Cyb 3800 Security Plus Vocab Flashcards
(215 cards)
1
Q
Blockchain
A
An advanced database that allows information sharing within a buisness
2
Q
Cipher
A
A method of secret writing using substituion or transition of letters acoring to a key
3
Q
CVSS Review
A
The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity
4
Q
Discretionary Access Control (DAC)
A
The principal of restricting access to objects based off the identity of the subject.
5
Q
Enhanced open
A
Improved data. encryption on open wifi
6
Q
Footprinting
A
First step in penetration testing, scanning open ports and collecting information on the host.
7
Q
Hping
A
open source packet generator and analyzer
8
Q
ISO 27701
A
A framework for data privacy controls
9
Q
Mean Time Between Failures (MTBF)
A
A predicted elapsed time between failures.
10
Q
NIST
A
The National Insitute of Standards and Technology
11
Q
Pass-the-Hash Attack
A
An attacker captures a password hashthen passes through for authenification.
12
Q
Race Condition
A
condition of electronics, software, ect.
13
Q
SCADA
A
Supervisory Control and Data Accuisition
14
Q
SNMPV2c
A
Enhanced protocal packet types.
15
Q
Subject Alternate Name (SAN)
A
Lets you specify Additional host names
16
Q
Timeline
A
A graphic Representation of the passage of time.
17
Q
VM
A
Virtual Machine
18
Q
Annual Rate of Occurrence (ARO)
A
The Annual Rate of Occurrence (ARO) is a risk assessment concept used to estimate how often a specific risk event is expected to happen in a year.
19
Q
Bluetooth
A
Bluetooth is a wireless technology standard used for exchanging data between fixed and mobile devices over short distances using short-wavelength UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz.
20
Q
Correlation engine
A
A correlation engine is a sophisticated software tool or system component designed to analyze and correlate events and data from multiple sources in real-time or near-real-time.
21
Q
Data steward
A
A Data Steward is a role within organizations responsible for managing the company’s data assets to ensure they are accurately maintained, accessible, secure, and compliant with relevant standards and regulations.
22
Q
Domain Reputation
A
Domain reputation measures a domain’s trustworthiness, impacting email deliverability and search visibility. It’s influenced by email practices, security measures, and a history of abuse.
23
Q
Fail over solution
A
A failover solution is a backup operational mode in which the functions of a system automatically switch to a standby system when the primary system fails or is temporarily unavailable.
24
Q
Gamification
A
Gamification involves integrating game mechanics and dynamics into non-game environments, such as websites, learning platforms, and business processes, to motivate participation, engagement, and loyalty.
25
Identity and Access Management
Identity and Access Management (IAM) is a framework of policies and technologies for ensuring that the right individuals have access to the appropriate resources and information within an organization.
26
Kiting
Kiting is illegal and considered fraudulent because it misrepresents an individual's or entity's financial position and can lead to significant financial losses for banks or financial institutions involved.
27
Memorandum of Agreement (MOA)
A Memorandum of Agreement (MOA) is a formal document outlining an agreed-upon plan between two or more parties.
28
OAuth
OAuth (Open Authorization) is an open standard for access delegation commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.
29
Powershell Script
A PowerShell script is a file that contains a sequence of PowerShell commands, instructions, and expressions.
30
Risky Login Policy
A Risky Login Policy refers to a set of rules and procedures implemented by an organization to identify, evaluate, and respond to login attempts that appear unusual or suspicious, indicating a potential security threat.
31
SIEM
Security Information and Event Management (SIEM) is a technology that provides real-time analysis of security alerts generated by applications and network hardware.
32
SRTP
Secure Real-time Transport Protocol (SRTP) is a security protocol that provides encryption, message authentication, and integrity for voice and video data being transmitted over a network.
33
Tasting
Tasting, in the context of domain names, refers to the practice of registering a domain name to evaluate its potential for generating traffic and revenue, typically through advertising, without immediately committing to long-term registration.
