Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
cybersecurity+ vocab
acry spotted on test
| Term | Definition |
|---|---|
| IoT | Internet of Things -physical objects with sensors, processing ability, software, and other technologies. |
| RTOS | Real time operating system -operating system that processes data and events that have critically defined time constraints |
| MFD | multifunctional device -usually has weak cybersecurity -example printer |
| SoC | System on a chip. multiple components that run on a single chip are categorized as a SoC. |
| ISO 27701 | Privacy information management { Privacy Information Management System (PIMS)} - ISO 27001 with extra steps |
| PKI | Public Key infrastructure -set of roles, policies, hardware, software, and procedures to create, manage, distribute, use, store, and revoke certs and public key encryption. |
| IaaS | Infrastructure as a Service -cloud service -offers storage/networking resources on demand while being cost effective -very flexible |
| SOAR | Security orchestration, automation, and Response -set of services and tools that automate cyberattack prevention and response. -develops incident response plans |
| ISO 31000 | international risk management principles and guidelines. provides a framework and a process for managing risk |
| ISO 27002 | non management standard but is much more detailed than 27001. both focus on ISMS (information security management system) |
| ISO 27001 | also referred to as IEC 27001, this standard focuses on information security management, ISMS. -risk management -cyber resilience -operational excellence |
| DDoS | A attack that targets websites by disrupting the network services in an attempt to exhaust the resources. usually revolves flooding with errant traffic. |
| MTBF | Mean TIme Between Failures. -time of performance and availability before malfunction or shut down. |
| RTO | Recovery Time Objective -The amount of time that an application can be down before significant damage |
| MTTR | Mean Time To Resolve -the average time taken by security teams to remediate the detected incident or threat. |
| MTTF | Mean Time To Failure -unlike MTBF, that focuses on repair time, MTTF focuses on things that don't have a repair. -measures the uptime vs downtime. |
| DoS | Disk- based Operating System |
| On-path attack | an attacker that sits in the middle between two stations and is able to intercept, and in some cases, change that information that’s being sent interactively across the network |
| Dissociation attack | a result of cybercriminals exploiting security loopholes or vulnerabilities in a network setup. |
| Tailgating | an attacker follows an authorized person into a secure area without proper authentication. -think of turn styles and someone jamming themselves in with you as you enter. |
| Watering hole | targeted cyberattack whereby a criminal compromises a website or group of websites frequented by a specific group of people. |
| EAP-TLS | Extensible authentication protocol -requires certs on 802.1x server -basic secure network communication -doesn't provide authentication |
| PEAP | Protected Extensible Authentication Protocol -uses TLS (transport layer security) to make messages secure and protected -authentications through 2 phases such as the classic 2 factor authentication apps you use today -doesn't provide encapsulation |
| EAP-TTLS | Tunneled Transport Layer Security -Credential-based authentication protocol -allows authentication while inside encrypted TLS. |
| EAP-MSCHAPv2 | The authenticated wireless access design based on Protected Extensible Authentication Protocol Microsoft Challenge Handshake Authentication Protocol version 2 |
| EAP-FAST | -Mutual authentication -Immunity to passive dictionary attacks -Immunity to man-in-the-middle (MitM) attacks -Flexibility to enable support for most password authentication interfaces -2 phased tunnel authentication |
| Bot net | a group of "zombies" or compromised computers that are taken over to obtain further information. |
| Brute force | the repetitive attempts to unlock a account using different passwords. |
| CASB | Cloud Access Security Broker -a security check point between cloud network users and cloud-based applications. They manage and enforce all data security policies and practices -like a sheriff that enforces the law set by a cloud service admin. |
| DLL injection | a technique used for running code within the address space of another process by forcing it to load a dynamic-link library. -injection is often used by external programs to influence the behavior of another program in a way its authors did not intend. |
| Race condition | an undesirable situation in which 2 processes occur at the same time causing sometimes critical problems. |
| Resource exhaustion | a kind of attack where the attacker or hacker ties up finite resources on a system, making them unavailable to others |
| MFA | Multifactor authentication |
| FDE | Full Disk Encryption -all data is encrypted by default , taking the security decision out of the hands of the user |
| MAC | Message Authentication Code (1) or Media Access Control (2) 1- used to authenticate cryptography to check legitimacy of information. 2- uniformly enforced, identifies the manufacturer, written in HEX. facilitates LAN device communications at layer 2. |
| SED | Self-Encrypting Drive -is a solid state drive or hard disk drive with an encryption circuit built into it -encryptions renders it unreadable without an encryption key. |
