Security+ SYO-501 - Acronyms Flashcards
(311 cards)
1
Q
3DES
A
Triple Digital Encryption Standard
About the name: AES applies the DES cipher algorithm three times to each data block. Type: Symmetric-key block cipher Key sizes: 168, 112 or 56 bits (keying option 1, 2, 3 respectively) Block sizes: 64 bits Rounds: 48 DES-equivalent rounds Structure: Feistel network First published: 1998 (ANS X9.52) Retired: 2018 (replaced by AES)
2
Q
AAA
A
Authentication, Authorization, and Accounting
3
Q
ABAC
A
Attribute-Based Access Control
- Defined by NIST 800-162
- A logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes.
4
Q
ACL
A
Access Control List
5
Q
AES
A
Advanced Encryption Standard
Original name: Rijndael Type: Symmetric-key block cipher Key sizes: 128, 192 or 256 bits Block sizes: 128 bits Rounds: 10, 12 or 14 (depending on key size) Designers: Vincent Rijmen, Joan Daemen Structure: Substitution–permutation network First published: 1998 (NIST)
6
Q
AES256
A
Advanced Encryption Standard 256-bit
7
Q
AH
A
Authentication Header
IPsec is composed of two separate (mutually exclusive) protocols:Authentication Header (AH)andEncapsulating Security Payload (ESP). AH provides the authentication and integrity checking for data packets, and ESP provides encryption services.
8
Q
ALE
A
Annualized Loss Expectancy
$$$ how much loss you could expect in a year.
ALE = SLE x ARO
9
Q
AP
A
Access Point
An AP works at Layer 2 (the data link layer) of the OSI model, and it can operate as a bridge connecting a standard wired network to wireless devices or as a router passing data transmissions from one access point to another.
10
Q
API
A
Application Programming Interface
11
Q
APT
A
Advanced Persistent Threat
Often nation-states (e.g. China). Hackers with skill , resources and TIME
12
Q
ARO
A
Annualized Rate of Occurrence
### the number of times an event is expected to occur each year ALE = SLE x ARO
13
Q
ARP
A
Address Resolution Protocol
Protocol used to map known IP addresses to unknown physical addresses.
14
Q
ASLR
A
Address Space Layout Randomization
- Randomizes the location where system executables are loaded into memory.
- Therefore, it is a memory-protection process for operating systems (OSes) that guards against BUFFER-OVERLOW attacks
15
Q
ASP
A
Application Service Provider
16
Q
AUP
A
Acceptable Use Policy
defines what is and what is not acceptable activity, practice, or use for company equipment an resources
17
Q
AV
A
Antivirus OR Asset Value (in $$)
18
Q
BAC
A
Business Availability Center
19
Q
BCP
A
Business Continuity Planning
Assess organizational risks and create policies, plans, and procedures to minimize impact.
20
Q
BIA
A
Business Impact Analysis
The process of performing risk assessment on business tasks and processes rather than on assets. The purpose of BIA is to determine the risks to business processes and design protective and recovery solutions. The goal is to maintain business continuity, prevent and/or minimize downtime, and prepare for fast recovery and restoration in the event of a disaster.
21
Q
BIOS
A
Basic Input/Output System
22
Q
BPA
A
Business Partners Agreement
An agreement between partners in a business that outlines their responsibilities, obligations, and sharing of profits and losses.
23
Q
BPDU
A
Bridge Protocol Data Unit
Frames that contain information about the Spanning tree protocol. A switch sends BPDUs using a unique MAC address from its origin port and a multicast address as destination MAC.
