CTC Academy Security+ Acronyms

MDM mobile device management

Software suites designed to manage use of smartphones and tablets within an enterprise.

IRP Incident Response Plan

Specific procedures that must be performed if a certain type of event is detected or reported.

OAuth Open Authorization

Standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider.

3DES Triple DES

Symmetric encryption algorithm; encrypts data by processing each block of data three times using differnt DES keys each time

FDE Full Disk Encryption

Systems which encrypt everything stored on the drive (the operating system, application programs, data, temporary files, and so forth) automatically without any user interaction.

MTTR mean time to repair

The average amount of time required to repair a device or restore a service.

SQLi Structured Query Language injection

Web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

WAF Web Application Firewall

A firewall specifically designed to protect a web application, such as a web server. A WAF inspects the contents of traffic to a web server, can detect malicious content, and block it.

GPG GNU Privacy Guard

A free, open-source version of PGP that provides equivalent encryption and authentication services.

IRT Incident Response Team

A group of experts that respond to security incidents. Also known as CERT, CIRT, or SIRT.

DLP Data Loss Prevention

A group of technologies used to prevent data loss. They can block the use of USB devices, monitor outgoing email to detect and block unauthorized data transfers, and monitor data stored in the cloud.

VM Virtual Machine

A guest operating system on a system using virtualization. The host system runs hypervisor software and can manage one or more VMs at a time.

PGP Pretty Good Privacy

A key-based encryption system for e-mail that uses a two-step verification process.

CRL Certificate Revocation List

A list of certificates that were revoked before their expiration date.

ACL Access Control List

A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.

TAXII Trusted Automated eXchange of Indicator Information

How cyber threat can be shared.

BIA Business Impact Analysis

Identifies critical business or mission requirements and includes elements such as Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), but it doesn't identify solutions.

OWASP Open Web Application Security Project

Improved security of web apps and services. They have a popular "Top Ten" list of web flaws and how to fix them. Injection flaws are the #1 web-app problem. Community driven. Software based. Discuss WebGoat!

SaaS Software as a Service

Services for delivering and providing access to software remotely as a web-based service

XTACACS - Extended Terminal Access Controller Access-Control System

Separates the Authentication, Authorization, and Accounting.

MOU memorandum of understanding

. Understanding third parties responsibility.

PaaS Platform as a Service

Cloud-based virtual server(s). These virtualized platforms give programmers tools needed to deploy, administer, and maintain a Web application.

TACACS+ TACACS Plus

A Cisco proprietary product that uses TCP port 49, supports multi factor authentication and is considered more secure and scalable than RADIUS.

PFS Perfect Forward Secrecy

A characteristic of session encryption that ensures if a key used during a certain session is compromised, it should not affect data previously encrypted by that key

TPM Trusted Platform Module

A chip on a motherboard that holds an encryption key required at startup to access encrypted data on the hard drive. Windows BitLocker Encryption can use the TPM chip.

LDAP Lightweight Directory Access Protocol

A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.

SMTP Simple Mail Transfer Protocol

A communications protocol that enables sending email from a client to a server or between servers.

SPOF Single Point of Failure

A component or system that would cause a complete interruption of a service if it failed.

UDP User Datagram Protocol

A connectionless Transport-layer protocol that is one of the protocols in the Internet protocol suite, and is used with IP. It is also known as the Universal Datagram Protocol.

NIDS network-based intrusion detection system

A device that detects attacks and raises alerts. A NIDS is installed on network devices, such as routers or firewalls, and monitors network traffic.

CVE Common Vulnerabilities and Exposures

A dictionary of publicly known security vulnerabilities and exposures.

RAID redundant array of independent disks

A method of storing data on two or more hard drives that work together

IaaS Infrastructure as a Service

A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.

IPS Intrusion Prevention System

A network device that continually scans the network, looking for inappropriate activity.

MD5 - Message Digest 5

A one-way hashing algorithm that produces a 128-bit hash.

HIDS host-based intrusion detection system

A passive IDS used to monitor an individual server or workstation. Protects local resources on the host such as the operating system files.

SFTP Secure File Transfer Protocol

A protocol available with the proprietary version of SSH that copies files between hosts securely. Like FTP, SFTP first establishes a connection with a host and then allows a remote user to browse directories, list files, and copy files. Unlike FTP, SFTP encrypts data before transmitting it.

OCSP Online Certificate Status Protocol

A protocol that performs a real-time lookup of a certificate's status.

SCP Secure Copy Protocol

A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.

IaC Infrastructure as Code

A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.

UTM Unified Threat Management

A security appliance that combined multiple security controls into a single solution. UTM appliances can inspect data streams for malicious content and often include URL filtering, malware inspection, and content inspection components.

TACACS Terminal Access Controller Access Control System

A security protocol that provides centralized validation of users who are attempting to gain access to a router or NAS.

CA Certificate Authority

A server that can issue digital certificates and the associated public/private key pairs.

DES Data Encryption Standard

A shared-key encryption algorithm that uses a 56-bit encryption key to encode data in 64-bit blocks.

EDR endpoint detection and response

A software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats

CASB Cloud Access Security Broker

A software tool or service that enforces cloud-based security requirements. It is placed between the organization's resources and the cloud, monitors all network traffic, and can enforce security policies.

CSR Certificate Signing Request

A specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.

STIX Structured Threat Information eXpression

A structured language for cyber threat intelligence. The "what"

SHA1 Secure Hash Algorithm 1

A successor to MD5, developed by the National Security Agency (NSA).

