Help
Options
Term
Transmission Control Protocol/Internet Protocol (TCP/IP)
click to flip
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't know
Term
Protocol
Remaining cards (528)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
Cyber Security
Studying for exam
| Term | Definition |
|---|---|
| Transmission Control Protocol/Internet Protocol (TCP/IP) | The language that computers most commonly use to communicate across the internet |
| Protocol | list of rules and methods for communicating |
| cleartext | Data that's easily readable |
| Unified communications | Real Time Session Initiation Protocol enabled applications |
| Risk | Likelihood that something bad will happen |
| VoIP | Voice over IP |
| Threat | Any action that could damage an asset |
| BCP (Business Continuity Plan) | Priorities to the function of an organization to keep going. Human survival is ALWAYS first |
| Disaster Recovery Plan (DRP) | How a business gets back on it's feet after a major disaster like a fire |
| vulnerability | weakness that allows a threat to be realized or to have a n effect on an asset |
| Information Systems Security | Collection of activities that protect the information system and the data stored in it |
| confidentiality | only authorized users can view information |
| integrity | only authorized users can change information. Data is accurate and Valid |
| availability | information is accessible by authorized users whenever they request the information |
| security control | something an organization does to reduce risk |
| IT security Police Framework | An outline that identifies where security controls should be used |
| Data Classification Standard | How to treat Data throughout your IT infrastructure |
| cryptography | practice of hiding data and keeping it away from unauthorized users |
| Encryption | The process of transforming data from cleartext into ciphertext |
| ciphertext | scrambled data that are the result of encrypting cleartext |
| Uptime | total amount of time a system, application, and data are accessible. Often represented as a percentage of time available |
| Downtime | Total amount of time that a system, application,a nd data are NOT accessible. Measured in unites of seconds, minutes, and hours for a calendar month. |
| Availability | A= Total Uptime/(Total Uptime + Total Downtime) |
| Mean Time to Failure (MTTF) | Average amount of time between failures for a particular system. |
| Mean Time to Repair (MTTR) | Average amount of time it takes to repair a system, application, or component. |
| Mean Time Between Failures (MTBF) | Predicted amount of time between failures of an IT system during operation |
| Recovery Time Objective (RTO) | Amoung of time ti takes to recover and make a system, application, and data available for use after an outage |
| Service Level Agreements (SLO) | contract that guarantees a minimum monthly availability of service. There may be other items included |
| User Domain | the people who access and organization's information system |
| thin client | software or an actual computer with no hard drive that runs on a network and relies on a server to provide applications, data, and all processing. (Chromebook) |
| thick client | more fully featured hardware that contains a hard drive and applications and processes data locally. |
| Hardening | process of ensuring that controls are in place to handle any known threats |
| LAN (Local Area Network) | collection of computers connected to one another or to a common connection medium. |
| Network Interface Card (NIC) | interface between the computer and the LAN physical Media. It has a 6 byte Media Access Control (MAC) Layer address that serves as the unique hardware identifier |
| Lan switch | the device that connects workstations into a physical ethernet. |
| Layer 2 switch (LAN) | examines the MAC layer and address and makes forwarding decisions basked on MAC layer address tables |
| Layer 3 switch (LAN) | Examines the network layer address and routes packets based on routing protocol path determination decisions. AKA a router. |
| Virtual LAN (VLAN) | configuring workstations to be on the same Ethernet or broadcast domain even if connected elsewhere physically |
| Port 80: Hypertext transfer protocol (HTTP) | communications protocol between web browsers and websites with data in cleartext |
| Port 20: File Transfer Protocol (FTP) | Protocol for performing File Transfers. Individual Packets are numbered and acknowledged as being received to increase integrity of the file transfer |
| Port 69: Trivial File Transfer Protocol (TFTP) | utilizes UDP as a connectionless data transmission but in cleartext. Does not guarantee packet delivery |
| Port 22: Secure Shell (SSH) | Network Protocol for performing remote terminal access to another device. Encrypts the data transmission for maintaining confidentiality of communications. |
| IP Router | device used to transport IP packets to and from the Internet or WAN. |
| ACL | Access Control Lists |
| Port 23: Terminal Network (Telnet) | network protocol for performing remote terminal access to another device |
| IP Stateful Firewalls | security appliance used to filter inbound IP Packets based on various ACL Definitions |
| Demilitarized zone | LAN segment in the LAN to WAN Domain that acts as a buffer zone for inbound and outbound IP Traffic |
| Intrusion Detection System | Examines IP Data streams for common attack and malicious intent patterns. Will give alarms but not block traffic. |
| Intrusion Prevention System | can block malicious IPs |
| Proxy Server | Middleman between workstation and external target. |
| Virtual Private Network (VPN) | Dedicated Encrypted Tunnel from one endpoint to another. |
| remote access domain | Stuff like E-mail, etc. On an outside server. |
| token | second level verifying software |
| Biometric | uses something you are to verify your identity |
| User | the weakest link in the security of an IT infrastructure |
| Policy | A short written statement that the people in charge have set as a course of action or direction. Comes from Upper Management and applies to the entire organization |
| Standard | detailed written definition for hardware and software and how they are to be used. Used for Consistency in system |
| Procedures | these are written instructions for how to use policies and and standards. Can include plan of action, installation, testing, and auditing |
| Guidelines | suggested course of action for using the policy standards or procedures |
| Acceptable Use Policy | defines actions taht are and are not allowed with respect to the use of organization owned IT assets. |
| security awareness policy | how to ensure that all personnel are aware of the importance of security and behavioral expectations under the organizations security policy. |
| masking | hiding some of the characters of sensitive data |
| Application Service Provider (ASP) | software companies that build applications hosted in teh could and on the internet |
| Software as a Service (Saas) | instead of installing something on their computer, it is an app run in a browser |
| Business to Consumer (B2C) | create an online storefront for customers to purchase goods and services directly from their website |
| Business to Business (B2B) | build online systems with links for conducting sales with other businesses, usually for integrated supply-chain purchases and deliveries. |
| CIA | Confidentiality, integrity, and availability |
| PCI DSS | Payment card industry Data Security Standard |
| Mobile Node (MN) | mobile device that moves from one network to another, has a fixed IP regardless of network |
| Home Agent (HA) | Router with additional capabilities over standard routers, it keeps track of the MNs it manages. If an MN leaves a network, it can forward packets to the current network |
| Foreign Agent (FA) | router with additional capabilities connected to another network, it assigns an MN a local address. |
| Care of Address (CoA) | the local address for the MN when it connects to another network. |
| Correspondent node | It wants to communicate with the MN |
| de-identified data | data that can not be linked back to you |
