Security+ Acronyms
Authentication, Authorization, Accounting (AAA)
A security framework that controls access to computer resources and tracks user activity
Access Control List (ACL)
A list of permissions that controls who can access a system resource and what operations they can perform
Advanced Encryption Standard (AES)
A cryptographic algorithm that encrypts and decrypts data using a symmetric block cipher
Authentication Header (AH)
A security protocol in IPSec that ensures the integrity of packet headers and data, provides user authentication and offers optional replay protection and access protection
Automated Indicator Sharing (AIS)
A service the Cybersecurity and Infrastructure Security Agency (CISA) provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations
Annualized Loss Expectancy (ALE)
A metric used in risk management to estimate the expected monetary loss an organization could face from a specific risk over a single year
Equation = Single Loss Expectancy (SLE) Annual Rate of Occurrence (ARO)
Access Point (AP)
A device that logically connects wireless client devices operating in infrastructure to one another and provides access to a distribution system
Application Programming Interface (API)
A software intermediary that allows two applications to talk to each other
Advanced Persistent Threat (APT)
A cyber attack where a hacker gains unauthorized access to a target network and remains undetected for a significant period of time, usually with the goal of stealing highly sensitive data rather than causing immediate disruption
Annualized Rate of Occurrence (ARO)
The estimated probability of a specific event happening within a given year, essentially representing how often a particular risk is likely to occur annually
Equation = # of Incidents Number of years
Address Resolution Protocol (ARP)
A communication protocol that maps IP addresses to MAC addresses
ARP Poisoning: Attack that exploits the IP address to MAC resolution in a network to steal, modify, or redirect frames within the local area network
Adversarial Tactics, Techniques, & Common Knowledge (ATT&CK)
A framework that documents how cyber attackers behave in real-world security incidents. Used to understand and analyze cyber threats, improve detection and prevention strategies, and develop better defenses and incident response plans.
Acceptable Use Policy (AUP)
A set of rules that govern how a network, website, or service can be used. AUPs are created by the owner, administrator, or possessor of the network, website, or service.
Bourne Again Shell (BASH)
A shell program and command language. Is commonly used as the default login shell for numerous Linux distributions
Business Continuity Plan (BCP)
Focuses on maintaining service delivery and receiving payment for those services. A more comprehensive strategy that encompasses a broader spectrum of organizational resilience, including returning the business to profitability. Used by private sector entities.
Business Impact Analysis (BIA)
A process that predicts the consequences of a business disruption and the resources needed to recover
Basic Input/Output System (BIOS)
A piece of firmware that's pre-installed on a computer's motherboard and used to start the computer system after it is powered on
Bridge Protocol Data Unit (BPDU)
A network packet that carries information between switches in a network to prevent loops and optimize performance
Certificate Authority (CA)
A trusted third-party that issues digital certificates to verify the identity of websites, companies, email addresses, and individuals
Cloud Access Security Broker (CASB)
On-premises or cloud-based software used to help ensure regulatory compliance and data protection, govern cloud usage across devices and cloud applications, and protect against threats
Counter Mode/CBC-MAC Protocol (CCMP)
A security protocol that uses the Advanced Encryption Standard (AES) algorithm to encrypt data and provide data integrity and confidentiality. Part of the 802.11i standard for wireless local area networks (WLANs) and was introduced in the Wi-Fi Protected Access 2 (WPA2) wireless security standard.
Confidentiality, Integrity, Availability (CIA)
The CIA triad is a model for information security
Continuity of Operation Planning (COOP)
A process that ensures that an organization can continue to perform its essential functions during an emergency. It emphasizes the rapid recovery of essential functions and services. Used by government and public entities.
Certificate Revocation List (CRL)
A list of digital certificates that have been revoked by the issuing certificate authority (CA) before their scheduled expiration date and should no longer be trusted
Cloud Service Provider (CSP)
A company that offers cloud-based services to businesses and individuals, such as storage, databases, and applications
Certificate Signing Request (CSR)
A message sent from an applicant to a certificate authority of the public key infrastructure (PKI) to apply for a digital identity certificate
Cross-Site Request Forgery (CSRF or XSR)
Exploits applications that use cookies to authenticate users, track sessions, or perform an unwanted action on a user's behalf
Channel Service Unit (CSU)
A hardware device that connects a local area network (LAN) to a wide area network (WAN). It acts as a bridge between the network router and the service provider's equipment.
