OAUTH
|
Open Authentication. Internet-based authentication that uses tokens.
|
Obfuscation
|
Obscures source code.
|
OCSP
|
Online Certificate Status Protocol. Fast certificate validation.
|
Offboarding
|
Handing over equipment, exit interview, and disabling accounts when leaving.
|
Offline CA
|
CA not powered up when not in use.
|
OID
|
Object Identifier. Certificate serial number.
|
Onboarding
|
Process of putting equipment onto the network.
|
Opal Drive
|
Self-encrypting drive where the keys are stored on the drive.
|
Orchestration
|
Automation of a process.
|
OSINT
|
Open-source intelligence. Consolidation of information available to the public.
|
OTA
|
Over-The-Air. Updates deliverable by a cellular connection.
|
OWASP
|
Open Web Application Security Project. Publishes information on secure web applications.
|
P7B
|
The format (PKCS) of a public key.
|
P12
|
The format (PKCS) of a private key.
|
PaaS
|
Platform as a Service. Provides a platform to create applications.
|
PAM
|
Privileged Access Management. Places admin account in a separate bastion domain.
|
PAP
|
Password Authentication Protocol. Clear text password
|
PBKDF2
|
Password-based Key Derivation Function 2. Used for key stretching
|
PCAP
|
Packet Capture. The output from a packet sniffer, protocol analyzer. Could be known as TCPDUMP or Wireshark.
|
PCI DSS
|
Payment Card Industry Data Security Standard. Regulation for the credit card industry.
|
PDU
|
Power Distribution Unit. A power4 strip that regulates the voltage.
|
PEAP
|
Protected Extensible Authentication Protocol. Uses a service-side certificate to create a tunnel for user authentication. Encrypts EAP packets.
|
PEM
|
Privacy Enhanced Mail. A Base 64 certificate.
|
PFS
|
Perfect Forward Secrecy. Creates a unique session for every communication. Hard to crack.
|
PGP
|
Pretty Good Privacy. Used for encryption between two people.
|
Pharming
|
Redirects from a legitimate to fraudulent website.
|
Phishing
|
An indoctrinate email attack pretending to be you bank so that they can obtain your financial information.
|
PHI
|
Personal Health Information. Personal medical data.
|
PII
|
Personally Identifiable Information. Information used to identify an individual.
|
PIN
|
Personal Identification Number. Unique code to access a phone or smart card.
|
Pinning
|
Prevents CA compromise and certificate fraud.
|
PIV
|
Personal Identity Verification. Smart card for Federal employee.
|
PCKS
|
Public Key Cryptography Standards. Defines the format and use of a certificate.
|
PKI
|
Public Key Infrastructure. An asymmetric infrastructure that manages certificates.
|
Playbook
|
A list of action to detect and respond to a particular type of incident.
|
POP3
|
Post Office Protocol 3. Legacy email client.
|
Port Mirroring
|
Copying traffic going to as switch port to another device.
|
Port Security
|
Switches off the port on a switch to prevent communication.
|
PowerShell
|
Command shell and scripting language based on the .net framework.
|
Private Cloud
|
Single tenant cloud model.
|
Private Key
|
Used for digital signatures and decrypt data in a asymmetric environment.
|
Privileged Account
|
An account with a higher level of privileges compared to a user account.
|
Provenance
|
Used to provide assurance that evidence has not been tampered with.
|
Proxy Server
|
Filters outgoing traffic by using either a URL or Content filter. Caches web pages locally.
|
PSK
|
Preshared Key. A password used at access a wireless network.
|
Public Cloud
|
Multi-tenant cloud model.
|
Public Key
|
A key used to encrypt data.
|
Purple Team
|
Has the ability to carry out both red and blue team activities.
|
PUP
|
Potentially Unwanted Program. A program that may be malicious but cannot be confirmed.
|
Python
|
Programming language used for automation.
|
QA
|
Quality Assurance. Tests applications with real data during the staging environment.
|
Qualitative Analysis
|
Measure risks as high, medium, or low.
|
Quantitative Analysis
|
Risk analysis that measures possibility versus probability.
|
Quantum Computing
|
Fast cryptography using qubits that can be switched both off and on.