DNSSEC Domain Name System Security Extensions

A suite of extensions to DNS used to protect the integrity of DNS records and prevent some DNS attacks.

IDS Intrusion Detection System

A system designed to monitor traffic and detect attacks.

NAC Network Access Control

A term that refers to collected protocols, policies, and hardware that govern access on devices to and from a network.

DRP Disaster Recovery Plan

A written document that details the process for restoring IT resources following an event that causes a significant disruption in service.

NIPS network-based intrusion prevention system

Actively inspects network traffic in real-time and has the capability to stop the ongoing attack. Also detects malicious content.

AUP Acceptable Use Policy.

Agree to expected behavior

SNMP Simple Network Management Protocol

An Application-layer protocol used to exchange information between network devices.

SAML Security Assertion Markup Language

An XML-based standard used to exchange authentication and authorization information between different parties. SAML provides 550 for web based applications.

NIST National Institute of Standards and Technology

An agency of the U.S. Department of Commerce. NIST's mission us to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

SLA Service Level Agreement

An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.

SWG secure web gateway

An appliance or proxy server that mediates client connections with the Internet by filtering spam and malware and enforcing access restrictions on types of sites visited, time spent, and bandwidth consumed.

ECC Elliptic Curve Cryptography

An asymmetric encryption algorithm commonly used with smaller wireless devices. It uses smaller key sizes and requires less processing power than many other encryption methods.

DDoS Distributed Denial of Service

An attack on a computer or network device in which multiple computers send data and requests to the device in an attempt to overwhelm it so that it cannot perform normal operations.

RA Registration Authority

An authority in a PKI that processes requests for digital certificates from users.

AES Advanced Encryption Standard

An encryption standard used by WPA2 and is currently the strongest encryption standard used by Wi-Fi.

PKI Public Key Infrastructure

An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.

FTPS File Transfer Protocol Secure

An extension of FTP that uses SSL or TLS encrypt FTP traffic. Some implementations of FTPS use ports 989 and 990

C&C command and control

An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets. Also known as C2.

RC4 Rivest Cipher 4

An insecure encryption cipher that is still widely used.

Private Certificate Authority

An internal digital certificate management system.

SSO Single Sign-On

Authentication method where users can access multiple resources on a network using a single account.

FAR false acceptance rate

Biometric assessment metric that measures the number of unauthorized users who are mistakenly allowed access.

NGFW Next Generation Firewall

Can examine application data to filter traffic Sometimes called application layer firewall - can operate at virtually any OSI layer

NDA Non-disclosure agreement.

Ensures that third parties understand their responsibilities. It is commonly embedded as a clause in a contract with the third party. Most NDAs prohibit sharing data unless you are the data owner.

MAM mobile application management

Enterprise management function that enables control over apps and storage for mobile devices and other endpoints.

UEM unified endpoint management

Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices.

ISO IEC

International Standards Organization (ISO) / International Electrotechnical Commission (IEC).

OpenID Connect OIDC

Is a type of Identity Provider which uses Oauth

SIAM Service Integration and Management

Manages multiple cloud apps and keeps data up to date, and combines all CSP's in one location.

RSA Rivest-Shamir-Adleman Encryption

Most common internet encryption and authentication system. The system used an algorithm that involves multiplying two large prime numbers to generate a public key, used to encrypt data and decrypt an authentication, and a private key, used to decrypt the data and encrypt an authentication.

SOC

Security Operations Center.

RADIUS Remote Authentication Dial-In User Service

Networking protocol that provides centralized authentication authorization, and accounting management for users who connect and use a network service.

CVSS Common Vulnerability Scoring System

Open protocol for scoring new vulnerabilities

S/MIME Secure/Multipurpose Internet Mail Extensions

Public key encryption and signing of MIME data.

HIPS host-based intrusion prevention system

Runs on a single computer and intercepts potential threats to help prevent attacks against that host.

RPO Recovery Point Objective

The maximum acceptable period in which data might be lost from a major incident

RTO - Recovery Time Objective

The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable.

CER Crossover Error Rate

The point where the false acceptance rate (FAR) crosses over with the false rejection rate (FRR). A lower ___ indicates a more accurate biometric system.

MTBF Mean Time Between Failures

The predicted time between inherent failures of a system.

Shimming

The process of developing and implementing additional code between an application and the operating system to enable functionality that would otherwise be unavailable.

FRR false rejection rate

The rate at which we reject legitimate users when we should have accepted them

MSSP Managed Security Service Provider

Third-party provision of security configuration and monitoring as an outsourced service.

MITRE ATT&CK

a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations

QoS Quality of Service

a mechanism to manage the flow of traffic based on different requirements to ensure reliable delivery of each type of traffic.

GDPR General Data Protection Regulation

a regulation in EU law on data protection and privacy that was implemented in May 2018.

FTP File Transfer Protocol

an internet standard that permits file uploading and downloading to and from other computers on the internet

MSP Managed Service Provider

an outsourced third-party company that manages and assumes the responsibility of a defined set of day-to-day management services to its customers. most cuts cost and charge a flat monthly fee. Supported by SLA.

DoS Denial of Service

attack that attempts to consume network resources so that the network or its devices cannot respond to legitimate requests

PCI DSS Payment Card Industry Data Security Standard

credit card, prevent identity theft

OSINT Open Source Intelligence

information of potential intelligence value that is available to the general public

TCP Transmission Control Protocol

provides reliable, ordered, and error-checked delivery of a stream of packets on the internet. TCP is tightly linked with IP and usually seen as TCP/IP in writing.