Common Vulnerability Enumeration (CVE)
A list of publicly known vulnerabilities that includes a unique identifier (ID), description, dates, and comments. CVEs help track vulnerabilities.
Common Vulnerability Scoring System (CVSS)
CVSS assigns a numerical score to each CVE to indicate its severity
Discretionary Access Control (DAC)
A cybersecurity model that gives the owner of a resource control over who can access it and what they can do with it (think assigning roles in spreadsheets)
Distributed Denial of Service (DDoS)
A cybercrime where a malicious actor floods a target website or server with traffic from multiple sources, effectively overwhelming its capacity and preventing legitimate users from accessing the service
Digital Encryption Standard (DES)
A block cipher algorithm that uses a 56-bit key to encrypt and decrypt data. An outdated symmetric key method of data encryption
Dynamic Host Configuration Protocol (DHCP)
a network management protocol that dynamically assigns IP addresses and other configuration parameters to devices on a network
Diffie Hellman Ephemeral (DHE)
A mathematical method of securely generating a symmetric cryptographic key over a public channel
DomainKeys Identified Mail (DKIM)
A method of email authentication that verifies the sender of an email and confirms that the message has not been altered. Uses a public and private key pair system to digitally sign important parts of an email.
Dynamic Link Library (DLL)
A file that contains reusable code and data that can be used by multiple programs at the same time
Domain Message Authentication Reporting and Conformance (DMARC)
An email authentication protocol designed to protect email domains from unauthorized use, by verifying the legitimacy of email senders using existing standards like SPF and DKIM, and instructing receiving servers on how to handle emails that fail authentication checks
Domain Name System (DNS)
A hierarchical and decentralized system that translates human-readable domain names into machine-readable IP addresses
Denial of Service (DoS)
Cyberattack that aims to make a network resource or machine unavailable to its intended users by overwhelming a network or website with illegitimate requests
Data Privacy Officer (DPO)
A professional responsible for ensuring that all personal data is handled, stored, and shared in a compliant and ethical manner
Disaster Recovery Plan (DRP)
A formal document that outlines how an organization will respond to a disaster or other unplanned incident. The plan's purpose is to help ensure that critical business functions can continue to operate after a disruption, such as a natural disaster, cyberattack, or technology-related issue.
Extensible Authentication Protocol (EAP)
A framework of protocols that allows for numerous methods of authentication including passwords, digital certificates, and public key infrastructure
Elliptic Curve Cryptography (ECC)
A public-key cryptographic technique that uses elliptic curves to generate security between key pairs
Elliptic Curve Diffie-Hellman Ephemeral (ECDHE)
A key agreement protocol that allows two parties, each having an elliptic-curve public-private key pair, to establish a shared secret over an insecure channel
Endpoint Detection and Response (EDR)
A cybersecurity technology that monitors and responds to threats on endpoints, such as computers, laptops, mobile devices, and servers
Encrypted File System (EFS)
A user-based encryption control technique that enables users to control who can read the files on their system. Uses a public-key system and complex cryptographic algorithms to encrypt files and directories.
Encapsulated Security Payload (ESP)
An encryption protocol that protects data in transit between computers by encrypting and authenticating data packets
Full Disk Encryption (FDE)
The process of encrypting all the data on the hard drive used to boot a computer, including the computer's OS, and permitting access to the data only after successful authentication to the FDE product
File Integrity Management (FIM)
A security process that verifies the authenticity of files, applications, and other critical assets to detect tampering or corruption. FIM is a mandatory security control that helps organizations prevent security breaches and data loss.
