Sec +
IM (instant messaging)
Real-time text communications products that also support file exchange and remote desktop.
packet sniffing
Recording data from frames as they pass over network media, using methods such as a mirror port or tap device.
war driving
The practice of using a Wi-Fi sniffer to detect WLANs and then either making use of them (if they are open/unsecured) or trying to break into them (using WEP and WPA cracking tools).
screen filter
A security control that allows only the computer user to see the screen contents, thus preventing shoulder surfing.
CC (Common Criteria)
A set of standards developed by a group of governments working together to create a baseline of security assurance for a trusted operating system (TOS).
EMP (Electromagnetic Pulse)
A short burst of electrical interference caused by an abrupt and rapid acceleration of charged particles, which can short-circuit and damage electronic components.
Bluetooth
A short-range wireless radio network transmission medium normally used to connect two personal devices, such as a mobile phone and a wireless headset.
WIDS (wireless intrusion detection system)
A type of NIDS that scans the radio frequency spectrum for possible threats to the wireless network, primarily rogue access points.
phishing
A type of email-based social engineering attack, in which the attacker sends email from a supposedly reputable source, such as a bank, to try to elicit private information from the victim.
turnstile
A type of gateway that only allows one person through at a time.
ransomware
A type of malware that tries to extort money from the victim; for instance, by appearing to lock the victim's computer or by encrypting their files.
UEFI (Unified Extensible Firmware Interface)
A type of system firmware providing support for 64-bit CPU operation at boot, full GUI and mouse operation at boot, and better boot security.
worm
A type of virus that spreads through memory and network connections rather than infecting files.
vulnerability
A weakness that could be triggered accidentally or exploited intentionally to cause a security breach.
captive portal
A web page that a client is automatically directed to when connecting to a network, usually through public Wi-Fi.
Faraday cage
A wire mesh container that blocks external electromagnetic fields from entering into the container.
evil twin
A wireless access point that deceives users into believing that it is a legitamate network access point.
bluejacking
A wireless attack where an attacker sends unwanted Bluetooth signals from a smartphone, mobile phone, tablet, or laptop to other Bluetooth-enabled devices.
secure boot
A UEFI feature that prevents unwanted processes from executing during the boot operation.
SSID (Service Set Identifier)
A character string that identifies a particular wireless LAN (WLAN).
rootkit
A class of malware that modifies system files, often at the kernel level, to conceal its presence.
site survey
A collection of information about a location for the purposes of buildng an ideal infrastructure; it often contains optimum locations for wireless antenna and access point placement to provide the required coverage for clients and identifying sources of interference.
COOP (Continuity of Operations Planning)
A collection of processes that enable an organization to maintain normal business operations in the face of an adverse event. See also business continuity plan.
business continuity
A collection of processes that enable an organization to maintain normal business operations in the face of some adverse event.
data emanation
A concern for wireless media, as the signals can be received for a considerable distance and shielding/containment is not a realistic option in most environments.
spectrum analyzer
A device that can measure signal strength and help detect the source of interference on a wireless network.
AP (access point)
A device that provides a connection between wireless devices and can connect to wired networks.
wireless controller
A device that provides wireless LAN management for multiple Aps.
EMI (Electromagnetic Interference)
A disruption of electrical current that occurs when a magnetic field around one electrical circuit interferes with the signal being carried on in an adjacent circuit.
BIOS (Basic Input/Output System)
A firmware interface that initializes hardware for an operating system boot.
CERT (computer emergency response team)
A group of experts that handles computer security incidents.
mantrap
A secure entry system with two gateways, only one of which is open at any one time.
VPN (virtual Private Network)
A secure tunnel created between two endpoints connected via an unsecure network (typically the Internet).
logic bomb
A malicious program or script that is set to run under particular circumstances or in response to a defined event.
Trojan horse
A malicious software program hidden within an innocuous-seeming piece of software. Usually, the Trojan is used to try to compromise the security of the target computer.
RFID (radio frequency identification)
A means of encoding information into passive tags, which can be easily attached to devices, structures, clothing, or almost anything else.
MAC (Message Authentication Code)
A means of proving the integrity and authenticity of a message.
WEP (Wired Equivalent Privacy)
A mechanism for encrypting data sent over a wireless connection.
backdoor
A mechanism for gaining access to a computer that bypasses or subverts the normal method of authentication.
TKIP (Temporal Key Integrity Protocol)
A mechanism used in the first version of WPA to improve the security of wireless encryption mechanisms, compared to the flawed WEP standard.
shielding
A method of counteracting signal leakage from network media (and thus eavesdropping); it can be applied to a variety of items, from a twisted-pair cable up to an entire room or building
privacy filter
A security control that allows only the computer user to see the screen contents, thus preventing shoulder surfing.
PAN (personal area network)
A network that connects two to three devices with cables and is most often seen in small or home offices.
hotfix
A patch that is often issued on an emergency basis to address a specific security flaw.
token
A physical or virtual item that contains authentication data, commonly used in multifactor authentication.
PSK (preshared key)
A secret that was shared between two parties via a secure channel prior to its use in encrypted communications.
shoulder surfing
A social engineering tactic to obtain someone's password or PIN by observing him or her as he or she types it in.
tailgating
A social engineering technique to gain access to a building by following someone else (or persuading them to "hold the door").
NFC (Near Field Communication)
A standard for peer-to-peer (2-way) radio communications over very short (around 4-inch) distances, facilitating contactless payment and similar technologies, based on RFID.
IV attack (Initialization Vector Attack)
A wireless attack where the attacker is able to predict or control the IV of an encryption process, thus giving the attacker access to view the encrypted data that is supposed to be hidden from everyone else except the user or network.
