Acronym
|
Definition
|
| APT |
Advanced Persistent Threat; an attack that is focused on stealing informationfrom the victim without the user being aware of it. |
| 3DES |
Triple Data Encryption Standard; standard which does DES three times with three different keys. |
| ACK |
Acknowledgement; confirms the receipt of transmission and identifies the next expect sequence number. |
| ACL |
Access Control List; a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. |
| ADS |
Alternate Data Stream; any kind of data attached to a file but not in the file on an NTFS system |
| AES |
Advanced Encryption Standard; a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology. |
| AH |
Authentication Header; useful in providing connectionless integrity and data origin authenticaiton for IP datagrams and anti-replay protection for the data payload and some portions of IP header of each packet. |
| AI |
Artificial Intelligence; defend network against various attacks that an antivirus scan cannot detect. |
| ARIN |
American Registry for Internet Numbers; provides services related to the technical coordination and management of Internet number resources. |
| ARP |
Address Resolution Protocol; resolves IP addresses to the MAC address of the interface to send data. |
| BER |
Basic Encoding Rules; transmits information between the dlient and the server. |
| BSS |
Basic Service Set; a service set is a group of wireless network devices that are operating with the same networking parameters. |
| BSSID |
Basic Service Set Identifier; the MAC address of an Access point or based station that has set up a BSS. |
| BYOD |
Bring Your Own Device; a policy allowing an employee to bring their personal devices such as laptops, smartphones, and tablets at workplace an duse them for accessing organization’s resources as per their access privileges. |
| C2 |
Command and Control; the impact an attacker possesses over a compromised system or network. |
| CA |
Certificate Authority; Issues and verifies digital certificates |
| CAM |
Content Addressable Memory; a dynamic table of fixed size. It stores information such as MAC addresses available on physical ports along with VLAN parameters associated with them. |
| CASB |
Cloud Access Security Broker; implemented to monitor cloud traffic for detection of anomalies with the generated instances. |
| CCMP |
Counter Mode Cipher Block Chaining Message Authentication Code Procol; encryption protocol used in SPA2 for stronger encryption and authentication. |
| CCTT |
Covert Channel Tunneling Tool; creates arbitrary data transfer channels in the data streams authorized by a network access control system |
| CHAP |
Challenge-Handshake Authentication Protocol; an authentication mechanism used by PPP server in order to authenticate or validate the identity of remote clients or network hosts. |
| CHM |
CEH Hacking Method; the methodology followed for hacking a system. There are three steps: Gaining Access, Maintaining Access and Clearing Logs. |
| CIDR |
Classless Inter-Domain Routing; a method of allocating IP address and IP routing as opposed the previous addressing architecture of classful addressing. |
| CIO |
Chief Information Officer; person responsible for eecuting the policies and plans required for supporting the information technology and computer system of an organization. |
| CR |
Carriage Return; a control character or mechanism used to reset a device’s position to the beginning of a line of text. |
| CRIME |
Compression Ration Info-Leak Made Easy; a client-side attack which expoits the vulnerabilities present in data compression feature of protocols. |
| CSP |
Cloud Service Provider |
| CSPP |
Connection String Parameter Polllution; server uses connection strings to connect applicatios to database engines. |
| CSRF |
Cross-Site Request Forgery; know as a one-click or session riding. Exploits the victim’s active session with a trusted site to operform malicious activities such as purchase an item, modify, or retrieve account information. |
| CVE |
Common Vulnerabilities and Exposures; a publicly avilable and free to use list or dictionary of standardized identifiers for common software vulnerabilities and exposures. |
| CVSS |
Common Vulnerability Scoring System; a published standard tha tprovides an open framework for communicating the characteristics and impacts of IT vulnerabilities. |
| DAC |
Discretionary Access Control; permits user, who is granted access to information, to decide how to protect the information and the level of sharing desired. |
| DDoS |
Distributed Denial of Service |
| DDOS |
Distributed Denial of Service; a large-scale, coordinated attack on the availability of services o a victim’s system or network resources, launched indiretly through many compromised computers on the Internet |
| DES |
Data Encryption Standard; a standard for data encryption that uses a secret key for oth encryption and decryption. |
| DHCP |
Dynamic Host Configuration Protocol; maintains TCP/IP configuration information in a database such as valid TCP/IP configuration parameters, valild IP addresses, and duration of th elease offered by the server. |
| DKOM |
Direct Kernel Object Manupulation; a type of rootkit are able to locte and manipulate the “system” process in ker nel memory structure and patch it. |
| DLP |
Data Loss Prevention; identification and monitoring of sensitive data to ensure that end users do not send sensitive information outside the corporate network. |
