Isaiah Voiland-
Air Gap
Isolate critical systems from the rest of the network
-
RADIUS
Provides AAA services for network access control
-
TACACS+
Provides AAA services for network access control and is better than RADIUS
-
PPSK
Wifi security protocol that has pre-shared keys
-
SAE
Wifi security protocol that provides forward secrecy, better than PPSK
-
802.11
VLAN
-
Predictive site survey
Using software to model a network
-
Heat map
visual representation of wireless coverage
-
Warstorming
Using a drone and a wifi equipped device to detect wifi networks
-
RFID
Data collection using low power radio waves, uses tags and readers
-
NFC
Wireless technology that requires close proximity. Ex Apple Pay and Contact sharing
-
UEM
Unified endpoint management. MDM for IOT devices
-
Jailbreaking
Removing software restrictions imposed by manufacturer by messing with the OS
-
Rooting
Gaining admin access on an android
-
Side Loading
Installing apps from not the apple store
-
DEV
Code Development
-
Tokenization
Changing credit card info into tokens
-
Data Masking
XXXX789
-
Fuzzing
Inputting invalid, unexpected, or semi random data
-
SCADA and ICS
Control systems to isolate from the rest of the network
-
Network enumeration
discover and document network characteristics
-
Legal Hold
Preserve all forms of relevant info
-
TRIM
Data wiping tool that removes data from memory
-
SIEM
Logging tool. Real time data capture
-
TIP
Logging tool. Multiple intelligence feeds
-
UEBA
Logging tool. Looking for human behavior
-
SOAR
Logging automation that allows incident analysis in a digital workflow
-
SNMP Agents
Software modules installed on devices to collect info
-
SNMP Managers
send SNMP GET queries to agents
-
Netflow
Cisco protocol to collect and analyze network data
-
SCAP
a collection of vulnerability classifications from NIST
-
OVAL
Language for expressing vulnerability assessments
-
FIM
File integrity monitor: detects reports on changes made to a system
-
S/MIME
Signing Emails
-
SPF
Email authentication method that lets domains specify allowed email servers
-
DKIM
Email authentication method that checks to see if an email was tampered during transmission
-
DMARC
Handles emails that fail authentication checks and reports them
-
SAML
XML based standard for exchanging authentication data between an identity and service provide
-
OAuth2.0
protocol designed to provide secure access to resources without sharing credentials
-
Gait
Walking characteristics
-
Retina scan
Focuses on capillaries
-
PAM
Privileged Access Management: manage and secure privileged accounts
-
Bash
directs execution of scripts from linux
-
Orchrestation
Tools for an automated response
-
SOAR
Automation tool to increase productivity of response teams
-
RCA
Root Cause Analysis
-
eDiscovery
any process of digital data used as evidence for a legal case
-
Cluster
Fixed length blocks of disk space
-
STIX
Information Sharing Language
-
TAXII
Automated Information Sharing
-
Port mirror
Tool that captures and analyzes network packets
-
Promiscuous
Accept all even those not intended