34
traceroute
Traceroute is valuable for troubleshooting network issues, such as delays or failures in data reaching its destination, by identifying where along the path the problem occurs.
35
WinHex
WinHex is a versatile digital forensics tool, which serves as a hexadecimal editor for data recovery, low-level data processing, and IT security.
36
blockchaining
An advanced database mechanism that allows transparent information sharing within a business network.
37
compensating
Measures taken to address any weaknesses of existing controls or to compensate for the inability to meet specific security requirements due to various different constraints.
38
Data custodian
A person who has technical control over an information asset dataset.
39
DLP Systems
(Data Loss Prevention): A solution that detects and prevents data breaches.
40
Eradication
The phase of effective incident response that entails removing the threat and restoring affected systems to their previous state, ideally while minimizing data loss.
41
FTK Imager
(Forensic Toolkit): A data preview and imaging tool that creates copies of computer data without making changes to the original evidence.
42
Hping
A TCP/IP packet assembler and analyzer that works on most operating systems such as Mac, Windows, Linus, and Solaris.
43
IV Attacks
(Initialization vector): An attack on wireless networks that modifies the IV of an encrypted wireless packet during transmission.
44
Mean Time to Failure (MTTF)
Te average time between non-repairable failures of a technology product.
45
NIST CSF
(National Institute of Standards and Tecnology Cybersecurity Framework): A set of guidelines for mitigating organizational cybersecurity risks.
46
PCI DSS
(Payment Card Industry Data Security Standard): An information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.
47
RBAC
(Role-based Access Control): Restricts network access based on a person's role within an organization.
48
SCAP
(Security Content Automation Protocol): A method for using specific standards to enable automated vulnerability managemetns, measurement, and policy compliance evaluation.
49
SNMPV3
(Simple Network Management Protocol Version 3): Collects and organizes information about the devices it manages on the network.
50
Supplicant certificates
Provides authentication credentials to a secured network.
51
TLS- Transport layer security
Encrypts data that is sent over a network to ensure security.
52
VoIP
(Voice over internet Protocol): A form of communication that allows for phone calls to be made over a broadband internet connection instead of phone lines.
53
Annual Loss Expectancy (ALE)
The anticipated monetary loss that an organization expects to incur within a year due to security incidents or risks.
54
Bluesnarfing Attack
Unauthorized access and theft of data from a Bluetooth-enabled device, exploiting Bluetooth vulnerabilities to extract sensitive information without the user's consent.
55
Corrective-action report
Document detailing steps taken to address and resolve an identified problem or issue within an organization, including investigation, root cause analysis, and implementation of corrective measures.
56
Data Protection Officer (DPO)
Individual responsible for ensuring compliance with data protection laws within an organization.
57
Domain Hijacking
Unauthorized or illegal acquisition of control over a domain name, often achieved through unauthorized access to domain registrar accounts or manipulation of domain registration records.
58
Expected Frequency (EF)
The anticipated rate or likelihood of occurrence for a specific event or incident within a given timeframe.
59
Fuzzing
A software testing technique that involves inputting invalid, unexpected, or random data into a program to uncover bugs, vulnerabilities, or crashes.
60
IAC
IAC or infrastructure as code, is when infrastructure configuration is managed using code and automation tools rather than manual processes.
61
Key stretching
A cryptographic technique used to strengthen passwords or cryptographic keys by increasing their computational complexity.
62
memdump
The process of creating a snapshot or copy of a computer's volatile memory (RAM) at a specific point in time.
63
NXlog
A high-performance log management tool for collecting, processing, and forwarding log data from various sources to centralized log management systems or other destinations.
64
Port Scanning
A technique used to identify open ports and services on a computer or network by sending packets to a range of port numbers and analyzing the responses.
65
RFID
Radio Frequency Identification is a technology that uses electromagnetic fields to automatically identify and track tags attached to objects.
66
Short Message Service
A text messaging service that allows users to send and receive short text messages, typically limited to 160 characters per message.
67
SOX
The Sarbanes-Oxley Act, a U.S. federal law enacted in 2002 to improve corporate governance and financial reporting standards following accounting scandals.
