Title Description
TACACS+ Terminal Access Controller Access Control System. CISCO AAA solution that provides authentication, authorization, and accounting.
Tail Command Fetches the last entries in a log file for example Tail 5 provides that last 5 entries.
Tape Used to backing up data, storing it on magnetic media.
TAXII Trusted Automated eXchange of Indicator Information. Automated incident and analysis. Works with STIX to provide CTI information.
TCPDUMP A Linux-based protocol analyzer.
Technical Control Implemented by hardware, software, or firmware to secure an environment.
Tethering Using a cell phone as a hotspot allowing a laptop or desktop to access the internet. Can use Wi-Fi, USB, or Bluetooth connection.
theHarvester Tool used to collect email addresses. For example, it can search google to the top 500 email addresses of a particular company.
TGT Ticket Granting Ticket. The process of authenticating using Kerberos. Once you have been authenticated, you receive a Kerberos ticket.
Thin WAP It pushes up all configuration changes to multiple Wireless Access Point.
Third Party Risk Supply chain vulnerabilities that arise when sub-contracting to a third party.
Threat Actor An entity that will try and cause damage to your company.
Threat Hunting The process of searching your environment after attending a security event or reading a threat feed to see it you have been attacked.
Threat Map Animation that shows threat information in real time.
Time of Day Restriction Restricting the time that a user can access your system.
Time Normalization Using a time zone such as GMT to put events in the time sequence of when they happened, after receiving multiple time offsets from different countries.
Time Offset Recording the regional time when evidence had been collected.
TKIP Temporal Key Integrity Protocol. Used with WPA to manage legacy wireless devices.
TLS Transport Layer Security. Secures data in transit by using certificates to provide authentication and encryption. Requires a X509 on the endpoint.
Token A physical or virtual item that contains authentication information.
Tokenization Swapping credit card information with a payment entity such as Barclays or VISA. They will give you a token number in return.
TOTP Time-based One Time Password. A one-time password that must be used within 30-60 seconds according to the CompTIA exam. In the real word you may have 10 or 15 mins.
Trojan Malware disguised as software. Used to steal passwords.
TPM Trusted Platform Module. A hardware device used to store digital certificates
Turnstile A physical device that rotates and is normally used to control entrances to sporting event.
Typo-squatting They have domain similar to the real domain and hope you end up at their website, such as foogle.com.
UAT User Acceptance Testing. Tests the functionality of the software to ensure it is fit for purpose.
UEFI Unified Extensible Firmware Interface. A modern version of the MBR that can ensure that a secure boot has occurred.
UEM Unified Endpoint Management. Manages user devices such as computers, laptops, tablets, or phones. Ensuring that they are patched and secure.
UPS Uninterruptible Power Supply. Provides power to servers. Should the power fail, it will keep the servers from crashing and ensure that they server team can shut the servers down gracefully.
URL Universal Resource Locator. Protocol and web address of a server.
USB Universal Serial Bus. Removable storage device.
USB OTG USB On-The-Go. Allows USB devices to act as a host.
UTM Unified Threat Management. Firewall that can do URL filtering, content filtering, and malware inspection.
VBA Visual Basic for Applications. Provides programming and scripting for Microsoft Office.
Vault Location in which passwords are stored securely.
VDE Virtual Desktop Environment Virtual desktop setting are they saved or destroyed on exit.
VDI Virtual Desktop Infrastructure. Having a virtual desktop rather than a computer.
Vendor A manufacturer or a product.
VLAN Virtual Local Area Network. Creates a separate network on a switch that can be used for departmental separation.
VM Escape An attacker launches an attack from a guest virtual machine and targets the hypervisor, host, or another virtual machine.
VM Sprawl An unmanaged virtual machine that will eventually become vulnerable as it will not be patched.
VoIP Voice over IP. Can deliver telephone conversations over IP technology.
VPC Virtual Private Cloud. A private network on a public cloud.
VPN Virtual Private Network. Creates a secure connection between two points—for example, from home or a hotel room to work.
VTC Video Teleconferencing. Allows video conferencing.
Vulnerability A weakness that could be exploited, such as an unpatched computer.
Vulnerability Scan A scan showing missing patches.
WAF Web Application Firewall. A firewall that protects a web server, its data, and applications.
WAP Wireless Access Point. A connection point for wireless communications.
War Driving Driving around to discover unsecure wireless access points, and then recording them.
Warm Site A disaster recovery site that is manned, the data from which may be couriered. Not as up to date as a hot site.
Watering Hole Attack Where an attacker uses a well-known website that they infect with malware.
WEP Wired Equivalent Privacy. The first version of wireless encryption and the weakest. Now known as legacy.
Whaling Attacking a CEO or high-level executive via email.
White Team The team that organizes and adjudicates team exercises.
WIDS Wireless Intrusion Detection System. Detects changes to the wireless network. The wireless version of an intrusion prevention system.
Win Hex Can be used for disk recovery and data recovery following a blue screen of death.
WIPS Wireless Intrusion Prevention System. Prevent attacks on a wireless network.
WORM A virus that self-replicates.
WORM Write-once-read-many. A drive that stores data but prevents tampering and editing afterwards. Great for storing security logs.
WPA Wi-Fi Protected Access. A more advanced version of wireless encryption that WEP but works with legacy devices.
WPS Accesses a wireless network by pushing a button.
XML Extensible Mark-up Language. Defines a set of rules for encoding document in a format that is human and machine readable. SAML is XML based.
XOR Exclusive or. Boolean logic widely used in Cryptography. You take an input and an IV and, where two bits are identical, a 0 is output. All other combinations a 1 is the output.
XSRF Also known as CSRF.
XSS Copies the input from CSRF.
Zero Day Virus A virus that cannot be deleted.
Zero Trust All devices connected to the network need to prove who they are. Nothing is trusted.