Security+ 701

MAC

Mandatory Access Control: File and User level confidentiality

DAC

Discretionary Access Control: Principle of Least Privilege

ABAC

Attribute-Based Access Control

RBAC

Role-Based Access Control

SLE

Single loss expectancy. The monetary value of any single loss. SLE x ARO = ALE.

ARO

Annualized Rate of Occurence

ALE

Annualized Loss Expectancy

PUP

Potentially Unwanted Programs

WannaCry malware

2017, exploited EternalBlue Windows vulnerability.

APT

Advanced Persistent Threat

CybOX

Cyber Observable eXpression; XML Cyber Reports

STIX

(Structured Threat Information eXpression) A framework for analyzing cybersecurity incidents.

TAXII

(Trusted Automated eXchange of Indicator Information) A protocol for supplying codified information to automate incident detection and analysis.

Open Source Intelligence

Open-Source Intelligence (OSINT) is defined as intelligence produced by collecting, evaluating and analyzing publicly available information with the purpose of answering a specific intelligence question.

https://www.sans.org/blog/what-is-open-source-intelligence/

SIEM

Security information and event management

SOAR

Security Orchestration, Automation, Response

These platforms enhance SIEM capabilities

UCE

Unsolicited commercial email (spam)

CIA

Confidentiality, Integrity, Availability

SCAP

Security Content Automation Protocol. A set of security specifications for various applications and operating systems. Compliance tools such as vulnerability scanners use these to check systems for compliance.

CVSS

Common Vulnerability Scoring System, amount of risk.

CCE

Common Configuration Enumeration. Provides a standard nomenclature for discussing system configuration issues.

XCCDF

eXtensible Configuration Checklist Description Format

OVAL

Open Vulnerability Assessment Language. An international, information security, community standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services. OVAL includes a language used to encode system details, and an assortment of content repositories held throughout the community.

AV

Attack Vector

AC

Attack Complexity

PR

Privilges Required

UI

User Interaction

PCI

Payment Card Industry Data Security Standard (PCI DSS) is a collection of policies and procedures developed by the Payment Card Industry to improve the security of credit, debit, and cash card transactions and protect cardholders from identity theft.

https://pcidssguide.com/pci-requirements-for-storing-credit-card-information/

CMMI

Capability maturity model Integration - A model developed by Software Engineering Institute to assist organizations in identifying what needs to be worked on next in software development to improve processes. Concepts are being applied elsewhere in business, from supply chain management to organizational processes.

OWASP

Open Web Application Security Project/Open Worldwide Application Security Project

SMishing

Phishing using SMS

Vishing

Phishing using voice phone calls. Contact initiated via email, user asked to call a given number and to give sensitive information, such as credit card numbers.

SPIM

Spam Over Instant Messaging. Unsolicited messages received via instant messaging systems.

Pharming

Misdirection of users to fake websites.

Prepending

During a social engineering attack providing information in advance of being asked, lending legitimacy to the attack.

RAT

Remote access Trojan. Malware that allows an attacker to take control of a system from a remote location.

Password Spraying

Attempting a couple common passwords on every possible account.

Rainbow Tables

pregenerated hashes

VM escape attack

SLE

Single Loss Expectancy

MD5

Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.

RIPEMD

RIPE Message Digests - a family of cryptographic hash functions

EAP-TLS

Extensible Authentication Protocol-Transport Layer Security; Auth protocol for certs.

EAP-TTLS (Extensible Authentication Protocol-Tunneled Transport Layer Security)

A network authentication protocol that uses a TLS tunnel to protect the authentication process, allowing for various inner authentication methods like PAP or MSCHAPv2 within the secure tunnel.

Affinity Scheduling

A technique that prioritizes running specific tasks on computing nodes where they can execute more efficiently. Consider factors like CPU speed, memory access patterns, or task-specific requirements to minimize resource contention and maximize performance.

Transparent proxy

Intercepts and redirects network traffic without requiring any client-side configuration, acting as an "invisible" middleman between a user's device and the internet.

SLE

Single Loss Expectancy

ARO

Annual Rate of Occurence

ALE

Annualized Loss Expectancy

CVE

Common Vulnerabilities and Exposures

SLE

Single Loss Expectancy

SHA

Secure Hash Algorithm

MD5

Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained.

RIPEMD

RACE Integrity Primitives Evaluation Message Digest

SMTP

Simple Mail Transfer Protocol; port 25

ALE formula

ARO X SLE

Deauthentication attack

A common wireless attack used by hackers to disassociate wireless clients and make them attempt to reconnect to the access point

AAA

Authentication, Authorization, and Accounting

802.1X

The IEEE standard that defines port-based security for wireless network access control

Software firewall

A program that runs on a computer to allow or deny traffic between the computer and other computers to which it is connected

ECDH

Elliptic Curve Diffie-Hellman; key agreement

RSA Algorithm

Named after inventors Rivest, Shamir, and Adelman, RSA is a system for encrypting and decrypting a message using a pair of keys, both of which contain the product of two prime numbers.

AES

Advanced Encryption Standard

SHA-2

A family of Secure Hash Algorithms that has variations, known as SHA-224, SHA-256, SHA-384, and SHA-512.

Signature based NIDS

Your company implements two Network Intrusion Detection Systems (NIDS): one anomaly-based and one signature-based. It also implements two Network Intrusion Protection Systems (NIPS): one anomaly-based and one stateful protocol-based.

Your company employs an ethical hacker who uses ADMutate to disguise a buffer overflow attack. The attack is attempting to breach the network. Which system is most likely being targeted?

A)Signature-based NIDS

B)Stateful protocol-based NIPS

C)Anomaly-based NIPS

D)Anomaly-based NIDS

3DES

Triple Digital Encryption Standard. Originally designed as a replacement for DES. Uses multiple keys and multiple passes and is not as efficient as AES.

AH

Authentication Header

MD5

Message Digest 5; 128 bits

SHA1

Secure Hash Algorithm; 161 bits

SHA2

____ is the most secure hashing function now, with hashes as long as 512 bits.

ESP

Encapsulated Security Payload

AES

Advanced Encryption Standard

NLSP

Network Layer Security Protocol. Application of IPSec at Layer 3

SOAR

Security Orchestration, Automation, Response

SASE

Secure Access Service Edge

HSM

Hardware Security Module

SRTP

Secure Real-Time Protocol. Used to secure multi-media & VoIP communications.

CASE

Cloud Access Security Provider

MSSP

Managed Security Service Provider

COPE

Corporate Owned, Personally Enabled

SCP

Secure Copy Protocol

OPM

Office of Personnel Management

ISA

Interconnection Security Agreement

IOA

Indicator of Attack

AV

Asset Value

EF

Exposure Factor

RPO

Recovery Point Objective. Identifies a point in time where data loss is acceptable. It is related to the RTO and the BIA often includes both RTOs and RPOs.

BIA

Business Impact Analysis

PAN

Primary Account Number. Credit card acronym.

IGMP

Internet Group Management Protocol. Used for multicasting. Computers belonging to a multicasting group have a multicasting IP address in addition to a standard unicast IP address.

DER

Distinguised Encoding Rules, encoding a PKI certificate, representing ASN.1 data. Binary data. file formats: ,cer, .der

PEM

Privacy Enhanced Mail. Common format for PKI certificates. It can use either CER (ASCII) 0t DER (binary) formats. Marker - as a BEGIN CERTIFICATE line, and an END CERTIFICATE line. File format: .pem, .crt. .key

CCA

Chosen Ciphertext Attack

TTP

Tactics, Techniques and Procedures