|
QOS
|
Quality of Service. Reserves a certain amount of bandwidth.
|
RA
|
Registration Authority. Accepts certificate requests and notified the CA to sign them.
|
Race Condition
|
Software vulnerability where two thrust access an application at the same time.
|
RADIUS
|
Remote Authentication Dial-in User Service. An authentication, authorization, and accounting server used by Microsoft.
|
RAID
|
Redundant Array of Inexpensive Disks. Built-in disk redundancy and fault tolerance. Data will still be available if a number of disks fail, depending on the RAID level.
|
RAID 5
|
Can still operate if one disk fails.
|
RAID 6
|
Can still operate if two disk fails.
|
RAS
|
Remote Access Server. Used for a legacy dial up networking, using a telephone line.
|
RAT
|
Remote Access Trojan. Malware that can access a host remotely.
|
RC4
|
Rivest Cipher version 4. This is a stream cipher used with WEP wireless encryption.
|
RCS
|
Rich Communication Services. Platform independent protocol used for messaging.
|
Red Team
|
Play the role of the attackers in team exercises.
|
Replay Attack
|
An interception attack in which the data is replayed at a later date.
|
Residual Risk
|
Minimal amount of risk remaining after risk mitigation.
|
Reverse Proxy Server
|
Authenticates incoming requests and decrypts incoming data.
|
RFC
|
Request for Comments. A formal document sent to recognized experts in the IT field when a change in tocology is requested.
|
RFID
|
Radio Frequency Identifier. Used to tag objects used by proximity card readers
|
Risk Acceptance
|
Ignoring the risk as it is deemed too low.
|
Risk Avoidance
|
Avoiding the risk as it is deemed too high.
|
Risk Matrix/Heat Map
|
Graphical format of the risk, showing the severity of a risk measured by likelihood and impact.
|
Risk Mitigation
|
Taking an action to reduce a risk.
|
Risk Register
|
A register that lists the risk, its owner, and risk treatment.
|
Risk Transference
|
Transferring the risk to a third party, like insurance or outsourcing your IT.
|
Robot Sentry
|
A mechanical robot that can be armed.
|
Role Based Access Control
|
Role Based Access Control. A subset of a department that carries out a subset of duties.
|
Root CA
|
The Certificate Authority that signs the certificates in a PKI environment.
|
Rootkit
|
Malware that modifies the system files to avoid detection. You might delete it, and have it still return the next day.
|
Router
|
A device that connects networks together.
|
RPO
|
Recovery Point Objective. The amount of time a company can operate with computer systems.
|
RSA
|
Rivest, Shamir, & Adleman. The first successful algorithm that created asymmetric keys.
|
RTO
|
Recovery Time Objective. The time a company has recovered its self after a failure.
|
RTOS
|
Real-time Operating System. Predicts and prioritizes execution of time-critical operations.
|
RTP
|
Real-time Transport Protocol. It is used for voice traffic.
|
Rule Based Access Control
|
Access constraint that affects the whole company.
|
Runbook
|
Automated version of a playbook.
|
SaaS
|
Software as a Service. Cloud based software package that requires a license.
|
SAE
|
Simultaneous Authentication of Equals. WPA3 version of wireless replacing WPA-PSK.
|
Salt
|
Appended random characters to a credential.
|
SAML
|
Security Assertions Markup Language. Exchange authentication information between two entities and is XML based.
|
SAN
|
Fast disk storage in its own network.
|
SAN Certificate
|
Certificate used to incorporate multiple domain names.
|
Sandbox
|
Isolated virtual machine to test applications.
|
Sanitization
|
The process of destroying data so that it cannot be recovered.
|
SCADA
|
Supervisory Control and Data Acquisition. Large scale industrial control system.
|
Scalability
|
The ability to expand a computing environment.
|
SCAP
|
Security Content Automation Protocol. Outlines practices for vulnerability scanning.
|
Script Kiddie
|
Low skill threat actor who will purchase a program from the dark web.
|
SDK
|
Software Development Kit. Coding resources created by a vendor for their applications.
|
SDLC
|
Software Development Life Cycle. The process of creating and developing applications.