| Transitive Access | the desired target system or service is indirectly attacked by first compromising a system trusted by the target |
| botnet | many internet connected computers under the control of a remote hacker |
| asset | any item that has value |
| armored virus | hardened code that makes it difficult to reverse engineer and build anti virus |
| ransomware | pay to keep files from being deleted |
| cryptolocker | pay to de encrypt files |
| Opportunity Cost | amount of money lost due to downtime AKA true downtime cost |
| cracker | has hostile intent, possesses sophisticated skills, and may be interested in financial gain |
| Protocol Analyzer (Port Sniffer) | software program that enables a computer to monitor and capture network traffic. |
| promiscuous mode | every data packet can be seen and captured by a sniffer |
| port scanner | tool used to scan IP host devices for open ports that have been enabled |
| OS Fingerprint Scanner | allows an attacker to send a variety of packets to an IP host device in order to determine the Operating System |
| vulnerability scanner | software program used to identify and, when possible, verify vulnerabilities on an IP host device |
| wardialer | computer program that dials telephones numbers looking for a computer on the other end |
| cryptographic hash | algorithm that converts a large amount of data to a single long number, that is unlikely to be duplicated. |
| Logic Attacks | use software flaws to crash or seriously hinder the performance of remote servers |
| flooding attacks | overwhelm the victim computer's CPU, memory, or network resources by sending large numbers of useless requests to the machine |
| SYN flood | attacker sends a large number of packets requesting connections to the victims computer. |
| smurfing | directed broadcast to create a flood of network traffic for the victim's computer |
| between the lines wiretapping | does not alter the messages sent by a legitimate user but inserts additional messages into the communication line when the legitimate user pauses |
| Piggyback entry wiretapping | intercepts and modifies the original message by breaking the communications line and routing the message to another computer that acts as a host |
| rootkits | malicious software programs designed to be hidden from normal methods of detection. |
| business drivers | people, information, and conditions that support business objectives |
| Risk Management | the process of identifying, assessing, prioritizing, and addressing risks. |
| Risk equation | Risk - Threats X Vulnerabilities (can be positive or negative) |
| Risk Methodology | how you will manage risk |
| risk register | list of identified risk |
| Risk Information minimum | Description of the risk, expected impact if it happens, probability of it happening, steps to mitigate risk, steps to take if it happens, rank of the risk |
| Delphi method | a way of evaluating risk by using repeated rounds of anonymous surveys |
| Business Impact Analysis | formal analysis of an organisation's functions and activities that classifies them as critical or non critical |
| Recovery Point Objective (RPO) | measured in time, it's the maximum amount of data loss that is acceptable |
| Recovery Time Objective (RTO) | maximum allowable time to recover the function |
| Business Recovery Requirements | identify any other business functions that must already be in place for the X to occur |
| technical recovery requirements | define the prerequisites that are needed to support each critical business function |
| Business Continuity Plan (BCP) | a written plan for a structured response to any event that result in an interruption to critical business activities or functions |
| Elements of a BCP | Policy statement/definitions, defined team members, emergency response procedures, situation/damage asses, resource salvage and recovery, alternate facilities |
| Disaster Recovery Plan (DRP) | actions necessary to recover after a disaster |
| Checklist test | each participant follows steps on the DRP X and provides feedback |
| Structured walk-through | Use roleplaying to simulate a disaster and then follows through with as many of the effects of the simulated disaster as possible without affecting live operations |
| Simulation test | The DRP uses roleplaying and follows through with as many of the effects of a simulated disaster as possible without affecting live operations |
| Parallel test | Enables full processing capbility at an alternate data center to test DRP without interrupting the primary data center |
| Full-interruption test | tests the DRP at the primary data center |
| security gap | the difference between the security controls you have in place and the controls you need to address all vulnerabilities |
| security policy | defines a risk mitigating definition or solution for your organization |
| gap analysis | a comparison of the security controls you have in place and the controls you need to order to address all identified threats |
| CIA | Confidentiality Integrity Availability |
| Mobility | allows remote workers and employees to be connected to the IT Infrastructure in real time |
| Data Ownership | Personal Data belongs to the Employees |
| Support ownership | employee owns the IT asset and all support and maintenance responsibilities unless reimbursement is approved by the organization |
| Patch Management | patches are preformed by the employee on his or her own device as defined by policy |
| Antivirus management | device must have X installed |
| Onboarding/offboarding | handling of the personally owned IT asset during employee termination/removal of access controls |
| acceptable use policy | employees must abide by all organizational policies and procedures |
| 3 leg perimeter | type of DMZ where a firewall has three legs that connect to the LAN, the Internet, and the DMZ |
| 10 tape rotation | a back up rotation scheme in which ten back up tapes are used over the course of two weeks |
| 802.1X | An Authentification technology used to connect devices to a LAN or WLAN. It is an example of port based network access controls (NAC) |
| Acceptable Use Policy (AUP) | Policy that defines the rules that restrict how a computer, network, or other system may be used. |
| Access Control List (ACL) | A list of permissions attached to an object specifying what level of access a user, users, or groups have to that object. When dealing with firewalls, a (BLANK) is a set of rules that applies to a list of network names, IP Addresses, and port numbers |
| Access Control Model | Specifies methodologies by which admission to physical areas and, more importantly, computer systems is managed and organized. |
| account expiration | the date when a user's account he uses to log onto the network expires. |
| accounting | the tracking of data, computer usage, and network resources. Often it means logging, auditing, and monitoring of the data and resources. |
| active interception | normally refers to placin a computer between the sender and the receiver in an effort to capture and possibly modify information. |
| active reconnaissance | Gaining information about a target system using active, engaging, techniques |
| ad filtering | ways of blocking and filtering out unwanted advertisments, pop up blockers, and content filters are considered to be ad filtering methods |
| address space layout randomization (ASLR) | A technique used to prevent the exploition of memory vulnerabilities. |
| Advanced Encryption Standard (AES) | A symmetric key encryption standard, used with WPA and WPA 2, that is the successor to DES/3DES and is composed of three different block ciphers: AES-123, AES-192, and AES-256 |
| Advanced Persistent Threat (APT) | A set of computer-attacking processes that targets private organizations or nation states. Also refers to a group (ofter a government) that persistently targets a specific entity |
| Adware | Type of spyware that pops up advertisements based on what it has learned about the user. |
| agile model | a type of SDLC based on being adaptive to change and cooperation between business people, customers, and developers. |
| air gap | a method of securing a control unit, system, or netowkr through isolation and possibly shielding |