24
Q
BYOD
A
Bring Your Own Device
25
RIP
BGP
OSPF
Routers usually communicate routing and other information using one of three standard protocols:
* RIP - Routing Information Protocol
* BGP - Border Gateway Protocol
* OSPF - Open Shortest Path First
26
CA
Certificate Authority
27
CAC
Common Access Card
28
CAN
Controller Area Network
29
CAPTCHA
Completely Automated Public Turing Test to Tell Computers and Humans Apart
30
CAR
Corrective Action Report
31
CASB
Cloud Access Security Broker
Security policy enforcement solution. Ensures proper security measures and ensures that they are implemented between a cloud solution and a customer organization. CASBs are on-premise or cloud-based security policy enforcement points. They exist between the cloud service users and the cloud service providers for the purpose of combining (and adding) enterprise security policies as resources are accessed.
The brokers can consolidate lots of different types of security policy enforcement (single sign-on, authorization, credential mapping, encryption, and so forth) while acting like a gatekeeper. They essentially allow the organization to extend the reach of their own security policies beyond the confines of their own infrastructure.
32
CBC
Cipher Block Chaining
33
CCMP
Counter-Mode/CBC-Mac Protocol
34
CCTV
Closed-circuit TV
35
CER
Certificate
OR
Cross-over Error Rate
Cross-over Error Rate. See Biometrics, FAR, and FRR. The point at which FRR and FAR are equal. Aim for a LOW CER
36
CERT
Computer Emergency Response Team
Carnegie Mellon University standards for secure coding. CERT standards cover many of the same issues as OWASP, but they also have complete language-specific standards for Java, Perl, C, and C++ and exception handling.
37
CFB
Cipher Feedback
38
CHAP
Challenge Handshake Authentication Protocol
Authentication method supported by PPP (can be used by PPTP).
(1) user authenticates to the server;
(2) server directs the client to generate a random number (often a cryptographic hash) and send it to the server;
(3) server periodically challenges the client to reproduce the number/hash;
(4) if the client can't, the server terminates the session.
39
CIO
Chief Information Officer
40
CIRT
Computer Incident Response Team
41
CMS
Content Management System
42
COOP
Continuity of Operations Plan
43
COPE
Corporate Owned, Personally Enabled
44
CP
Contingency Planning
45
CRC
Cyclical Redundancy Check
46
CRL
Certificate Revocation List
47
CSIRT
Computer Security Incident Response Team
48
CSO
Chief Security Officer
49
CSP
Cloud Service Provider
50
CSR
Certificate Signing Request
51
CSRF
Cross-site Request Forgery
52
CSU
Channel Service Unit
See also DSU. Routers, in conjunction with a channel service unit/data service unit (CSU/DSU), are also used to translate from LAN framing to WAN framing (for example, a router that connects a 100BaseT network to a T1 network).
53
CTM
Counter-Mode
54
CTO
Chief Technology Officer
55
CTR
Counter
56
CYOD
Choose Your Own Device
57
DAC
Discretionary Access Control
58
DBA
Database Administrator
59
DDoS
Distributed Denial of Service
60
DEP
Data Execution Prevention
When an application tries to launch, the user must approve the execution before it can proceed or, at the least, the system logs when an application tries to launch
61
DER
Distinguished Encoding Rules
62
DES
Digital Encryption Standard
63
DFIR
Digital Forensics and Investigation Response
64
DHCP
Dynamic Host Configuration Protocol
65
DHE
Data-Handling Electronics
OR
Diffie-Hellman Ephemeral
66
DLL
Dynamic Link Library
67
DLP
Data Loss Prevention
68
DMZ
Demilitarized Zone
69
DNAT
Destination Network Address Transaction
70
DNS
Domain Name Service (Server)
71
DoS
Denial of Service
72
DRP
Disaster Recovery Plan
Disaster recovery is an expansion of BCP. Basically, when business continuity is interrupted, a disaster has occurred.
73
DSA
Digital Signature Algorithm
74
DSL
Digital Subscriber Line
75
DSU
Data Service Unit
See also CSU.
Routers, in conjunction with a channel service unit/data service unit (CSU/DSU), are also used to translate from LAN framing to WAN framing (for example, a router that connects a 100BaseT network to a T1 network).
