2019-11-27T10:21:07+03:00[Europe/Moscow] en true AAA, AAR, ABAC, ACL, AD, AES, AH, ALE, AP, API, APT, ARO, ARP, AUP, AV, BCP, BIA, BIOS, BPA, BYOD, CA, CAB, CAC, CAPTCHA, CASB, CBC, CC, CCMP, CCTV, CER, CERT, CFB, CHAP, CIRT, CIS, CMS, COOP, COPE, CRC, CRL, CSIRT, CSP, CSP, CSR, CSRF / XSRF, CTM, CTR, CYOD, DAC, DC, DDoS, DEP, DER, DES, DHCP, DHE, DLL, DLP, DMZ, DNAT, DNS, DoS, DRP, DSA, EAP, EAP-FAST, EAPoL, EAP-TLS, EAP-TTLS, ECB, ECC, ECDHE, ECDSA, EFS, EMI, EMP, ESN, EOL, ESI, ESP, EF, FACL, FAR, FDE, FIM, FRR, FTP, FTPS, GCM, GPG, GPO, GPS, GPU, GRE, HA, HDD, HIDS, HIPAA, HIPS, HMAC flashcards
SYO-501 Acronym flashcards

SYO-501 Acronym flashcards

Customize
collection saved
Share
Long Term Learning Spaced Repetition
Add to Long Term Learning Desk
Fast learning Repeat this set of flashcards
Preview Test Spell
Play
Match
Review
  • AAA
    Authentication, Authorization, Accounting1. Authentication has 2 components: Identification (Username or email address) and the authentication factor (Something you know, Something you have, Something you are, Somewhere you are or are not, Something you do) 2. Authorization: the rights and privileges assigned to a user to be able to perform their job. 3. Accounting or Auditing: Accounting is the process of recording system activities and resource access. Auditing is part of accounting where an administrator examines logs of what was recorded.
  • AAR
    After-Action Report
  • ABAC
    Attribute-based Access Control: Access control based on different attributes: group membership, OS being used, IP address, the presence of up-to-date patches and anti-malware, geographic location. Typically used in an SDN (Software Defined Network).
  • ACL
    Access Control List: A list of objects and what subjects can access them. Example; A user access a directory but only has read access to the documents inside.Routers and firewalls both employ ACLs, either allowing or denying access to different parts of the network.
  • AD
    Active Directory
  • AES
    Advanced Encryption Standard: A symmetric block cipher. Three different key sizes; 128, 192, & 256 bit.
  • AH
    Authentication Header: An IPSec protocol that provides authentication as well as integrity & protection from replay attacks. Uses protocol # 51.
  • ALE
    Annual Loss Expectancy: The amount of money an organization would lose over the course of a year. The formula is the SLE (Single Loss Expectancy) times the ARO (Annual Rate of Occurrence). SLE x ARO = ALE.
  • AP
    Access Point: Sometimes referred to as a WAP (Wireless Access Point). An AP is a bridge between wireless and wired networks.
  • API
    Application Programming Interface:
  • APT
    Advanced Persistent Threat: An attack that uses multiple attack vectors, attempt to remain hidden as to maintain a connection to compromised systems. You can normally tie this to nation-states.
  • ARO
    Annual Rate of Occurrence: The number times a year that a particular loss occurs.
  • ARP
    Address Resolution Protocol: Matches the MAC address to a known IP address. Easily spoofed, used in MITM (Man-in-the-Middle) attack.
  • AUP
    Acceptable Use Policy
  • AV
    Asset Value: Asset Value is half of the formula for a one-time loss or SLE (Single Loss Expectancy). AV x EF (Exposure Factor) = SLE /Antivirus
  • BCP
    Business Continuity Planning: Need to identify critical business systems, which systems need to be protected the most, and have resources available to help recover them
  • BIA
    Business Impact Analysis: Identify resources that are critical to an organization's ability to sustain operations against threats to those resources. It also assesses the possibility that each threat will occur and the impact those occurrences will have on the organization.
