Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Community
Ask the community for help and clear up your study doubts
Discover the best universities in your country according to Docsity users
Free resources
Download our free guides on studying techniques, anxiety management strategies, and thesis advice from Docsity tutors
A comprehensive overview of cybersecurity terms, protocols, and technologies. It covers network security, access control, encryption, authentication, and incident response. The document serves as a valuable reference for understanding fundamental cybersecurity concepts and terminology. It can be useful for students, IT professionals, and individuals interested in enhancing their knowledge of cybersecurity best practices and the tools and techniques employed to protect digital assets.
Typology: Exams
1 / 51
110 - ANSPost Office Protocol version 3 Port (POP3) 123 - ANSNetwork Time Protocol Port (NTP) 137 - 139 - ANSNetBIOS Port 143 - ANSInternet Message Access Protocol Port (IMAP) 161 - ANSSimple Network Management Protocol Port (SNMP) 162 - ANSSimple Network Management Protocol Port (SNMP) 21 - ANSFile Transfer Protocol Port (FTP) 22 - ANSSecure Shell, Secure Copy Protocol, SSH File Transfer Protocol Port (SSH/SCP/SFTP) 23 - ANSTelnet Port 25 - ANSSimple Mail Transfer Protocol Port (SMTP) 3389 - ANSRemote Desktop Protocol Port (RDP) 389 - ANSLightweight Directory Access Protocol Port (LDAP) 443 - ANSHypertext Transfer Protocol Secure and Transport Layer Security Port (HTTPS/TLS/SSL) 500 - ANSInternet Protocol Security Port (IPSec) 5061 - ANSSecure Real Time Protocol Port (SRTP) 53 - ANSDomain Name System Port (DNS) 587 - ANSSecure Simple Mail Transfer Protocol Port 61/5060 - ANSSession Initiated Protocol Port (SIP) 67/68 - ANSDynamic Host Configuration Protocol Port (DHCP) 69 - ANSTrivial File Transfer Protocol Port (TFTP) 80 - ANSHypertext Transfer Protocol Port (HTTP) 802.1x - ANSThe IEEE standard that defines port-based security for wireless network access control 802.1X - ANSThe IEEE standard that defines port-based security for wireless network access control 88 - ANSKerberos Port 989/990 - ANSFTP over TLS/SSL Port 993 - ANSSecure IMAP and S/MIME Port 995 - ANSSecure POP 3 Port A Record - ANSA domain name system record for IPv4. AAAA Record - ANSA domain name system record for IPv6. Acceptable Use Policy (AUP) - ANSA policy that defines the actions users may perform while accessing systems and networking equipment.
Account Lockout - ANSRefers to the number of incorrect logon attempts permitted before a system locks an account. Account Management Policy - ANSThe policy that lists procedures for adding new users to systems and removing users who have left the organization. Account Rectification - ANSAuditing account privileges and reporting to management. Active Directory Federation Services (ADFS) - ANSA software component developed by Microsoft that can run on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries Active Logging - ANSContinuously monitoring and logging changes. Active Reconnaissance - ANSA penetration testing method used to collect information. It sends data to systems and analyzes responses to gain information. Active/Active Load Balancing - ANSWhen servers in a load balancing system are all handling requests. Active/Passive Load Balancing - ANSWhen one server in a load balancing system is active and the others are stand-by. Ad Hoc Network - ANSA network created when two wireless devices connect to each other directly. Address Resolution Protocol (ARP) - ANSA protocol in the TCP/IP suite used with the command-line utility of the same name to determine the MAC address that corresponds to a particular IP address. Address Resolution Protocol Cache (ARP Cache) - ANSA cache that stores a mapping of IP addresses to MAC Addresses. Address Resolution Protocol Poisoning (ARP Poisoning) - ANSA type of cyber attack carried out over a Local Area Network (LAN) that involves sending malicious ARP packets to a default gateway on a LAN in order to change the pairings in its IP to MAC address table. Administrator Account - ANSUser account, created when the OS is first installed, that is allowed complete, unfettered access to the system without restriction. Admissibility - ANSA measure of whether a piece of
evidence is relevant or legally acquired. Advanced Encryption Standard (AES) - ANSA symmetric block cipher created in the late 1990s that uses a 128-bit block size and a 128-, 192-, or 256-bit key size. Advanced Persistent Threat (APT) - ANSAn organized group of attackers who are highly motivated, skilled, and patient. Adware - ANSA software program that delivers advertising content in a manner that is unexpected and unwanted by the user. Air Gap - ANSA computer with no network connections. Aircrack-ng - ANSA complete suite of wireless security assessment and exploitation tools that includes monitoring, attacking, testing, and cracking of wireless networks. Airgap - ANSA physical security control that provides physical isolation. All other uses (LBAC) - ANSThe third number listed in the LBAC permissions. Always-on VPN - ANSA VPN that allows the user to always stay connected instead of connecting and disconnecting from it. Amplification Attack - ANSAn attack instigated using small, simple requests that trigger very large responses to the target. Annual Risk