected network from an unprotected public network.
Enterprise Mobility Management(EMM)
Consists of tools and technologies used in an organization to secure the data in an employees personal BYOD and organizational devices
Freedom of information act (FOIA)
Provided the general public the right to request access to record from any federal agency.
Explicit Authorization
Maintains separate authorization details for each requested resource request.
Frequency hopping spread spectrum (FHSS)
Also known as frequency hopping code division multiple access(FH-CDMA), a method of transmitting radio signals by rapidly switching a carrier among many frequency channels.
Full Data Backup
This is also called a normal backup. It copies all files and compresses them to save space.
Full device encription
A security feature that can encrypt all the information stored on any storage medium within a mobile device.
Full mesh VPN topology
In a fully meshed VPN network, all peers can communicate, with each other, making it a complex network.
Full virtualization network
In this type of virtualization, the guest OS is not aware that it is running a virtualized environment.
Function as a service (FaaS)
This cloud computing service provides a platform for developing, running, and managing application functionalities without the complexity of building and maintaining necessary infastucture.
General Data Protection Regulation (GDPR)
Levies harsh fines against those who violate it’s privacy and security standards, with penalties reaching tens of millions of euros.
Hardware Firewalls
A dedicated stand-alone hardware device or it comes as part of a router
IDE
Integrated device electronics(IDE) allows the connection of two devices per channel. It is normally used for internal devices as the cables are large and flat.
Geofencing
A technique through which mobile application marketers use the location of the user to gather info.
Hardware VPNs
A dedicated hardware VPN application is used to connect routers and gateways to ensure communication over an insecure channel.
IPser server
Enhances VPN security through the use of strong encryption algorithms and authentication.
Geolocation
A technology that can identify the real-world geographical location of users or devices when connected to the internet.
Hash-based message Authentication Code(HMAC)
A type of message identification code(MAC) that uses a cryptographic key along with a cryptographic hash function.
ISM band
Set of frequencies for the international industrial, scientific, and medical community’s.
Global positioning system (GPS)
A radio navigation and positioning system based on satellite communication
Health insurance portability and accountability act(HIPAA)
Provides federal protections for the individually identifyable health information held by covered entities and their business associates and gives patients an array of rights to that information.
Identity and Access Management (IAM)
Responsible for providing the right individual with the right information at the right time.
Global System for Mobile Communication (GSM)
A universal system used for Mobile data transmission in wireless networks worldwide.
High-Interaction Honeypots
Do not emulate anything; they run actual vulnerable services or software on production systems with real OS and applications
Identity-as-a-Service (IdaaS)
This cloud computing service offers authentication services to the subscribed enterprises and is managed by a third party vendor to provide identity and Access Management services.
Government Access to Keys (GAK)
Refers to the statuory obligation of individuals and organizations to disclose their cryptographic keys to the government agencies.
Honeynets
Networks of honeypots. They are very effective in determining the entire capabilities of adversaries.
Implicit Authentication
Provides access to resources indirectly
Gramm-leach-Bliley Act (GLBA)
A united states federal law that requires financial institutions to explain how they share and protect their customers private information.
Honey pot
An informational system resource that is expressly set up to attract people who attempt to penetrate a organization’s network.
Incremental data backup
Only files that have been changed or created after the last backup are copied to the backup media
Guest Machine
Independent instance of an operating system created by virtual machine monitor.
Host Intrusion Detection Systems (HIDS)
Installed on a specific host in order to monitor, detect, and analyze events occurring on that host.
Information assurance (IA) Principles
Act as enablers for an organizations security activities to protect and defend it’s network from security attacks.
Host Machine
Real physical machine that provide computing resources to support virtual machines.
Informational traffic signature
Traffic containing certain signatures that may be suspicious but might not be malicious.
Host based firewalls
Used to filter inbound/outbound traffic of a computer on which it is installed.
Infrared (IR)
A wireless technology for transferring data between devices in the digital form within a short range of up to 5 m.
Host backup (online)
Also called a dynamic backup or active backup. In a hot backup, the system continues to perform the backup even when the user is using the system.
Infrastructure Network Topology
Devices inside a wireless network are connected through an AP.
Hotspot
Places where wireless networks are available for public use.