  • BIOS
    Basic Input/Output System: The firmware that sends instructions to the hardware so the system can boot.
  • BPA
    Business Partners Agreement: The agreement between two entities, what is expected with respect to finances, services, and security.
  • BYOD
    Bring Your Own Device: The model where the organization allows a user to use their personal device for business needs also covers allowing the end user to use the company's Internet with their personal electronic devices.
  • CA
    Certificate Authority: Sometimes referred to as PKI (Public Key Infrastructure). Issues and signs certificates, and maintains the public / private key pair.
  • CAB
    Change Advisory Board
  • CAC
    Common Access Card: Considered a smart card or digital certificate. Typically issued to military personnel and contractors that need access to DoD (Department of Defense) systems and facilities.
  • CAPTCHA
    Completely Automated Public TuringTest to Tell Computers and HumansApart
  • CASB
    Cloud Access Security Broker
  • CBC
    Cipher Block Chaining: A mode of operation for DES, which uses an IV (Initialization Vector) for the first plaintext block and then combines with the next plaintext block using XOR (Exclusive OR). There is a delay using this process. With this method, no plain-text block produces the same ciphertext.
  • CC
    Common Criteria
  • CCMP
    Cipher Block Chaining MessageAuthentication Code Protocol
  • CCTV
    Closed-circuit Television
  • CER
    Cross-over Error Rate: A metric for biometric technologies are rated. The CER is the point where the FRR (False Rejection Rate) and FAR (False Acceptance Rate) meet. The lowest possible CER is most desirable. /Certificate: Format that encodes the certificate in binary format may also include PEM (Privacy-enhanced Electronic Mail) on a Windows system.
  • CERT
    Computer Emergency Response Team
  • CFB
    Cipher Feedback: This DES mode of operation is the streaming cipher version of CBC. It uses an IV and chaining. The IV is first encrypted and then the result is XORed with the previous plain-text block.
  • CHAP
    Challenge Handshake Authentication Protocol: An encrypted authentication protocol normally used for remote access.
  • CIRT
    Computer Incident Response Team
  • CIS
    Center for Internet Security
  • CMS
    Content Management System: SaaS (Software as a Services)
  • COOP
    Continuity of Operations Plan: Designing operations and systems to be as little affected by an incident and to have resources to recover from them.
  • COPE
    Corporate Owned, Personally Enabled: Company owns and supplies the device. The employee may use the device for web browsing, personal email, and personal social media sites.
  • CRC
    Cyclical Redundancy Check: Error-detecting code used to detect errors in the packet during transmission.
  • CRL
    Certificate Revocation List: A list of certificates that were revoked before they were configured to expire
  • CSIRT
    Computer Security Incident Response Team:
  • CSP
    Cloud Service Provider:
  • CSP
    Cryptographic Service Provider
  • CSR
    Certificate Signing Request: When a subject wants a certificate, it completes a CSR and submits it to a CA (Certificate Authority)
  • CSRF / XSRF
    Cross-site Request Forgery: Attacker passes an HTTP request to the victim's browser in an attempt to gain the user's password and username. The output of the attack could include keywords such as "Buy" or "Purchase"
  • CTM
    Counter-Mode: An encryption mode that uses a constantly changing IV, also functions similar to a stream cipher.
  • CTR
    Counter: Same as CTM
  • CYOD
    Choose Your Own Device: A mobile deployment model where the company gives the employees a list of approved mobile devices they can use on the corporate network. This helps keep the devices with more current models.
  • DAC
    Discretionary Access Control: Access control is set by the data owner, or possibly the administrator. The permissions can be applied to a group or an individual.
  • DC
    Domain Controller
  • DDoS
    Distributed Denial of Service: Many devices attacking a single device. The devices can be PCs' laptops, DVRs, Webcams, etc. This type of attack is carried out via a botnet, and the devices are known as drones or zombies.
