1
Q
CIA
A
Confidentiality, Integrity, and Availability
2
Q
AAA
A
Authentication, Authorization, and Accounting
3
Q
PKI
A
Public Key Infrastructure
4
Q
FDE
A
Full Disk Encryption
5
Q
WPA
A
Wi-Fi Protected Access
6
Q
IPSec
A
Internet Protocol Security
7
Q
TLS
A
Transport Layer Security
8
Q
HMAC
A
Hash-Based Message Authentication Code
9
Q
SHA
A
Secure Hash Algorithm
10
Q
MD5
A
Message Digest Algorithm #5
11
Q
PKCS
A
Public Key Cryptography Standard
12
Q
SAN
A
Subject Alternative Name
- a field in a digital certificate allowing a host to be identified by multiple host names/subdomains
13
Q
CN
A
Common Name
- an X500 attribute expressing a host or username, also used as the subject identifier for a digital certificate
14
Q
MSP
A
Managed Service Providers
- provisions and supports IT resources such as networks, security of web infrastructure
15
Q
BEC
A
Business Email Compromise
- an impersonation attack in which the attacker gains control of the employee’s account and use it to convince other employees to perform fraudulent actions
16
Q
TOCTOU
A
Time-of Check, Time-of-Use
- where a system state changes between the check (verification) state and the use (execution) stage
17
Q
CASB
A
Cloud Access Security Brokers
- enterprise management software designed to mediate access to cloud services by users across all types of devices
18
Q
XSS
A
Cross-Site Scripting
- a malicious script hosted on the attacker’s site or coded in a link injected onto a trusted site designed to compromise clients’ browsing the trusted site, circumventing the browser’s security model or trusted zones
19
Q
SQLi
A
Structured Query Language Injection
20
Q
PUP/PUA
A
Potentially Unwanted Programs / Potentially Unwanted Applications
- software that cannot be definitively be classed as malicious, buy may not have been chosen by or wanted by the user
21
Q
APT
A
Advanced Persistent Threat
- threat actors with the ability to craft novel exploits and techniques to obtain, maintain, and diversify unauthorized access to network systems over a long period
22
Q
DDoS
A
Distributed Denial of Service
- an attack that involves the use of infected Internet-connected computers and devices to disrupt the normal flow of traffic of a server or a service overwhelming the target with traffic
23
Q
ARP
A
Address Resolution Protocol
- broadcast mechanism by which the hardware MAC address of an interface is matched to an IP address on a local network segment
24
Q
HIPS
A
Host-based Intrusion Prevention System
- endpoint protection that can detect and prevent malicious activity via signature and heuristic pattern matching
25
HIDS
Host-based Intrusion Detection System
- a type of IDS that monitors computer systems for unexpected behavior or drastic changes to the system's state
26
FIM
File Integrity Monitoring
- a type of software that reviews system files to ensure that they have not been tampered with
27
CSP
Cloud Service Provider
- organization providing infrastructure, application, and/or storage services via na "as a service" subscription-based, cloud-centric offering
28
IaC
Infrastructure as Code
- provisioning architecture in which deployment of resources is performed by scripted automation and orchestration
29
NFV
Network Functions Virtualization
- provisioning virtual network appliances, such as switches, routers, and firewalls, via VMs and containers
30
TAP
Test Access Point
- hardware device inserted into a cable run to copy frames for analysis
31
EAP
Extensible Authentication Protocol
- framework for negotiating authentication methods that enable systems to use hardware-based identifiers, such as fingerprint scanners or smart card readers, for authentication and to establish secure tunnels through which to submit credentials
32
RADIUS
Remote Access Dial-In User Service
-
33
WAF
Web Application Firewall
- a firewall designed specifically to protect software running on web servers and their back-end databases from code injection and DoS attacks
34
NGFW
Next-Generation Firewall
- advances in firewall technology, from app awareness, user-based filtering, and intrusion prevention to cloud inspection
35
UTM
Unified Threat Management
- all-in-one security appliances and agents that combine the function of a firewall, malware scanner, intrusion detection, vulnerability scanner, data-loss prevention, content filtering, and so on
36
CIS
Center for Internet Security
37
STIGs
Security Technical Implementation Guides
38
DISA
Defense Information Systems Agency
39
SCAP
Security Content Automation Protocol
- a NIST framework that outlines various accepted practices for automating vulnerability scanning
40
NAC
Network Access Control
- a security solution that enforces policy on devices seeking to access network resources
