Glossary Terms Flashcards
(421 cards)
1
Q
Cybersecurity (or Security)
A
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorized access or criminal exploitation
2
Q
Cloud security
A
The process of ensuring the assets stored in the cloud are properly configured, and access to those assets, is limited by authorized users
3
Q
Internal threat
A
A current, or former employee, external vendor, or trusted partner, who poses our security risk
4
Q
Network security
A
The practice of keeping in organizations network infrastructure secure from unauthorized access
5
Q
Personally, identifiable information (PII)
A
Any information used to infer an individuals identity. includes: someone’s full name, date of birth, physical address, phone number, email address, Internet, protocol, IP address, and similar information 
6
Q
Sensitive personally identifiable information (SPII)
A
A specific type of PII that falls under stricter handling guidelines. May include: Social Security numbers, medical, our financial information, and biometric data, such as facial recognition.
7
Q
Technical skills
A
Skills that require knowledge of specific tools, procedures, and policies. Which include: programming, languages, secure, information, and event management (SIEM) tools, intrusion detection systems (IDSs), threat, landscape, knowledge, incident response.
8
Q
Threat
A
Any circumstance, or event that can negatively impact assets
9
Q
Threat actor
A
Any person or group represents a security risk
10
Q
Transferable skills
A
Skills from other areas that can apply to different careers. Which includes: communication, collaboration, analysis, problem-solving.
11
Q
Absolute file path
A
The full file path, which starts from the root
12
Q
Access controls
A
Security controls that manage access, authorization, and accountability of information
13
Q
Active packet sniffing
A
A type of attack where data packets are manipulated in transit
14
Q
Address resolution protocol (ARP)
A
Network protocol used to determine the MAC ADDRESS OF THE NEXT ROUTER OR DEVICE TO TRAVERSE
15
Q
Advanced persistent threat (APT)
A
An instance where a threat actor maintains unauthorized access to a system for an extended period of time
16
Q
Adversarial artificial intelligence (AI)
A
A technique that manipulates artificial intelligence (AI) and machine learning (ML) technology to conduct attacks more efficiently
17
Q
Adware
A
A type of legitimate software that is sometimes used to display digital advertisements in applications
18
Q
Algorithm
A
A set of rules to solve a problem
19
Q
Analysis
A
The investigation and validation of alerts
20
Q
Angler phishing
A
A technique where attackers impersonate customer service representatives on social media 
21
Q
Anomaly-based analysis
A
Detection method that identifies abnormal behavior
22
Q
Antivirus software
A
A software program used to prevent, detect, and illuminate malware and viruses
23
Q
Application
A
A program that performs a specific task
24
Q
Application programming interface (API) token
A
A small block of encrypted code that contains information about a user
25
Argument (Linux)
Specific information needed by a command
26
Argument (python)
The data brought into a function when it is called
27
Array
Data type that stores data in a comma-separated ordered list
28
Assess
The fifth step of the NIST RMF that means to determine if established controls are implemented correctly
29
Asset
An item perceived as having value to an organization
30
Asset classification
The practice of labeling assets based on sensitivity and importance to an organization
31
Asset inventory
A catalog of assets that need to be protected
32
Asset management
The process of tracking assets and the risks that affect them
33
Asymmetric encryption
The use of a public and private key pair for encryption and decryption of data
34
Attack surface
All the potential vulnerabilities that a threat actor could exploit
35
Attack tree
A diagram that maps threats to assets
36
Attack vectors
The pathways attackers used to penetrate security defenses
37
Authentication
The process of verifying who someone is
38
Authorization
The concept of granting access to specific resources in a system
39
Authorize
The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that might exist in an organization
40
Automation
The use of technology, to reduce human and manual effort to perform common and repetitive tasks
41
Availability
The idea that data is accessible to those who are authorized to access it
42
Baiting
A social engineering tactic that tempts people into compromising their security
43
Bandwidth
The amount of data a device receives every second
44
Baseline configuration (baseline image)
A documented set of specifications within a system that is used as a basis for future builds, releases, and updates
45
Bash
The default shell in most Linux distributions
46
Basic auth
The technology used to establish a users request to access a server
47
Basic input/output system (BIOS)
A microchip that contains loading instructions for the computer and is prevalent in older systems
48
Bootloader
A software program that boots the operating system
49
Biometrics
The unique physical characteristics that can be used to verify a persons identity
50
Boolean data
Data that can only be one of two values: either true or false
51
Botnet
A collection of computers infected by malware that are under the control of a single threat actor, known as a “bot-herder”
52
Bracket notation
The indices placed in square brackets
53
Broken chain of custody
Inconsistencies in the collection of logging of evidence in the chain of custody
54
Brute force attack
The trial and error process of discovering private information
55
Bug bounty
Programs that encourage freelance hackers to find and report vulnerabilities
56
Built-in function
A function that exists within python and can be called directly
57
Business email compromise (BEC)
A type of phishing attack where a threat actor impersonates a known source to obtain financial advantage
58
Business continuity
An organizations ability to maintain their every day productivity by establishing risk disaster. Recovery plans.
