supply chain to replication

Supply chain

The network of entities involved in the production and distribution of a product.

Human vectors/social engineering

Methods of manipulating individuals to gain unauthorized access.

Phishing

A fraudulent attempt to obtain sensitive information.

Vishing

A phishing attack conducted over voice calls.

Smishing

A phishing attack conducted over SMS.

Misinformation/disinformation

False or misleading information spread intentionally.

Impersonation

Pretending to be someone else to deceive others.

Business email compromise

A fraudulent email targeting businesses for financial gain.

Pretexting

Creating a false pretense to gain information or access.

Watering hole attack

Compromising a website frequented by a target group.

Brand impersonation

Pretending to be a trusted brand to deceive others.

Typosquatting

Registering a domain similar to a popular one to deceive others.

Segmentation

The practice of dividing a network into smaller subnetworks to enhance security.

Access control list (ACL)

A list of permissions attached to an object that specifies who can access it.

Permissions

The level of access granted to a user or group for a specific resource.

Application allow list

A list of approved applications that are allowed to run on a system.

Isolation

The practice of keeping critical systems separate from less secure systems.

Patching

The process of applying updates and fixes to software or systems.

Encryption

The process of encoding information to make it unreadable without a decryption key.

Monitoring

The act of observing and analyzing system activities to detect and respond to security incidents.

Least privilege

The principle of granting users only the permissions necessary to perform their specific tasks.

Configuration enforcement

Ensuring that systems and devices adhere to established security configurations.

Decommissioning

The process of retiring or removing a system or device from service.

Hardening techniques

Security measures implemented to reduce the vulnerability of a system or network.

Installation of endpoint protection

The deployment of security software on individual devices to protect against threats.

Host-based firewall

A firewall that operates at the individual device level to control network traffic.

Host-based intrusion prevention system (HIPS)

A security system that monitors and analyzes network traffic on an individual device.

Disabling ports/protocols

Turning off specific network ports or protocols to reduce the attack surface.

Default password changes

The requirement for users to change default passwords to enhance security.

Removal of unnecessary software

Uninstalling software that is not required for system functionality.

Application

A software program that performs specific functions on a computer.

Memory injection

A technique of introducing malicious code into a computer's memory.

Buffer overflow

A vulnerability that occurs when a program writes more data to a buffer than it can hold.

Race conditions

A situation where the behavior of a program depends on the relative timing of events.

Time-of-check (TOC)

A security vulnerability that occurs when a resource is checked for authorization but is not protected.

Time-of-use (TOU)

A vulnerability that occurs when a resource is protected but not checked before use.

Malicious update

An intentional modification of software to introduce malicious functionality.

Operating system (OS)-based

A vulnerability specific to a particular operating system.

Web-based

A vulnerability specific to web applications or websites.

Structured Query Language injection (SQLi)

An attack technique that exploits vulnerabilities in a web application's database layer.

Cross-site scripting (XSS)

An attack technique that allows an attacker to inject malicious scripts into web pages.

Hardware

The physical components of a computer system.

Firmware

Software permanently stored in a computer's hardware.

End-of-life

The stage in a product's lifecycle when it is no longer supported by the manufacturer.

Legacy

Outdated technology or software that is still in use.

Virtualization

A technology that allows multiple operating systems to run on a single physical machine.

Virtual machine (VM) escape

A technique of breaking out of a virtual machine and accessing the host system.

Resource reuse

The practice of utilizing resources efficiently by sharing them among users or processes.

Cloud-specific

A security vulnerability specific to cloud computing environments.

Service provider

An organization that offers services to customers.

Hardware provider

An organization that manufactures or supplies hardware components.

Software provider

An organization that develops or supplies software.

Cryptographic

Related to the science of encryption and decryption.

Misconfiguration

A configuration error that can lead to security vulnerabilities.

Mobile device

A portable computing device such as a smartphone or tablet.

Side loading

Installing applications on a mobile device from sources other than the official app store.

Jailbreaking

Removing software restrictions imposed by the manufacturer on a mobile device.

Zero-day

A software vulnerability that is unknown to the vendor and has no patch available.

Device Placement

Strategically positioning network devices to optimize performance.

Security Zones

Segmenting a network into isolated areas based on security requirements.

Attack Surface

The total number of vulnerabilities that can be exploited by an attacker.

Connectivity

The ability of devices to establish and maintain network connections.

Failure Modes

Different ways in which a network device can fail.

Fail-Open

A fail state allowing traffic to pass through, ensuring connectivity.

Fail-Closed

A fail state that blocks traffic, preventing unauthorized access.

Device Attribute

A characteristic or property of a network device.

Active vs. Passive

Modes of operation for network devices; active devices communicate, passive devices observe.

Inline vs. Tap/Monitor

Deployment methods; inline devices directly affect traffic, tap/monitor devices do not.

Network Appliances

Devices designed to perform specific network functions.

Jump Server

A server used to access and manage other devices, enhancing security.

Proxy Server

A server acting as an intermediary between clients and servers.

Intrusion Prevention System (IPS)

A security device that actively blocks potential threats.

Intrusion Detection System (IDS)

A security device that alerts on potential threats.

Load Balancer

A device distributing network traffic across multiple servers.

Sensors

Devices detecting and responding to changes in the network environment.

Port Security

Measures taken to secure network ports from unauthorized access.

802.1X

An IEEE standard for network access control and authorization.

Extensible Authentication Protocol (EAP)

A framework for authentication protocols in network security.

Firewall Types

Different types of firewalls used for network security.

Web Application Firewall (WAF)

A firewall specifically designed to protect web applications.

Unified Threat Management (UTM)

A comprehensive security solution combining multiple security features.

Next-Generation Firewall (NGFW)

A firewall incorporating advanced security capabilities.

Layer 4/Layer 7

Different levels of the network protocol stack.

Secure Communication/Access

Methods used to ensure secure network communication and access.

Virtual Private Network (VPN)

A secure network connection established over a public network.

Remote Access

The ability to access a network remotely.

Tunneling

Encapsulating one network protocol within another for secure communication.

Transport Layer Security (TLS)

A cryptographic protocol securing network communication.

Internet Protocol Security (IPSec)

A protocol suite used to secure IP communications.

Software-Defined Wide Area Network (SD-WAN)

A technology for managing wide area networks.

Secure Access Service Edge (SASE)

A cloud-native security framework providing secure access to applications.

Selection of Effective Controls

Choosing appropriate security measures to mitigate risks.

Responsibility matrix

A matrix defining roles and responsibilities within a project.

Hybrid cloud architecture

Combining both public and private cloud environments.

Third-party vendors

External companies providing products or services.

Infrastructure as code (IaC)

Managing infrastructure through machine-readable definition files.

Serverless computing

A cloud computing model where the provider manages infrastructure.

Microservices architecture

An architectural style structuring an application as small, loosely coupled services.

Network infrastructure

The foundational support for communication between devices.

Physical isolation

Separation of network components physically to enhance security.