Assessment - ANSA risk register where the financial director will look at all of the risks associated with money and the IT manager will look at all of the risks posed. Annual Security Awareness Training - ANSWhere you are reminded about what you should be doing on a daily basis to keep the company safe. Annualized Loss Expectancy (ALE) - ANSThe expected monetary loss that can be expected for an asset due to a risk over a one-year period. Annualized Rate of Occurrence (ARO) - ANSThe probability that a risk will occur in a particular year. Anomaly-Based Detection - ANSThe process of detecting attacks based on baseline attributes that have changed. Anonymization - ANSThe act of permanently and completely removing personal identifiers from data, such as converting personally identifiable information (PII) into aggregated data. Antivirus/Antimalware - ANSSoftware or hardware that protects
against or removes malicious software. Anything as a Service (XaaS) - ANSThe growing diversity of services available over the Internet via cloud computing as opposed to being provided locally, or on-premises. Armed Guards - ANSPeople who manage physical access to a secure area. Artifacts - ANSItems that not easily seen or found. Asymmetric Encryption - ANSA type of cryptographic based on algorithms that use a private and public key. Attribute-Based Access Controls (ABAC) - ANSAn access control system, which uses account attributes to determine access. Authentication (Access Controls) - ANSThe person making the request, is who they say they are. Authentication Header (AH) - ANSThis provides connectionless integrity and the authentication of data. Authentication, Authorisation and Accounting (AAA) - ANSA common security framework for mediating network and application access. Authorisation (Access Controls) - ANSThe amount of access given to a user. Automated Indicator Sharing (AIS) - ANSA system that provides the exchange of data about cyber-attacks. Automated Private IP Address (APIPA) - ANSA feature of Windows-based operating systems that enables a computer to automatically assign itself an IP address when there is no Dynamic Host Configuration Protocol (DHCP) server available. Backdoor - ANSSoftware code that gives access to a program or a service that circumvents normal security protections. Background Checks - ANSA vetting process to ensure that an individual meets security requirements. Badge - ANSAn item with a photo, name and signature, used to identify someone. Bankers' Automated Clearing Service (BACS) - ANSA system that allows the transfer of payments directly from one bank account to another. Banner Grabbing - ANSGathering information from messages that a service transmits when another program connects to it. Bastion Host - ANSA heavily secured server located on a
special perimeter network between the company's secure internal network and its firewall. Bcrypt - ANSA password hashing algorithm based on a Blowfish cipher that uses key stretching. Beacon - ANSMalware infects a vulnerable host, it quickly scans the host environment and initiates a command and control (C2) channel with its creator. Binary Large Object (BLOB) - ANSIn databases, a type of object that holds extremely large chunks of data in binary form. Biometric Lock - ANSA lock that uses biometric authentication. Birthday Attack - ANSAn attack that searches for any two digests that are the same. Black Box Penetration Testing - ANSA form of penetration testing where the tester is not given any system credentials. Black Box Testing - ANSPenetration testing of a system, where the tester is provided no information about the system. Black Hat Hacker - ANSA hacker who uses his knowledge to destroy information or for illegal gain. Block Cipher - ANSA cipher that manipulates an entire block of plaintext at one time. Blowfish - ANSA symmetric block cipher that operates on 64-bit blocks and can have a key length from 32 to 448 bits. Blue Team - ANSA group of people authorized and organized to emulate protecting a network from exploitation against an enterprise's security posture. Bluebugging - ANSAn attack where the attacker takes control of a Bluetooth device. Bluejacking - ANSAn attack where the attacker send unsolicited messages to the device. Bluesnarfing - ANSThe unauthorized access of information from a Bluetooth device. Bluetooth - ANSAllows electronic devices like cell phones and computers to exchange data over short distances using radio waves Bollard - ANSA stone guard to prevent damage to a wall; also a freestanding stone post to divert vehicular traffic. Bootstrap Protocol (BOOTP) - ANSA component of TCP/IP that allows computers to discover and receive an IP address from a DHCP server prior to booting the OS. Botnet - ANSA logical