Infrastructure-as-a-service (IaaS)
Provides virtual machines and other abstract hardware and operating systems which may be controlled through a service API.
Hub-and-Spoke VPN Topology
The main organization is considered the hub, and it’s remote offices are considered the spokes.
Integrity
Ensures information is not tampered with or modified by unauthorized parties
Hybrid cloud
Combination of two or more clouds that remain unique entities but are bound together, thereby offering the benefits of multiple deployment models
Internal Bastion Host
It can be single homed or multihomes bastion hosts
Hybrid Intrusion Detection Systems (Hybrid IDS)
A combination of HIDS and NIDS
Internet Protocol Security (IPsec)
A network layer protocol that ensures a secure IP level communication.
Hybrid VPNs
Those with trusted VPNs as part of the secure VPNs. They implement different network components of an organization at the same time in order to confirm security at very low costs.
Internet of things (IoT)
Refers to computing devices that are web enabled and have the capability of sensing, collecting, and sending data using sensors, and the communication hardware and processors.
Hybrid Virtualization
The guest OS adopts the functionality of para virtualization and uses the VMM for binary translation to different types of hardware resources.
Interval-based IDS
Interval based or offline analysis refers to the storage of the intrusion-related info for further analysis.
Hypertext Transfer Protocol Secure (HTTPS)
Ensures secure communication between two computers over HTTP.
Intrusion Detection and Prevention System (IDS/IPS)
A network security appliance that inspects all inbound and outbound network traffic of suspicious patterns that might indicate a network or system security breach.
Hypervisor
An application or firmware that enables multiple guest operating systems to share a hosts resources.
IoT device Management
Helps security professionals to track, monitor, and manage physical IoT devices from a remote location.
IoT user management
Provide control over the users who have access to an IoT system.
Iris Scanning
Analyzes the colored part of the eye suspended behind the cornea.
Issue Specific Security Policy (ISSP)
Directs the audience on the usage of technology-based systems with the help of guidelines.
Kerberos
A network authentication protocol that is implemented for authentication requests in computer networks.
LEAP
A proprietary version of EAP developed by Cisco
Kibernetes
Also known as K8s, is an open source, portable, extensible, orchestration platform developed by Google for managing containerized applications and micro servers.
Lighting system
Adequate lighting should be provided inside,outside, and at the entrance of a building which helps seeing long distance during security patrols.
Logical segmentation
Utilizes VLANs, which are isolated logically without considering the physical location of devices.
Low-interaction Honeypots
Emulate only a limited number of services and applications of a target system or network.
MD5
This algorithm takes a message of arbitrary length as an input and then outputs a 128 bit-fingerprint or message digest of the input.
NAND flash memory
Provides a non-volatile storage for the RAID systems primary cache.
OS Assisted Virtualization or Para Virtualization
In this type of virtualization, the guest OS is aware of the virtual experiment in which it is running and communicates with the host Machine to request for resources.
MD6
Uses a merkle-tree-like structure to allow for large scale parallel computation of hashes for very long inputs.
Near field communication (NFC)
Covers very short distances. It employs electromagnetic induction to enable communication between devices connected within 10m.
OS Containers
Virtual environments sharing the kernal of the host environment that provides the isolated user space.
Malware Honeypots
Used to trap malware campaigns or malware attempts over network infastucture.
Network access controls
Offer various access control mechanisms for network devices like routers and switches
Onject
An explicit resource on which an access restriction is imposed.
Management consol
Interface used to access, configure, and manage the virtualization product.
Network access server (NAS)
Also known as a media gateway or a remote access server(RAS). It is responsible for setting up and maintaining each tunnel in a remote access VPN.
Off-site data backup
Storing data in a remote location such as a fire proof, indestructible safe.
Management server
Virtualization platform components used to directly manage the virtual machines and to simplify the administration of resources.
Network address translation(NAT)
Separates IP addresses Into two sets and enables lan to use these resources for internal and external traffic, respectively.
Omnidirectional antenna
Radiate electromagnetic (EM) energy in all directions.
Mandatory access control(MAC)
Determines the usage and access policies of users.
Network attached storage (NAS)
A file based data storage service and a dedicated computer appliance shared over the network.
Onsite data backup
Storing backup data at onsite data storage only.
Mantrap
A security system having an entry and exit door on opposite sides, separating secure and non-secure areas.