68
Tabletop
A user interface concept where digital content, such as documents, photos, or applications, is arranged and manipulated on a virtual tabletop-like surface, allowing users to interact with the content in a more tactile and intuitive manner.
69
TPM
Trusted Platform Module is a dedicated hardware component that provides a secure cryptographic foundation for various security-related functions, such as encryption key generation and storage, secure boot, device authentication, and integrity measurement.
70
WI-FI
Wireless technology that enables devices to connect to a local network and access the internet without the need for physical cables.
71
Blackhole
A black hole refers to a place in the network where incoming or outgoing traffic is silently discarded without informing the source that the data did not reach its intended recipient.
72
CHAP
CHAP is a challenge and response authentication method that PPP servers use to verify the identity of a remote user.
73
CVE Review
This system provides a method for publicly sharing information on cybersecurity vulnerabilities.
74
Disassociation Attack
A type of DoS attach on a wireless network.
75
End of Service Life (EOSL)
Used to indicate the ending of services and updates for server, storage, and network equipment.
76
Fog Computing
Technology that extends cloud computing and services to the edge of an enterprises network.
77
HOTP
HMAC-based One-time password.
78
ISO
International standard for information security
79
Mantrap
Small room with an entry door on one wall and an exit door on the opposite wall.
80
Nikto
Command-line vulnerability scanner that scans web servers for dangerous files.
81
PAP
PPP authentication method that uses passwords to validate users.
82
Quantum computing
Uses specialized technology to solve complex problems that classical computers can't solve.
83
Sandboxing
Security mechanism for separating running programs.
84
Sn1per
Tool used during a penetration test to scan for vulnerabilities.
85
Stratum 1 time server
Acts as a primary network time standard.
86
theHarvester
Command-line tool in Linux that finds email accounts, subdomain names, virtual hosts, open ports, and employee names.
87
VDI
Virtual Desktop Interface
88
administrative
System administrators (sysadmins) are IT professionals who make sure an organization's computer systems are functioning and meet the needs of the organization. Sysadmins support, troubleshoot, and maintain computer servers and networks. Element which contains the computer administrative tools is called control panel.
89
Birthday Attack
an attack that occurs when someone exploits the mathematics behind the birthday problem in probability theory to launch a cryptographic attack.
90
Certificate Authority (CA)
certification authority (CA) is an entity that stores, signs, and issues digital certificates.
91
Cuckoo
Cuckoo is an open source automated malware analysis system.
92
DHCP
The Dynamic Host Configuration Protocol is a network management protocol used on Internet Protocol networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client?server architecture.
93
End of Life (EOL)
An end-of-life product is a product at the end of the product lifecycle which prevents users from receiving updates,
94
Firewall
A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.
95
HIPS
an approach to security that relies on third-party software tools to identify and prevent malicious activities
96
Internet Security and Acceleration (ISA)
server is an Internet connectivity solution that provides network address translation
97
Mandatory Access Control (MAC)
a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.
98
NFC
a set of short-range wireless technologies, typically requiring a distance of 4 cm or less to initiate a connection
99
OSSEC
s a free, open-source host-based intrusion detection system. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response
100
Python Script
A script is a Python file that's intended to be run directly. When you run it, it should do something.
101
Salt Hashing
random data fed as an additional input to a one-way function that hashes data, a password or passphrase
102
Skimming
is a fast and interactive way to quickly obtain payment card data and personal information from ATMs and checkout scanners.
103
STPM
sophware trusted platform module
104
technical
focuses on using technology to not only provide help in the case of cyber attacks, but also to defend against and prevent these attacks from occurring in the first place.
105
User Account Control (UAC)
s a Windows security feature designed to protect the operating system from unauthorized changes
106
Arp
Address Resulution Protocol Coverts IP address into MAC address
107
Bollard
Bollards refer to defensive tools and methods which protect digital networks from cyber threats, akin to their role of safeguarding physical premises.