computer network of zombies under the control of an attacker. Bridge Trust Model - ANSA trust model with one certificate authority that acts as a facilitator to interconnect all other certificate authorities. Bring Your Own Device (BYOD) - ANSPolicy that allows employees to use their personal mobile devices and computers to access enterprise data and applications. Browser Exploitation Framework (BeEF) - ANSA penetration testing tool that focuses on the web browser. Brute Force Attack - ANSAn attack on passwords or encryption that tries every possible password or encryption key. Buffer Overflow - ANSA technique where code is exploited by storing more data than can be held. Buffer Overflow Attack - ANSAttempts to overwrite the memory buffer to send additional data into adjacent memory locations. Bug Bounty - ANSThe process where companies reward testers who find vulnerabilities. Business Continuity Plan (BCP) - ANSContingency planning to keep the business up and running when a disaster occurs, by identifying single points of failure. Business Impact Analysis (BIA) - ANSAn exercise that determines the impact of losing the support of any resource to an organization, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and supporting systems. Business Partnership Agreement (BPA) - ANSA written agreement defining the terms and conditions of a business partnership. Cable Lock - ANSA cable with a lock at the end, to stop people from stealing devices. Caching - ANSThe local storage of frequently needed files that would otherwise be obtained from an external source. Cain and Abel - ANSA password recovery tool for Microsoft Windows. Call/Escalation List - ANSA list should detail who should be called, what order, and how high up the organizational leadership chart a particular issue would reach. Cameras - ANSUsed to
monitor the perimeter of a secure area. Capital Expenditure (CAPEX) - ANSFunds used by a company to acquire or upgrade physical assets such as property, industrial buildings or equipment Captive Portal - ANSTechnical solution that forces clients using web browsers to complete a specific process before it allows them access to the network. Capture the Flag (CTF) - ANSAn exploit-based exercise simulating an attack. Capturing a System Image - ANSCreating a file that is an exact copy of a storage device. Card Skimming - ANSCopying of information from the magnetic strip of a credit card or debit card. Carrier Unlocking - ANSThe process of unlocking a mobile phone from a specific cellular provider. Cellular Network - ANSA network that can be used when a wireless network must cover a wide area. The network is made up of cells, each controlled by a base station. Also called a cellular WAN. Certificate Authority (CA) - ANSA server that manages digital certificates. Certificate Chaining - ANSLinking several certificates together to establish trust between all the certificates involved. Certificate Pinning - ANSPrevents the compromise of Certificate Authorities and fraudulent certificate issuing. Certificate Revocation List (CRL) - ANSA list that keeps of track of whether a digital certificate is valid. Certificate Signing Request (CSR) - ANSThe process of requesting a new certificate. Chain of Custody - ANSThe process of documenting the custody of data, ensuring no tampering. Challenge Handshake Authentication Protocol (CHAP) - ANSAn older three-way authentication handshake that is accomplished during the initial authentication and may be repeated anytime after the link has been established. Change Advisory Board (CAB) - ANSAssists with the prioritisation of changes. Children's Online Privacy Protection Act (COPPA) - ANSA U.S. federal act that requires operators of online services or Web sites directed at children under the age of 13 to obtain parental consent prior
to the collection, use, disclosure, or display of a child's personal information. Chmod
Provider (CSP) - ANSThe company that hosts the cloud servers. CNAME Record - ANSA domain name system record that is an alias. Code Signing - ANSThe process of assigning a certificate to code. The certificate includes a digital signature and validates the code. Cognitive Password Attack - ANSA password attack that uses public knowledge-based authentication, like secret questions. Cold Site - ANSA backup facility that does not have any computer equipment, but is a place where employees can move after a disaster Collision Attack - ANSAn attack on a hash function in which a specific input is generated to produce a hash function output that matches another input. Command and Control Malware - ANSMalware that controls the victim's machine from a command and control server. Command Injection Attack - ANSWhen input is used in the construction of a command that is subsequently executed by the system with the privileges of the server Common Access Card (CAC) - ANSA Department of Defense (DoD) smart card used for identification for active-duty and reserve military personnel along with civilian employees and special contractors. Common Vulnerabilities and Exposures (CVE) - ANSThe Common Vulnerabilities and Exposures or CVE system provides a reference method for publicly known information-security vulnerabilities and exposures. Common Vulnerabilities Scoring System (CVSS) - ANSIndicates the severity of vulnerabilities. Community Cloud - ANSServes a specific community with common business models, security requirements, and compliance considerations Company- owned, Personally Enabled (COPE) - ANSThe company provides the users with a smartphone primarily for work use, but basic functions such as voice calls, messaging, and personal applications are allowed, with some controls on usage and flexibility. Compiler - ANSA computer program created to read an entire program