41
MAM
Mobile Application Management
- focuses on securing and managing applications on employee's mobile devices
42
CMDB
Configuration Management Database
- a centralized repository of information related to organization's IT infrastructure including, assets, configuration, and relationships
43
SBOM
Software Bill of Materials
- a list of detailed information about the software components and dependencies used in an application or system
44
SCA
Software Composition Analysis
- tools designed to assist with identification of third-party and open-source code during software development and deployment
45
CTI
Cyber Threat Intelligence
- process of investigating, collecting, analyzing, and disseminating information about emerging threats and threat sources
46
CTA
Cyber Threat Alliance
47
ISACs
Information Sharing and Analysis Centers
- a not-for-profit group set up to share sector-specific threat intelligence and security best practices among it's members
48
OSINT
Open-Source Intelligence
- used to identify vulnerabilities and threat information by gathering data from an y sources such as blogs, forums, social media platforms, and even the dark web
49
TTPs
Tactics, Techniques and Procedures
- analysis of historical cyberattacks and adversary actions
50
CVE
Common Vulnerabilities and Exposure
- a dictionary of vulnerabilities in published operating systems and applications
51
CVSS
Common Vulnerability Scoring System
- a risk management approach to qualifying vulnerability data and then taking into account the degree of risk to different types of systems or information
52
EF
Exposure Factor
- the percentage of an asset's value that would be lost during a security incident or disaster scenario
53
SIEM
Security Information and Event Management
- a solution that provides real-time or near-real-time analysis of security alerts generated by network hardware and applications
54
OVAL
Open Vulnerability and Assessment Language
- an XML schema for describing system security state and querying vulnerability reports and information
55
XCCDF
Extensible Configuration Checklist Description Format
- an XML schema for developing and auditing best practice configuration checklists and rules
56
SNMP
Simple Network Management Protocol
- application protocol used for monitoring and managing network devices
- works over UDP ports 161 and 162 by default
57
ACL
Access Control List
- list of permissions associated with a network device, such as a router or a switch, that controls traffic at a network interface level
58
DNS
Domain Name System
59
DNSSEC
Domain Name System Security Extensions
- security protocol that provides authentication of DNS data and uphold DNS data integrity
60
SMTP
Simple Mail Transfer Protocol
- application protocol used to send email between hosts on the Internet
- messages are sent between servers over TCP port 25 or submitted by a mail client over secure port TCP/587
61
POP3
Post Office Protocol v3
- application protocol that enables a client to download email messages from a server mailbox to a client over port TCP/110, or secure port TCP/995
62
IMAP
Internet Message Access Protocol
- application protocol providing a means for a client to access and manage email message stored in a mailbox on a remote server
- IMAP4 utilizes TCP/143, the secure version IMAPS uses TCP//993
63
SPF
Sender Policy Framework
- an email authentication method that helps detect and prevent sender address forgery commonly used in phishing and spam emails
64
DKIM
DomainKeys Identified Mail
- a cryptographic authentication mechanism for mail utilizing a public key published as a DNS record
65
DMARC
Domain-Based Message Authentication, Reporting and Conformance
- uses the result of SPF and DKIM checks to define rules for handling messages, such as moving messages to quarantine or spam, rejecting them outright, or tagging messages
66
DLP
Data Loss Prevention
- a software solution that detects and prevent sensitive information from being stored on unauthorized system or transmitted over unauthorized networks
67
NAC
Network Access Control
- a general term for the collected protocols, policies, and hardware that authenticate and authorize access to a network at the device level
68
EDR
Endpoint Detection and Response
- a software that collects system data and logs for analysis by a monitoring system to provide early detection of threats
69
XDR
Extended Detection and Response
- expands EDR by providing broader visibility and response capabilities by extending protection beyond endpoints by incorporating dar from the network, cloud platforms, email gateway, firewall, and other essential infrastructure components
70
UBA / UEBA
User Behavior Analytics / User and Entity Behavior Analytics