| DMCA |
Digital Millennium Copyright Act; United States of America’s copyright law. Defines legal prohibitions against circumvention fo technological protection measures employed by copyright owners to protect their works. |
| DMZ |
Demilitarized Zone; a controlled, Internet-facing zone that typically contains Internet-facint components of network servers and email gateways through which employees of an organization directly communicate. |
| DNA |
Distributed Network Attack; a technique used for recovering password-protected files that utilizes the unused processing power of machines across the network to decrypt passwords. |
| DNS |
Domain Name System; a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network. |
| DNSSEC |
Domain Name Security Extension; a set of extensions to DNS which provide to DNS clients (resolvers) origin authentication of DNS data, authenticated denial of existence, and data integrity. |
| DoS |
Denial of Service |
| DOS |
Denial of Service; an attack on a computer or Network tha treduces, restricts or prevents accessibility of system resources to its legitimate users |
| DR |
Data Recovery; the process for th erecovery of data that may have been accidentally/intentionally deleted or corrupted. |
| DRDoS |
Distributed Reflection Denial os Service; involves the use of multiple intermediary and secodary machines that contribute to the actual DoS Attack against the target machine or application. Exploits the TCP three-way handshake. |
| DSA |
Directory System Agent; a client start an LDAP session by conecting to a Directory System Agent. |
| DSA |
Digital Signature Algorithm; FIPS for digital signature. |
| DSSS |
Direct Sequence Spread Spectrum; a frequency modulation technique where a device spreads a signal of low bandwidth over a broad frequency range to enable sharing of a single channel smong multiple users. |
| DUHK |
Don’t Use Hard-Coded Keys; a cryptographic vulnerability that allows attackers to otain encryption key used to secure VPNs and web sessions. |
| EAP |
Extensible Authentication Protocol; supports multiple authentication methods, such as token cards, Kerberos, certificates, etc. |
| EISA |
Enterprise Information Security Architecture; a set of requirements, processes, principles and models tha tdetermine the current and/or future structure and behavior of an organization’s security processes |
| ELB |
Elastic Load Balancing; |
| ESP |
Encapsulation Security Payload; in addition to services provided by the AH,this protocol offers confidentiality but does not provide integrity and anti-replay service. |
| FHSS |
Frequency Hopping Spread Spectrum; the user alters the audio file’s frequency spectrum so that it hops rapidly between frequencies. |
| FIN |
Finish; when the flag is set to “1” to announce that it will not send more transmissions to the remote system and terminates the connection. |
| FISMA |
Federal Informaiton Security Management Act; provides a comprehensive framework for ensuring the effectiveness of information security controls over the information resources that support federal operations and assets. |
| GAK |
Government Access to Keys; statutory obligation of individuals and organizations to disclose their cryptographic key to government agencies. |
| GPS |
Global Positioning System; a space-based satellite navigation system that provides location, time and existence of physical intities on earth. |
| GSM |
Global System for Mobile Communications; Universal system used for mobile transportation fr wireless network worldwide. |
| HIDS |
Host Intrusion Detection System; mechanism that includes auditing for events tha toccur on a specific host. |
| HIPAA |
Health Insurance Portability and Accountability Act; provides federal protections for individually identifiable health information held my covered entities and their business associates and gives patients an array of rights regarding that information. |
| HMAC |
Hash based Message Authentiation Code; uses a cryptographic key along with a cryptographic hash function. |
| HPKP |
HTTP Public Key Pinning; a TOFU technique used in an HTTP header that allows a web client to associate a specific public key certificate with a particular server to inimize the risk of man-in-the -middle attack with fradulent certificates. |
| HSTS |
HTTP Strict Transport Security; a web security policy that proetects HTTPS website against MITM attacks. |
| IA |
Information Assurance; assurance that th eintegrity, availability, confidentiality and authenticity of information and information systems is protected during usage, processing, storage and transmission of information |
| IaaS |
Infrastructure-as-a-Service; enables subscribers to use on demand fundamental IT resources such as computing power, virtualizaation, data storage, network, etc. |
| IAM |
Identity and Access Management; a framework for business practices that consists of users, procedures and software products to manage user digital identities and access to resources of an organization. |
| ICT |
Information and Communications Technology; technologies that provide access to information through telecommunications including Internet, wireless networks, cell phones and othe communication mediums |
| IDS |
Intrusion Detection System; a security software or hardware device which inspects all inbound and outbound network traffic for suspicious patterns that may indicate a breach. |
| IIoT |