and convert it into a lower-level language and ultimately to assembly language used by the processor. Computer/Machine Certificate - ANSA certificate that identifies a computer within a domain. Conduit - ANSA container to secure cables from tampering or being destroyed. Confidential (MAC) - ANSCauses damage. Container - ANSAn isolated system used for software. Containerisation - ANSA type of virtualization applied by a host operating system to provide an isolated execution environment for an application. Content Filter - ANSA way of limiting access to material on the internet by examining it before it is shown to the user and deciding whether or not it is acceptable. Context-Aware Authentication - ANSAn authentication method using multiple elements to authenticate a user and a mobile device. It can include identity, geolocation, the device type, and more. Continuous Delivery - ANSA methodology that focuses on making sure software is always in a releasable state throughout its lifecycle. Continuous Deployment (CD) - ANSA software development approach where an organization's developers release products, features, and updates in shorter cycles, when ready, rather than wait for centrally-managed delivery schedules. Continuous Integration (CI) - ANSA software development method in which code updates are tested and committed to development or build server/code repositories rapidly. Controlled Unclassified Information (CUI) - ANSFederal non-classified information that must be safeguarded by implementing a uniform set of requirements and information security controls to secure sensitive government information. Controls - ANSSafeguards or countermeasures to avoid, detect, counteract, or minimize security risks. Made up of physical, managerial, technical and operational. Corporate-Owned Personally- Enabled (COPE) - ANSEmployees choose from a selection of company-approved
devices. Counter Mode (CTR) - ANSA DES mode similar to OFB mode that uses an incrementing IV counter to ensure that each block is encrypted with a unique keystream. Credential Harvesting - ANSA phishing attack that targets user credentials. Credential Stuffing - ANSThe automated injection of breached username/password pairs to gain user accounts access fraudulently. Credentialed Scan - ANSScan in which the scanning computer has an account on the computer being scanned that allows the scanner to do a more thorough check looking for problems that can not be seen from the network. Cross-Site Request Forgery (CSRF/XSRF) - ANSA malicious exploit of a website where unauthorized commands are transmitted from a user that the web application trusts. Cross-Site Request Forgery (XSRF) - ANSAn attack that exploits the trust a website has in a user's browser in an attempt to transmit unauthorized requests to the website. Cross-Site Scripting (XSS) - ANSEnables attackers to inject client-side scripts into web pages viewed by other users. Crossover Error Rate (CER) - ANSthe level at which the number of false rejections equals the false acceptances, and is also known as the equal error rate. Crypto Malware - ANSMalware that encrypts all the files on the device so that they cannot be opened and hides itself. Crypto Service Provider (CSP) - ANSA software library that provides crypto services. Cryptographic Erase (CE) - ANSA wiping technique that encrypts the data on a media device and destroys the encryption key. Cryptomalware - ANSRansomware that encrypts user's files, and demands ransom. Cuckoo - ANSA malware analysing tool that creates a sandbox environment. Curl - ANSA command-line tool used to transfer data. Custodian (MAC)
inherent processes for managing all the interactions with the customer, from lead generation to customer service. Dark Web - ANSInternet content that can't be indexed by Google and other search engines. Data Breach - ANSWhen sensitive or confidential information is copied, transmitted, or viewed by an individual who is not authorized to handle the data. Data Classification - ANSEntails analyzing the data that the organization retains, determining its importance and value, and then assigning it to a category. Data Creator/Owner (DAC) - ANSThe user has permission to get permissions for other users. Data Custodian - ANSResponsible for the safe custody, transport, storage of the data and implementation of business rules. Data Encryption Standard (DES) - ANSA symmetric block cipher that uses a 56-bit key and encrypts data in 64-bit blocks. Data Exfiltration - ANSUnauthorized transfer of data from an organization to a location controlled by an attacker. Data Governance - ANSThe overall management of the availability, usability, integrity, and security of company data Data Loss Prevention (DLP) - ANSA system that can identify critical data, monitor how it is being accessed, and protect it from unauthorized users. Data Masking - ANSAll or part of a field's contents is redacted, by substituting all character strings with x, for example. Data Minimization - ANSLimiting data collection to only what is required to fulfill a specific purpose. Data Minization - ANSLimiting data collection to only what is required to fulfill a specific purpose. Data Normalization - ANSThe process of decomposing relations with anomalies to produce smaller, well- structured relations. Data Owner - ANSResponsible for labeling the asset and ensuring that it is protected with appropriate controls. Data Recovery Agent (DRA) - ANSA user account that an administrator has authorized to recover BitLocker drives for an entire organization with a digital certificate on a smart card. Data Retention -
