CTC Academy Security+ Acronyms
MDM mobile device management
Software suites designed to manage use of smartphones and tablets within an enterprise.
IRP Incident Response Plan
Specific procedures that must be performed if a certain type of event is detected or reported.
OAuth Open Authorization
Standard for federated identity management, allowing resource servers or consumer sites to work with user accounts created and managed on a separate identity provider.
3DES Triple DES
Symmetric encryption algorithm; encrypts data by processing each block of data three times using differnt DES keys each time
FDE Full Disk Encryption
Systems which encrypt everything stored on the drive (the operating system, application programs, data, temporary files, and so forth) automatically without any user interaction.
MTTR mean time to repair
The average amount of time required to repair a device or restore a service.
SQLi Structured Query Language injection
Web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.
WAF Web Application Firewall
A firewall specifically designed to protect a web application, such as a web server. A WAF inspects the contents of traffic to a web server, can detect malicious content, and block it.
GPG GNU Privacy Guard
A free, open-source version of PGP that provides equivalent encryption and authentication services.
IRT Incident Response Team
A group of experts that respond to security incidents. Also known as CERT, CIRT, or SIRT.
DLP Data Loss Prevention
A group of technologies used to prevent data loss. They can block the use of USB devices, monitor outgoing email to detect and block unauthorized data transfers, and monitor data stored in the cloud.
VM Virtual Machine
A guest operating system on a system using virtualization. The host system runs hypervisor software and can manage one or more VMs at a time.
PGP Pretty Good Privacy
A key-based encryption system for e-mail that uses a two-step verification process.
CRL Certificate Revocation List
A list of certificates that were revoked before their expiration date.
ACL Access Control List
A list of statements used by a router to permit or deny the forwarding of traffic on a network based on one or more criteria.
TAXII Trusted Automated eXchange of Indicator Information
How cyber threat can be shared.
BIA Business Impact Analysis
Identifies critical business or mission requirements and includes elements such as Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs), but it doesn't identify solutions.
OWASP Open Web Application Security Project
Improved security of web apps and services. They have a popular "Top Ten" list of web flaws and how to fix them. Injection flaws are the #1 web-app problem. Community driven. Software based. Discuss WebGoat!
SaaS Software as a Service
Services for delivering and providing access to software remotely as a web-based service
XTACACS - Extended Terminal Access Controller Access-Control System
Separates the Authentication, Authorization, and Accounting.
MOU memorandum of understanding
. Understanding third parties responsibility.
PaaS Platform as a Service
Cloud-based virtual server(s). These virtualized platforms give programmers tools needed to deploy, administer, and maintain a Web application.
TACACS+ TACACS Plus
A Cisco proprietary product that uses TCP port 49, supports multi factor authentication and is considered more secure and scalable than RADIUS.
PFS Perfect Forward Secrecy
A characteristic of session encryption that ensures if a key used during a certain session is compromised, it should not affect data previously encrypted by that key
TPM Trusted Platform Module
A chip on a motherboard that holds an encryption key required at startup to access encrypted data on the hard drive. Windows BitLocker Encryption can use the TPM chip.
LDAP Lightweight Directory Access Protocol
A communications protocol that defines how a client can access information, perform operations, and share directory data on a server.
SMTP Simple Mail Transfer Protocol
A communications protocol that enables sending email from a client to a server or between servers.
SPOF Single Point of Failure
A component or system that would cause a complete interruption of a service if it failed.
UDP User Datagram Protocol
A connectionless Transport-layer protocol that is one of the protocols in the Internet protocol suite, and is used with IP. It is also known as the Universal Datagram Protocol.
NIDS network-based intrusion detection system
A device that detects attacks and raises alerts. A NIDS is installed on network devices, such as routers or firewalls, and monitors network traffic.
CVE Common Vulnerabilities and Exposures
A dictionary of publicly known security vulnerabilities and exposures.