59
Business continuity plan (BCP)
A document that outlines the procedures to sustain business operations during and after a significant disruption
60
Categorize
The second step of the NIST RMF that is used to develop risk management processes and tasks
61
CentOS
An open-source distribution that is closely related to red hat
62
Central processing unit (CPU)
A computers, main processor, which is used to perform general computing tasks on a computer
63
Chain of custody
The process of documenting evidence, possession and control during an incident lifecycle
64
Chronicle
A cloud-native tool, design to retain, analyze, and search data
65
Cipher
An algorithm that encrypts information
66
Cloud-based firewalls
Software firewalls that are hosted by the cloud service provider
67
Cloud computing
The practice of using remote servers, applications, and network services that are hosted on the Internet instead of on local physical devices
68
Cloud Network
A collection of servers or computers that stores resources, and data in remote data centers that can be access via the Internet
69
Command
And instruction telling the computer to do something
70
Command and control (C2)
The techniques used by malicious actors to maintain communications with compromised systems
71
Command-line interface (CLI)
A text-based user interface that uses commands to interact with the computer
72
Comment
A note programmers make about the intention behind their code
73
Common event format (CEF)
A log format that uses key-value pairs to instruct data and identify fields and their corresponding values
74
Common vulnerabilities and exposures (CVE) list
An openly accessible dictionary of known vulnerabilities and exposures
75
Common vulnerability scoring system (CVSS)
A measurement system that scores the severity of a vulnerability
76
Compliance
The process of adhering to internal standards and external regulations
77
Computer security incident response teams (CSIRT)
A specialized group of security professionals that are trained in incident management and response
78
Computer virus
Malicious code written to interfere with computer operations, and cause damage to data and software
79
Conditional statement
A statement that evaluates code to determine if it needs a specified set of conditions
80
Confidentiality
The idea that only authorized users can access specific assets or data
81
Confidentiality, integrity, availability (CIA) Triad
A model that helps inform how organizations consider risk when setting up systems and security policies
82
Configuration file
A file used to configure the settings of an application
83
Containment
The act of limiting and preventing additional damage caused by an incident
84
Controlled zone
A subnet that protects the internal network from the uncontrolled zone
85
Cross-site scripting (XSS)
An injection attack that inserts code into a vulnerable website or web application
86
Crowdsourcing
The practice of gathering, information, music, public input, and collaboration
87
Cryptographic attack
An attack that affects secure forms of communication between a center and intended recipient
88
Cryptographic key
A mechanism that decrypts ciphertext
89
Cryptography
A process of transforming information into a form that unintended readers can’t understand
90
Cryptojacking
A form of malware that installs software to illegally mine crypto currencies
91
CVE numbering authority (CNA)
An organization, that volunteers to analyze and distribute information on eligible CVEs
92
Data
Information that is translated, processed, or stored by a computer
93
Data at rest
Data not currently being accessed
94
Data custodian
Anyone or anything that’s responsible for the safe handling, transport, and storage of information
95
Data exfiltration
Unauthorized transmission of data from a system
96
Data in transit
Data traveling from one point to another
97
Data in use
Data being accessed by one or more users
98
Data owner
The person who decides who can access, edit, use, or destroy their information
99
Data packet
A basic unit of information that travels from one device to another within a Network
100
Data point
A specific piece of information
101
Data type
A category for a particular type of data item
102
Database
An organized collection of information or data
103
Date and time data
Data, representing a date and/or time
104
Debugger
A software tool that helps to locate the source of an error and assess it causes
105
Debugging
A practice of identifying and fixing errors in code
106
Defense in depth
A layered approach to vulnerability management that reduces risk
107
Denial of service (DOS) attack
An attack that targets in network or server, and floods it with network traffic
108
Detect
A NIST core function related to identifying potential security incidents and improving monitoring capabilities to increase the speed and efficiency of detection
109
Detection
The prompt discovery of security events
110
Dictionary data
Data that consists of one or more key-value pairs
111
Digital certificate
A file that verifies the identity of a public key holder
112
Digital forensics
The practice of collecting and analyzing data to determine what has happened after an attack
113
Directory
A file that organizes where other files are stored
114
Distributed denial of service (DDOS) attack