| algorithms | Well-defined instructions that describe computations from their initial state to their final state |
| always-on VPN | A method of blank where the user can always access the connection without the need to periodically disconnect and reconnect. It often uses SSL/TLS for encrypted connections instead of PPTP or L2TP |
| anomaly-based monitoring | Also known as statistical (blank) establishes a performance baseline based on a set of normal network traffic evaluations |
| AP Isolation | Each Client connected to the AP will not be able to communicate with each other, but they can each still access the internet |
| application blacklisting | A method of disallowing one or more (Blank) from use |
| application containerization | a virtualization method that allows an organization to run blank without launching an entire virtual machine. Also known simply as containerization |
| application firewall | a blank that can control the traffic associate with specific blank. Works all the way up to the blank layer of the OSI model |
| application level gateway (ALG) | Applies security mechanisms to specific applications, such as FTP and/orBitTorrent. It supporsts address and port translation and checks whether the type of application traffic is allowed. |
| application whitelisting | a method of restricting users to specific blank |
| ARP Poisoning | an attack that exploits ethernet networks and mahy enable an attacker to sniff frames of information, modify that information, or stop it from getting to its intended destinations |
| asymmetric key algorithm | a type of cipher that uses a pair of different keys to encrypt and decrypt data |
| attack vector | the path or means by which an attacker gaines access to a computer |
| attestation | the act of verifying whether a process is secure, for example, the secure boot process of a UEFI-based system |
| attribute-based access control (ABAC) | An access model that is dynamic and context aware and uses IF-THEN statements and a combination of policies to control access to resources |
| audit trail | record or log that shows the tracked actions of users, regardless of whether the users successfully completed the actions |
| authentication | when a person's identity is confirmed. Blank is the verification of someone's identity |
| authorization | When a user is granted access to specific resources after authentication is complete |
| availability | Data is obtainable regardless of how information is stored, accessed, or protected |
| backdoors | used in computer programs to bypass normal authentication and other security mechanisms in place |
| back-to-back perimeter | part of an emergency power system used when there is an outage of regular electric grid power |
| baiting | When a malicious individual leaves malware infected removable media, such as a USB drive or optical drive, lying around in plain view |
| banner grabbing | a technique used to gain information about servers and take inventory of systems and services It can be used legitimately by network administrators or illegitimately by attackers to grab information such as HTTP Headers |
| baseline reporting | Identification of the security posture of an application, system, or network. |
| baseline | the process of measuring changes in networking, hardware, software, and so on |
| behavior based monitoring | a monitoring system that looks at th4e previous behavior of applications, executable, and/or the operating system and compares that to current activity on the systems |
| biometrics | the science of recognizing humans based on one or more physical characteristics |
| birthday attack | an attack on a hashing system that attempts that attempts to send two different messages with the same has function, causing a collision |
| black-box testing | when people test a system but have no specific knowledge of the system code involved with the system |
| black hat | a hacker that breaks into a computer system without permission with the express purpose of theft |
| blackout | When a total loss of power for a prolonged period occurs |
| block cipher | A type of algorithm that encrypts a number of bits as individual unites known as blocks |
| Blowfish | A 64 bit block cipher designed by Bruce Schneier as an alternative to DES |
| Bluejacking | The sending of unsolicited messages to Bluetooth-enabled devices such as mobile phones and tablets |
| Bluesnarfing | The unauthorized access of information from a wireless device through a Bluetooth connection |
| botnet | A group of compromised computers used to distribute malware across the Internet; the members are referred to as X and are usually zombies |
| broadcast storm | When there is an accumulation of broadcast and multicast packet traffic on the LAN coming from one or more of the network interfaces |
| Brownout | when the voltage drops to such an extent that it typically causes the lights to dim and causes computers to shut off. |
| brute force attack | A password attack where every possible password is attempted |
| buffer overflow | When a process stores data outside the memory that the developer intended to be used for storage. This could cause erratic behavior in the application, especially if the memory already had other data in it. |
| Business Impact Analysis (BIA) | The examination of critical versus noncritical function, part of a BCP |
| Butt set | A device that looks similar to a phone but has alligator clips that can connect to the various terminals used by phone equipment, enabling a person to listen in on a conversation. Also called a lineman's handset. |
| CAM Table | The content Addressable Memory table, a table that is in a switch's memory that contains ports and their corresponding MAC address |
| CAPTCHA | A type of challenge response mechanism used primarily in websites to tell whether or not the user is human. Stands for Completely Automated Public Turning test to tell Computers and Humans Apart |
| Certificate | Digitally signed electronic document that binds a public key with a user identity |
| Certificate Authority | The entity (usually a server) that issues digital certificates to users |
| Certificate Revocation List (CRL) | A list of certificates no longer valid or that have been revoked by the issuer. |
| Chain of custody | Documents |
| Challenge Handshake Authentication Protocol (CHAP) | An Authentication scheme used by the point to point protocol (PPP) that is the standard for dial up connections |
| Change Management | A structured way of changing the state of a computer system, network, or IT Procedure |
| Chromatic Dispersion | The refraction of light as in a rainbow. If light is refracted in such a manner on fiber-optic cables, the signal cannot be read by the receiver. |
| Cipher | An Algorithm that can perform encryption or decryption |
| Circuit-level gateway | Works at the session layer of the OSI model and applies security mechanisms when a TCP or UDP connection is established; acts as a go-between for the transport and application layers in TCP/IP |
| closed-circuit television (CCTV) | A video system (often used for surveillance) that makes use of traditional coaxial-based video components, but is used privately, within a building or campus |
| cloud computing | A way of offering on-demand services that extend the capabilities |
| Cluster | Two or more servers that work with each other |
| cold site | A site that has tables, chairs, bathrooms, and possibly some technical set up but will require days if not weeks to set up properly |
| collision | When two different files end up using the same hash, which is possible with less secure hashing alghorithms |
| Common Vulnerabilities and Exposures (CVE) | An online list of known vulnerabilities (and patches) to software, especially web servers. It is maintained by the MITRE Corp |
| Computer security audits | Technical assessments made of applications, systems, or networks |
| confidentiality | preventing the disclosure of information to unauthorized persons |
| content filters | individual computer programs that block external files that use Javascript or images from loading into the browser |