RAID redundant array of independent disks
A method of storing data on two or more hard drives that work together
IaaS Infrastructure as a Service
A method that provides network resources such as for storage and allow the client can deploy software and add network components such as firewalls.
IPS Intrusion Prevention System
A network device that continually scans the network, looking for inappropriate activity.
MD5 - Message Digest 5
A one-way hashing algorithm that produces a 128-bit hash.
HIDS host-based intrusion detection system
A passive IDS used to monitor an individual server or workstation. Protects local resources on the host such as the operating system files.
SFTP Secure File Transfer Protocol
A protocol available with the proprietary version of SSH that copies files between hosts securely. Like FTP, SFTP first establishes a connection with a host and then allows a remote user to browse directories, list files, and copy files. Unlike FTP, SFTP encrypts data before transmitting it.
OCSP Online Certificate Status Protocol
A protocol that performs a real-time lookup of a certificate's status.
SCP Secure Copy Protocol
A protocol that uses SSH to securely copy files between a local and a remote host, or between two remote hosts.
IaC Infrastructure as Code
A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration.
UTM Unified Threat Management
A security appliance that combined multiple security controls into a single solution. UTM appliances can inspect data streams for malicious content and often include URL filtering, malware inspection, and content inspection components.
TACACS Terminal Access Controller Access Control System
A security protocol that provides centralized validation of users who are attempting to gain access to a router or NAS.
CA Certificate Authority
A server that can issue digital certificates and the associated public/private key pairs.
DES Data Encryption Standard
A shared-key encryption algorithm that uses a 56-bit encryption key to encode data in 64-bit blocks.
EDR endpoint detection and response
A software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats
CASB Cloud Access Security Broker
A software tool or service that enforces cloud-based security requirements. It is placed between the organization's resources and the cloud, monitors all network traffic, and can enforce security policies.
CSR Certificate Signing Request
A specially formatted encrypted message that validates the information the CA requires to issue a digital certificate.
STIX Structured Threat Information eXpression
A structured language for cyber threat intelligence. The "what"
SHA1 Secure Hash Algorithm 1
A successor to MD5, developed by the National Security Agency (NSA).
DNSSEC Domain Name System Security Extensions
A suite of extensions to DNS used to protect the integrity of DNS records and prevent some DNS attacks.
IDS Intrusion Detection System
A system designed to monitor traffic and detect attacks.
NAC Network Access Control
A term that refers to collected protocols, policies, and hardware that govern access on devices to and from a network.
DRP Disaster Recovery Plan
A written document that details the process for restoring IT resources following an event that causes a significant disruption in service.
NIPS network-based intrusion prevention system
Actively inspects network traffic in real-time and has the capability to stop the ongoing attack. Also detects malicious content.
AUP Acceptable Use Policy.
Agree to expected behavior
SNMP Simple Network Management Protocol
An Application-layer protocol used to exchange information between network devices.
SAML Security Assertion Markup Language
An XML-based standard used to exchange authentication and authorization information between different parties. SAML provides 550 for web based applications.
NIST National Institute of Standards and Technology
An agency of the U.S. Department of Commerce. NIST's mission us to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.
SLA Service Level Agreement
An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels.
SWG secure web gateway
An appliance or proxy server that mediates client connections with the Internet by filtering spam and malware and enforcing access restrictions on types of sites visited, time spent, and bandwidth consumed.
ECC Elliptic Curve Cryptography
An asymmetric encryption algorithm commonly used with smaller wireless devices. It uses smaller key sizes and requires less processing power than many other encryption methods.
DDoS Distributed Denial of Service
An attack on a computer or network device in which multiple computers send data and requests to the device in an attempt to overwhelm it so that it cannot perform normal operations.
RA Registration Authority
An authority in a PKI that processes requests for digital certificates from users.
AES Advanced Encryption Standard
An encryption standard used by WPA2 and is currently the strongest encryption standard used by Wi-Fi.