Network defense essentials(NDE)
A security program covering the fundamentals concepts of network security.
Open system authentication
A null authorization, algorithm that does not verify whether it’s user or machine requesting network access.
Mechanical locks
Provide an easy method to restrict unauthorized access in an organization.
Network defense
To protect an organizations info, systems, and infastucture from unauthorized access, misuse, modification, service denial, or any other degredation and disruptions.
Operating system verification
Enables the hardware to execute multiple operating systems simultaneously
Medium-interaction honeypots
Simulate a real OS as well as applications and services of a target network.
Network Drivers
These are pluggable and provide actual implemention for the functioning of the network.
Operation
An action performed by a subject on an object
Mobile Application Management (MAM)
A software or service that enables network defenders to secure, manage, and distribute enterprise applications on employee mobile devices.
Network intrusion Detection System (NIDS)
Used to observe the traffic for any specific segment or device and recognize the occurrence of any suspicious activity on the network and application protocols.
Orthogonal Frequency-Division Multiplexing (OFDM)
Method of encoding digital data on multiple carrier frequencies.
Mobile content management (MCM)
Provide secure access to corporate data on tablets, smartphones, and other mobile devices.
Network Packets
A unit of data transmitted over a network for communication.
Mobile device Management (MDM)
Provides platforms for over-the-air or wired distribution of applications,data, and communication settings of all types for Mobile devices including mobile phones, smartphones, and tablet computers.
Network security controls
The security feature that should be appropriately configured and implemented to ensure network security.
Mobile Email Management
Ensure the security of corporate email infastucture and data.
Network security Devices
Devices that are deployed to protect computer networks from unwanted traffic and threats
Mobile security management
Involves actions and precautionary steps for securing the organizations data and mobile devices used by employees.
Network Security Protocols
Implement security related operations to ensure the security and integrity of data in transit.
Multi-cloud
A dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed by one primary interface to ensure long term business goals.
Network segmentation
The practice of splitting a network into smaller network segments and separate groups of systems or applications from each other.
Multi-homed Bastion Host
A firewall device with at least two network interfaces.
Network sensors
Hardware and software components that monitor network traffic and trigger alarms if any abnormal activity is detected.
Multi-layer security
Prevents access to IoT by using multi-factor authentication (MFA), transport layer security (TLS), device identity management, ect.
Network traffic monitoring
A retrospective security approach that involves monitoring a network for abnormal activities, performance issues, bandwidth issues, ect.
Multiple-input, multiple output orthogonal Frequency-Division Multiplexing (MIMO-OFDM)
An air interface for 4g and 5g communications.
Network traffic signatures
A set of traffic characteristics such as a source/destination IP address, ports, transmission control protocol (TCP) flags, packet length, time to Live (TTL), and protocols. Signatures are used to define the type of activity on a network.
Multiport Memory controller(MC)
Provides access to memory in up to 8 ports. A memory controller can be present as a separate chip or as an integrated memory.
Network Virtualization
A process of combining all the available network resources and enabling security professionals to share these resources amongst the network users using a single administrative unit.
Network
A collection of endpoints that have connectivity between them.
Network-based firewalls
Used to filter inbound/outbound traffic from internal LAN.
Next Generation Firewall (NGFW)
A third generation firewall technology that moves beyond port/protocol inspection.
Non-Repudiation
Ensures that a party in communication cannot deny sending the message
Non-routing Duel-homed Hosts
This type of host is completely a firewall, or a component in a multi-faceted firewall.
Non-transparent proxy
Also known as explicit proxies and require client software to be configured to use the proxy server.
Normal Traffic Signatures
Acceptable traffic patterns allowed to enter the network
nvSRAM
The fastest non-volatile RAM in the industry with 20ns read and write access time.
Orthogonal Frequency-Division Multiplexing (OFDM)
Method of encoding digital data on multiple carrier frequencies
PEAP
A protocol that encapsulates the EAP within an encrypted and authenticated transport layer security (TLS) tunnel.
RADIUS
Remote authentication dial-in user service(RADIUS) an authentication protocol that provides centralized Authorization, Authentication, and Accounting (AAA) for remote access servers to communicate with a cent real server.