| context aware authentication | An adaptive way of authenticating users based on their usage of resources, and the confidence that the system has in the user |
| Controller Area Network (CAN) | A multimaster serial bus that allows connectivity between the various microcontrollers in an automobile |
| cookies | text files placed on the client computer that store information about it, which could include your computers browsing habits and credentials. Tracing cookies are used by spyware to collect info and can be used to hijack a session |
| crossover error rate (CER) | The collective analysis and comparison of the false acceptance rate (FAR) and false rejection rate (FRR) AKA Equal Error Rate |
| Cross-site request forgery (XSRF) | An attack that exploits the trust a website has in a user's browser in an attempt to transmit unauthorized commands to the website. |
| Cross Site Scripting (XSS) | A type of vulnerability found in web applications used with session hijacking. Blank enables an attacker to inject client-side scripts into web pages |
| cross talk | when a signal transmitted on one copper wire creates an undesired effect on another wire |
| crypto analysis attack | A password attack that uses a considerable set of precalculated encrypted passwords located on a look up table |
| Cryptographic hash functions | Hash functions based on block ciphers |
| Cryptography | The practice and study of hiding info |
| Data Emanation | AKA Signal Emanation the electromagnetic field generated by a network cable/device which can be manipulated to eavesdrop on convos or steal data |
| Data Encryption Standard | An older type of block cipher selected by the US federal govt in the 70's as an encryption standard. Now obsolete. |
| Data Loss Prevention (DLP) | Systems that are designed to prtoecte data by way of content inspection. They are meant to stop the leakage of confidential data, mostly in communications |
| Data at rest | Inactive data that is archived |
| data in transit | data that crosses the network or data taht resides in computer memory |
| data in use | data that is undergoing constant change. |
| default account | an account installed by default on a device or within an operating system with a default set of user credentials. Usually insecure |
| Defense in depth | The building up and layeirng of security measures that protect data from inception, on through storage and network transfer, and lastly to final disposla |
| DMZ (Demilitarized zone) | A special area of the network/subnetwork that houses servers that host information accessed by clients or other networks on the internet |
| Denial of Service | Covers many different network attacks that cause it to be unavailable |
| Dictionary Attack | A password attack that uses a prearranged list of likely words, trying them out one at a time |
| diferential backup | type of backup that backs up only the contents of a folder that have changed since last full backup |
| diffie-hellman key exchange | invented in the 70's, the first practical method for establishing a shared secret key over an unprotected communications channel |
| digital signature | a signature that authenticates a document through math. |
| directory traversal | aka the ../ attack. A method of accessing unauthorized parent directories |
| disaster recovery plan (DRP) | A plan that details the policies and procedures concerning the recovery and/or continuation of an organization's technology infrastructure |
| discretionary access control (DAC) | An access control policy generally determined by the owner |
| disk duplexing | when each disk ins connected to a separate controller |
| distributed denial of service attack | an attack in which a group of compromised systems attack a single target. Usually uses a botnet |
| diversion theft | when a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location |
| DNS Amplification attack | an attack that initiates a DNS Request with a spoofed source address. Responses (larger than the request) are sent to the victim server in an attempt to flood it. |
| DNS Poisoning | The modification of name resultion information that should be in a DNS Server's cache |
| domain name kiting | the process of deleting a domane name during the five day grace period and immediately reregistering it for another 5 day period to keep the name indefinitely and for free |
| downgrade attack | when a protocol is downgraded from the current version to a previous version, exploiting backward compatibility |
| due care | the mitigation action that an organization takes to defend against the risks that have been uncovered during due diligence |
| due diligence | ensuring that IT infrastructure risks are known and managed |
| due process | the principle that an organization must respect and safegaurd's personnel rights |
| dumpster diving | when a person literally scavengers for private information in garbage and recycling containers |
| eavesdropping | when a person uses direct observation to "Listen" in to a conversation |
| electromagnetic interference (EMI) | a disturbance that can affect electrical circuts, devices, and cables due to electromagnetic conduction or radiation |
| eliptic curve cryptography (ECC) | a type of public key cryptography based on teh structure of an elliptic curve |
| elliptic curve Diffie-Hellman Ephemeral | An asymmetric algorithm created by Diffie and Hellman that is based on elliptic curve cryptography and runs in ephemeral mode |
| encryption | the process of changing information using an algorithm (or cipher) into another form that is unreadable by others - unless they possess the key to that data |
| ethical hacker | An expert at breaking into systems and can attack systems on behalf of the system's owner and with the owner's concent |
| evil twin | a rogue wireless access point that uses the same SSID as a nearby legit access point |
| explicit allow | When an administrator sets a rule taht allows a specific type of traffic through a firewall, often with an ACL |
| explicit deny | when an administrator sets a rule that denises a specific type of traffic accces through a firewall, often within an ACL. |
| Extensile authentification protocol (EAP) | Not an authentication mechanism an in itself but instead defines message formats. |
| fail-open mode | When a switch broadcasts data on all ports the way a hub does |
| failover clusters | AKA High-availability clusters, these are designedc so that a secondary server can take over in the case that the primary one fails, with limited or no downtime |
| false acceptance | When a biometric system authenticates a user who should not be allowed in |
| false negative | when something is not blocked because the system thinks it's legitimate |
| false positive | when legitimate traffic is blocked when it shouldn't be |
| false rejection | when a biometric system fails to recognize an authorized person that doesn't allow that person access |
| faraday cage | enclose formed by conducting material or by a mesh of such material. It blocks out external static electric fields and can stop emanations from devices in the cage from being sent. |
| federated identity managemetn | When a user's identity is shared across multiple identity management systems |
| FAR | False acceptance rate |
| fire suppression | the process of controlling and/or extinguishing fires to protect peopel and an organization's data and equipment |
| firewall | a part of a computer system or network designed to block unauthorized access while permitting authorized communications. It permits or denies applications based on rules or other criteria |
| first responders | People who perform preliminary analysis of the incident data and determine whether the incident is an incident or just an event, and the criticality of the incident |
| flood guard | security feature implemented on some firewalls to protect against SYN floods and other flooding attacks. Also known as an attack guard |
| fork bomb | an attack that works by creating a large number of processes quickly to staurate the available processing space in teh computer's operating system. It is a type of wabbit |
| Fraggle | a type of DOS similar to the smurf attack, but the traffic sent is UDP echo traffic as opposed to ICMP Echo traffic |