  • DEP
    Data Execution Prevention: A feature that prevents malicious code from executing in memory. This feature is programmed into Windows, AMD CPU's, & Intel CPU's. If you were looking at a log output, you might see one of the columns as "DEP". In the column, if it says "Yes", good chance the malware did not execute from that area. If it says no, that might be where the attack originated.
  • DER
    Distinguished Encoding Rules: Is used to create a binary representation of the information on the certificate. DER-encoded binary file can be represented as ASCII characters using Base64 Privacy-enhanced Electronic Mail (PEM) encoding. File extensions .cer and .crt contain either binary DER or ASCII PEM data.
  • DES
    Digital Encryption Standard: A symmetric block cipher that encrypts in blocks of 64 bits and uses a 56-bit key. This method is deprecated and the easiest upgrade is 3DES (Triple DES)
  • DHCP
    Dynamic Host Configuration Protocol: A protocol that provides an automated process of assigning IP addresses. Can also issue optional parameters such as DNS address, DNS suffix, Default Gateway, and subnet mask. Uses Ports 67 & 68 UDP
  • DHE
    Diffie-Hellman Ephemeral: A protocol for the secure exchange of encryption keys. The Ephemeral provides PFS (Perfect Forward Secrecy)
  • DLL
    Dynamic Link Library: Is a binary package used to implement functionality, such as cryptography or establishing a network connection
  • DLP
    Data Loss Prevention: A hardware or software solution that prevents a certain type of information from being ex-filtrated from a device or network. Data like PII (Personally Identifiable Information), credit card numbers, Social Security numbers, data that is sensitive using keywords. USB blocking is a form of DLP. Preventing this type of information from being printed is another protection.
  • DMZ
    Demilitarized Zone: This is where you place your public facing web servers. DMZ's are configured as one of the connections or legs on a firewall.
  • DNAT
    Destination Network Address Translation: Also called "Port Forwarding", the router accepts requests from the Internet for an application, and then sends the request to a designated host and port within the DMZ.
  • DNS
    Domain Name Service (Server): A service that maps / resolves hosts names to an IP address. Use Port 53 UDP for DNS queries, uses Port 53 TCP for Zone Transfers
  • DoS
    Denial of Service: Is an attack that is one to one. Anything that can keep a device or user from accessing a service or information is a denial of service. One user flooding other users accounts with email attachments until the email box is full, cutting the network cable or power are just a few examples.
  • DRP
    Disaster Recovery Plan: A step by step procedure to restore the organization to full functionality. This can be a failed web server, firewall, or some other critical component. The cause can be weather related, man-made either intentional or accidental. Some items needed:1. Inventory list of hardware and software2. Contact info for DRP team members3. Contact info for employees, suppliers, vendors, customers4. Alternate site5. Backups
  • DSA
    Digital Signature Algorithm: Public key encryption used for digital signatures. This is an asymmetric encryption method
  • EAP
    Extensible Authentication Protocol: EAP allows different authentication methods, most of using a digital certificate on the server and/or the client
  • EAP-FAST
    Extensible Authentication Protocol-Flexible Authentication via Secure Tunneling: Replaces LEAP, a certificate is optional on the server
  • EAPoL
    Extensible Authentication Protocol (EAP) over LAN
  • EAP-TLS
    Extensible Authentication Protocol-Transport Layer Security: Requires a certificate on the server and the clients
  • EAP-TTLS
    Extensible Authentication Protocol - Tunneled Transport Layer Security: Requires a certificate on the server only
  • ECB
    Electronic Code Book: Not recommended for use, uses the same key for every packet, break one key, you have the entire message
  • ECC
    Elliptic Curve Cryptography: Asymmetric encryption, used with wireless and mobile devices due to both have less processing power
  • ECDHE
    Elliptic Curve Diffie-Hellman Ephemeral: A secure method of exchanging shared keys using PFS (Perfect Forward Secrecy)
  • ECDSA
    Elliptic Curve Digital Signature Algorithm: Uses ElGamal with an elliptical curve to implement a digital signature.