Packet Filtering Firewall
Work at the network level of the OSI model (or the IP layer of TCP/IP)
RAID Controller
Manages an array of physical disk drives and presents them to the computer as logical units.
Packet filters
Examine the routing info if the packets.
RAID level 0
Disk striping RAID 0 deals with data performance. In this level, data is broken into sections and written across multiple drives.
Parabolic grid antenna
Uses the same principles as a satellite dish, but does not have a solid dish. Consists of a semi-dish in the form of a grid of aluminum wires.
RAID level 1
Disk mirroring: multiple copies of data are written on multiple drives at the same time.
Paranoid policy
Forbids everything. There is a strict restriction on all company computers, whether it’s in system or network usage.
RAID level 10
Blocks striped and mirrored: RAID 10 is a combination of RAID 0 (striping volume data) and RAID 1 (disk mirroring), and it’s implementation requires at least four drives.
Password Authentication
A combination of a username and password to authenticate the network users.
RAID level 3
Disk Striping with parity: Data is striped at the byte level across multiple drives. One drive per set is taken up for parity info.
Password Blacklist
Contains a list of words that are prohibited from use as passwords because of their familiarity.
RAID level 5
Block Interval Distribution Parity: The data is striped at the byte level across multiple drives, and the parity info is distributed among all member drives.
Password Policy
Provides guidelines for using strong passwords for an organizations resources
RAID level 50
Mirroring and stripping across multiple RAID Levels: RAID level 50 includes mirroring and stripping across multiple RAID Levels.
Passwords and Pins
Basic security features used in all mobile devices.
RC4
A variable key size symmetric key stream cypher with byte oriented operations, and it is based on the use of random permutation.
Payment Card Industry Data Security Standard (PCI-DSS)
A proprietary information security standard for organizations that handle cardholder info for major debit, credit, prepaid, e-purse, ATM, and POS cards.
RC5
A parameterized algorithm with a variable block size, variable key size, and variable number of rounds. The key size is 128 bits.
Permissive policy
This policy is wide open, and only known dangerous services/attacks or behaviors are blocked.
RC6
A parameterized algorithm with a variable block size, key size, and number of rounds.
Physical Barriers
Restrict unauthorized persons from entering the building; always use a combination of barriers to discourage unauthorized entry.
RFID
The radio frequency identification (RFID) tech uses radio frequency (RF) electromagnetic waves to transfer data for automatic identification and for tracking tags attached to objects.
Physical Security Controls
Provide physical protection of the information, buildings, and all other physical assets of the organization.
Reactive Approach
Consists of methods or techniques that are used to detect attacks on the target network.
Physical security policy
Defines guidelines to ensure that adequate physical security measures are in place.
Real time analytics
Involves analyzing IoT things and taking steps accordingly.
Physical Security
Restricting physical access to the infrastructure, office premises, workstations, and employees of the organization.
Real-time monitoring
Involves monitoring IoT assets, processing products, maintaining a flow, helping detect issues, and taking actions immediately.
Physical Segmentation
A process for splitting a larger network into smaller physical components.
Real time IDS
Gathers and monitors information from network traffic regularly.
Platform-as-a-Service (PaaS)
A cloud computing service offers development tools, configuration management, and development platforms on-demand that can be used by subscribers to develop custom applications.
Reconnaissance Traffic Signatures
Consist of signatures that indicate an attempt to scan the network for possible weaknesses
Point-to-point VPN Topology
Any two endpoints are considered as peer devices which can communicate with each other. Any of the devices can be used to initiate the connection.
Recovery Controls
These controls are used in a more serious condition to recover from security violation and restore information and systems to a persistent state.
Point-to-Miltipoint Connection
(P2MP, PTMP, PMP) connection allows one-to-many connections by providing multiple paths from a single location to several other locations
Redundant Array of Independent Disks (RAID) Tech
A method of combining multiple hard drives into a single unit and writing data across several disk drives, offering fault tolerance.
Point-to-point (P2P) Connection
Enables secure communication between two mobile devices without data encryption.
Reference Monitor
Monitors the restrictions imposed on the basis of certain access control rules.
Policies
High-level statements dealing with the administrative network security of an organization.
Reflector Antennas
Used for concentrating electromagnetic energy that is radiated or received at a focal point.
Pretty Good Policies (PGP)
An application layer protocol which provides cryptographic privacy and authentication for network communication.