ANSRefers to the policies that govern data and records management for meeting internal, legal and regulatory data archival requirements. Data Sharing and Use Agreement (DSUA) - ANSA document that states, that personal data can only be collected for a specific purpose. Data Sovereignty - ANSA term that refers to the legal implications of data stored in different countries. It is primarily a concern related to backups stored in alternate locations via the cloud. Data Steward - ANSResponsible for ensuring the quality and fitness for purpose of the organization's data assets, including the metadata for those data assets. Data-at-Rest - ANSData that is stored on electronic media. Data-in-Transit - ANSData that is in transit across a network. Data-in-Use - ANSA state of data in which actions upon it are being performed. dd - ANSA command-line utility for Unix and Unix-like operating systems, the primary purpose of which is to convert and copy files. Decompiler - ANSA program that reverts an executable back in to source code. Defence in Depth - ANSProtecting a company's data with a series of protective layers. Degausser - ANSA machine that removes the magnetic field of a magnetic media storage device, removing any data on it. Demilitarised Zone/Screened Subnet (DMZ) - ANSPhysical or logical subnetwork that contains and exposes an organization's external-facing services to an untrusted, usually larger, network such as the Internet. Denial of Service Attack (DOS) - ANSAn attempt to make computers or any of its resources unavailable by flooding a network with traffic. Desired State Configuration (DSC) - ANSA Powershell extension for automation. DevSecOps - ANSThe philosophy of integrating security practices within the DevOps process. DHCP Relay Agent - ANSA service that captures a BOOTP broadcast and forwards it through the router as a unicast transmission to a DHCP server on a remote subnet. DHCP Snooping - ANSA security feature on
switches whereby DHCP messages on the network are checked and filtered. Diamond Model of Intrusion - ANSA framework and process for identifying groups of related events on an organization's systems. By identifying events and linking them into activity threads, an analyst gains information regarding what occurred during an attack. Dictionary Attack - ANSA type of password attack that automates password guessing by comparing encrypted passwords against a predetermined list of possible password values. Diffie-Hellman (DH) - ANSCreates a secure tunnel for data transmission. Diffie-Hellman Ephemeral (DHE) - ANSA cryptographic method of establishing a shared key over an insecure medium in a secure fashion using a temporary key to enable perfect forward secrecy. Diffusion - ANSA technique where you change one character of the input, which will change multiple bits of the output. Digital Signature - ANSA means of electronically signing a document with data that cannot be forged. Digital Signature Algorithm (DSA) - ANSAn algorithm which generates a digital signature from 512 bits to 2046 bits. Directional Antenna - ANSA type of antenna that concentrates the signal beam in a single direction. Directory Traversal - ANSAn attack that takes advantage of a vulnerability so that a user can move from the root directory to restricted directories. Disable User Accounts - ANSWhen someones leaves a company, their account is disabled and password changed immediately. Disassociation Attack - ANSA wireless attack in which false de- authentication or disassociation frames are sent to an AP that appear to come from another client device, causing the client to disconnect. Disaster Recovery Plan (DRP) - ANSA plan set out incase a disaster occurs and recovery is required. Discretionary Access Control (DAC) - ANSA control system, that the user is only given access, that they need to perform their job. Disk Mirroring - ANSProcess by which data is written
simultaneously to two or more disk drives. Disk Striping - ANSProcess by which data is spread among multiple drives. Distinguished Encoding Rules Certificate (DER) - ANSA digital certificate that uses a Base64 format with the .der file extension. Distributed Denial of Service (DDoS) - ANSAn attack that uses many distributed computers to flood a network with enough traffic to cause it to malfunction. Distributed Denial of Service Attack (DDOS) - ANSAn attempt to make computers or resources unavailable by flooding a network with traffic from multiple systems. Distributive Allocation - ANSSpreading of resources, processing, storage among multiple servers. DNS Poisoning - ANSAn attack that substitutes DNS addresses so that the computer is automatically redirected to an attacker's device. DNS Round Robin - ANSA load-balancing technique in which you create an individual resource record for each terminal server in the server farm using the server's IP address and the name of the farm. Dnsenum - ANSA tool that maps DNS records. Document Matching - ANSMatching a whole document or a partial document against a signature in the DLP. Domain Hijacking - ANSAn attack that changes the registration of a domain name without permission from the owner. Domain Name System Black- holing (DNS Black-holing) - ANSProcess that uses a list of known domains/IP addresses belonging to malicious hosts and uses an internal DNS server to create a fake reply. Domain Reputation - ANSThe overall "health" of your branded domain as interpreted by mailbox providers. Domain-Validated Certificate (DV) - ANSA certificate that proves the ownership of a domain name. Downgrade Attack - ANSAn attack in which the system is forced to abandon the current higher security mode of operation and fall back to implementing an older and less secure mode. Driver Shimming - ANSWhen an application attempts to call an older driver, the operating