108
CRL
Certificate Revocation List (CRL). A list of revoked public key certificates created and digitally signed by a certification authority. These are digitally signed ?blacklists? of revoked certificates.
109
Dd
A data dump refers to the process of extracting and copying a large amount of data from one system or database to another, typically for backup, analysis, or migration purposes.
110
Downgrade Attack
A downgrade attack, also called a bidding-down attack, or version rollback attack, is a form of cryptographic attack on a computer system or communications protocol that makes it abandon a high-quality mode of operation (e.g. an encrypted connection) in favor of an older, lower-quality mode of operation.
111
False acceptance rate
False Accept Rate (FAR) is a statistical measure used to determine the probability of a biometric security system allowing unauthorized user access.
112
Gateway
A Security Gateway, also called a Data Guard or Information Exchange Gateway, is a device that controls, validates, and filters the information exchange that takes place between different security domains.
113
Identity Provider
An identity provider (IdP) is a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users.
114
MAC Cloning
MAC Cloning is the act of changing or impersonating the MAC address of a network interface card to match the MAC address of an authorized device on the network.
115
Memorandum of Understanding (MOU)
A memorandum of understanding (MOU) is a formal agreement that outlines plans for a common line of action between two or more parties.
116
OCSP
The Online Certificate Status Protocol (OCSP) is an alternative to the certificate revocation list (CRL) and is used to check whether a digital certificate is valid or if it has been revoked.
117
preventative
Prevention focuses on taking proactive steps to minimize or eliminate potential vulnerabilities before they can be exploited by malicious actors.
118
Role-based Access Control (RBAC)
Role-based access control (RBAC), also known as role-based security, is a mechanism that restricts system access. It involves setting permissions and privileges to enable access to authorized users.
119
SIEM
Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.
120
SRTP
STRP stands for Secure Real-time Transport Protocol. An extension of Real-time Transport Protocol (RTP) that features enhanced security measures. The protocol provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic.
121
Tcpdump
tcpdump is a packet analyzer that is launched from the command line. It can be used to analyze network traffic by intercepting and displaying packets that are being created or received by the computer it's running on. It runs on Linux and most UNIX-type operating systems.
122
Tshark
TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file.
123
Phishing
Phishing is a type of online fraud that involves tricking people into providing sensitive information, such as passwords or credit card numbers, by masquerading as a trustworthy source.
124
Bluejacking
using an exploit in Bluetooth to steal information from someone else's phone/mobile device.
125
Containment
a stage in the incident response lifecycle. In this stage, the goal is to limit the scope and reach of the event. One approach in containment is to isolate infected systems.
126
Data owner
has the ultimate responsibility for maintaining the confidentiality, integrity, and availability of the information asset
127
DNS Poisoning
an attack compromises the process by which the client's query bane servers to locate IP address for FQDN (Fully Qualified Domain Name)
128
ESP- Encapsulation security payloader
provides confidentiality and/or authentication and integrity
129
Full-scale
exercises are action-based sessions that reflect real situations. These exercises are held onsite and use real equipment and real personnel as much as possible
130
HPKP
a method of trusting digital certificates to bypass the CA hierarchy and chain of trust and minimize MitM attacks
131
Kerberos
a strong authentication protocol, which utilizes service tickets, symmetric encryption, and mutual authentication
132
Measured boots
uses the trusted platform module (TPM) at each stage in the boot process to check hashes of key system state data, which then uses an attestation process to verify if the system has not been tampered with
133
Nmap
a commonly used open-source IP scanner for Windows, macOS, and Linux. It can scan for open ports and their associated services
134
PII
personal information that can identify an individual
135
Recovery Point Objective (RPO)
identifies a point in time that data loss is acceptable. In the event of a system failure, the company may lose some data
136
Session affinity
used in load balancing scenarios. Also known as source IP and is a layer 4 approach to handling user sessions
137
SNMPV4
designed with greater flexibility than previous versions
138
Surface Level Agreement (SLA)
a contractual agreement setting out detailed terms (including support metrics) for future provided services
139
Tokenization
a database de-identification method where all or part of data in a field is substituted with a randomly generated token
140
Vulnerability Scanners
gathers security readings from various systems, including client computers, to ensure they are secure
141
Address Resolution Protocol (ARP) Poisoning
Man in the middle attack that allows attackers to intercept communication between network devices. (Also called ARP Spoofing)
142
AH- authentication header
A protocol and part of the IPsec suite, authenticates the origin of IP packets and guarantees the integrity of the data.