76
Extensible Authentication Protocol
ECB
77
EAP
Extensible Authentication Protocol
Authentication method supported by PPP (can be used by PPTP)
78
ECB
Electronic Code Book
79
ECC
Elliptic Curve Cryptography
Asymmetric system designed to work with smaller processors (like hand-held devices)
80
ECDHE
Elliptic Curve Diffie-Hellman Ephemeral
81
ECDSA
Elliptic Curve Digital Signature Algorithm
82
EF
Exposure Factor
%%% the percentage of the asset value that is threatened with each threat occurrence
83
EFS
Encrypted File System
84
EMI
Electromagnetic Interference
85
EMP
Electro Magnetic Pulse
86
EOL
End of Life
87
ERP
Enterprise Resource Planning
88
ESN
Electronic Serial Number
89
ESP
Encapsulated Security Payload
IPsec is composed of two separate (mutually exclusive) protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP). AH provides the authentication and integrity checking for data packets, and ESP provides encryption services.
90
EULA
End User License Agreement
91
FACL
File System Access Control List
92
FAR
False Acceptance Rate
See Biometircs, FRR, and CER
93
FDE
Full Disk Encryption
94
FRR
False Rejection Rate
See Biometrics, FAR and CER
95
FTP
File Transfer Protocol
96
FTPS
Secured File Transfer Protocol
97
GCM
Galois Counter Mode
98
GPG
Gnu Privacy Guard
99
GPO
Group Policy Object
100
GPS
Global Positioning System
101
GPU
Graphic Processing Unit
102
GRE
Generic Routing Encapsulation
103
HA
High Availability
Refers to measures such as redundancy, failover, and mirroring, used to keep services and systems operational during an outage.
104
HDD
Hard Disk Drive
105
HIDS
Host-based Intrusion Detection System
IDS runs as software on a host system. Examines machine logs, system events and application interactions, but normally doesn't monitor incoming network traffic. Popular on servers that use encrypted channels. See also HIPS
106
HIPS
Host-based Intrusion Prevention System
See HIDS
107
HMAC
Hashed Message Authentication Code
108
HOTP
HMAC-based One-Time Password
109
HSM
Hardware security module
Devices that handle digital keys. Performs a similar function as TPM. Aka PCSM, SAM, Hardware cryptographic device, or cryptographic module. Often a plug in device.
* Provides encryption, digital signatures, hashing, and message authentication codes.
* Manages cryptographic keys
110
HTML
Hypertext Markup Language
111
HTTP
Hypertext Transfer Protocol
112
HTTPS
Hypertext Transfer Protocol over SSL/TLS
113
HVAC
Heating, Ventilation and Air Conditioning
114
IaaS
Infrastructure as a Service
115
ICMP
Internet Control Message Protocol
116
ICS
Industrial Control Systems
117
ID
Identification OR Intrusion Detection
118
IDEA
International Data Encryption Algorithm
119
IDF
Intermediate Distribution Frame
120
IdP
Identity Provider
121
IDS
Intrusion Detection System
122
IEEE
Institute of Electrical and Electronic Engineers
123
IIS
Internet Information System
124
IKE
Internet Key Exchange
125
IMPA4
Internet Message Access Protocol v4
126
IoT
Internet of Things
127
IPS
Internet Protocol Security
128
IRC
Internet Relay Chat
129
IRP
Incident Response Plan
130
ISA
Interconnection Security Agreement
131
ISP
Internet Service Provider
132
ISSO
Information Systems Security Officer
133
ITCP
IT Contingency Plan
134
IV
Initialization Vector
135
KDC
Key Distribution Center
136
KEK
Key Encryption Key
137
L2TP
Layer 2 Tunneling Protocol
138
LAN