A type of denial of service attack that uses multiple devices or servers to flood the target network with unwanted traffic
115
Distributions
The different versions of Linux
116
Documentation
Any form of recorded content that is used for specific purpose
117
DOM-based XSS attack
An instant when malicious script exists in the webpage a browser loads
118
Domain name system (DNS)
A networking protocol that translates Internet domain names into IP addresses
119
Elevator pitch
A brief summary of a persons experience, skills, and background
120
Encapsulation
A process performed by a VPN service that protects your data by wrapping sensitive data in other data packets
121
Encryption
The process of converting data from a readable format to an encoded format
122
Endpoint
Any device connected on a Network
123
Endpoint detection and response (EDR)
An application that monitors an endpoint for malicious activity
124
Eradication
The complete removal of the incident elements from all affected systems
125
Escalation policy
A set of actions that outline who should be notified when an incident alert, occurs and how that incident should be handled
126
Event
An observable occurrence on a network, system or device
127
Exception
An error that involves code that cannot be executed even though it is syntactically correct
128
Exclusive operator
An operator that does not include the value of comparison
129
Exploit
A way of taking advantage of a vulnerability
130
Exposure
A mistake that can be exploited by a threat
131
External threat
Anything outside the organization that has the potential to harm organizational assets
132
False negative
A state where the presence of a threat is not detected
133
False positive
An alert that incorrectly detect the presence of a threat
134
File path
The location of a file or directory
135
Fileless malware
Malware that does not need to be installed by the user because it uses legitimate programs that are already installed to infect a computer
136
Filesystem hierarchy standard (FHS)
The component of the Linux OS that organizes data
137
Filtering
Selecting dated that match a certain condition
138
Final report
Documentation that provides a comprehensive review of an incident
139
Firewall
A network security device that monitors traffic to or from a Network
140
Float data
Data consisting of a number with a decimal point
141
Foreign key
A column in a table that is a primary key in another table
142
Forward proxy server
A server that regulates and restricts a persons access to the Internet
143
Function
A section of code that can be reused in a program
144
Graphical user interface (GUI)
A user interface that uses icons on the screen to manage different tasks on the computer
145
Global variable
A Variable that is available through the entire program
146
Hacker
Any person or group who uses computers to gain unauthorized access to data
147
Hacktivist
A person who uses hacking to achieve a political goal
148
Hard drive
A hardware component used for long-term memory
149
Hardware
The physical components of a computer
150
Hash collision
An instant when different inputs produce the same hash value
151
Hash function
An algorithm that produces a code that can’t be decrypted
152
Hash table
A data structure that used to store and reference hash values
153
Health insurance portability and accountability act (HIPAA)
A US federal law established to protect patients health information
154
Honeypot
A system or resource created as a decoy vulnerable to attacks with the purpose of attracting potential intruders
155
Host-based intrusion detection system (HIDS)
An application that monitors the activity of the host on which it’s installed
156
Hub
A network device that broadcast information to every device on the network
157
Hypertext transfer protocol (HTTP)
An application layer protocol that provides a method of communication between clients and website servers
158
Hypertext transfer protocol secure (HTTPS)
A network protocol that provides a secure method of communication between clients and website servers
159
Identify
A NIST core function related to management of cyber security risk and it’s affect on an organizations people and assets
160
Identity and access management (IAM)
A collection of processes and technologies that helps organizations manage digital identities of their environment
161
IEEE 802.11 (WiFi)
Set of standards that define communication for wireless LANs
162
Immutable
An object that cannot be changed after it is created and assigned a value
163
Implement
The fourth step of the NIST RMF that means to implement security and privacy plans for an organization
164
Improper usage
An incident type that occurs when an employee of an organization violates the organizations acceptable use policies
165
Incident
An occurrence that actually or imminently jeopardizes, without lawful authority, the confidentiality, integrity or availability of information or an information system; or constitutes a violation of imminent threat of violation of law, security policies, security procedures, or acceptable use policies
166
Incident escalation
The process of identifying a potential security incident, triaging it, and handing it off to a more experienced team member
167
Incident handler’s journal
A form of documentation used in incident response
168
Incident response
