Security+ Terms

AAA (Authentication, Authorization, and Accounting)

a security framework that ensures only authorized individuals are able to access resources.

ABAC (Attribute Based Access Control)

evaluates attributes to determine the access.

ACL (Access Control List)

list of rules that specifies which users or systems are granted or denied access to a particular object or system resource.

AES (Advanced Encryption Standard)

a specification for the encryption of electronic data established by the U.S National Institute of Standards and Technology (NIST) in 2001.

AIS (Automated Indicator Sharing)

service provided by CISA that enables real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private sector organizations.

APT (Advanced Persistent Threat)

a type of cyber attack in which an unauthorized user gains access to a system or network and remains undetected for an extended period of time.

ARP (Address Resolution Protocol)

a protocol used to map an IP address to a physical MAC address.

ASLR (Address Space Layout Randomization)

a technique used to prevent attackers from exploiting vulnerabilities in software by randomizing the location of key data areas in memory.

BCP (Business Continuity Planning)

detailed strategy and set of systems for ensuring an organization's ability to prevent or rapidly recover from a significant disruption to its operations.

BDPU Guard (Bridge Protocol Data Units)

BDPU guard is a feature that defends the layer 2 STP topology against BDPU-related threats.

BIA (Business Impact Analysis)

the BIA should identify the operational and financial impacts resulting from the disruption of business functions and processes.

BIOS (Basic Input/Output System)

BIOS, or Basic Input/Output System, is software stored on a small memory chip, also known as firmware.

BLOB (Binary Large Object Storage)

used by cloud providers as a database for large amounts of text or binary data.

BPA (Business Partnership Agreement)

agreement between 2 companies that are doing business together in which it is confirmed how much each company should contribute as well as their responsibility and how the profit will be split.

BYOD (Bring Your Own Device)

a policy that allows employees to use their personal devices, such as smartphones or laptops, to access company resources.

CA (Certificate Authority)

trusted entity that issues digital certificates used to verify the identities of individuals, organizations, websites or devices.

CAC (Common Access Card)

smart card about the size of a credit card. It is the standard identification for Active Duty United States Defense personnel.

CASB (Cloud Access Security Broker)

software/hardware that sits between users and their cloud service to enforce security policies.

CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart)

a challenge-response test used to distinguish between human and automated users.

CBC (Cipher Block Chaining)

a mode of operation for a block cipher -- one in which a sequence of bits are encrypted as a single unit, or block, with a cipher key applied to the entire block.

CER (Certificate)

security files provided and generated by an Certificate Authority. These files help a browser to verify if a website is secure and save to enter, verifying its authenticity. These CER security certificates are usually installed on a web server.

CER (Crossover Error Rate)

point where FAR and FRR are equal.

CHAP (Challenge Handshake Authentication Protocol)

challenge-response identity authentication protocol. It depends on a combination of CHAP security credentials and a "shared secret" between the requestor (client) and the authenticator (server), and it does not expose a password.

CIA (Confidentiality, Integrity, and Availability)

the three core principles of information security.

CIRT (Computer Incident Response Team)

a team responsible for responding to and mitigating cyber security incidents.

COPE (Corporate-Owned, Personally-Enabled)

a policy that allows employees to use company-owned devices for personal use.

CRC (Cyclic Redundancy Check)

a mathematical algorithm used to detect errors in data transmission.

CRL (Certificate Revocation List)

first phase of checking if certificate is valid.

CSA (Cloud Security Alliance)

non-profit organization that provides different resources to help Cloud Security Providers (CSPs).

CSRF (Cross-Site Request Forgery)

is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform.

CSO (Chief Security Officer)

a senior-level executive responsible for overseeing an organization's security program.

CSP (cloud service provider)

is a third-party company that provides scalable computing resources that businesses can access on demand over a network, including cloud-based compute, storage, platform, and application services.

CSR (Certificate Signing Request)

a request made by a user or device to a certificate authority for a digital certificate.

CSV (Comma Separated Values)

a file format used to store data in a table-like format, with each row separated by a comma.

CVE (Common Vulnerabilities and Exposure)

list of vulnerabilities created by MITRE.

CVSS (Common Vulnerabilities Scoring System)

ranking of vulnerabilities and their severity.