False Rejection Rate (FRR)
A metric used to measure how often a biometric system incorrectly denies access to an authorized user
File Transfer Protocol (FTP)
A standard network protocol that allows users to transfer files between computers or a network
FTPS - File Transfer Protocol Secure
General Data Protection Regulation (GDPR)
A European Union law that regulates how personal data of individuals within the EU can be collected, stored, and processed, aiming to give individuals more control over their personal information and protect their privacy
Group Policy Object (GPO)
A collection of group policy settings that define how a system will look like and how it will behave for a defined group of users
High Availability (HA)
Characteristic of a system that aims to ensure an agreed level of operational performance, usually uptime, for a higher-than-normal period
Host-based Intrusion Detection System (HIDS)
An intrusion detection system that is capable of monitoring and analyzing the internals of a computing system as well as the network packets on its network interfaces
Host-based Intrusion Prevention System (HIPS)
HIPS uses behavioral analysis and network filtering to monitor a computer's files, registry keys, and running processes. It can detect suspicious activity by comparing current activity to a baseline of normal activity.
Hardware Security Module (HSM)
Hardened, tamper-resistant hardware devices that secure cryptographic processes by generating, protecting, and managing keys used for encrypting and decrypting data and creating digital signatures and certificates
Hyper-text Markup Language (HTML)
The foundation of web-based applications and services. Oftentimes exploited to launch XSS or SQLi attacks
Infrastructure as a Service (IaaS)
A cloud computing model that provides on-demand access to computing resources such as servers, storage, networking, and virtualization
Infrastructure as Code (IaC)
A method for managing and provisioning infrastructure using code instead of manual processes
Identity and Access Management (IAM)
Ensures that the right people and job roles in your organization (identities) can access the tools they need to do their jobs
Internet Key Exchange (IKE)
A secure key management protocol that is used to set up a secure, authenticated communications channel between two devices
Internet Message Access Protocol (IMAP)
Internet standard email protocol that email clients use to retrieve messages from a mail server. Unlike its predecessor, POP3, IMAP allows users to view and manage their emails directly on the mail server, providing a more dynamic and flexible way to interact with email across multiple devices.
Internet Protocol Security (IPsec)
A set of protocols that encrypts and authenticates IP packets to secure network communications
Incident Response Plan (IRP)
Set of procedures that outlines how an organization should detect, respond to, and recover from a cyber security incident, including defining roles, responsibilities, and escalation steps to minimize damage and impact
Initialization Vector (IV)
An arbitrary number that can be used with a secret key for data encryption to foil cyber attacks. This number is employed only one time in any session to prevent unauthorized decryption of the message by a suspicious or malicious actor.
Layer 2 Tunneling Protocol (L2TP)
A protocol used to create a secure tunnel for data transmission between two network points. It’s commonly used to create a connection between your device and a VPN server without encrypting your content.
Local Area Network (LAN)
A computer network that interconnects computers within a single physical location
Lightweight Directory Access Protocol (LDAP)
An open, vendor-neutral, industry-standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network
Mandatory Access Control (MAC)
A computer security model that limits access to resources based on predetermined rules and policies
Media Access Control (MAC)
The layer that controls the hardware responsible for interaction with the wired (electrical or optical) or wireless transmission medium
Master Boot Record (MBR)
A crucial component of a computer's storage device that contains information about the hard disk partitions and the operating system (OS)
Message Digest 5 (MD5)
A cryptographic hash function that generates a 128-bit hash value from any input data, however, due to known vulnerabilities. MD5 is considered insecure for cryptographic applications and should not be used for sensitive data protection.
Mobile Device Management (MDM)
A security software that allows organizations to manage, monitor, and secure mobile devices that connect to their networks
Multi-protocol Label Switching (MPLS)
A networking technology that directs data packets across a network based on labels rather than network addresses
Managed Security Service Provider (MSSP)
A third-party company that offers outsourced security services for businesses
Mean Time Between Failures (MTBF)
The predicted elapsed time between inherent failures of a mechanical or electronic system during normal system operation
Mean Time to Failure (MTTF)
The average time a product or system functions before its first failure under normal conditions
Mean Time to Repair (MTTR)
The average amount of time it takes for a system to recover from a failure or disruption
Network Access Control (NAC)
A security system that controls who and what devices can access a network by verifying their identity and compliance with security policies
Network Address Translation (NAT)
A way to map multiple private addresses inside a local network to a public IP address before transferring the information onto the internet
Near Field Communication (NFC)
A short-range wireless technology that allows devices to exchange data within a few centimeters of each other
Next-generation Firewall (NGFW)
A security device that processes network traffic and blocks potentially dangerous traffic. NGFWs are more advanced than traditional firewalls, with additional features that allow them to inspect data more deeply and identify threats that may be hidden.