An organizations quick attempt to identify an attack, contain the damage, and correct the effects of a security breach
169
Incident response plan
A document that outlines the procedures to take in each step of incident response
170
Inclusive operator
An operator that includes the value of comparison
171
Indentation
Space added, at the beginning of a line of code
172
Index
A number assigned to every element in a sequence that indicates its position
173
Indicators of attack (IoA)
A series of observed events that indicate a real-time incident
174
Indicators of compromise (IOC)
Observable evidence that suggest signs of a potential security incident
175
Information privacy
The protection of unauthorized access and distribution of data
176
Information security (InfoSec)
The practice of keeping data in all states away from unauthorized users
177
Injection attack
Malicious code, inserted into a vulnerable application
178
Input sanitization
Programming that validates inputs from users and other programs
179
Integer data
Data consisting of a number that does not include a decimal point
180
Integrated development environment (IDE)
A software application for riding code that provides editing assistance and error correction tools
181
Integrity
The idea that the data is correct, authentic and reliable
182
Internal hardware
The components required to run the computer
183
Internet control message protocol (ICMP)
An Internet protocol used by devices to tell each other about data transmission errors across the network
184
Internet control message protocol flood (ICMP flood)
A type of DOS attack performed by an attacker repeatedly sending ICMP packets to a Netwerk server
185
Internet protocol (IP)
A set of standards used for routing and addressing data packets as a travel between devices on a network
186
Internet protocol (IP) address
Are unique string of characters that identifies the location of a device on the Internet
187
Interpreter
A computer program that translates python code into runable instructions, line by line
188
Intrusion detection system (IDS)
An application that monitor system activity and alerts on a possible intrusion
189
Intrusion prevention system (IPS)
An application that monitors system activity for intrusive activity and takes action to stop the activity
190
IP spoofing
But network attack performed when an attacker changes, the source IP of a data packet to impersonate an authorized system, and gain access to a Network
191
Iterative statement
Code that repeatedly executes a set of instructions.
192
Kali Linux
An open source distribution of Linux that is widely used in the security industry
193
Kernel
The component of the Linux OS that manages processes in memory
194
Key-value pair
A set of data that represents two linked items: a key, and it’s corresponding value
195
Legacy operating system
An operating system that is outdated, but still being used
196
Lessons learned meeting
A meeting that includes all involved parties after a major incident
197
Library
A collection of models that provide code users can access in their programs
198
Linux
An open source operating system
199
List concatenation
The concept of combining two lists into one by placing the elements of the second list, directly after the elements of the first list
200
List data
Data structure that consists of a collection of data in sequential form
201
Local area network (LAN)
But Netwerk that spans small areas like an office building, a school, or a home
202
Local variable
A variable assigned within a function
203
Log
A Record of events that occur within an organization’s system
204
Log analysis
The process of examining logs to identify events of interest
205
Log management
The process of collecting storing analyzing and disposing of log data
206
Logging
The recording of events occurring on a computer system in networks
207
Logic error
An error that results when the logic used in code produces unintended results
208
Loop condition
The part of a loop that determines when the loop terminate
209
Loop variable
A variable that is used to control the iterations of a loop
210
Malware
Software designed to harm devices or networks
211
Malware infection
An incident type that occurs when malicious software designed to disrupt a system infiltrates an organizations computers, or Network
212
Media access control (MAC) address
Are unique alphanumeric identifier that is assigned to each physical device on a Network
213
Method
A function that belongs to a specific data type
214
Metrics
Key technical attributes such as response time, availability, and failure rate which are used to assess the performance of a software application
215
MITRE
A collection of nonprofit research and development centers
216
Modem
A device that connects your router to the Internet and brings Internet access to the LAN
217
Module
Call file that contains additional functions variable, classes, and any kind of runable code
218
Monitor
The seventh step of the NIST RMF that means be aware of how systems are operating
219
Multi-factor authentication (MFA)
A security measure that requires a user to verify their identity in two or more ways to access a system or Network
220
Nano
A command line file editor that is available by default in many Linux distributions
221
National Institute of standards and technology (NIST) cybersecurity framework (CSF)