PKI Public Key Infrastructure
An encryption system that is composed of a CA, certificates, software, services, and other cryptographic components, for the purpose of verifying authenticity and enabling validation of data and entities.
FTPS File Transfer Protocol Secure
An extension of FTP that uses SSL or TLS encrypt FTP traffic. Some implementations of FTPS use ports 989 and 990
C&C command and control
An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets. Also known as C2.
RC4 Rivest Cipher 4
An insecure encryption cipher that is still widely used.
Private Certificate Authority
An internal digital certificate management system.
SSO Single Sign-On
Authentication method where users can access multiple resources on a network using a single account.
FAR false acceptance rate
Biometric assessment metric that measures the number of unauthorized users who are mistakenly allowed access.
NGFW Next Generation Firewall
Can examine application data to filter traffic Sometimes called application layer firewall - can operate at virtually any OSI layer
NDA Non-disclosure agreement.
Ensures that third parties understand their responsibilities. It is commonly embedded as a clause in a contract with the third party. Most NDAs prohibit sharing data unless you are the data owner.
MAM mobile application management
Enterprise management function that enables control over apps and storage for mobile devices and other endpoints.
UEM unified endpoint management
Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices.
ISO IEC
International Standards Organization (ISO) / International Electrotechnical Commission (IEC).
OpenID Connect OIDC
Is a type of Identity Provider which uses Oauth
SIAM Service Integration and Management
Manages multiple cloud apps and keeps data up to date, and combines all CSP's in one location.
RSA Rivest-Shamir-Adleman Encryption
Most common internet encryption and authentication system. The system used an algorithm that involves multiplying two large prime numbers to generate a public key, used to encrypt data and decrypt an authentication, and a private key, used to decrypt the data and encrypt an authentication.
SOC
Security Operations Center.
RADIUS Remote Authentication Dial-In User Service
Networking protocol that provides centralized authentication authorization, and accounting management for users who connect and use a network service.
CVSS Common Vulnerability Scoring System
Open protocol for scoring new vulnerabilities
S/MIME Secure/Multipurpose Internet Mail Extensions
Public key encryption and signing of MIME data.
HIPS host-based intrusion prevention system
Runs on a single computer and intercepts potential threats to help prevent attacks against that host.
RPO Recovery Point Objective
The maximum acceptable period in which data might be lost from a major incident
RTO - Recovery Time Objective
The maximum amount of time that a process or service is allowed to be down and the consequences still to be considered acceptable.
CER Crossover Error Rate
The point where the false acceptance rate (FAR) crosses over with the false rejection rate (FRR). A lower ___ indicates a more accurate biometric system.
MTBF Mean Time Between Failures
The predicted time between inherent failures of a system.
Shimming
The process of developing and implementing additional code between an application and the operating system to enable functionality that would otherwise be unavailable.
FRR false rejection rate
The rate at which we reject legitimate users when we should have accepted them
MSSP Managed Security Service Provider
Third-party provision of security configuration and monitoring as an outsourced service.
MITRE ATT&CK
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations
QoS Quality of Service
a mechanism to manage the flow of traffic based on different requirements to ensure reliable delivery of each type of traffic.
GDPR General Data Protection Regulation
a regulation in EU law on data protection and privacy that was implemented in May 2018.
FTP File Transfer Protocol
an internet standard that permits file uploading and downloading to and from other computers on the internet
MSP Managed Service Provider
an outsourced third-party company that manages and assumes the responsibility of a defined set of day-to-day management services to its customers. most cuts cost and charge a flat monthly fee. Supported by SLA.
DoS Denial of Service
attack that attempts to consume network resources so that the network or its devices cannot respond to legitimate requests
PCI DSS Payment Card Industry Data Security Standard
credit card, prevent identity theft
OSINT Open Source Intelligence
information of potential intelligence value that is available to the general public
TCP Transmission Control Protocol
provides reliable, ordered, and error-checked delivery of a stream of packets on the internet. TCP is tightly linked with IP and usually seen as TCP/IP in writing.