Registry
Contains all images that an organization deploys
Prevention controls
used to prevent unwanted or unauthorized access to resources.
Regulatory Frameworks
Contain a set of guidelines and best practices
Preventive Approach
Consists of methods or techniques that are used to avoid threats or attacks on the target network
Remote wipe
A technique used for securing and protecting data from miscreants if a mobile device used by an employee was stolen or lost.
Preventive controls
Prevent security violations and enforce various access control mechanisms.
Removable Media Encryption
Prevents removable Media devices from unauthorized access
Primary RAID Memory Cache
Cache is used to write the data in transition. A RAID system uses a cache to speed up I/O performance on the storage system.
Research Honeypots
Research Honeypots are High-Interaction Honeypots primarily deployed by research institutes, governments, or military organizations to gain detailed knowledge about the actions of intruders
Principle of least privilege (POLP)
Extends the need to know principle in providing access to a system
Response System
Issues countermeasures against any intrusion that is detected
Private cloud
A cloud operated infastucture operated by a single organization and implemented with a corporate firewall
Retinal scanning
Analyzes the layer of blood vessels at the back of their eyes to identify the person
Proactive approaches
Consists of methods or techniques that are used to make informed decisions on potential attacks in the future on the target network
Retrospective Approaches
Consist of methods or techniques that examine the causes for attacks, and contain, remediate, eradicate, and recover from damage caused by the attack on the target network
Process layer
Gathers info and processes the received information.
Reverse Proxy
Usually situated closer to the server(s) and will only return a configured set of resources.
Production Honeypots
Deployed inside the production network of the organization along with the other production servers
Rivets-Shamir-Adleman (RSA)
An internet encryption and authentication system that uses a algorithm developed by Ron Rivest, Adi Shamir, and Leonard Aldeman
Promiscuous Policy
Does not impose any restrictions on the usage of system resources
RBAC
In a role based access control, the access permissions are available based on the access policies determined by the system.
Protocol Anomaly Detection
Depends on the anomalies specific to a protocol
RB-RBAC
Role based access control gives permissions to a user role dynamically based on a set of rules defined by the admin.
Proxy servers
An application that serves as an intermediary when connecting with other computers
Prudent Policy
Starts with all services blocked. The Network defender enables safe and necessary services individually.
Public cloud
The provider makes services such as applications, servers, and data storage available to the public over the internet
Public key infrastructure (PKI)
A security architecture developed for increasing the confidentiality of the information exchanged over the internet.
Pure honeypots
Emulate the real production network of a target organization.
Push Notification Services
A messaging feature that originates from a server and enables the delivery of data or a message from an application to a mobile device without any explicit request from the user.
SATA
Serial ATA deals with hot plugging and serial connectivity. The hot plugging technique may be used to replace computer components without shutting down the system.
TACACS+
Provides authentication, authorization, and Accounting (AAA) services for network communication.
USA Patriot Act 2001
The purpose of the USA Patriot act is to deter and punish terrorist acts in the us and around the world and enhance law enforcement investigation tools.
SCSI
Small computer system interface (SCSI) allows multiple devices to be connected to a single port at the same time.
TKIP
A security protocol used in WPA as a replacement for WEP
Unauthorized Access Traffic Signatures
Traffic containing certain signatures that indicate an attempt to gain unauthorized access.
SDRAM
Dynamic Random Access memory (DRAM) that is synchronized with the CPU clock speed
Technical security controls
Used for restricting access to devices in an organization to protect the security of sensitive data
Universal serial bus (USB)
Enables wired communication for devices. It can be used for power supply and serial data transmission between devices
SHA-1
Produces a 160-bit digest from a message with a maximum length of (264 - 1) bits, and it resembles the MD5 algorithm.
The Digital Millennium Copyright Act (DMCA)
A united states copyright law that implements two 1996 treaties of the world intellectual property organization (WIPO).
User Behavior Analytics (UBA)
The process of tracking user Behavior to detect malicious attacks, potential threats, and financial fraud.
SHA-2
A family of two similar hash functions with different block sizes, namely, SHA-256, which uses 32-bit words, and SHA-512, which uses 64-bit words
The electronic communications privacy act
The electronic communications privacy act and the stored wire electronic communications act are commonly refered together as the electronic communications privacy act (ECPA) of 1986.