- a system that can provide automated identification of suspicious activity by user accounts and computer hosts
71
SSO
Single Sign-On
- authentication technology that enables a user to authenticate once and receive authorizations for multiple services
72
KDC
Key Distribution Center
- a component of Kerberos that authenticates users and issues tickets (tokens)
73
TGT
Ticket Granting Ticket
- in Kerberos, a token issued to an authenticated account to allow access to authorized application servers
74
LDAP
Lightweight Directory Access Protocol
- protocol used to access network directory databases, which store information about authorized users and their privileges, as well as other organizational information
75
REST
Representational State Transfer
- a standard, stateless architecture style used by web applications for communication and integration
76
OAuth
Open Authentication
- a standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider
77
SAML
Security Assertion Markup Language
- an XML-based format used to exchange authentication information between client and a service
78
SOAP
Simple Object Access Protocol
- an XML-based web services protocol that is used to exchange messages
79
DAC
Discretionary Access Control
- each resource is protected by an ACL managed by the resource's owner (or owners)
80
MAC
Mandatory Access Control
- resources are protected by inflexible system-defined rules
81
RBAC
Role-Based Access Control
- resources are protected by ACLs that are managed by administrators and that provide user permissions based on job functions
82
ABAC
Attribute-Based Access Control
- a technique that evaluates a set of attributes that each subject possesses to determine if access should be granted
83
FRR
False Rejection Rate
- a legitimate user is not recognized; measured as a percentage
84
FAR
False Acceptance Rate
- where an interloper is accepted; measured as a percentage
85
CER
Crossover Error Rate
- point at which FRR and FAR meet
- the lower the CER, the more efficient and reliable the technology
86
PAM
Privileged Access Management
- policies, procedures, and support software for managing accounts and credentials with administrative permissions
87
SAW
Secure Administrative Workstation
88
88
CIRT
Computer Incident Response Team
88
IRP
Incident Response Plan
- specific procedures that must be performed if a certain type of event is detected or reported
89
CSIRT
Computer Security Incident Response Team
90
CERT
Computer Emergency Response Team
91
SOC
Security Operations Center
92
AUP
Acceptable User Policy
- this policy outlines the acceptable ways in which network and computer systems may be used by defining what constitute acceptable behavior by users
93
SDLC
Software Development Lifecycle
- processes of planning, analysis, design, implementation, and maintenance that often govern software and systems development
94
ERM
Enterprise Risk Management
- comprehensive process of evaluating, measuring, and mitigating the many risks that pervade an organization
95
RCSA
Risk and Control Self-Assessment
- an internal process undertaken by stakeholders to identify risks and effectiveness with which controls mitigate those risks
96
KRI
Key Risk Indicators
- critical predictive indicators organizations use to monitor and predict potential risks
97
BIA
Business Impact analysis
- systematic activiity that identifies organization risks and determines their effect on ongoing, mission critical operations
98
MTD
Maximum Tolerable Downtime
- longest period of time that a business function outage may occur for without causing irrecoverable business failure
99
MOU
Memorandum of Understanding
- usually a preliminary or exploratory agreement to express an intent to work together that is not legally binding and does not involve the exchange of money
100
NDA
Nondisclosure Agreement
- an agreement that stipulates that entities will not share confidential information, knowledge or materials with unauthorized third parties
101
MOA
Memorandum of Agreement
- legal document forming the basis for two parties to cooperate without a formal contract (a cooperative agreement). MOAs are often used by public bodies
102
BPA
Business Partnership Agreement
- agreement by two companies to work together closely, such as the partner agreements that large IT companies set up with resellers and solution providers
103
MSA
Master Service Agreement
- a contract that establishes precedence and guidelines for any business documents that are executed between two parties
104
SLA
Service-Level Agreement
- an agreement that sets the service requirements and expectations between a consumer and a provider
105
Comptia Security+ SY0-701
flashcards
Decks in class (3)
# Cards