  • EFS
    Encrypted File System:  A NTFS public key encryption. On a Windows system, you have the ability to encrypt a single file or the folder based on the user's credentials.
  • EMI
    Electromagnetic Interference: An adjacent electrical circuit creates a magnetic field that interferes with the signal, from sources like a high voltage motor, fluorescent lights, and power cables.
  • EMP
    Electro Magnetic Pulse: Very powerful but short duration wave with the potential to destroy any type of electronic equipment.
  • ESN
    Electronic Serial Number: is a unique identification number embedded by manufacturers on a microchip in wireless phones.
  • EOL
    End-of-Life: When systems or applications are no longer supported by the manufacturer or developer.
  • ESI
    Electronically Stored Information
  • ESP
    Encapsulated Security Payload: An IPSec protocol that does the same as AH (Authentication Header), but also encrypts/encapsulates the entire payload/packet. Uses protocol # 50.
  • EF
    Exposure Factor: The percentage of the asset’s value that would be lost. The EF x AV (Asset Value) = the SLE (Single Loss Expectancy).
  • FACL
    File System Access Control List: The file access control lists (FACLs) or simply ACLs are the list of additional user/groups and their permission to the file, on a Unix or Linux system.
  • FAR
    False Acceptance Rate: A Type II error. The ratio of when a biometric system authenticates an unauthorized user as an authorized user.
  • FDE
    Full Disk Encryption: Means that the entire contents of the drive (or volume), including system files and folders, are encrypted. Two methods are BitLocker and PGP Whole Disk Encryption. This is a software-based or an operating system encryption method. These methods are more CPU intensive processes.
  • FIM
    File Integrity Monitoring
  • FRR
    False Rejection Rate: Type I error. The ratio in which a biometric system rejects an authorized user.
  • FTP
    File Transfer Protocol:Uploads and downloads large files to and from an FTP server. FTP transmits data in plaintext. FTP active mode uses TCP port 21 for control and TCP port 20 for data transfer. FTP passive mode (PASV) also uses TCP port 21 for control signals, but it uses a random TCP port for data.If the user can connect to the FTP but not upload or download, disable PASV (passive mode)
  • FTPS
    File Transfer Protocol over SSL: Ports 989 & 990 TCP, transfer in plain text or encrypted via "Explicit" mode, forced to use encryption is "Implicit" mode
  • GCM
    Galois Counter Mode: Provides confidentiality and authenticity of the data. This mode is used for authenticated encryption. GCM mode uses an IV (Initialization Vector) and that the IV is a nonce (number used once).
  • GPG
    Gnu Privacy Guard: GPG is a free implementation of PGP (Pretty Good Privacy). GPG allows the user to encrypt and digitally sign your emails or data.
  • GPO
    Group Policy Object: Group Policy Object is a component of Group Policy (in Microsoft Active Directory) that can be used in Microsoft operating systems to control user accounts and user activity.
  • GPS
    Global Positioning System: GPS is a way of determining a device's position (its latitude and longitude) based on information received from GPS satellites. The device must have line-of-sight to the GPS satellites. GPS provides another means of locating the device.
  • GPU
    Graphic Processing Unit
  • GRE
    Generic Routing Encapsulation: GRE is a tunneling protocol that encapsulates over an IP network. GRE uses protocol number 47. Used with PPTP and IPSec.
  • HA
    High Availability: The key premise is that systems are resilient and redundant. HA is the percentage of uptime a system is able to maintain over the period a year. For example, 99% would equal being down 3.65 per year of 14 minutes per day. The five 9's, 99.999%, would equal being down 5.25 minutes per year or .86 seconds per day.
  • HDD
    Hard Disk Drive
  • HIDS
    Host-based Intrusion Detection System
  • HIPAA
    Health Insurance Portability and Accountability Act
  • HIPS
    Host-based Intrusion Prevention System
  • HMAC
    Hashed Message Authentication Code: Hashing method, provides integrity and authenticity of the message. Most often used with IPSec.