Network-based Intrusion Detection System (NIDS)
A security tool that passively monitors network traffic at strategic points within a network to identify and alert on potentially malicious activity, such as suspicious patterns or anomalies, by analyzing the content of network packets flowing through the system, without actively blocking the traffic itself
Network-based Intrusion Prevention System (NIPS)
A security device or software that actively monitors network traffic, analyzing packets for malicious activity and taking immediate action to block or prevent potential threats from entering a network
Network Time Protocol (NTP)
An internet standard protocol that allows computers across a network to synchronize their clocks with each other
Open Authorization (OAUTH)
An open standard protocol that allows third-party applications to access a user's protected resources without requiring the user to share their login credentials
Online Certificate Status Protocol (OCSP)
An Internet Protocol (IP) that determines if a digital certificate is valid or has been revoked
Open-source Intelligence (OSINT)
The insight gained from processing and analyzing public data sources
Open Vulnerability Assessment Language (OVAL)
A standard to promote open and publicly available security content, and to standardize the transfer of this information across the entire spectrum of security tools and services
PKCS #12 (P12)
A file format for storing cryptography objects, such as private keys and certificates, in a single file
Platform as a Service (PaaS)
A cloud computing model where a third-party provider delivers a complete development environment, including servers, operating systems, storage, and development tools, allowing users to build, test, and deploy applications without managing the underlying infrastructure
Privileged Access Management (PAM)
Focuses on the control, monitoring, and protection of privileged accounts within an organization
Password-based Key Derivation Function 2 (PBKDF2)
A widely used cryptographic algorithm designed to securely derive a cryptographic key from a user's password
Private Branch Exchange (PBX)
A phone system that manages a company's internal and external phone calls. It acts as a private network that allows employees to communicate with each other and make and receive calls to the outside world.
Packet Capture (PCAP)
A networking technique that involves intercepting and recording data packets that travel over a network. The captured packets are saved as files, called PCAP files.
Payment Card Industry Data Security Standard (PCI DSS)
A set of security guidelines that ensure companies that process, store, or transmit credit card information maintain a secure environment
Power Distribution Unit (PDU)
A device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located within a data center
Protected Extensible Authentication Protocol (PEAP)
A security protocol that encrypts and authenticates authentication data sent over 802.11 Wi-Fi networks
Perfect Forward Secrecy (PFS)
A cryptographic technique that protects encrypted communication by using unique, temporary session keys for each communication session
Pretty Good Privacy (PGP)
An encryption program used for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions and to increase the security of e-mail communications
Public Key Cryptography Standards (PKCS)
A set of protocols that establish guidelines for using public key cryptography to exchange information securely
Public Key Infrastructure (PKI)
A framework that uses digital certificates and encryption to secure electronic transactions and communications
Post Office Protocol (POP)
A widely used e-mail application protocol that can be used to retrieve e-mail from an e-mail server for the client application, such as Microsoft Outlook
Potentially Unwanted Program (PUP)
Software that a user may not want or need, but that can still be downloaded or installed without their knowledge
Recovery Agent (RA)
A designated individual or system that has the authority to access and restore encryption keys in case of emergencies
Registration Authority (RA)
A trusted entity within a Public Key Infrastructure (PKI) system that is responsible for verifying the identity of individuals/organizations requesting digital certificates, before submitting that information to the CA to issue the certificate
Remote Authentication Dial-In User Service (RADIUS)
A networking protocol that provides centralized authentication, authorization, and accounting (AAA) for users accessing a network, essentially acting as a central point to verify user credentials before granting access to a network service
Redundant Array of Inexpensive Disks (RAID)
A data storage technology that combines multiple physical hard drives into a single logical unit
Remote Access Trojan (RAT)
A malware program that opens a backdoor, enabling administrative control over the victim's computer
Remote Desktop Protocol (RDP)
Refers to the measures taken to protect a remote desktop connection by encrypting data transmitted between computers
Recovery Point Objective (RPO)
The maximum amount of data an organization is willing to lose after a disruptive event, measured in time
Recovery Time Objective (RTO)
The maximum acceptable amount of time a system or service can be down after a disruption
Real-Time Operating System (RTOS)
A specialized operating system designed to handle tasks with strict timing requirements, prioritizing operations based on their deadlines
Real-time Transport Protocol (RTP)
A network protocol used to transmit real-time media like audio and video, but by itself, it lacks inherent security
Software as a Service (SaaS)
A cloud computing model where software applications are hosted by a provider and made available to users over the internet. It allows organizations to access and use software without the need to install, manage, or maintain it on local infrastructure.