CYOD (Choose Your Own Device)

company has set of devices that employees can choose to use for work.

DAC (Discretionary Access Control)

restricting access to objects based on the identity of subject.

DDoS (Distributed Denial of Service)

a type of cyber attack in which multiple systems are used to flood a target server or network with traffic, causing it to become unavailable.

DES (Data Encryption Standard)

is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) that was widely used in the past but is now considered insecure.

DHCP (Dynamic Host Configuration Protocol)

a protocol used to automatically assign IP addresses and other network settings to devices on a network.

DMZ (Demilitarized Zone)

a network segment that is isolated from the internal network and is used to provide public-facing services, such as web servers or email servers.

DNS (Domain Name System)

a system that translates domain names into IP addresses.

DoS (Denial of Service)

a type of cyber attack in which a server or network is overwhelmed with traffic, causing it to become unavailable.

DPO (Data Protection Officer)

DPO makes sure that the organization is correctly protecting individuals personal data according to current legislation.

DRP (Disaster Recovery Plan)

preparing for any type of disaster that could occur.

EAP (Extensible Authentication Protocol)

architectural framework that provides extensibility for authentication methods for commonly used protected network access technologies such as IEEE 802.1X-based wireless access, IEEE 802.1X-based wired access and Point-to-Point Protocol (PPP).

EFS (Encrypting File System)

a feature in Windows that allows files and folders to be encrypted using a user's public key.

EMI (Electromagnetic Interference)

interference caused by electromagnetic waves, which can disrupt the functioning of electronic devices.

EMP (Electromagnetic Pulse)

a burst of electromagnetic radiation that can cause damage to electronic devices.

ESP (Encapsulating Security Payload)

is security payload is an individual protocol in IPSec. ESP is responsible for the CIA triad of security (Confidentiality, Integrity, Availability), which is considered significant only when encryption is carried along with them.

FAR (False Acceptance Rate)

metric used to measure the likelihood of granting access to an unauthorized user.

FDE (Full Disk Encryption)

security technique that encrypts all data stored on a disk or storage device, including the operating system, applications, and user data.

FISMA (Federal Information Security Management Act)

FISMA requires federal agencies to develop, document, and implement an agency-wide program to provide information security for the information and systems that support the operations and assets of the agency, including those provided or managed by another agency, contractor, or other source.

FRR (False Rejection Rate)

metric used to measure the likelihood of denying access to an authorized user.

FTP (File Transfer Protocol)

a protocol used to transfer files between computers over a network. Port 21.

GDPR (General Data Protection Regulation)

regulation in European Union (EU) law on data protection and privacy for individuals within the EU and the European Economic Area (EEA). It came into effect on May 25, 2018 and is enforced by the EU Data Protection Authorities.

GPS (Global Positioning System)

a system of satellites used to determine the location of a device.

GRE (Generic Routing Encapsulation)

a protocol used to encapsulate one type of packet within another.

GBAC (Group Based Access Control)

gives access to a group of individuals to the resources that they need.

HMAC (Hash-based Message Authentication Code)

is a cryptographic authentication technique that uses a hash function and a secret key.

HIDS (Host Intrusion Detection System)

HIDS stands for host-based intrusion detection system and represents an application that is monitoring a computer or network for suspicious activities.

HIPAA (Health Insurance Portability And Accountability Act)

federal law that was enacted in 1996 to protect the privacy and security of patients' personal health information (PHI).

HOTP (HMAC-based One-Time Password)

algorithm used to generate one-time passwords that are used for authentication purposes.

HSM (Hardware Security Module)

type of specialized hardware device designed to securely store and manage digital keys and perform cryptographic operations.

HSTS (HTTP Strict Transport Security)

web security policy mechanism used to protect against protocol downgrade attacks and cookie hijacking.

HTML (Hypertext Markup Language)

is the standard markup language for creating Web pages.

HTTP (Hypertext Transfer Protocol)

HTTP is the foundation of the World Wide Web, and is used to load webpages using hypertext links.

HTTPS

a secure version of HTTP that uses encryption to protect data in transit. HTTPS uses port 443.