| Zero-day vulnerability/attack | prior unknown vulnerability or weakness in a system that is being utilized by threat actor. -this remains a zero day until the breach/infiltration is discovered which marks day 1 |
| TOTP | Time based One Time Password -login credentials used in a single use when someone forgets their user name or password. |
| Smart Card | like a access card or ID badge to get into places or order food. |
| COPE | Corporate Owned Personally Enabled -allows for both employees and enterprises to install applications on enterprise owned mobile devices. |
| VDI | Virtual Desktop Infrastructure -Much like your typical virtual machine; but, these leverage VMs to provision and manage virtual desktops and applications. |
| Geofencing | using GPS, satellite networks, or local radio frequency to create virtual boundaries around a location. |
| Containerization | packaging of a software code from one operating system to make into one executable called a container. |
| MDM | Mobile Device Management -optimizes functionality and security of their fleet of mobile devices. This also protects the corporate network |
| WPA2-PSK (AES) | Wifi Protected Access -2 encryption protocols - most secure next to WPA3 -most commonly used |
| 802.1x | IEEE802.1x standard for PNAC or port-based network access control. provides authentication mechanism to devices wishing to attach to a LAN or WLAN |
| WPS | Wifi Protected Setup -very insecure -minimum security |
| WAF | Web Application Firewall layer 7 defense in the OSI layer protects web applications and APIs by filtering, monitoring, blocking malicious web traffic and application layer attacks |
| DAC | Digital to Analog Converter |
| ABAC | Attribute-Based Access Control analyzes the attributes of components (that are involved in an access event) against rules. |
| RBAC | Role Based Access Control method of access control that assigns and grants access to users based on their role within an organization . |
| rainbow table | a large, precomputed table designed to cache the output of cryptographic hash functions to decrypt hashed passwords into plaintext. |
| Typosquatting | Typosquatting, also called URL hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser. |
| Smishing | phishing but with text messages. SMS messages. |
| DNS poisoning | Domain Name System (DNS) poisoning happens when fake information is entered into the cache of a domain name server, resulting in DNS queries producing an incorrect reply, sending users to the wrong website -also called DNS spoofing / DNS cache poisoning. |
| Dissociation | an attack across wifi that breaks the connection between a victim and the device at the access point |
| SaaS | Software as a Service -cloud -allows users to connect to and use cloud-based apps over the Internet. Common examples are email, calendaring, and office tools |
| privilege escalation | working to obtain higher privilege., such a root |
| replay attack | involves the capture of transmitted authentication or access control info and its subsequent retransmission with the intent of producing an unauthorized effect/access |
| SSID broadcast suppression | reducing the number of overall broadcast frames sent from the wired network to the wireless network. |
| SIEM | Security Information and Event Management -solution that helps organizations detect, analyze, and respond to security threats before they harm business operations. |
| IPS | Intrusion Prevention System -detect (potentially) malicious code/ packets -reacts to code and segments it off from standard INT net traffic. -able to determine if the code/packet is malicious and has the ability to drop it. -inline |
| Data masking | a way to create a fake, but a realistic version of your organizational data. The goal is to protect sensitive data, while providing a functional alternative when real data is not needed—for example, in user training, sales demos, or software testing. |
| DNS sinkhole | also known as a sinkhole server, Internet sinkhole, or Blackhole DNS -used to prevent access to malicious URLs at an enterprise level. -blocks malicious DNS requests. -done via firewalls or other on-perm applications |
| Honeynet | a network of honeypots honeypots are used to lure attackers and study their activities. |
| End-of-life | software or hardware will no longer update |
| tabletop exercise | (TTX) is a facilitated discussion of a scripted scenario in an informal or unwanted occurrence. -plans for when things go uncording to plan. |
| POST | Power On Self Test checks the basic system functions before attempting to load an operating system. |
| secure boot | an important security feature designed to prevent malicious software from loading when your PC starts up (boots) |
| trusted boot | prevents corrupted components from loading during boot up -open source -firmware is compared/measured against known good values to verify their integrity. |
| measured boot | the process of storing hash values used for authentication during a Secure Boot sequence |
| blockchain | a decentralized, distributed and public digital ledger that is used to record transactions across many computers so that the record cannot be altered retroactively without the alteration of all subsequent blocks and the consensus of the network. |
| asymmetric encryption | different on each side; the sender and the recipient use two different keys. |
| BYOD | Bring Your Own Device -refers to corporate IT policies allowing employees to use their own smartphones, laptops and other devices for work-related tasks. |
| SHA256 | Secure Hash Algorithm 256-bit - Cryptographic hash algorithms produce irreversible and unique hashes. The larger the number of possible hashes, the smaller the chance that two values will create the same hash. |