User identity management (IDM)
Deals with confirming the identity of a user, process, or device accessing the network
SHA-3
Uses the sponge construction, in which message blocks are XORed into the initial bits of the state, which is then invariably permutated.
The federal information security management act (FISMSA)
Provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets.
SOCKS Proxy
SOCKS, an internet Engineering Task Force (IETF) standard, is a proxy server that does not have the special caching abilities of a caching HTTP proxy server
The Federal Information act of 2000
Makes provision for the discloser of information held by public authorities or by persons providing services for them to amend the data protection act of 1998 and the public records act of 1958.
Sandbox
This contains the configuration of a containers network stack such as routing table, management of containers interfaces, and DNS settings.
The Human Rights act of 1998
Buttresses the rights and freedoms guaranteed under the European convention of human rights.
Sarbanes Oxley ACT (SOX)
Designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures.
Transparent proxy
A proxy through which a client system connects to a server without it’s knowledge.
Satellite communication (SATCOM)
An artificial geostationary satellite that provides services across the globe, but it is much slower.
Transport Layer Security (TLS)
Ensures a secure communication between client-server applications over the internet
Screen Lock
A feature in mobile devices that is used to secure data and prevent illegal access by perpetrators
True negative (No attack- no alert)
A condition that occurs when an IDS identifies an activity as acceptable behavior, and the activity is acceptable
Secure hashing algorithm (SHA)
Generates a cryptographically secure one-way hash; it was published by the national institute of standards and technology as a US federal Information Processing standard
True positive (attack-alert)
A condition that occurs when an event is triggers an alarm and causes the IDS to react as if an attack is in progress.
Secure hypertext Transfer Protocol (S-HTTP)
An application layer level protocol that is used to encrypt web communications carried over HTTP
Turnstiles
Physical barrier that allows entry to one person at a time
Secure Sockets Layer (SSL)
A protocol used for providing a secure authentication mechanism between two communicating applications such as a client and server.
Two-factor authentication
A process where a system confirms the user identification in two steps.
Secure VPNs
Networks constructed using encryption
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Application layer protocol which is used by sending digitally signed and encrypted email messages.
Security Incident and Event Management (SIEM)
Performs real time SOC(Security Operations Center) functions like identifying, monitoring, recording, auditing, and analyzing security incidents.
Security Monitoring
To address security breaches at early stages and to prevent malicious attacks on an IoT system.
Security Policy
A well documented set of plans, processes, procedures, standards, and guidelines required to establish an ideal information security status of an organization.
Security-as-a-Service (SECaaS)
Cloud computing model that integrates security services into corporate infastucture in a cost-effective way.
Separation of duties (SoD)
Breakdown of the authentication process into various steps.
Server virtualization
The logical partitioning of a servers hard drive.
Service Set Identifier (SSID)
A 32-alphanumeric-character unique identifier given to a WLAN that acts as a wireless identifier of the network.
Shared key Authentication
Each wireless station receives a shared secret key over a secure channel that is distinct from the 802.11 wireless network communication channels.
Shared Responsibility
Security is a shared Responsibility on cloud systems l, wherein the cloud consumer and service providers have varying levels of control over the available computing resources.
Signature Recognition
Also known as misuse detection, tries to identify events that indicate an abuse of the system or network resource
Simple network management protocol (SNMP) Polling
Used for identifying the IP devices attached to a wired network
Single Firewall DMZ
The network architecture containing the DMZ consists of three network interfaces.
Single Sign-on (SSO) authentication
Allows users to access multiple applications using a single username and password
Single homed bastion host
A firewall device with only one network interface
Site to site VPNs
Extends the companies network, allows access of the organizations network resources from multiple locations
Smart card authorization
A smart card consists of a small computer chip that stores personal info of the users identification
Software firewalls
A software program installed on a computer, just like normal software software
Software VPNs
VPN software is installed and configured on routers, servers and firewalls or as a gateway that functions as a VPN
Software as a service (SaaS)
Cloud computing service offers software to subscribers on demand over the internet
Spam honeypots
Specifically target spammers who abuse vulnerable resources such as open email relays and open proxies.
Spider honeypots
Also called spider traps. These honeypots are specifically designed to trap we crawlers and spiders
Standards
Comprise specific low-level mandatory controls or controls related to the implementation of a specific tech.