143
Attribute-Based Access Control (ABAC)
A method of access control where access rights are granted to users based on attributes such as user roles, resource attributes, and environmental conditions.
144
Broadcast storm
A situation in a network where excessive broadcast messages overload the network, causing performance degradation or even network collapse.
145
CSA CCM
The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is a cybersecurity framework providing fundamental security principles to guide cloud vendors and customers in securing cloud environments.
146
detective
In cybersecurity, this refers to measures or technologies employed to identify and investigate security breaches or suspicious activities after they have occurred.
147
eDiscovery
The process of identifying, collecting, and producing electronically stored information (ESI) relevant to legal proceedings or investigations.
148
Fingerprinting
A technique used to identify devices, applications, or users by analyzing unique characteristics or patterns associated with them.
149
GLBA
The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law that requires financial institutions to protect the privacy and security of consumers' personal financial information.
150
Information Systems Security Manager (ISSM)
A person responsible for managing the security of an organization's information systems, including implementing security policies, procedures, and controls.
151
Macros Script
Small programs or scripts typically used to automate tasks within applications like Microsoft Office. However, they can also pose security risks if they contain malicious code.
152
Nessus
A popular vulnerability scanner used to identify security vulnerabilities in computer systems and networks.
153
OpenID
An open standard and decentralized authentication protocol that allows users to be authenticated by co-operating sites using a third-party service.
154
Privacy Threshold Assessment (PTA)
An assessment conducted to determine whether a system or project meets the privacy requirements and whether a full Privacy Impact Assessment (PIA) is necessary.
155
Saas
Software as a Service (SaaS) is a software distribution model where applications are hosted by a third-party provider and made available to customers over the internet.
156
Single Loss Expectancy (SLE)
A risk management metric that represents the expected financial loss from a single security incident.
157
State Actors
Government-sponsored entities or individuals engaged in cyber activities such as espionage, sabotage, or cyber warfare.
158
Tcpreplay
A tool used for replaying network traffic stored in pcap files back onto the network.
159
Unified communication
Integration of various communication tools and channels (such as voice, video, instant messaging, and email) into a single platform for improved collaboration and productivity.
160
wireshark
A widely-used network protocol analyzer for capturing and analyzing network traffic in real-time.
161
Bluesnarfing
The unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs.
162
corrective
This control enters the picture after an incident has happened. They exist to minimize damage, facilitate recovery, and repair weaknesses so a similar attack doesn't happen again.
163
Data processor
A data processor is a natural person, agency, public authority, or any other body that holds personal data on behalf of a controller.
164
Dnsenum
Dnsenum is a multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks. The main purpose of Dnsenum is to gather as much information as possible about a domain.
165
Evil Twin Attack
An evil twin attack takes place when an attacker sets up a fake Wi-Fi access point hoping that users will connect to it instead of a legitimate one. When users connect to this access point, all the data they share with the network passes through a server controlled by the attacker.
166
Functional
Controls classified by function include preventative, detective, and corrective.
167
Iaas
Infrastructure as a Service, is a cloud computing model that provides on-demand access to computing resources such as servers, storage, networking, and virtualization.
168
Kerberos
Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Kerberos support is built in to all major computer operating systems, including Microsoft Windows, Apple macOS, FreeBSD and Linux.
169
Memdump
A Kali Linux program which dumps system memory to the standard output stream, skipping over holes in memory maps. By default, the program dumps the contents of physical memory.