A voluntary framework that consists of standards, guidelines, and best practices to manage cyber security risk
222
National Institute of standard and technology (NIST) incident response lifecycle
A framework for incident response consisting of four phases: preparation; detection and analysis; containment, eradication and recovery, and post incident activity
223
Network
A Group of connected devices
224
Network-based intrusion detection system (NIDS)
An application that collects and monitors Network traffic and network data
225
Network data
The data that’s transmitted between devices on a Network
226
Network interface card (NIC)
Hardware that connects computers to a Network
227
Network log analysis
The process of examining network logs to identify events of interest
228
Network protocol analyzer (packet sniffer)
A tool design to capture an analyze data traffic within a network
229
Network protocols
I set of rules used by two or more devices on a network to describe the order of delivery and the structure of data
230
Network segmentation
A security technique that divides the network into segments
231
Network traffic
The amount of data that moves across a network
232
National Institute of standards and technology (NIST) special publication (SP) 800-53
A unified framework for protecting the security of information systems within the US federal government
233
Non-repudiation
The concept that the authenticity of information can’t be denied
234
Notebook
An online interface for writing, storing and running code
235
Numeric data
Data consisting of numbers
236
OAuth
An open-standard authorization protocol that shares designated access between applications
237
Object
A data type that stores data in a comma-separated list of key-value pairs
238
On-path attack
An attack wear a malicious actor places themselves in the middle of an authorized connection and intercepts, or alters the data in transit
239
Open systems interconnection (OSI) model
A standardize concept that describes the seven layers computers used to communicate and send data over in Network
240
Open Web application security project (OWASP)
A nonprofit organization focused on improving software security
241
Operating system (OS)
The interface between computer hardware and the user
242
Operator
A symbol or key word that represents an operation
243
Open-source intelligence (OSINT)
The collection and analysis of information from publicly available sources to generate usable intelligence
244
Options
Input that modifies the behavior of a command
245
Order of volatility
A sequence outlining the order of data that must be preserved from first to last
246
OWASP top 10
A globally recognize standard awareness document that list the top 10 most critical security risks to web applications
247
Package
Piece of software that can be combined with other packages to form an application
248
Package manager
A tool that helps users install manage and remove packages or applications
249
Packet capture (P-cap)
A file containing data packets intercepted from an interface or Network
250
Packet sniffing
The practice of capturing and inspecting data packets across a network
251
Parameter (python)
An object that is included in a function definition for use in that function
252
Parrot
Open source distribution that is commonly used for security
253
Parsing
The process of converting data into a more readable format
254
Passive packet sniffing
A type of attack, where a malicious actor connects to a network hub, and looks at all traffic on the Netwerk
255
Password attack
An attempt to access password, secure devices, systems, networks or data
256
Patch update
A software And operating system update that address as security vulnerabilities within a program or product
257
Payment card industry data security standards (PCI DSS)
Any card holder data, that an organization accepts, transmit, or stores
258
Penetration test (pen test)
A simulated attack that helps identify vulnerabilities in systems, networks, websites, applications, and processes
259
PEP 8 style guide
A resource that provides stylistic guidelines for programmers working in python
260
Peripheral devices
Hardware components that are attached and controlled by a computer system
261
Phishing
The use of digital communications to trick people into revealing sensitive data or deploying malicious software
262
Phishing kit
A collection of software tools needed to launch phishing campaigns
263
Physical attack
A security incident that affects not only digital but also physical environments where the incident is deployed
264
Physical social engineering
Attack in which a thread actor impersonates an employee, customer or vendor to obtain on authorized access to a physical location
265
Ping of death
A type of DOS attack when a hacker pings a system by sending it an oversized ICMP packet that is bigger than 64KB
266
Playbook
A manual that provides details about an operational action
267
Policy
Set of rules that reduce risk and protect information
268
Port
A software-based location that organizes the sending, and receiving of data between devices on a Network
269
Port filtering
A firewall function that blocks or allows certain port numbers to limit unwanted communication
270
Post-incident activity
The process of reviewing an incident to identify areas for improvement during incident handling