Local Area Network
See also: CAN, MAN, SAN, WAN
139
LDAP
Lightweight Directory Access Protocol
140
LEAP
Lightweight Extensible Authentication Protocol
141
MaaS
Monitoring as a Service
142
MAC
Mandatory Access Control OR Media Access Control OR Message Authentication Code
143
MAN
Metropolitan Area Network
144
MBR
Master Boot Record
145
MD5
Message Digest 5
146
MDF
Master Distribution Frame
147
MDM
Mobile Device Management
148
MFA
Multifactor Authentication
149
MFD
Multi-function Device
150
MIME
Multipurpose Internet Mail Exchange
151
MITM
Man-in-the-Middle
152
MMS
Multimedia Message Service
153
MOA
Memorandum of Agreement
154
MOTD
Message of the Day
155
MOU
Memorandum of Understanding
156
MPLS
Multi-Protocol Label Switching
157
MSCHAP
Microsoft Challenge Handshake Authentication Protocol
158
MSP
Managed Service Provider
159
MTBF
Mean Time Between Failures
160
MTTF
Mean Time To Failure
161
MTTR
Mean Time to Repair or Restore
162
MTU
Maximum Transmission Unit
163
NAC
Network Access Control
164
NAT
Network Address Translation
165
NDA
Nondisclosure Agreement
166
NFC
Near Field Communication
167
NGAC
Next Generation Access Control
168
NIDS
Network-based Intrusion Detection System
169
NIPS
Network-based Intrusion Prevention System
170
NIST
National Institute of Standards & Technology
171
NTFS
New Technology File System
172
NTLM
New Technology LAN Manager
173
NTP
Network Time Protocol
174
OAUTH
Open Authorization
175
OCSP
Online Certificate Status Protocol
176
OID
Object Identifier
177
OS
Operating System
178
OTA
Over The Air
179
OVAL
Open Vulnerability Assessment Language
180
P12
PKCS #12
181
P2P
Peer to Peer
182
PaaS
Platform as a Service.
183
PAC
Proxy Auto Configuration
184
PAP
Password Authentication Protocol
185
PAT
Port Address Translation
186
PBKDF2
Password-based Key Derivation Function 2
Key Stretching Algorithm. Key stretching makes a possibly weak key, typically a password or passphrase, more secure against a brute-force attack by increasing the time it takes to test each possible key. PBKDF2 applies some function (like a hash or HMAC) to the password or passphrase along with Salt to produce a derived key. Bcrypt is another method of key stretching.
187
PBX
Private Branch Exchange
188
PCAP
Packet Capture
189
PEAP
Protected Extensible Authentication Protocol
190
PED
Personal Electronic Device
191
PEM
Privacy-enhanced Electronic Mail
192
PFS
Perfect Forward Secrecy
193
PFX
Personal Exchange Format
194
PGP
Pretty Good Privacy
195
PHI
Personal Health Information
196
PII
Personally Identifiable Information
197
PKI
Public Key Infrastructure
198
POODLE
Padding Oracle on Downgrade Legacy Encryption
199
POP
Post Office Protocol
200
POTS
Plain Old Telephone Service
201
PPP
Point-to-Point Protocol
202
PPTP
Point-to-Point Tunneling Protocol
203
PSK
Pre-shared Key
204
PTZ
Pan-Tilt-Zoom
205
PVI
Personal Identity Verification
206
RA
Recovery Agent OR Registration Authority
207
RAD
Rapid Application Development
208
RADIUS
Remote Authentication Dial-in User Server
209
RAID
Rudundant Array of Independent/Inexpensive Disks
210
RAS
Remote Access Server
211
RAT
Remote Access Trojan
212
RBAC
Role-based Access Control OR Rule-based Access Control
213
RC4
Rivest Cipher version 4
214
RDP
Remote Desktop Protocol
215
REST
Representational State Transfer
216
RFID
Radio Frequency Identifier
217
RIPEMD
RACE Integrity Primitives Evaluation Message Digest