|
SDN
|
Software-defined Networking. It uses software controller to connect virtual network rather than traditional routers.
|
SED
|
Self-Encrypting Drives. A drive where the keys are stored on the drive and anything copied onto the drive is automatically encrypted.
|
Self-Signed Certificate
|
An internally signed certificate that is not part of a PKI environment.
|
Separation of Duties
|
Ensuring that no one person can carry out the whole transaction, preventing fraud.
|
Serverless
|
Software environment where the resources are stored in a container on the cloud.
|
Server-side
|
Data or application that is stored on a back-end server. The web server will be the front end, client side. .
|
Service Account
|
An account with limited admin rights used to run a backend service.
|
Session Replay
|
Stealing a cookie and replaying the session on another device.
|
SFTP
|
Secure File Transfer Protocol. Used to encrypt files that are being transferred.
|
SHA
|
Secure Hashing Algorithm. Used to provide data integrity.
|
Shadow IT
|
Threat actor who puts unauthorized devices onto you network.
|
Shared Account
|
An account used by two or more people. No good for auditing or monitoring to an individual.
|
Shimming
|
Creating additional code to allow an application to talk to the operating system.
|
Shoulder Surfing
|
Social engineering technique to observe someone inserting their password.
|
SIEM
|
Security Information and Event Management. Real time mooting server that can correlate and aggregate events into a report.
|
Signature-based detection
|
Where an IPD/IDS rely on an updated database to identify events.
|
Sinkhole
|
DoS mitigation where the traffic is redirected to a honeypot for analysis.
|
SIP
|
Session Initiation Protocol. Internet based protocol that allows calls to be put on hold and transferred.
|
SLA
|
Service-level Agreement. An agreement to carry out a service contract that guarantees an amount of uptime and is measured in metrics.
|
SLE
|
Single Loss Expectancy. The cost of losing one item.
|
SMB
|
Server Message Block. Used in a Microsoft network for transferring and sharing data.
|
Smart Card
|
Credit card sized card that has a digital certificate and is used for authentication in conjunction with a PIN.
|
S/MIME
|
Secure/Multipurpose Internet Mail Extensions. Used to encrypt or digitally sign email.
|
SMiShing
|
A form of phishing using a smart phone rather than email.
|
SMTP
|
Transfers email between mail servers.
|
SMTPS
|
Encrypted form of SMTP.
|
Sn1per
|
Software used for penetration testing.
|
SNMP
|
Simple Network Management Protocol. Protocol used to monitor the status and create report on network devices.
|
SOAR
|
Security Orchestration, Automation, Response. Incident response that uses artificial intelligence and machine learning to search for threats.
|
SoC
|
System on a Chip. Integrates multiple logical controllers onto a single chip.
|
Spear Phishing
|
Targeted phishing attack using email.
|
SPF
|
Sender Policy Framework. A DNS record similar to DMARC to prevent malicious spam or emails.
|
SPIM
|
Spam over Internet Messaging. Spam message over instant messaging.
|
SSH
|
SSH File Transfer Protocol. Secure remote access protocol.
|
SSID
|
Network name for a wireless network.
|
SSD
|
Fast hard drive.
|
Standard Naming Convention
|
A naming format that keeps the naming of users or computer consistent.
|
Stapling
|
A web server bypasses the CRL and goes to the OCSP for faster certificate validation.
|
State Actor
|
Threat actor who is well organized, well-funded, and sophisticated.
|
SQLi
|
SQL Injection. Injecting code in to a transact SQL session.
|
SSO
|
Single Sign-on. You login once and can access resources without the need to insert your credential a second time.
|
Steganography
|
It hides a file, audio, or video inside and file, audio, or video.
|
STIX
|
Structured Threat Information eXpression. A framework for analyzing cybersecurity incidents and in conjunction with TAXII pushes out cyber threat intelligence.
|
Stored Procedure
|
A sealed SQL script, prevent SQL injection.
|
Stream Cipher
|
Bit level encryption.
|
SWG
|
Secure Web Gateway. An appliance that connects a client to the internet filtering out malicious traffic.
|
Symmetric Encryption
|
Single key encryption known as private or stared key. Small key size.
|
Syslog Server
|
Log collection.
|