| full backup | Type of backup where all the contents of a folder are backed up |
| fuzz testing | Also called fuzzing, a type |
| GNU Privacy Guard (GPG) | A free Alternativev to PGP that is compiant with OpenPGP |
| Grandfather-father-son | A backup rotation scheme in which three sets of backup tapes must be defined - usually they are daily, weekly, and monthly, which correspond to son, father, and grandfather |
| grayware | a general term used to describe applications that are behaving improperly but without serious consequences: usually spyware |
| Group Policy | Used in Microsoft Enviroments to govern user and computer accounts through a set of rules. |
| hacktivist | An attacker who has an agenda that may or may not be benign |
| hardening | The act of configuring an OS securely, updating it, creating rules, and policies to help govern the system in a secure manner, and removing unnecessary applications and services |
| hardware security module (HSM) | A physical decice that deals with the encryption of authentication processes, digital signings, and payment processes, |
| hash | A summary of a file or message. It is generate to verify the integrity of the file or message |
| hash function | a mathematical procedure that converts a variable sized amount of data into a smaller block of data |
| high availability | when a system or component is continually operational for an extended period of time |
| honeynet | one or more computers or servers used to attract and trap potential attackers to counteract any attempts at unauthorized access |
| host based intrusion detection system (HIDS) | A type of system loaded on an individual computer that analyzes and monitors what happens inside the computer |
| hot and cold aisles | the aisles in a server room or data center that circulate cold air into the systems and hot air out of them |
| hotfix | originally defined as a patch to an individual OS or application to fix a single problem, installed live, and without a reboot. But meaning has changed |
| HTTP Proxy | Caches web pages from servers on the Internet for a set amount of time |
| Hypervisor | THe portion of virtual machine software that allows multiple virtual operating systems to run at the same time on a single computer |
| identification | When a person is in a state of being identified |
| identity proofing | An initial validation of identity |
| implicit deny | Denies all traffic to a resource unless the users generating that traffic are specifically okayed |
| incident management | The monitoring and detection of security events on a computer network and the execution of proper responses to those security events |
| incident response | a set of procedures that an investigator follows when examining a computer security incident. |
| incremental back up | type of backup that backs up only the contents of a folder that have changed since the last full or incremental back up. |
| Information assurance (IA) | the practice of managing risks that are related to computer hardware and software systems |
| information security | the act of protecting information from unauthorized access. |
| Infrastructure as a service (IaaS) | A cloud computing service that offers computer networking, storage, load balancing, routing, and VM Hosting |
| Input Validation | Also called data validation, a process that ensures the correct usage of data |
| integer overflow | When arithmetic operations attempt to create a numeric value that is too big for available memory space |
| integrity | ensuring that data can be modified only by those authorized to do so |
| interconnection security agreement (ISA) | An agreement that is established between two or more organizations that own and operate connected IT systems and data |
| Internet Content Filter | a filter that is usually applied as software at the application layer and can filter out various types of internet activities |
| internet protocol security (IPsec) | A TCP/P protocol that authenticates and encrypts IP Packets, effectively securing communications between computers and devices using the protocol. |
| IP Proxy | Secure a network by keeping machines behind it anonymous. It does this through the use of NAT |
| IV Attack | A type of related-key attack based on the initialization vector of wireless network communications, where an attacker observes the operation of a cipher using several different keys and finds a mathematical relationship between them |
| Job rotation | when users are cycled through various assignments |
| kerberos | An authentication protocol that enables computers to prove their identity to each other in a secure manner |
| key | the essential piece of information that determines the output of a cipher |
| key escrow | When certificates keys are held in case third parties need access to encrypted communications |
| key recovery agent | software that can be used to archive and restore keys if necessary |
| key stretching | Takes a weak key, processes it, and outputs an enhanced and more powerful key. Usually increasing key to 128 bytes |
| LANMAN hash | the original hash used to store Windows passwords, known as LM hash, based off of DES |
| Layer 2 tunneling protocol (L2TP) | A tunneling protocol used to connect virtual private networks. It does not include confidentiality and encryption on it's own. |
| Least functionality | When a computer is configured to only allow required functions, applications, services, ports, and protocols |
| least privilege | when a user is given only the amount of privileges needed to do their job |
| lightweight directory access protocol (LDAP) | An application laher protocol used for accessing and modifying directory services data |
| Load-balancing clusters | When multiple computers are connected in an attempt to share resources |
| locally shared objects (LSO's) | Also known as flash cookies, files stored on user's computer that allow websites to collect information about visitors. |
| Logic bomb | Code that has, in some way, been inserted into software. Meant to initiate some malicious funciton when specific criteria are met. |
| MAC filtering | A method used to filter out which computers can access the wireless network |
| MAC flooding | An attack that sends numerous packets to a switch, each of which has a different source MAC address, in an attempt to use up memory |
| MAC spoofing | an attack where the attacker masks the MAC address of the computer's network adapter. |
| Malware | Software designed to infiltrate a computer system and possibly damage it. |
| Mandatory access Controls (MAC) | An access control policy determined by a computer system |
| Mandatory Vacations | When an orginization requires that employees take a certain number of days off consecutively, helping to detect fraud, etc |
| Man in the browser (MITB) | infects a vulnerable web browser and modifies online transactions. Similar to MitM |
| mantrap | an area between two doorways, meant to hold people until they are identified and targeted. |
| many to one mapping | when multiple certificates are mapped to a single recipient |
| measured boot | taking measurements of the secure boot process, signs those results witha TPM, and reports to hse measurements to a trusted third party such as a remote attestation service |
| memo of understanding (MoU) | Letter of intent between two entities concerning SLAs and BPAs |
| Memory leak | hen a program allocates memory but does not free it up properly after the process using it has been completed |
| message-digest algorithm 5 (MD5) | A 128 bit key has used to provide integrity of files and messages |
| mobile device management (MDM) | A centralized software solution that allows for the control and configuration of mobile devices |
| Mutual Authentication | When two computers verify each other's identity. |
| Network Access Control (NAC) | Sets the rules by which connections to a network are governed |
| Network Action Translation (NAT) | The process of changing an IP address while it is in transit across a router. |
| Network Intrusion Detection System (NIDS) | A type of IDS that attempts to detect malicious network activities by constantly monitoring traffic. |