system intercepts the call and redirects it to run the shim code instead. Dual Control
application End of Service (EOS) - ANSThe vendor officially deems the product useless and requires upgrading. Ephemeral Key - ANSA temporary key that is used only once before it is discarded. Evil Twin Attack - ANSA wireless access point that pretends to be another in order to steal information. Exact Data Match (EDM) - ANSA pattern matching technique that uses a structured database of string values to detect matches. Execute (LBAC) - ANSRepresented as an 'x' in LBAC permissions. Extended Validation Certificate - ANSIncreased security over domain validation certificates due to an enhanced validation process, which requires human validation. Extensible Authentication Protocol (EAP) - ANSA framework for transporting authentication protocols that defines the format of the messages. Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) - ANSRequires the client and server to possess PKI certificates to secure authentication traffic. Extensible Authentication Protocol-Tunneled Transport Layer Security (EAP-TTLS) - ANSAn extension of EAP sometimes used with 802.1x. It allows systems to use some older authentication methods such as PAP within a TLS tunnel. It requires a certificate on the 802.1x server but not on the clients. Extensible Markup Language Injection (XML Injection) - ANSThe attacker uses xml to create malicious requests. Facial Recognition
confidentiality in schools. Faraday Cage - ANSA metal structure that blocks wireless or cellular signals. Fat Controller - ANSA standalone wireless access point. Federal Information Processing Standards (FIPS) - ANSThe official series of publications relating to standards and guidelines adopted. Federal Information Security Management Act (FISMA) - ANSA U.S. federal law that requires U.S. government agencies to protect citizens' private data and have proper security controls in place. Federation Server - ANSThe server that issues, manages, and validates requests involving identity claims. A federation server is needed in each participating forest. Fence/Gates - ANSUsed to block unauthorised physical access to a secure area. File Checksum Integrity Verifier (FCIV) - ANSA Microsoft system, that checks system files have not been modified. File Integrity Checker - ANSAn application that can verify that files have not been modified. Fileless Virus - ANSA virus that operates in main memory. Fingerprinting - ANSThe systematic survey of a targeted organization's Internet addresses collected during the footprinting phase to identify the network services offered by the hosts in that range. Fire Suppression System - ANSAn oxygen suppressant system that starves a fire to prevent damage to equipment. Firewall Rule - ANSA rule in the firewall specifying if a connection is allowed or denied. Firmware - ANSIs the software used by the hardware to operate. Firmware Over- The-Air (OTA) - ANSA firmware update that is transmitted over a wireless network. Flexible Authentication via Secure Tunneling (EAP-FAST) - ANSCisco authentication protocol used in wireless networks and point-to-point connections to perform session authentication Flood Guard - ANSA feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS or DDoS attack. FM-
protect the servers from fire. Fog Computing - ANSCloud computing that processes data from IoT devices. Footprinting - ANSThe process of systematically identifying the network and its security posture. Forensic Copy - ANSA copy of data made for forensics to keep the original intact. Forensic Process 19 - ANSA digital forensic process made up of: Collection, Examination, Analysis and Reporting. FTK Imager - ANSA data preview and imaging tool that lets you quickly assess electronic evidence to determine if further analysis is required. Full Control (DAC) - ANSThe user has full control. Full Disk Encryption (FDE) - ANSThe process of encrypting all the data on the hard disk drive used to boot a computer, including the computer's operating system, and permitting access to the data only after successful authentication with the full disk encryption product. Full Packet Capture - ANSRecords the complete payload of every packet crossing the network. Fully Qualified Domain Name (FQDN) - ANSThe complete domain name of an Internet computer. Functional Recovery Plan - ANSA plan that uses simulations and exercises to prepare for disaster recovery. Fuzzing - ANSa technique of penetration testing that can include providing unexpected values as input to an application to make it behave incorrectly. Galios/Counter Mode - ANSA block cipher mode that uses universal hashing over a binary Galios field to provide authentication encryption. General Data Protection Regulation (GDPR) - ANSA regulation in EU law on data protection and privacy in the European Union and the European Economic Area. Generic Account - ANSA default account that comes with the system. Geo Redundant Storage (GRS) - ANSReplicates your data synchronously three times within a single physical location in the primary region Geo Zone Redundant Storage (GZRS) - ANSReplicates your data between three seperate zones. Geofencing - ANSThe use of GPS or RFID technology to create a virtual