218
RMF
Risk Management Framework
219
ROI
Return on Investment
220
RPO
Recovery Point Objective
221
RSA
Rivest, Shamir, and Adleman
222
RTBH
Remotely Triggered Black Hole
223
RTO
Recovery Time Objective
224
RTOS
Real-time Operating System
225
RTP
Real-time Transport Protocol
226
S/MIME
Secure/Multipurpose Internet Mail Extensions
227
SaaS
Software as a Service
228
SAML
Security Assertions Markup Language
229
SAN
Storage Area Network
230
SCADA
System/Supervisory Control and Data Acquisition
231
SCAP
Security Content Automation Protocol
232
SCEP
Simple Certificate Enrollment Protocol
233
SCP
Secure Copy
234
SCSI
Small Computer System Interface
235
SDK
Software Development Kit
236
SDLC
Software Development Life Cycle
237
SDLM
Software Development Life Cycle Methodology
238
SDN
Software-Defined Networking
239
SDN
Software-Defined Networking
240
SED
Self-encrypting drive
241
SFTP
Secured File Transfer Protocol
242
SHA
Secure Hashing Algorithm
243
SHE
Structured Exception Handler
244
SHTTP
Secure Hypertext Transfer Protocol
245
SIEM
Security Information and Event Management
246
SIM
Subscriber Identity Module
247
SIPS
Session Initiation Protocol
248
SIPS
Session Initiation Protocol Secure
249
SLA
Service Level Agreement
250
SLE
Single Loss Expectancy
251
SMB
Server Message Block
252
SMS
Short Message Service
253
SMTP
Simple Mail Transfer Protocol
254
SMTPS
Simple Mail Transfer Protocol Secure
255
SNMP
Simple Network Management Protocol
256
SOAP
Simple Object Access Protocol
257
SoC
System on Chip
258
SPF
Sender Policy Framework
259
SPIM
Spam over Internet Messaging
260
SPOF
Single Point of Failure
261
SQL
Structured Query Language
262
SRTP
Secure Real-Time Protocol
263
SSD
Solid State Drive
264
SSH
Secure Shell
265
SSID
Service Set Identifier
266
SSL
Secure Sockets Layer
267
SSO
Single Sign-on
268
SSP
System Security Plan
269
STP
Shielded Twisted Pair OR Spanning Tree Protocol
270
STP
Spanning Tree Protocol
271
TACACS+
Terminal Access Controller Access Control System Plus
272
TCO
Total Cost of Ownership
273
TCP/IP
Transmission Control Protocol/Internet Protocol
274
TGT
Ticket Granting Ticket
275
TKIP
Temporal Key Integrity Protocol
276
TLS
Transport Layer Security
277
TOTP
Time-based One-time Password
278
TPM
Trusted platform modules
279
TSIG
Transaction Signature
280
UAT
User Acceptance Testing
281
UAV
Unmanned Aerial Vehicle
282
UDP
User Datagram Protocol
283
UEFI
Unified Extensible Firmware Interface
284
UPS
Uninterruptible Power Supply
285
URI
Uniform Resource Identifier
286
URL
Universal Resource Locator
287
USB
Universal Serial Bus
288
USB OTG
USB On The Go
289
UTM
Unified Threat Management
290
UTP
Unshielded Twisted Pair
291
VDE
Virtual Desktop Environment
292
VDI
Virtual Desktop Infrastructure
293
VLAN
Virtual Local Area Network
294
VLSM
Variable Length Subnet Masking
295
VM
Virtual Machine
296
VoIP
Voice over IP
297
VPN
Virtual Private Network
298
VTC
Video Teleconferencing
299
WAF
Web Application Firewall
300
WAP
Wireless Access Point
301
WEP
Wired Equivalent Privacy
302
WIDS
Wireless Intrusion Detection System
303
WIPS
Wireless Intrusion Prevention System
304
WORM
Write Once Read Many
305
WPA2
WiFi Protected Access 2
306
WPS
WiFi Protected Setup
307
WTLS
Wireless TLS
308
XML
Extensible Markup Language
309
XOR
Exclusive Or
310
XSRF
Cross-site Request Forgery
311
XSS
Cross-site Scripting