271
Potentially unwanted application (PUA)
A type of unwanted software that is bundled in with legitimate programs which might display ads, cause device slow down, or install other software
272
Prepare
The first step of the NIST RMF related to activities that are necessary to manage security and privacy risks before a breach occurs
273
Prepared statement
A coding technique that executes SQL statements before passing them on to a database
274
Primary key
A column where every row has a unique entry
275
Principle of least privilege
The concept of granting, only the minimal access and authorization required to complete task or function
276
Privacy protection
The act of safeguarding personal information from unauthorized use
277
Privilege
Any authority for making changes in a computer system
278
Procedures
Step-by-step instructions to perform a specific security task
279
Process of attack simulation and threat analysis (PASTA)
A popular threat modeling framework that’s used across many industries
280
Programming
A process that can be used to create a specific set of instructions for a computer to execute tasks
281
Protect
A NIST core function used to protect an organization through the implementation of policies, procedures, training, and tools that help mitigate cybersecurity threats
282
Protected health information (PHI)
Information that relates to the past, present, or future, physical or mental health or condition of an individual
283
Protecting and preserving evidence
The process of properly, working with fragile and volatile digital evidence
284
Proxy server
A server that fulfills the request of its clients by forwarding them to other servers
285
Public key infrastructure (PKI)
An encryption framework that secures the exchange of online information
286
Python standard library
An extensive collection of python code that often comes packaged with python
287
Query
A request for data from a database table or a combination of tables
288
Quid pro quo
A type of baiting used to trick someone into believing that they’ll be rewarded in return for sharing, access, information or money
289
Rainbow table
A file of pregenerated hash values and the associated plaintext
290
Random access memory (RAM)
A hardware component used for short-term memory
291
Ransomware
A malicious attack where threat actors encrypt an organizations data and demand payment to restore access
292
Rapport
A friendly relationship in which the people involved understand each other’s ideas, and communicate well with each other
293
Recover
A NIST core function related to returning affected systems back to normal operation
294
Recovery
The process of returning affected systems back to normal operations
295
Red hat
A subscription-based distribution of a Linux built for enterprise use
296
Reflected XSS attack
In instance when malicious script is sent to a server and activated during the servers response
297
Regular expression (regex)
A sequence of characters that forms a pattern
298
Regulations
Rules set by a government or other authority to control the way something is done
299
Relational database
A structure database containing tables that are related to each other
300
Relative file path
A file path that starts from the users current directory
301
Replay attack
A network detect performed when a malicious actor intercepts of data packet in transit and delays it or repeats it at another time
302
Resiliency
The ability to prepare for, respond to, and recover from disruptions
303
Respond
A NIST core function related to making sure that the proper procedures are used to contain, neutralize, and analyze security incidents, and implement improvements to the security process.
304
Critical infrastructure
System and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.
305
Security lifecycle
A constantly evolving set of policies in standards that define how organization manages risks, follows established guidelines, and meets regulatory compliance, or laws
306
Return statement
A python statement that execute inside a function and send information back to the Function call
307
Reverse proxy server
A server that regulates in restricts the Internet access to an internal server
308
Risk
Anything that can impact confidentiality, integrity, or availability of an asset
309
Risk mitigation
The process of having the right procedures and rules in place to quickly reduce the impact of a risk like a breach
310
Root directory
The highest level directory in Lenox
311
Root user (or superuser)
A user with elevated privileges to modify the system
312
Rootkit
Malware that provides remote, administrative access to a computer
313
Router
A network device that connects multiple networks together
314
Salting
An additional safeguard that used to strengthen Hash functions
315
Scareware
Malware that employees tactics to frighten users into infecting their device
316
Search processing language (SPL)
Splunks weary language
317
Secure file transfer protocol (SFTP)
A secure protocol used to transfer files from one device to another over and network
318
Secure shell (SSH)
A security protocol used to create a shell with a remote system
319
Security architecture
A type of security design composed of multiple components, such as tools and processes, that are used to protect an organization from risks and external threats.