geographic boundary, enabling software to trigger a response when a mobile device enters or leaves a particular area. Glass-Steagall Act (GLBA) - ANSA United States federal law that requires financial institutions to explain how they share and protect their customers' private information. Global Positioning System (GPS) - ANSA system that determines the precise position of something on Earth through a series of satellites, tracking stations, and receivers. GNU Privacy Guard (GPG) - ANSAn open- source version of PGP, used for encrypting and decrypting e-mail messages, that does not use patented algorithms. GPS Tagging - ANSAdding geographical identification data to media such as digital photos taken on a mobile device. GrammLeach Bliley Act (GBLA) - ANSThe act that protects government information and operations. Gray Box Penetration Test - ANSA form of penetration testing where the tester has partial knowledge of the system. Gray Box Testing - ANSPenetration testing of a system, where the tester is provided minimal information about system. Grey Hat Hacker - ANSOne who tries to hack a computer system to find a defect, but charges a fee to fix it. Group (LBAC) - ANSThe second number listed in the LBAC permissions. Group-Based Access Control (GBAC) - ANSAn access control system, which uses account groups to determine access. Guest Account - ANSAccount used for users who need temporary access to the computer. Hacktivist - ANSSomeone who uses computers and computer networks to disrupt services or share secret information in an effort to draw attention to political or social issues. Hard Security Module (HSM) - ANSA physical computing device that safeguards and manages digital keys Hardware Write-Blocker - ANSA hardware device that blocks media storage from being written to. Harvester - ANSSoftware that harvests email addresses from an organisation. Hash - ANSA function that converts one value to
another. Hash Collision - ANSOccurs when the hashing algorithm creates the same hash from different text Hash-based Message Authentication Code (HMAC) - ANSA message authentication code that uses a cryptographic key in conjunction with a hash function. Health Agent - ANSA system installed on the connecting device to report health to an NAC. Health Authority (HAuth) - ANSA system that checks the health of incoming an incoming device, to ensure it is fully patched. Health Insurance Portability and Accountability Act (HIPAA) - ANSA federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. Heating, Ventilation , and Air Conditioning (HVAC) - ANSA system used to control environmental conditions within a building. Heuristic/Behavioural-Based Detection - ANSThe process of detecting attacks based on behavioural patterns. Hierarchical Trust Model
Internet service provider. Hping - ANSAn enhanced Ping utility for crafting TCP and UDP packets to be used in port-scanning activities Hybrid Attack - ANSA password attack that slightly alters dictionary words by adding numbers to the end of the password, spelling words backward, slightly misspelling words, or including special characters. Hybrid Cloud - ANSIncludes two or more private, public, or community clouds, but each cloud remains separate and is only linked by technology that enables data and application portability. Hypervisor - ANSSoftware that enables a single computer to run multiple operating systems simultaneously. Identification (Access Controls) - ANSAn identifying piece of information such as a number or list of characters. Identify and Access Management - ANSThe core principles made up of identify, authentication, authorisation and accounting. Identify Provider (IdP) - ANSAn entity that can validate that credentials are presented are valid. Identity Provider (IdP) - ANSA system entity that creates, maintains, and manages identity information for principals and also provides authentication services to relying applications within a federation or distributed network. Identity Theft - ANSA crime that involves someone pretending to be another person in order to steal money or obtain benefits. Ifconfig - ANSA TCP/IP configuration and management utility used with UNIX and Linux systems. Implicit Deny - ANSRejecting access unless a condition is explicitly met. Impossible Time Travel - ANSA security feature that checks if movement between authentication locations is possible. Incident Response Plan - ANSThe documentation of a predetermined set of instructions or procedures to detect, respond to, and limit consequences of a malicious cyber attacks against an organization's information system(s). Incident Response Process - ANSThe process that involves preparation, detection, analysis, containment, eradication, recovery