Simultaneous Authentication of Equals (SAE)
Secure key exchange protocol used in wireless networks, specifically as part of the WPA3 (Wi-Fi Protected Access 3) security standard. SAE replaces the older Pre-Shared Key (PSK) method used in WPA2, providing stronger protection against attacks like brute force and dictionary attacks.
Security Assertions Markup Language (SAML)
An open standard for enabling single sign-on (SSO) and federated identity management. It allows users to log in once and gain access to multiple systems or applications without needing to reauthenticate.
Subject Alternative Name (SAN)
An extension of the X.509 certificate standard, commonly used in SSL/TLS certificates to specify additional domain names, IP addresses, or hostnames that the certificate covers
Storage Area Network (SAN)
A high-speed, specialized network that provides access to consolidated, block-level data storage. SANs are designed to enhance the performance, scalability, and reliability of storage systems, making them a key solution for enterprise-level data storage requirements.
Secure Access Service Edge (SASE)
Cloud-based network architecture that combines networking and security functions into a unified service delivered through the cloud
Supervisory Control and Data Acquisition (SCADA)
A system of hardware and software used to monitor, control, and manage industrial processes
Security Content Automation Protocol (SCAP)
A framework developed by the NIST to standardize the format and exchange of security-related information for automated vulnerability management, compliance assessment, and security measurement
Software Development Kit (SDK)
A collection of software tools, libraries, documentation, and examples that developers use to create applications for a specific platform, framework, or programming language. SDKs simplify and accelerate application development by providing prebuilt components and integrations for the target environment.
Software-defined Networking (SDN)
Network management that decouples the control plane from the data plane. By using software to centrally manage and program network behavior, SDN provides greater flexibility, scalability, and automation compared to traditional networking approaches.
Software-defined Wide Area Network (SD-WAN)
A technology that uses software to control and manage wide-area networks (WANs), enabling businesses to connect geographically dispersed locations more easily and cost-effectively
Self-encrypting Drives (SED)
Storage devices, such as hard drives or solid-state drives, that have built-in encryption capabilities. These drives automatically encrypt and decrypt all data written to or read from them without requiring external software or hardware to manage the encryption process.
Security-enhanced Linux (SE Linux)
Set of kernel-level security modules that provide a mechanism for supporting access control security policies. The National Security Agency developed SE Linux in collaboration with Red Hat to enhance the security of Linux systems by enforcing mandatory access control policies.
Secure Hashing Algorithm (SHA)
Family of cryptographic hash functions designed to produce a fixed-size hash value (or checksum) for input data of arbitrary size
Security Information and Event Management (SIEM)
A comprehensive security solution that provides real-time monitoring, analysis, and management of security events and incidents within an organization's IT environment. SIEM systems collect and aggregate data from various sources, including network devices, servers, applications, and security tools, to detect, analyze, and respond to potential security threats.
Subscriber Identity Module (SIM)
A small chip-based smart card used in mobile devices to securely store and manage data related to the identity, authentication, and services of a mobile network subscriber
Single Loss Expectancy (SLE)
Quantitative risk management metric used in risk analysis to estimate the monetary loss associated with a single occurrence of a specific threat or risk
Equation = Asset Value (AV) Exposure Factor (EF)
Secure/Multipurpose Internet Mail Extensions (S/MIME)
Standard for securing email communications. It provides authentication, message integrity, and encryption for email messages, enabling users to ensure confidentiality and trustworthiness in their email communications
Simple Mail Transfer Protocol (SMTP)
Standard communication protocol used to send and relay email messages over the Internet. It ensures reliable and efficient delivery of emails from a sender's mail client or server to a recipient's mail server.