170
Non-Disclosure Agreement (NDA)
Legally enforceable agreements between parties that are used to ensure that certain information will remain confidential. Once an individual signs an NDA, they cannot discuss any information protected by the agreement with any non-authorized party.
171
Plaintext
Plaintext is what encryption algorithms, or ciphers, transform an encrypted message into. It is any readable data ? including binary files ? in a form that can be seen or utilized without the need for a decryption key or decryption device.
172
Recovery Time Objective (RTO)
The recovery time objective (RTO) is the maximum tolerable length of time that a computer, system, network or application can be down after a failure or disaster occurs.
173
Shadow IT
Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It can encompass cloud services, software, and hardware.
174
SOAR
Security orchestration, automation, and response. SOAR seeks to alleviate the strain on IT teams by incorporating automated responses to a variety of events. A SOAR system can also be programmed to custom-fit an organization's needs.
175
System administrator
This role responsible for setting up and maintaining a system or specific components of a system.
176
TOTP
Time-based One-Time Passwords is a common form of two-factor authentication (2FA). Unique numeric passwords are generated with a standardized algorithm that uses the current time as an input.
177
Walkthrough
A detailed set of instructions on how to do something.
178
Airgapping
A network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecurred networks
179
Term
Definition
180
After-action Report
a detailed analysis performed following a cyber security incident that provides insights into how the event was handled
181
Asymmetric algorithms
one key is used to encipher the data, and a different but corresponding key is used to decipher the data
182
BPDV guard
a security feature found in multiple networking devices.
183
Cryptographic hash
a mathematical function used in cryptography.
184
Deauthentication Attack
type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.
185
ECDHE
Elliptic-curve Diffie?Hellman (ECDH)
186
FDE- Full disk encryption
is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive.
187
GDPR
The General Data Protection Regulation is a European Union regulation on information privacy in the European Union and the European Economic Area
188
IDS
An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations.
189
MAC Flooding
In computer networking, a media access control attack or MAC flooding is a technique employed to compromise the security of network switches
190
metaploit
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.
191
On-Path Attack
place themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two.
192
Privacy Impact Assessment (PIA)
A privacy impact assessment (PIA) is a systematic assessment of a project that identifies potential privacy impacts and recommendations to manage, minimise or eliminate them.
193
Runbook
A runbook is a comprehensive, step-by-step guide that outlines the tasks and their dependencies that are required to manage and operate technology infrastructure, applications, and services in a data center or cloud environment.
194
SIEM
Security information and event management
195
SSAE
Statement on Standards for Attestation Engagements
196
tcpdump
It can be used to analyze network traffic by intercepting and displaying packets that are being created or received by the computer it's running on.
197
Typosquatting
Typosquatting is a form of cybercrime that involves hackers registering domains with deliberately misspelled names of well-known websites.
198
Wireshark
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.
199
Bash Script
A sequence of commands written in a file that can be executed in the Linux shell.
200
Business Partners Agreement (BPA)
A legally binding document that outlines roles and responsibilities between business partners.
201
CSR
A business model that promotes social and environmental accountability.
202
deterrent
Something that discourages or prevents certain actions.
203
eDiscovery
The process of identifying, collecting, and preserving electronic information for legal purposes.
204
Firewall
A security system that controls network traffic and protects against unauthorized access.
205
Hardening a server
Strengthening a server?s security by configuring it to minimize vulnerabilities.
206
Intelligence Fusion
Combining and analyzing data from various sources to create actionable intelligence.
207
managerial
Related to management or administrative tasks.
208
Nexpose
A vulnerability management tool used to identify security risks in networks.
209
Operational Technology Attack
Targeting industrial control systems or infrastructure.
210
PSK
A shared secret used for authentication in secure communication.
211
SAE
A key exchange protocol used in wireless networks.
212
Sinkhole
Redirecting network traffic to a controlled server for analysis or security purposes.
213
Steganography
Concealing information within other files or data.
214
tcpreplay
A tool for replaying network traffic from packet capture files.
215
URL Redirection
An open-source security tool for finding vulnerabilities in web applications.