| whaling | a special form of spear phishing that targets specific high-ranking victims within a company. |
| vishing | a type of phishing that utilizes voice calls to obtain sensitive information. |
| phishing | fraudulent messages or emails sent to obtain personal information. |
| Mitigation | the application of policies, technologies and procedures within an organization to reduce the risk or impact of a cyber threat. |
| Transference | the act of shifting risks from one area (or organization) to another. |
| risk-avoidance | When the identified risk exceeds the risk appetite, they will eliminate the risk. -removal of hazards, activities, and exposures that can negatively affect the business. |
| acceptance | believing that the risks posed by certain threats or vulnerabilities will not significantly impact the institution or business or individual |
| memory leak | Memory leak occurs when programmers create a memory in heap and forget to delete it. The consequences of memory leak is that it reduces the performance of the computer by reducing the amount of available memory. |
| split knowledge | prevents any one person from knowing the complete value of an encryption key or passcode -more than 2 people have key components |
| dual control | The Master Policy enables organizations to ensure that passwords can only be retrieved after permission or ‘confirmation’ has been granted from an authorized Safe Owner (s) |
| DMZ | A demilitarized zone network, or DMZ, is a subnet that creates an extra layer of protection from external attack. |
| TTL | Time To Live -if a package or a ping is not acknowledged within a certain time, the request/package/ping is dropped, |
| session hijacking | also known as cookie hijacking. gains access to webserver via a duplicate session. |
| TACACS+ | Terminal Access Controller Access Control System Plus -router or switches communicate with the central server to keep logs of activities, verify identities, and check permissions. |
| LDAPS | allows for the encryption of LDAP data (which includes user credentials) in transit during any communication with the LDAP server (like a directory bind), thereby protecting against credential theft. -over SSL or secure LDAP |
| Kerberos | default authentication protocol for windows |
| Buffer overflow | Much like a DDoS, it overflows from the buffer (container of session data). then is leaked into adjacent memory locations which are not cleared at the end of a session. |
| VLANs | a logical overlay network that groups together a subset of devices that share a physical LAN, isolating the traffic for each group. -also known as virtual LAN |
| LAN | Local Area Network -a collection of devices connected together in one physical location, such as a building, office, or home |
| IPSec | a set of communication rules or protocols for setting up secure connections over a network |
| SSL | Secure Socket Layer -encrypts http traffic -encrypts/decrypts incoming/outgoing http |
| CA | Certificate Authority -assign/issue and manage certs -they authenticate access and digitally sign all outgoing packets |
| RAID arrays | Redundant Array of Independent Disks - data storage virtualization technology that combines multiple physical disk drive components into one or more logical units to better catch errors |
| Hot and Cold aisles | energy efficient layout for server racks and other computing equipment especially for data warehouses. |
| Biometric locks | lock dependent on physical/living traits. -example thumb print |
| Faraday cage | given access to specific door(s) and supply a key to access the other door(s). -can mitigate tailgating |
| X.509 | In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates |
| symmetric encryption | any technique where the same key is used to both encrypt and decrypt the data. |
| Data custodian | A data custodian ensures: 1. Access to the data is authorized and controlled 2. Data stewards are identified for each data set 3. Technical processes sustain data integrity |
| Key stretching | practice of converting a password to a longer and more random key for cryptographic purposes such as encryption |
| Salting | adding a random string of letters before hashing making the password more secure |
| Obfuscation | the act of making something obscure, unclear, or unintelligible -concealment of written code purposefully by the programmer . |
| HSM | Hardware Security Module specialized security device which hides and protects -includes encryption, decryption, authentication, key management, and more. |
| TPM | Trusted Platform Module -a chip on a computer's mother board or processor that serves many purposes such as authentication. |
| full disk encryption | (FDE) locks the drives to your systems. it prevents access to the data on compromised devices and allows for boot time checks, |
| UEFI BIOS | both are firmware interfaces for computers to start the operating system. |
| SQL injection | Structured Query Language Injection modify and retrieve data from SQL databases. this allows for retrieval of information such as log in password and names. |
| SSL stripping | uses SSLStrip tool or related techniques to strip away protocol and HTTPS. a kind of MitM (man in the middle) that takes advantage of the TLS protocol and the way it begins connections |
| CSRF | Cross Site Request Forgery OWASP Foundation an attack that forces an end user to execute unwanted actions on a web application in which they're currently authenticated |