Star topology
Each device on the network is connected to a central hub that manages the traffic through the network
State full multi-layer inspection firewall
Combines the aspects of the other three types
Storage area network (SAN)
A specialized, dedicated, and discreet high speed network that connects storage devices with high speed I/O interconnect
Storage Device Virtualization
Virtualization of storage devices using techniques such as data striping and data mirroring
Subject
Defined as a user or a process that attempts to access objects
Symmetric encryption
Requires that both the sender and the receiver of the message have the same encryption key.
System access controls
Used for the restriction of access to data according to the sensitivity of data, clearance level of users, user rights, and permissions.
System Specific Security Policy (SSSP)
Directs users while configuring or maintaining a system
VPN Concentrators
A network device used to create secure VPN connections
WLAN
Connects users in a local area with a network. The area may range from a single room to an entire campus
VPN Topologies
Specifies how the peers and networks within a VPN are connected
WMAN
Accesses broadband area networks by using an exterior antenna. It is a good alternative to a fixed line network
Vein structure Recognition
Analyzes thickness and location of veins to identify a person
WPA2 Enterprise
Integrated EAP standards with WPA2 encryption.
Video Surveillance
Refers to Monitoring activities in and around the premises using CCTV (Close Circuit Television) systems.
WPA2
An upgrade to WPA, and it includes mandatory support for counter mode with cypher blocks chaining message Authentication Code protocol (CCMP), an AES-based encryption mode with strong security.
Virtual Private Network
A private network constructed using public networks, such as the internet.
WPA3
An advanced implementation of WPA2 providing trailblazing protocols and uses the AES-GCMP encryption algorithm.
Virtualization
Refers to a software-based virtual representation of an IT infastucture that includes network, devices, applications, storage, ect.
WPAN
Interconnects devices positioned around an individual, in which the connections are wireless. It has a very short range.
Voice Recognition
Identifies a person based on voice and speech patterns.
WWAN
Covers an area larger than the WLAN. It can cover a particular region,nation,or a globe.
Warm backup (Nearline)
The system updates are turned on to receive periodic updates.
Warning signs
Used to ensure someone does not inadvertently intrude on any restricted areas
Wi-Fi protected access (WPA)
An advanced encryption protocol using TKIP and message integrity check(MIC) to provide strong encryption and authentication
Wi-Fi
Radio waves or microwaves to allow electronic devices to exchange data or connect over the internet
WiMAX
The worldwide interoperability for microwave access (WiMAX) tech uses long range wireless networking and high speed internet
Windows Information Protection (WIP)
WIP has an endpoint data loss prevention (DLP) capability that can be helpful in protecting local data at rest on endpoint devices
Wired equivalent privacy (WEP)
A security protocol defined by the 802.11b standard; it was designed to provide wireless LAN with a level of security and privacy comparable to that of a wired LAN
Wired Network Scanning
Wired network scanners such as Nmap are used for identifying a large number of devices on a network by sending specifically crafted TCP packets to the device (Nmap-TCP fingerprinting).
Wireless bridge
Connects multiple LANs at the medium access control (MAC) layer.
Wireless Gateways
A key component of a wireless network. It is a device that allows Internet-enabled devices to access the network.
Wireless Modem
A device that allows PCs to connect to a wireless network and access the internet connection directly with the help of an ISP.
Wireless network cards (NIC)
Cards that locate and communicate to an AP with a powerful signal, giving network access to users.
Wireless Networks
Use radio frequency (RF) signals to connect wireless-enabled devices to a network
Wireless Repeater (range expanders)
The device retransmits the existing signal captured from the wireless router or an AP to create a new network.
Wireless Router
A device in a WLAN which interconnects two types of Networks using radio waves to the wireless enabled devices such as computers, laptops, and tablets.
Wireless Scanning
Performs an active wireless network scanning to detect the presence of wireless APs in the vicinity
Wireless USB Adapter
Connects different devices to a wireless network in order to access the internet without a computer, router, or any other network device.
Yagi antenna
Also called a Yagi-Uda antenna, is a unidirectional antenna commonly used in communications using the frequency band from 10 MHz to very high frequency (VHF) and ultra-high frequency (UHF)
