Jamming
|
Blocks signals by interference.
|
Job Rotation
|
Moving employees from positions to upskill and detect fraud or theft.
|
Jump Server
|
A secure server an administrator can use to access a network.
|
KDC
|
Key Distribution Center. A server that allocates Kerberos tickets.
|
Kerberos
|
Active Directory authentication protocol that allocated tickets.
|
Keylogger
|
Device that monitors key strokes.
|
Kill Chain
|
Lockhead Martin method that describes the stages of a threat.
|
L2TP
|
Layer 2 Tunneling Protocol. VPN protocol used in conjunction with IPSec.
|
LAN
|
Local Area Network. A secure internal network.
|
LDAP
|
Lightweight Directory Access Protocol. Protocol used to search and manage Active Directory.
|
LDAPS
|
Secure version of LDAP.
|
Least Privilege
|
Allocates the minimal permission to perform a job function.
|
Load Balancer
|
Distributes client request to the least utilized server.
|
Logger
|
Adds comments to a log file.
|
Logic Bomb
|
An attack using a trigger such as time, script, batch file, or scheduled task.
|
Loop Protection
|
Looping is broadcast traffic on a switch. Prevented by the Spanning Tree Protocol.
|
MaaS
|
Monitoring as a Service. Cloud-based network monitoring service.
|
MAC
|
Mandatory Access Control. Control access to classified data.
|
MAC Address.
|
Media Access Control Address. A unique hexadecimal address allocated to a host.
|
MAC Flooding
|
Where a port on a switch has been flooded with more than one MAC Address.
|
MAC Spoofing
|
Cloning a MAC Address.
|
MAM
|
Mobile Application Management. Controls applications deployed to endpoint devices.
|
MAN
|
Metropolitan Area Network. A network for the police, ambulance, or fire service within a city.
|
Managerial Control
|
Policies written to manage the risk within a company.
|
Mandatory Vacations
|
Enforcing vacations for workers. Good for detecting fraud or theft.
|
Maneuver
|
Threat actor or a defender may deceive to give them a positional advantage.
|
Mantrap
|
Physical device that controls access to building or datacenters.
|
MD5
|
Message Digest 5. 128-bit cryptographic hashing function to determine data integrity.
|
MDM
|
Mobile Device Management. An enterprise solution to manage mobile devices including remote wipe.
|
Measured Boot
|
UEFI feature that ensures that they boot process has not been tampered with.
|
Memory Leak
|
Poorly written application that consumes an excessive amount of memory.
|
Metadata
|
Detailed information about a document or picture.
|
MFA
|
Multifactor Authentication. Uses at least two different types of factors of authentication.
|
MFD
|
Multifunction Device. A device that can scan, copy, and print.
|
MFP
|
Multifunction Printer.
|
Man-in-the Middle
|
An attacker intercepts a conversation between two users.
|
ML
|
Machine Learning. Part of Artificial Intelligence where a computer automated the analysis of data and can predict outcomes without further programming.
|
MMS
|
Multimedia Messaging Service. Allows images, audio, or videos to be transferred between cell phones.
|
MOA
|
Memorandum of Agreement. An agreement to carry out work that is legally binding.
|
MOU
|
Memorandum of Understanding. An agreement to carry out work that is not legally binding.
|
MPLS
|
Multiprotocol Label Switching. Creating by CISCO. A fast method of prioritizing traffic.
|
MS-CHAP
|
Microsoft Challenge Handshake Authentication Protocol. A Microsoft legacy authentication protocol.
|
MSP
|
Managed Service Provider.
|
MSSP
|
Managed Security Service Provider. A managed security configuration and monitoring service.
|
MTBF
|
Mean Time Between Failures. Measures the reliability of a system by logging failures.
|
MTTR
|
Mean Time to Repair. Average time to repair a system or device.
|
Multipath
|
Multiple paths to access a Storage Area Network.
|
NAC
|
Network Access Control. Ensure that computer or device used is fully patched.
|
NAS
|
Network-attached Storage. A high-capacity centralized storage device.
|
NAT
|
Network Address Translation. Used to hide the internal network.
|
NDA
|
Non-disclosure Agreement. A confidential agreement not to share internal information or knowledge with third parties.
|
Nessus
|
One of the best commercial vulnerability scanners.
|
Netflow
|
Developed by CISCO to analyze the network traffic.
|
NFC
|
Near-field Communication. Used for short range contactless payment.
|
NGFW
|
Next-generation Firewall. Operates at Layer 7 to analyze application traffic and intrusion detection to cloud inspection.
|
NIC
|
Network Interface Card. Allows connection to a network by inserting an ethernet cable.
|
NIDS
|
Network-based Intrusion Detection System. Monitors change in network traffic patterns.
|
NIPS
|
Network-based Intrusion Prevention System. Prevents network-based attacks.
|
NIST
|
National Institute of Standards & Technology. Develops internet security standards and guidelines.
|
Nonce
|
Arbitrary number used for cryptographic communications.
|
Non-Repudiation
|
Ensuring that someone cannot deny sending data or a message.
|
Normalization
|
Helps to improve the speed of a database.
|
NTLM
|
New Technology LAN Manager. A legacy authentication protocol that stores passwords as MD4 hashes and is prone to pass-the-hash attacks.
|
NTP
|
Network Time Protocol. Synchronizes time on all devices with a network, used by SIEM and a Kerberos Server.
|