| Network Intrusion Protection System (NIPS) | Designed to inspect traffic and, based on it's configuration or security policy, deal with malicious traffic in different ways |
| Network Management System (NMS) | The software run on one or more servers that controls the monitoring of network-attached devices and computers |
| Network Mapping | THe study of physical and logical connectivity of networks |
| network perimeter | the border of a computer network, commonly secured by devices such as firewalls and NIDS/NIPS |
| Null Pointer Dereference | A memory dereference that can result in a memory fault error |
| null session | a connection to the windows interprocess communications share (IPC$) that can be a (Blank) attack, which makes unauthenticated NetBIOS connections to a target computer |
| nonce | a random number issued by an authentication protocol that can only be used once. |
| Non promiscuous mode | when a netowrk adapter captures only the packets that are addressed to it |
| non repudiation | the idea of ensuring that a person or group can not refute the validity of your proof against them |
| NTLM Hash | successor to the LM hash. A more advanced hash used to store Windows passwords based off the RC4 algorithm |
| NTLMv2 Hash | Successor to the NTLM hash, based off of MD5 |
| Null session | when used by an attacker, a malicious connection to the windows interprocess communications share (IPC$) |
| onboarding | when a new employee is added to an organization, and to it's identity and access management |
| one-time pad | a cipher that encrypts paintext with a secret random key that is the same length as the plaintext. |
| one to one mapping | when an individual certificate is mapped to a single recipient |
| one-way function | a hash that is easy to computer when generated but difficult (or impossible) to compute in reverse |
| Online certificate status protocol (OCSP) | An alternative to using a certificate revocation list. It has less info and does not require encryption |
| Open mail replay | also known as an SMTP Open relay, enables anyone on the internet to send e=mail through an SMTP server |
| Open Vulnerability and Assessment Language (OVAL) | A standard and a programming language designed to standaridzie the transfer of secure public information across networks and the internet using any security tools and services available |
| packet filtering | in the context of firewalls, inspects each packet passing through the firewall and accepts or rejects it based on rules |
| pash the hash | an attack where password hashes are obtained from a server and reused in an attempt to trick the server's authentication system |
| passive reconnaissance | gaining information about a target system without engaging the system. |
| password cracker | software tool used to recover passwords from hosts or to discover weak passwords |
| PBKDF2 | a type of key stretching software that incorporates salting for additional security, usually used in password hashing. |
| Permanent DOS attack (PDOS) | Generally consisting of an attacker's exploiting security flaws in routers and other netowrkign hardware by flashing the firmware of the device and replacing it with a modified image |
| permissions | control which file system resources a person can access on the network |
| personal firewall | an application that protects an individual computer from unwanted internet traffic |
| pharming | when an attacker redirects one website's traffic to another bogus and possibly malicious website by modifying a DNS server or host file |
| phishing | getting info by pretending to be trustworthy |
| piggybacking | when an unauthorized person tags along with an authorized person to a restricted area |
| ping flood | when an attacker attempts to send many ICMP echo requests packets to a host in an attempt to use up all available bandwith |
| Ping of Death (PoD) | a type of DOS that sends an oversided and/or malformed packet to another computer |
| pivot | a technique used to gain access to other systems or other parts of the network after an initial system has been exploited |
| platform as a service | a cloud computing service that provides various software solutions to organizations, especially the ability to develop applications without the cost or admin of a physical platform |
| Point to Point Tunneling protocol (PPTP) | A tunneling protocol used to support VPNS. |
| policy | rules or guidelines used to guide decisions and achieve outcomes. |
| Port address translation (PAT) | Like NAT but translates both IP addresses and port numbers |
| Port mirroring | when you configure one of more ports on a switch to forward all packets to another port |
| port scanner | software used to decipher which ports are open on a host |
| pre-shared key | a key based on a generated (Or selected)passphrase that is used to enable connectivity between wireless clients and an access poitn |
| pretexting | when a person invents a scenario in the hopes of persuading the victim to divulge info |
| Pretty Good Privacy (PGP) | An encryption program used primarily for signing, encrypting, and decrypting e-mails in an attempt to increase the security of e-mail communications |
| private key | a type of key that is known only to a specific user or users who keep the key a secret |
| privilege escalation | the act of exploiting a bug or design flaw in a software or firware application to gain access to resources that normally would've been protected from an application or user |
| protected distribution system | security system implemented to protect unencrypted data transfer over wired networks |
| protected extensible authentication protocol (PEAP) | protocol used to encapsulate EAP packets within encrypted and authenticated tunnels |
| proxy auto-configuration (PAC) | a file in web browsers that automatically chooses the appropriate proxy server. |
| proxy server | acts as an intermediary between clients, usually located on a LAN, and the servers that they want access |
| Public key | a type of key that is known to all parties involved in encrypted transactions within a given group |
| public key cryptography | uses asymemetric keys alone or in addition to symmetric keys. Creates secret private key and published public key |
| public key infrastructure (PKI) | an entire system of hardware and software, policies and procedures, and people used to create, distribute, etc digital certs |
| qualitative risk assessment | an assessment that assigns numeric values to the probablity of a risk and the impact it can have on the system or network |
| quantitative risk assessment | an assessment that measures risk by using exact monetary values |
| race condition | an exploitable situation that happens when a system or application is preforming two tasks and the time between them can be exploited to gain access to the program, change a file, or gain access to a resource |
| Radio Frequency Interface (RFI) | Interface that can come from AM/FM transmissions and cell towers |
| RAID 1 | Mirroring. Data is copied to two identical drives. If one fails the other continues to operate |
| RAID 10 | Combining the advantages of RAID 1 and 0, normally tow sets of RAID 1 mirrors (minimum) and then striped |
| RAID 5 | Striping with Parity. Data is striped across multiple drives; fault-tolerant parity data is also written to each drive |
| RAID 6 | Striping with double parity, four drives minimum |
| Rainbow table | In password cracking: a set of precalculated encryptd passwords located in a look up table |
| recovery point objective (RPO) | In business Impact Analysis the acceptable latency of data |
| Recovery Time Objective (RTO) | In business Impact Analysis, the acceptable amount of time to restore a function |
| Redundant ISP | Secondary connections to another ISP |
| Redundant Power Supply | An Enclosure that contains two complete power supplies, the second of which turns on when the first fails. |
| registration Authority (RA) | Used to verify requests for certificates |
| Remote Access Service (RAS) | A networking Service that allows incoming connections from remote Dial-in Clients. |
| Remote Access Trojan (RAT) | A type of Trojan sent to gain back end access to a server, taking control of it, often from malicious purposes. |