SMTPS = Simple Mail Transfer Protocol Secure
Simple Network Management Protocol (SNMP)
Protocol for monitoring, managing, and configuring devices on a network. It enables network administrators to collect and organize information about devices like routers, switches, servers, and printers, as well as perform remote management tasks.
Security Orchestration, Automation, Response (SOAR)
Collection of software tools and technologies that help organizations streamline and automate their cybersecurity operations. SOAR platforms allow security teams to manage and respond to threats effectively by integrating disparate security tools, automating repetitive tasks, and improving incident response workflows.
Sender Policy Framework (SPF)
An email authentication protocol designed to prevent email spoofing by verifying the sender's domain. It allows domain owners to specify which mail servers are authorized to send emails on their behalf.
SQL Injection (SQLi)
Security vulnerability that allows attackers to manipulate and execute malicious SQL statements in a database query. It typically exploits weaknesses in applications that fail to properly validate or sanitize user-supplied input.
Secure Real-Time Protocol (SRTP)
Protocol designed to provide encryption, message authentication, and integrity for real-time communications such as voice and video calls
Secure Shell (SSH)
Cryptographic network protocol used to securely access & manage network devices & systems over an unsecured network. SSH is widely used for remote administration of servers & systems, providing a secure channel for command-line access, file transfers, & tunneling.
Secure Sockets Layer (SSL)
A security protocol that encrypts data sent between a user's device and a website or server. SSL protects sensitive information like credit card numbers, login credentials, and addresses from being stolen or intercepted by hackers.
Single Sign-On (SSO)
A method that lets users log in to multiple applications and websites with one set of credentials
Structured Threat Information Exchange (STIX)
Standardized language and framework used to represent, analyze, and share cyber threat intelligence in a structured format. Enables organizations to exchange information about cyber threats, such as indicators of compromise, tactics, techniques, procedures, threat actors, and other relevant data.
Secure Web Gateway (SWG)
Security solution designed to protect users from web-based threats by monitoring and controlling their internet traffic. Provides a secure barrier between an organization's internal network and the public internet, preventing access to malicious websites, protecting against data breaches, enforcing security policies, and improving overall web security.
Terminal Access Controller Access Control System (TACAS+)
Centralized authentication, authorization, and accounting (AAA) protocol used to control access to network devices such as routers, switches, and firewalls
Trusted Automated Exchange of Indicator Information (TAXII)
Protocol that facilitates the secure sharing of cyber threat intelligence over the internet. TAXII is widely used in cybersecurity to automate the exchange of structured threat information between organizations, enabling better detection and response to cyber threats.
Transmission Control Protocol/Internet Protocol (TCP/IP)
Suite of communication protocols used to connect devices on the internet and most other modern networks. It provides the foundation for data exchange and network communication by defining how data is formatted, addressed, transmitted, routed, and received.
Ticket Granting Ticket Session (TGT)
Key element used to authenticate users within a secure network. It serves as proof that the user has been authenticated by the Key Distribution Center and allows the user to obtain service tickets for accessing other network resources without needing to re-enter credentials.
Temporal Key Integrity Protocol (TKIP)
Security protocol designed to enhance the security of wireless networks. It was introduced as part of the IEEE 802.11i standard to address vulnerabilities in the older Wired Equivalent Privacy protocol while maintaining compatibility with existing hardware.
Transport Layer Security (TLS)
Cryptographic protocol that ensures secure communication over a network. It is the successor to Secure Sockets Layer (SSL) and is widely used to secure data exchanged between clients and servers.
Time-of-use (TOU)
Race condition vulnerability where the system acts on the condition verified earlier, such as opening the file or executing a process
Trusted Platform Module (TPM)
Specialized hardware-based security chip embedded in many modern devices. It provides a secure environment for performing cryptographic operations and storing sensitive information, such as encryption keys, certificates, and passwords.