IaaS

a cloud computing model in which infrastructure resources, such as servers and storage, are provided by a third-party provider.

IAM

a cybersecurity practice that enables IT administrators to restrict access to organizational resources so that only the people who need access have access.

ICMP

a network layer protocol used by network devices to diagnose network communication issues. ICMP is mainly used to determine whether or not data is reaching its intended destination in a timely manner.

IDS

a monitoring system that detects suspicious activities and generates alerts when they are detected. Based upon these alerts, a security operations center (SOC) analyst or incident responder can investigate the issue and take the appropriate actions to remediate the threat.

IPS

a network security technology that goes beyond the capabilities of an IDS (Intrusion Detection System) by actively preventing identified threats from being carried out. An IPS monitors network traffic, just like an IDS, but it can also take action to prevent attacks.

IEEE

The IEEE describes itself as the world's largest technical professional society -- promoting the development and application of electrotechnology and allied sciences for the benefit of humanity, the advancement of the profession, and the well-being of our members.

IKE

a standard protocol used to set up a secure and authenticated communication channel between two parties via a virtual private network (VPN).

IMAP

an Internet standard protocol used by email clients to retrieve email messages from a mail server over a TCP/IP connection. IMAP uses port 143.

IoT

physical devices that are connected to the internet and that can exchange data with each other.

IP

a protocol, or set of rules, for routing and addressing packets of data so that they can travel across networks and arrive at the correct destination.

IPv4

an IPv4 address is a 32-bit address that is usually represented in dotted decimal notation, with a decimal value representing each of the four octets (bytes) that make up the address.

IPv6

a network protocol that serves as the successor to IPv4. The purpose of IPv6 is to provide a larger address space for the internet as the number of connected devices continues to grow. One of the main differences between IPv6 and IPv4 is the size of the address space. IPv4 uses 32-bit addresses, allowing for approximately 4.3 billion unique addresses. In contrast, IPv6 uses 128-bit addresses, which allows for an almost unlimited number of unique addresses.

ISA

a document that regulates security-relevant aspects of an intended connection between an agency and an external system. It regulates the security interface between any two systems operating under two different distinct authorities.

ISO

an international standard-setting organization.

ISP

a company that provides Internet access to customers.

JSON

a lightweight data interchange format.

LDAP

is a software protocol for enabling anyone to locate data about organizations, individuals and other resources such as files and devices in a network -- whether on the public internet or a corporate intranet. LDAP is a "lightweight" version of Directory Access Protocol (DAP), which is part of X.500, a standard for directory services in a network. LDAP is considered lightweight because it uses a smaller amount of code than other protocols.

MAC (Media Access Control)

a unique identifier assigned to a network interface controller (NIC).

MAC (Mandatory Access Control)

limiting access to resources based on the sensitivity of information.

MCSP (Managed Cloud Service Provider)

provides managed cloud services to customers. Managed cloud services are a type of cloud computing service in which a third-party provider manages and delivers cloud computing resources and services to customers over the internet.

MFA (Multi-Factor Authentication)

a security feature that requires multiple forms of authentication to access a resource.

MITB (Man In The Browser)

an MITB attack injects malicious software (malware) into a victim's web browser. The malware typically exploits vulnerabilities in the browser or its plugins to intercept and manipulate data exchanged between the browser and the websites the user visits.

MITM (Man-in-the-Middle)

a type of cyber attack in which an attacker intercepts communications between two parties in order to either steal or change the data in transit.

MSSP (Managed Security Service Provider)

provides managed security services to customers, typically on a subscription basis.

MTBF (Mean Time Between Failures)

average amount of time between system failure which shows how reliable a system is.

MTTD (Mean Time To Detect)

average time it takes for an organization to detect a security incident or breach after it occurs.

MTTR (Mean Time To Repair)

average time that it takes to fix a system.

NAC (Network Access Control)

a system used to control access to a network based on the identity of the user or device.

NAT (Network Address Translation)

a technique used to map private IP addresses to public IP addresses.

NDA (Non Disclosure Agreement)

contract that prevents any side of the business to give away the secrets to others.

NFC (Near Field Communication)

short-range wireless communication technology that enables data exchange between devices that are within close proximity to each other, typically within a few centimeters.