and post-incident activities/lesson's learned. Indicator of Compromise (IOC) - ANSA set of conditions or evidence that indicates a system may have been compromised. Indicators of Compromise (IOCs) - ANSAn artifact in computer systems that indicates a security breach. Industrial Camouflage - ANSCamouflage used by buildings to obscure the building from aerial photos. Industrial Control Systems (ICS) - ANSUsed to control industrial processes such as manufacturing, product handling, production, and distribution. Information Assurance (IA) - ANSThe practice of assuring information and managing risks related to the use, processing, storage, and transmission of information. Information Commissioner's Office (ICO) - ANSThe government department tasked with implementing the Data Protection Act. Infrastructure as a Service (IaaS) - ANSDelivers hardware networking capabilities, including the use of servers, networking, and storage, over the cloud using a pay-per- use revenue model. Infrastructure as Code (IaC) - ANSThe process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. Initialization Vector (IV) - ANSA 24-bit value that changes each time a packet is encrypted. Initialization Vector Attack (IV Attack) - ANSAn attack that modifies the IV of an encrypted wireless packet during transmission. Once an attacker learns the plaintext of one packet, the attacker can compute the RC4 key stream generated by the IV used. Input Validation - ANSVerifying a user's input to an application. Insecure Direct Object Reference - ANSTakes advantage of lack of checks to ensure a user requesting a resource actually has permissions to do so. Insider Threat - ANSA trusted adversary who operates within an organization's boundaries. Integer Overflow - ANSA condition that occurs when a very large integer exceeds its storage capacity. Integer
Overflow Attack - ANSAn attack where the an arithmetic operation is used to overflow the maximum number stored in memory. Intellectual Property Theft - ANSUsing copyrighted material without permission or authorization Intellectual Property Theft (IP Theft) - ANSStealing an organization's or individual's intellectual property. Interconnection Security Agreement (ISA) - ANSAn agreement between parties intended to minimize security risks for data transmitted across a network. Internal Protection - ANSSeparation of secure and non-secure areas. International Telecommunication Union (ITU) - ANSAn international organization dedicated to creating telecommunications standards. Internet Control Message Protocol (ICMP) - ANSA TCP/IP protocol that is used by devices to communicate updates or error information to other devices. Internet Key Exchange (IKE) - ANSUsed by IPSec to create a master key, which is in turn used to generate bulk encryption keys for encrypting data. Internet Small Computer System Interface (iSCSI) - ANSA protocol that enables the SCSI command set to be transported over a TCP/IP network from a client to an iSCSI-based storage system. Intrusion Detection System (IDS) - ANSSoftware or hardware that monitors patterns to detect intrusions. Intrusion Prevention System (IPS) - ANSSoftware or hardware that monitors patterns in the traffic flow to identify and automatically block attacks. Invoice Scams - ANSUsing fraudulent invoices to steal from a company. IP Spoofing - ANSWhen a TCP/IP packet is modified, pretending to be another system. Ipconfig - ANSThe utility used to display TCP/IP addressing and domain name information in the Windows client operating systems. Iris Scan - ANSA biometric authentication method that uses the colored part of the eye to authenticate. Jailbreaking - ANSProcess of making unauthorized modifications to operating systems and bypassing the DRM restrictions
on Apple iPhones and iPads in order to run unapproved software. Jamming Attack - ANSUse a jammer that will transmit signals that can overwhelm and deny the user of the AP by legit clients JavaScript Object Notation Web Token (JWT) - ANSA internet standard for authentication that a server signs with a private key. John The Ripper - ANSA password cracking software tool named after a famous serial killer. Journalctl - ANSA command for Unix-like operating systems that view logs collected by systemd. Juice Jacking - ANSStealing data from a machine when it's charging. Jump Server - ANSA system on a network used to access and manage devices in a separate security zone. Jumpbox - ANSA hardened server that provides access to other hosts. Just Enough Administration (JEA) - ANSWhen you give just enough privileges to carry out a task. Kerberos - ANSAn authentication system developed by the Massachusetts Institute of Technology (MIT) and used to verify the identity of networked users. Key Escrow - ANSA store for holding private keys for their parties that are stored a Hardware Security Module. Key Fob - ANSA device, such as a type of smart card, that can fit conveniently on a key chain. Key Management - ANSDepartmental keys are signed in and out, to prevent someone from taking keys away and making copies. Key Stretching - ANSA hashing algorithm which appends random characters to a password, making it stronger. Keylogger - ANSA small hardware device or a program that monitors keystrokes a user types on the computer's keyboard. Knowledge- Based Authentication (KBA) - ANSThis is used for fraud prevention. Consumers probably know this as the "secret question" users must answer before being granted access. Layer 2 Tunneling Protocol/Internet Protcol Security (L2TP/IPSec) - ANSA tunnelling protocol that is combined with Internet Protocol Security to secure it. LDAP Injection Attack - ANSAn attack that constructs LDAP statements based on user