| Worm | malicious program(s) that spreads through a network and replicates on its own. |
| RAT | Remote Access Trojan - type of spyware that takes control over an infected device. it opens a backdoor and allows administrative control over a victim's computer. |
| Logic bomb | a piece of code intentionally inserted into software system that will set off a malicious function when specified conditions are met. |
| On-path attack | attacker that sits in the middle between two stations and is able to intercept, and in some cases, change that information that’s being sent interactively across the network |
| ALE | not a stout, sometimes amber. Annualized Loss Exposure. -potential risk equation (Frequency {annual rate of occurrence} x Magnitude [SLE}= risk) |
| SLE | Single Loss Expectancy -the expected monetary, reputational, operational cost that will be incurred by an organization should an asset be lost or damaged |
| ARO | Annual Rate of Occurrence -predicted likelihood of an event that will cause an SLE occurring within a given year. |
| GDPR | General Data Protection Regulation a regulation in EU law on data protection and privacy in the EU and EEA (European Economic Area). |
| PCI DSS | Payment Card Industry / Data Security Standard - a cybersecurity standard backed by all the major credit card and payment processing companies that aims to keep credit and debit card numbers safe. |
| CSA CCM | Cloud Security Alliance Cloud Controls Matrix cybersecurity control framework for cloud computing. offer understanding of security concepts and principles |
| ARP poisoning | ARP poisoning (also known as ARP spoofing) is a cyber attack carried out through malicious ARP messages -After a successful ARP spoofing, a hacker changes the company's ARP table, so it contains falsified MAC maps |
| Backdoor | threats are often used to gain unauthorized access to systems or data, or to install malware on systems |
| Polymorphic virus | it modifies its own code. When malware with metamorphic capabilities infects a host, the next iteration can look completely different. |
| IMAP | emails are stored on the server by default, which could present issues if the server is compromised. |
| S/MIME | Secure/Multipurpose Internet Mail Extension widely accepted protocol for sending digitally signed and encrypted messages. |
| SSL certificate | enable websites to use HTTPS, which is more secure than HTTP. |
| DLP | Data Loss Prevention security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data. |
| SMTP | Simple Mail Transfer Protocol -email uses this -insecure but can be changed by the user -most susceptible to phishing attacks |
| Proxies | server that is separate from your network that acts as a middle man from your system server and the internet. - This is where internal traffic and coms occurs within a single network. -ex. Amazon Workspace (AWS) |
| honeypot | a cybersecurity mechanism that uses a manufactured attack target to lure cybercriminals away from legitimate targets. They also gather intelligence about the identity, methods and motivations |
| VPN concentrator | A device that can manage large amounts of VPN connections. Not to be confused with a VPN server. |
| PaaS | Platform as a service -provides tools to host, build, deploy consumer facing applications -cloud -less technical |
| RPO | Recovery Point Objective -the max data lass a company can experience before significant harm |
| TLS | Transport Layer Security -used with public or private key -modern version of SSL -SSL is the primary method to secure traffic but if that fails, TLS is used. |
| OSI Layer Transport | number 4 -tcp -tls -ssl |
| OSI layer physical | number 1 -usb -ethernet -hdmi cord |
| OSI layer Application | number 7 -facebook GUI -DNS -HTTP -FTP |
| OSI layer Presentation | number 6 -css -html -MPEG -JPEG |
| OSI layer session | number 5 -ssh -net bios |
| OSI layer Network | number 3 -IP -ICMP |
| OSI layer Data link | number 2 -switch -wifi -point to point protocol -MAC |
| IDS | Intrusion Detection Systems -able to flag all suspicious incoming traffic and will notify NETSec officials -this is a PASSIVE security measure so it cannot defend against anything but can only detect and notify. -out of band |
| inline | traffic goes through a monitored port |
| out of band | all traffic is being observed as it goes through the network. -picks out malicious code |
| spear fishing | an email or electronic communications scam targeted towards a specific individual, organization or business. |
| LDAP | Lightweight Directory Access Protocol -uses TCP as a transmission-standard application protocol for accessing and maintaining a directory of info over a IP network |
| federation | allows members of one organization to authenticate using the credentials from another organization |
| Deterrent security control | controls that do not directly stop an attack but may discourage an action |
| Preventative security control | physically limits access to a device or area. |
| Detective security control | may not prevent access, but it can identify and record any intrusion event |
| Corrective security control | actively works to mitigate any damage |
| compensating security control | doesn't prevent an attack, but it does restore from an attack using other means |
| Physical security control | real-world security such as a fence or door lock |
| stakeholder management | the practice of identifying, analyzing, and prioritizing relationships with internal and external stakeholders who are directly affected by the outcome of a venture or project |
Created by:
mandirich
Popular Computers sets