| Remote Authentication Dial-In User Service (RADIUS) | Used to provide centralized admin of dial up, VPN and WIreless Authentication |
| Remote Code Execution (RCE) | When an attacker acquires control of a remote computer though a code vulnerability. (like a URL field) |
| Removable Media Controls | Security controls put in place to protect the data residing on USB flash drives and other removable media, and to protect the systems that they connect to. |
| Replay attack | an attack in which valid data transmission is maliciously or fraudulently repeated or delayed |
| residual risk | the risk that is left over after a security plan and a disaster recovery plan have been implemented |
| risk acceptance | the amount of risk an organization is willing to accept. |
| Risk Assessment | the attempt to determine the number of threats or hazards that could possibly occur in a given amount of time to computers/networks. |
| risk avoidance | when an organization avoids risk because the risk factor is too great |
| risk management | The identification, assessment, and prioritization of risk, and the mitigation and monitoring of those risks |
| risk mitigation | when a risk is reduced or eliminated all together |
| risk reduction | When an organization mitigates risk to an acceptable level |
| risk register | helps to track issues and address problems as they occur. AKA Risk Log |
| Risk transference | The transfer or outsourcing of risk to a third party i.e. insurance or risk sharing |
| rogue access point | an unauthorized wireless access point/router that allows access to secure networks. |
| role based access control (RBAC) | An access model that works with sets of permissions, instead of individual permissions that are label-based, so roles are created for various job functions in the organization |
| Root of Trust (RoT) | A set of code and functions, usually embedded into a trusted platform module, that allows or denies tasks such as booting and drive encryption |
| RSA | A public key cryptography algorithm created by Rivest, Shamir, Adleman. It is commonly used in E-Commerce |
| sag | An unexpected decrease in the amount of voltage provided |
| Salting | the randomization of the hashing process to defend against crpytanalysis password attacks and rainbow Tables |
| sandbox | when a web script runs in its own environment for the for the express purpose of not interfering with other processes |
| secure code review | An in depth code inspection procedure |
| secure coding concepts | the best practices used during the life cycle of software development |
| secure hash algorithm | A group of hash functions designed by the NSA and published by the NIST, widely used in government. The most common currently is SHA-1 |
| Secure/Multipurpose Internet Mail Extensions (S/MIME) | An IETF standard that provides cryptographic security |
| Secure Shell (SSH) | A protocol that can create a secure channel between two computers or network devices |
| secure sockets layer (SSL) | A cryptographic protocol that provides secure Internet communications such as web browsing, instant messaging, e-mail, and VoIP |
| Security as a Service (SECaaS) | A cloud computing service where a large service provider integrates its security services into the customer's infrastructure |
| Security Log Files | Files that log activity of users. |
| security posture | the risk level to which a system, or other technology element, is exposed. |
| Security Posture Assessment (SPA) | An assessment that uses baseline reporting and other analyses to discover vulnerabilities and weaknesses in systems and networks |
| Security template | Groups of policies that can be loaded in one procedure |
| security tokens | Physical devices given to authorized users to help with authentication. |
| Self-Encrypting Drive (SED) | Hard drives taht encrypt all of the contents held within using encryption keys that are maintained independently from the CPU of the housing computer |
| Separation of duties (SoD) | This is when more than one person is required to complete a particular task or operation |
| Service Pack (SP) | A group of updates, bug fixes, updated drivers, and security fixes that is installed form one downloadable package or one disk |
| service set identifier (SSID) | The name of a wireless access point (or network) to which network clients will connect; it is broadcast through the air. |
| Shoulder Surfing | When a person uses direct observation to find out a target's password, PIN, or other such authentication information |
| sideloading | the loading of third-party apps from a location outside of the official application for that device. |
| signature based monitoring | framkes and packets of network traffic are analyzed for predetermined attack patterns. |
| Simple Network Management Protocol (SNMP) | A TCP/IP protocol that monitors network -attached devices and computers. |
| Single Point of failure | An element, object, or part of a system that, if it fails, will cause the whole system to fail. |
| Single Sign-on (SSO) | When a user can log in once but gain access to multiple systems without being asked to log in again. |
| Smurf attack | A type of DoS that sends large amount of ICMP echoes, broadcasting the ICMP echo requests to every computer on it's network or subnetwork. The header of the ICMP echo requests will have a spoof IP address. That IP address is the target of the smurf |
| snapshot back up | a type of back up primarily associated with opearing system imaging, but could also be used for applications or individual drives |
| SNMP agent | software deployed by the network management system that is loaded on managed devices. It redirects the info that the NMS needs to monitor the remote managed devices |
| software development life cycle (SDLC) | the process of creating systems and applications and the methodologies to do so. |
| Spanning tree protocol (STP) | A networking protocol that automatically creates a loop-free topology of ethernet switches. |
| spear phishing | A type of phishing attack that targets particular individuals. |
| special hazard protection system | a clean agent sprinker system such as FM-200 used in server rooms |
| spike | a short transient in voltage that can be due to a short circuit, tripped circuit breaker, power outage, or lightning strike. |
| spoofing | when an attacker masquerades as another person by falsifying information |
| spyware | a type of malicious software either downloaded unwittingly from a website or installed along with some other third party software |
| standby generator | systems that turn on automatically within seconds of a power outage |
| stateful packet inspection | a type of packet inspection that keeps track of network connections by examining the header in each packet |
| static NAT | when a single private IP address translates to a single public IP address |
| steganography | the science (and art) of writing hidden messages: it is form of security through obscurity |
| storage segmentation | A clear separation of organization and personal information, applications, and other content |
| stream cipher | a type of algorithm that encrypts each byte in a message one at at time |
| structured exception handing (SEH) | A way of handling exceptions generated by errors. |
| Subject Alternative name (SAN) | A field in PKI certificates that allows an organization to specify additional hostnames, domain names, and so on |
| Supervisory control and data acquisition (SCADA) | system of hardware and software that controls and monitors industrial systems like HVAC |
| surge | an unexpected increase in the amount of voltage provided |
| symmetric key algorithm | a class of cipher that uses identical or closely related keys for encryption or decryption |
| syn flood | a type of DOS where an attacker sends a large amount of SYN request packets in an attempt to deny service |
| tailgating | a type of piggybacking where an unauthorized person follows an authorized person into a secure area, without the authorized person consent |
| TCP reset attack | sets the reset flag in a TCP header to 1, telling the respective computer to kill the TCP session immediately |