320
Security audit
A review of an organization security controls, policies, and procedures against a set of expectations
321
Security breach
Unauthorized access to systems, applications, networks, or devices
322
Security controls
Safeguards designed to reduce specific security risks
323
Security ethics
Guidelines for making appropriate decisions as a security professional
324
Security zone
A segment of a company’s network that protects the internal network from the Internet
325
Security frameworks
Guidelines used for building, plans to help mitigate risk and threats to data and privacy
326
Security governance
Practices that help support, define and direct security efforts of an organization
327
Security hardening
The process of strengthening assistant, to reduce its vulnerabilities and a tax surface
328
Security information and event management (SIEM)
An application that collects and analyzes log data to monitor critical activities in an organization
329
Security mindset
The ability to evaluate risk and constantly seek out and identify the potential or actual breach of a system, application or data
330
Security operations Center (SOC)
An organizational unit dedicated to monitoring network systems and devices for security, threats or attacks
331
Security orchestration, automation, and response (SOAR)
A collection of applications, tools, and workflows that use automation to respond to security events
332
Security posture
And organizations ability to manage its defense of critical assets and data, and react to change
333
Select
The third step of the NIST RMF, that means to choose customize and capture documentation of the controls that protect an organization
334
Separation of duties
The principle that user should not be given levels of authorization that would allow them to miss use a system
335
Session
A sequence of Network HTTP basic auth request and response associated with the same user
336
Session cookie
A token that websites used to validate a session and determine how long that session should last
337
Session hijacking
An event, when a tackers obtain a legitimate user session ID
338
Session ID
Are unique token that identifies a user and their device while accessing a system
339
Set data
Data that consists of an unordered collection of unique values
340
Shared responsibility
The idea that all individuals within an organization, take an active role in lowering risk and maintaining both physical and virtual security
341
Shell
The command-line interpreter
342
Signature
A pattern that is associated with malicious activity
343
Signature analysis
A detection method used to find events of interest
344
Simple Netwerk management protocol (SNMP)
Network protocol used for monitoring and managing devices on a network
345
Single sign-on (SSO)
A technology that combined several different logins into one
346
Smishing
Do use of a text message to trick users to obtain sensitive information or to impersonate a known source
347
Smurf attack
A network attack performed when an attack or sniffs and authorized users IP address and floods it with ICMP packets
348
Social engineering
I’m in ambulation technique that exploits human error to gain private information, access, or valuables
349
Social media phishing
A type of attack where a threat actor collects detailed information about their target on social media sites before initiating the attack
350
Spear phishing
A malicious email attack targeting a specific user or group of users, appearing to originate from a trusted source
351
Speed
The rate at which data packets are received or downloaded
352
Splunk cloud
A cloud hosted tool used to collect, search and monitor log data
353
Splunk enterprise
A self hosted tool used to retain, analyze, and search an organizations log data to provide security information and alerts in real time
354
Spyware
Malware that’s used to gather and sell information without consent
355
SQL (structured query language)
A programming language used to create, interact with, and request information from a database
356
SQL injection
An attack that execute unexpected queries on a database
357
Stakeholder
An individual or group that has an interest in any decision or activity of an organization
358
Standard error
An error message returned by the OS through the shell
359
Standard input
Information received by the OS via the command line
360
Standard output
Information returned by the OS through the shell
361
Standards
References that inform how to set policies
362
STAR method
A technique used to answer behavioral and situational interview questions
363
Stateful
A class of firewall that keeps track of information passing through it, and proactively filters out threats
364
Stateless
A class of firewall that operates based on predefined rules, and that does not keep track of information from data packets
365
Stored XSS attack
An instance, when malicious script is injected directly on the server
366
String concatenation
The process of joining two strings together
367
String data
Data consisting of an ordered sequence of characters
368
Style guide
Emmanuel that informs the writing, formatting and design of documents
369
Subnetting