Tactics, Techniques, and Procedures (TTP)
Used to describe the behavior and methods of cyber attackers. Understanding these terms helps in identifying and defending against cyber threats by providing insights into how attacks are planned and executed.
User Datagram Protocol (UDP)
Communication protocol in the Transport Layer of the OSI model, used for transmitting data across networks. UDP is connectionless, meaning it doesn't establish a connection before sending data and doesn't guarantee reliable delivery.
Unified Extensible Firmware Interface (UEFI)
Modern firmware interface that has replaced the older BIOS in most recent computers and devices. UEFI serves as the intermediary between the computer's hardware and its operating system, facilitating the system's boot process and providing a platform for system configuration and management.
Uniform Resource Identifier (URI)
String of characters that uniquely identifies a resource on the internet or a network. It provides a way to locate and access resources such as web pages, files, and services in a standardized format.
USB On the Go (USB OTG)
Technology that allows USB devices to communicate with each other directly without the need for a computer to act as a host
Unified Threat Management (UTM)
Comprehensive security solution that combines multiple security features and tools into a single device or platform to provide an all-in-one defense mechanism against a wide range of security threats
Visual Basic (VBA)
Programming language developed by Microsoft that is used primarily for automating tasks in Microsoft Office applications like Excel, Word, PowerPoint, and Access
Virtual Desktop Environment (VDE)
The infrastructure and software setup that allows users to run desktop environments virtually, rather than on physical hardware
Virtual Desktop Infrastructure (VDI)
Technology that hosts desktop environments on a centralized server or cloud infrastructure. Instead of running desktop operating systems directly on a physical machine, VDI allows users to access a virtualized version of their desktop, often from remote devices such as laptops, smartphones, or thin clients.
Virtual Machine (VM)
Software-based emulation of a physical computer that runs an operating system and applications just like a real computer. VMs run on a physical host machine but are isolated from the underlying hardware by a hypervisor.
Virtual Private Cloud (VPC)
Logically isolated section of a cloud provider’s infrastructure that allows users to launch resources, such as virtual machines, networks, and storage, in a private, secure environment within the public cloud
Web Application Firewall (WAF)
Firewall designed to monitor and filter HTTP/HTTPS traffic between a web application & the internet. It’s primary purpose is to protect web applications from common threats & vulnerabilities such as SQLi, XSS, & other malicious attacks that can exploit web application weaknesses.
Wireless Access Point (WAP)
Device that allows wireless devices to connect to a wired network using Wi-Fi or related standards. It serves as an interface between the wired network infrastructure and wireless devices like laptops, smartphones, and tablets
Wireless Intrusion Prevention System (WIPS)
Security technology designed to monitor, detect, and prevent malicious activities and unauthorized access attempts within a wireless network. Specifically focuses on the protection of wireless networks, such as Wi-Fi networks.
Wi-Fi Protected Access (WPA)
Security protocol developed by the Wi-Fi Alliance to provide stronger data encryption and better network security for wireless local area networks than the older WEP (Wired Equivalent Privacy) protocol
Wi-Fi Protected Setup (WPS)
Network security standard designed to simplify the process of connecting devices to a wireless network. It was developed by the Wi-Fi Alliance to make the setup of home Wi-Fi networks easier.
Extended Detection & Response (XDR)
Integrated cybersecurity solution designed to provide comprehensive threat detection, investigation, and response across multiple security layers
Extensible Markup Language (XML)
Flexible, platform-independent text-based markup language designed for storing and transporting data. Unlike HTML, which is designed to display data in a web browser, XML is primarily used for the representation and exchange of data between different systems, applications, and organizations.
Exclusive Or (XOR)
Logical operation that compares two binary inputs and returns true (1) if exactly one of the inputs is true, and false (0) if both inputs are the same
Cross-site Scripting (XSS)
Vulnerability in web applications that allows an attacker to inject malicious scripts into content that is viewed by other users. These scripts typically execute within the context of a user’s browser, allowing the attacker to bypass security restrictions and perform unauthorized actions such as stealing sensitive data, hijacking sessions, or defacing websites.