EAP-TTLS (EAP-Tunneled TLS)
An EAP method that enables a client and server to establish a secure connection without mandating a client-side certificate.
EAP-FAST (Flexible Authentication via Secure Tunneling)
An EAP method that is expected to address the shortcomings of LEAP.
EAP-TLS
An EAP method that requires a client-side certificate for authentication using SSL/TLS.
thin AP
An access point that requires a wireless controller in order to function.
fat AP
An access point whose firmware contains enough processing logic to be able to function autonomously and handle clients without the use of a wireless controller.
WIPS (wireless intrusion prevention system)
An active, inline security device that monitors suspicious network and/or system traffic on a wireless network and reacts in real time to block it.
spoofing
An attack technique where the attacker disguises their identity.
replay attack
An attack where the attacker intercepts some authentication data and reuses it to try to re-establish a session.
DDoS attack (distributed denial of service)
An attack which uses multiple compromised computers (a "botnet" of "zombies") to launch the attack.
APT (advanced persistent threat)
An attacker's ability to obtain, maintain, and diversify access to network systems using exploits and malware.
hoax
An email-based, IM-based, or web-based attack that is intended to trick the user into performing unnecessary or undesired actions, such as deleting important system files in an attempt to remove a virus, or sending money or important information via email or online forms.
counter mode
An encryption mode of operation where a numerical counter value is used to create a constantly changing IV. Also referred to as CTM (counter mode) and CM (counter mode).
CCMP (Cipher Block Chaining Message Authentication Code Protocol)
An encryption protocol used for wireless LANs that addresses the vulnerabilities of the WEP protocol.
WPA (Wi-Fi Protected Access)
An improved encryption scheme for protecting Wi-Fi communications, designed to replace WEP.
WPS (Wi-Fi Protected Setup)
An insecure feature of WPA and WPA2 that allows enrollment in a wireless network based on an 8-digit PIN.
TTP (tactics, techniques, and procedures)
Analysis of historical cyber attacks and adversary actions.
HVAC (Heating, Ventialation, Air Conditioning)
Building control systems maintain an optimum heating, cooling, and humidity level working environment for different parts of the building.
LEAP (Lightweight Extensible Authentication Protocol)
Cisco Systems' proprietary EAP implementation.
virus
Code designed to infect computer files (or disks) when it is activated.
physical security
Controlling access to specific physical areas or assets through measures such as physical barriers, physical tokens, or biometric access controls.
default account
Default administrative and guest accounts configured on servers and network devices that can be possible points of unauthorized access.
NIST (National Institute of Standards and Technology)
Develops computer security standards used by U.S. Federal agencies and publishes cybersecurity best practice guides and research.
hardware lock
Devices can be physically secured against theft using cable ties and padlocks. Some systems also feature lockable faceplates, preventing access to the power switch and removable drives.
EAP (Extensible Authentication Protocol)
EAP is designed to support different types of authentication within the same overall topology of devices. It defines a framework for negotiating authentication mechanisms rather than the details of the mechanisms themselves.
FDE (Full Disk Encryption)
Encryption of all data on a disk (including system files, temporary files, and the pagefile) can be accomplished via a supported OS, third-party software, or at the controller level by the disk device itself.
P2P (peer-to-peer)
File sharing networks where data is distributed around the clients that use the network. Apart from consuming bandwidth and disk space, P2P sites are associated with hosting malware and illegal material.
patch management
Identifying, testing, and deploying OS and application updates.
gateway
In physical security, a wall with a door or a fence with a gate, that allows movement from one area to another.
OSINT (open-source intelligence)
Publicly available information and tools for aggregating and searching it.
threat
The potential for an entity to exercise a vulnerability (that is, to breach security).
PEAP (Protected Extensible Authentication Protocol)
Similar to EAP-TLS, this is an open standard developed by a coalition made up of Cisco Systems, Microsoft, and RSA Security.
adware
Software or browser plug-in that displays commercial offers and deals, and can be similar to spyware but usually installed with the user's consent.
updates
Software revisions that are made freely available by the software manufacturer to fix problems in a particular software version, including any security vulnerabilities.
spyware
Software that records information about a PC and its users, often installed without the user's consent.
MBSA (Microsoft Baseline Security Analyzer)
Software used to determine whether Windows is fully patched and configured securely.
antenna
Specially arranged metal wires that can send and receive radio signals. These are used for radio-based wireless networking.
kill chain
Term used to describe the stages of cyber-attack.
signal strength
The amount of power used by the radio in an access point or station.
supply chain
The end-to-end process of supplying, manufacturing, distributing, and finally releasing goods and services to a customer.
availability
The fundamental security goal of ensuring that computer systems operate continuously and that authorized persons can access data that they need.
confidentiality
The fundamental security goal of keeping information and communications private and protected from unauthorized access.
integrity
The fundamental security goal of keeping organizational information accurate, free of errors, and without unauthorized modifications.
attack surface
The portion of a system or application that is exposed and available to attackers.
auditing
The portion of accounting that entails security professionals examining logs of what was recorded.
risk
The likelihood and impact (or consequence) of a threat actor exercising a vulnerability.
TOS (trusted operating system)
The operating system component of the TCB that protects the resources from applications.
access control
The process of determining and assigning privileges to resources, objects, and data. Each resource has an access control list (ACL) specifying what users can do.
execution control
The process of determining what additional software may be installed on a client or server beyond its baseline to prevent the use of unauthorized software.
CIA triad
The three basic principles of security control and management: confidentiality, integrity, and availability. Also known as the information security triad or triple.
CISO (Chief Information Security Officer)
Typically the job title of the person with overall responsibility for information assurance and systems security. Sometimes referred to as Chief Information Officer (CIO).