The subdivision of a network into logical groups called subnets
370
Substring
A continuous sequence of characters within a string
371
Supply-chain attack
An attack that targets systems, applications, hardware, and/or software to locate a vulnerability, where malware can be deployed
372
Suricata
An open-source intrusion detection system, intrusion prevention system, and network analysis tool
373
Switch
A device that makes connection between specific devices on a network by sending, and receiving data between them
374
Symmetric encryption
The use of a single secret key to exchange information
375
Synchronize (SYN) flood attack
A type of DOS attack that simulates a TCP/IP connection and floods a server with SYN packets
376
Syntax
The rules that determine what is correctly structured in a computing language
377
Syntax error
An error that involves invalid usage of a programming language
378
Tailgating
A social engineering tactic in which unauthorized people follow an authorized person into a restricted area
379
TCP/IP model
A framework used to visualize how data is organized and transmitted across a network
380
tcpdump
A command line network protocol analyzer
381
Telemetry
The collection and transmission of data for analysis
382
Threat hunting
The proactive search for threats on a network
383
Threat intelligence
Evidence-based threat information that provides context about existing or emerging threats
384
Threat modeling
The process of identifying assets, their vulnerabilities, and how each is exposed to threats
385
Transmission control protocol (TCP)
An Internet communication protocol that allows two devices to form a connection and stream data
386
Triage
The prioritizing of incidents according to their level of importance or urgency
387
Trojan horse
Malware that looks like a legitimate file or program
388
True negative
A state where there is no detection of malicious activity
389
True positive
An alert that correctly detects the presence of an attack
390
Tuple data
Data that consists of a collection of data that cannot be changed
391
Type error
An error that results from using the wrong data type
392
Ubuntu
An open-source, user-friendly distribution that is widely used in security and other industries
393
Unauthorized access
An incident type that occurs when an individual gain digital or physical access to a system or application without permission
394
Uncontrolled zone
The portion of the network outside the organization
395
Unified extensible firmware interface (UEFI)
A microchip that contains load instructions for the computer and replaces BIOS on more modern systems
396
USB baiting
An attack in which a thread actor strategically leaves a mal wear USB stick for an employee to find and install to unknowingly infect a network
397
User
The person interacting with a computer
398
User datagram protocol (UDP)
A connectionless protocol that does not establish a connection between devices before transmissions
399
User interface
A program that allows the user to control the functions of the operating system
400
User provisioning
The process of creating and maintaining a users digital identity
401
User-defined function
The function that programmers design for their specific needs
402
Variable
A container that stores data
403
Virtual private network (VPN)
The network security service that changes, your public IP address and masks your virtual location so that you can keep your data private when you are using a public network like the Internet
404
Virus
Refers to computer virus
405
Virustotal
A service that allows anyone to analyze suspicious files, domains, URLs and IP addresses for malicious content
406
Vishing
The exploitation of electronic voice communication to obtain sensitive information or to impersonate a known source
407
Vulnerability
A weakness that can be exploited by a threat
408
Vulnerability assessment
The internal review process of an organization security teams
409
Vulnerability management
The process of finding and patching vulnerabilities
410
Vulnerability scanner
Software that automatically compares existing common vulnerabilities and exposures, or CVEs against the technologies on the net work
411
Watering hole attack
A type of attack when a threat actor compromises a website frequently visited by a specific group of users
412
Web-based exploits
Malicious code or behavior that used to take advantage of coding flaws in a web application
413
Whaling
A category of spearphishing attempts that are aimed at high-ranking executives in an organization
414
Wide area network (WAN)
I know work that spans a large geographic area, like a city, state or country
415
Wi-Fi protected access (WPA)
A wireless security protocol for devices to connect to the Internet
416
Wild card
A character that’s used to represent one or more characters
417
Wiresshark
An open source network protocol analyzer
418
World-writable file
A file that can be altered by anyone in the world
419
Worm
Malware that can duplicate and spread itself across systems on its own
420
YARA-L
A computer language used to create rules for searching through ingested log data
421
Zero-day
An exploit that was previously unknown