| TCP/IP Hijacking | when a hacker takes over a TCP session between two computers without the need of a cookie or any other type of host access |
| teardrop attack | a type of DOS that sends mangled IP fragments with overlapping and oversized payloads to the target machine |
| TEMPEST | refers to the investigations of conducted emissions from electrical and mechanical devices, which could be compromising to an organization |
| temporal key integrity protocol (TKIP) | An algorithm used to secure wireless computer networks, meant as a replacement for WEP |
| Terminal Access Controller Access-Control System Plus (TACACS+) | A remote authentication protocol similar to RADIUS used in CISCO networks |
| Threat modeling | a way of prioritizing threats to an application |
| threat vector | the method a threat uses to gain access to a target computer |
| tickets | part of the authentication process used by kerberos |
| time bomb | a trojan programmed to set off on a certain date |
| time of day restriction | when a user's logon hours are configured to restrict access to the network during certain times of the day and week |
| towers of hanoi | a back up rotation scheme based on themathematics of the towers of hanoi puzzle. Uses three back up sets. For example, the first tape is used every second day, the second tape is used every 4th day and the 3rd is used every 8th day |
| transitive trust | when two or more networks have a relationship where users from one network can gain access to resources on the other |
| transport layer security | the successor to SSL, provides secure internet communications. This is shown in a browser at HTTPS |
| Triple DES (3DES) | Similar to DES but applies to the cipher algorithm three times to each cipher block |
| trojan horse | an application that appears to perform desired functions but is actually performing malicious functions behind the scenes |
| Trusted Computer System Evaluation Criteria (TCSEC) | A DoD standard that sets basic requirements for assessing the effectiveness of computer security access policies. Also known as The Orange Book |
| Trusted Operating System (TOS) | A system that adheres to criteria for multilevel security and meets government regulations |
| Twofish | A 128-bit block cipher designed by Bruce Schneier and based on Feistel |
| Typo squatting | Also called URL hijacking a method used by attackers that takes advantage of user typos when accessing websites. |
| UDP flood attack | a similar attack to the Fraggle. It uses the connectionless User Datagram Protocol. it is enticing to attackers because it does not have a synchronization process |
| Unified Threat Management (UTM) | A security product that evolved from the firewall and also includes IDS/IPS, antivirus, VPN, content filtering, DLP, and a load balancing among other technologies |
| Uninterruptible Power Supply (UPS) | Takes the functionality of a surge suppressor and combines that with a battery backup |
| User Account Control (UAC) | A security component of windows that keeps every user in standard user mode instead of as an administrator, even if they are part of the Admin group |
| vampire tap | A device used to add computers to a 10BASE5 network. It pierces the copper conductor of the coaxial cable and can be used for malicious purposes |
| Virtual Machine (VM) | An operating system (Or application) created by virtual machine software that runs within a hosting Operating System |
| Virtual Machine Escape (VM) | When a user (or malware) is able to break out of a VM's isolation (or lack there of) and gain access to the hosting computer |
| virtual private network (VPN) | A connection between two or more computers or deices taht are not on the same private network |
| virtualization | the creation of a virtual entity, as opposed to a true or actual entity |
| virtualization sprawl | Also known as VM sprawl, when there are too many VMs for an admin to manage effectively |
| virus | code that runs on a computer without the user's knowledge; it infects the computer when the code is accessed and executed |
| vishing | a type of phishing attack that makes use of telephones and VoIP |
| VLAN hopping | the act of gaining access to traffic on other VLANs that would not normally be accessible by jumping from one VLAN to another |
| VPN concentrator | A hardware appliance that allows hundreds of users to connect to the network from remote locations via a VPN |
| Vulnerability | weaknesses in your computer network design and individual host configuration |
| vulnerability assessment | Baselining of the network to assess the current security state of computers, servers, network devices, and the entire network in general |
| vulnerability management | the practice of finding and mitigating software vulnerabilities in networks and computers |
| vulnerability scanning | the act of scanning for weaknesses and susceptibilities in the network and individual systems |
| war-chalking | the act of physically drawing symbols in public places that denote open closed, or protected wireless networks |
| war-dialing | the act of scanning telephone numbers by dialing them one at a time and adding them to a list, in an attempt to gain access to computer networks |
| war-driving | the act of searching for wireless networks by a person in a vehicle through the use of a device with a wireless antenna |
| warm site | a site that has computers, phones, and servers but can not be switched over to immediately |
| waterfall model | an SDLC model divided nto sequential phases such as planning, design, implementation, testing, integration, deployment, and maintenance |
| watering hole attack | an attack where the attacker profiles which websites a user accesses and installs malware to those sites that either infects the user's computer or redirects the user to other websites |
| web application firewall (WAF) | an application firewall used to protect servers (and their client sessions) from XSS and SQL injection, among other attacks, during HTTP sessions |
| Web of trust | a decentralized model used for sharing certificates without the need for a centralized CA |
| web security gateway | an intermediary that can scan for viruses and filter internet content |
| wet pipe sprinkler system | consists of a perssurized water supply system that can deliver a high quantity of water to an entire building via a piping distribution system |
| whaling | a phishing attack that targets senior executives |
| white box testing | a method of testing applications or systems where the tester is given access to the internal workings of the system |
| white hat | a type of hacker that is contracted to break into a company's systems |
| wi-fi disassociation attack | also known as Wi-Fi deauthentication attack, when an attacker targets a user's wi-fi-connected system, deauthenticates it using special software, and then re-authenticates to find out SSID and WPA handshake info |
| Wi-FI Protected Access (WPA) | a security protocol created by the Wi-Fi Alliance to secure wireless computer networks; more secure than WEP |
| Wi-Fi Protected Setup (WPS) | A simplifed way of connecting to wireles snetworks using an eight-digit code. It is now deprecated due to its insecure nature and should be disabled if currently used |
| wildcard certificate | a single public key certificate that can be used by multiple subdomains of a single domain |
| wired equivalent Privacy (WEP) | a deprecated wireless network security standard, less secure than WPA |
| wireless transport layer security (WTLS) | A protocol that is part of the wireless application protocol (WAP) stack used by mobile devices. It enables secure user sessions |
| wiretapping | Tapping into a network cable in an attempt to eavesdrop on a conversation or steal data |
| worm | code that runs on a computer without the user's knowledge; it self replicates |
| X.509 | a common PKI standard developed by the ITU-T that incorporates the single sign on authentication method |
| zero day attack | an attack that is executed on a vulnerability in software before that vulnerability is known to the creator of the software |
| zombie | an individual compromised computer in a botnet |
Created by:
MinaGracey