Industrial Internet of Things; capturing new growth through 3 approaches: increasing production boosts revenues, using intelligen technology tha tis entirely changing the way goods are made and creation of new hybrid business models. |
| IKE |
Internet Key Exchange; Ipsec rpotocol tha tproduces security keys of Ipsec and other protocols. |
| IM |
Incident Manager; focuses on the incident and analyzes the manner in which to handle it from a management and technical point of view. |
| IoT |
Internet of Things; devices connected to the Internet having little or not security making them vulnerable to various types of attacks. |
| IPID |
Fragment identificaiton number; an OS increases the IPID for each packet sent. Probing an IPID gives an attacker the nmber of packets sent since the last probe. |
| Ipsec |
Provides data security by securing IP communication s by authenticating an dencrypting each IP packet of a communication session. |
| IRDP |
ICMP Router Discovery Protocol; a routing protocol that allows a host to discover the IP address of active router on its subnet by listening to router advertisemennt and solicitation messages on its network. |
| ISAKMP |
Internet Security Association Key Management Protocol; part of IKE, to establish, negotiate, modify and delete Security Associations. |
| ISM |
Information Security Management; organization-wide programs that enable the business to operate in a state of reduced risk. |
| ISM |
Industrial, Scientific and Medical; refers to the portion of the radio spectrum reserved internationally for these industries. |
| ISO/IEC |
Specified the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. |
| ISP |
Internet Service Provider |
| ISSAF |
Information Systems Security Assessment Framework; open source project aimed to provide in-depth information about how to conduct a penetration test. |
| ISSO |
Information System Security Officer; responsible for an organization’s information security programs. |
| KRACK |
Key Reinstallation Attack; attack that exploits the flaws present in the implementation for a 4-way handshake process in WPA2 authentication. |
| LDAP |
Lightweight Directory Access Protocol; an Internet protocol for accessing distributed directory services |
| LEAP |
Lightweight Extensible Accessible Protocol; proprietary version of EAP developed by Cisco |
| LF |
Line Feed; or newline a control character or sequence of control characters in a character encoding specification that is used to signify the end of a line of text and the start of a new one. |
| LFM |
Log File Monitoring; monitors log files created by network services |
| LLMNR |
Link Local Multicast Name Resolution; an element of the Windows operating Systems used to perform name resolution for hosts present on the same link. This passively listens on the network on UDP port 5355. |
| LSB |
Lower Sideband; users can insert a secret binary message in the least significant bit of each sampling point of the audio signal. |
| MAC |
Mandatory Access Control; does not perit the end user to decide who can access the information. Does not permit the user to pass privileges to other users. |
| MAC |
Media Access Control; the hardware address of the interface. |
| MDA |
Message Digest Algorithm |
| MDM |
Mobile Device Management; provides platforms for over-the-air or wired distribution of applications, data and configuration settings for all types of mobile devices, including mobile phoes, smatphones, taliet computers, etc. |
| MIB |
Managemment Information Base; virtual database containing a formal description of all the network objects that SNMP manages. |
| MiTC |
Man-in-the-Cloud; an advanced version of MiTM. An attacker uses an exploit that intercepts and manipulates the communication between two parties. They are carried out by abusing cloud files synnchronization services. |
| MiTM |
Man in the Middle; |
| ML |
Machine Learning; is unsupervised self-learning system that is used to define what the normal network looks like along with its devices |
| MoCA |
Multimedia oer Coax Alliance; a type of network protocol that provides a high definition video of home and content related to it over the existing coaxial cable. |
| NAT |
Network Address Translation; separates IP addresses into two sets and enable the LAN to use these addresses for internal and external trafic respectively. |
| NBT-NS |
Link Local Multicast Name Resolution; an element of the Windows operating Systems used to perform name resolution for hosts present on the same link. This broadcasts and respond to the request pretending to be a target host on UDP port 137. |
| NDA |
Non-Disclosure Agreement; a confidentiality agreement states that the informatio provided by the target organization is confidential and proprietary. |
| NetBIOS |
Network Basic Input Output System; Windows uses NetBIOS fo file and printer sharing. |
| NIDS |
Network Intrusion Detection System; Device placed on the network in a promiscuous mode, listening for patterns indicative of an intrusion |
| NTLM |
NT LAN Manager; a default autheticaito scheme that performs authentication usin a challenge/response strategy |
| NTP |
Network Time Protocol; designed to synchronize clock of etworked computers. |
| NVD |
National Vulnerability Database; US government reository of standards based vulnerability management data represented. |
| OFDM |
Orthogonal Frequency Division Multiplexing; a method of digital signal modulation in which a single data stream is split across several separate narrowband channels at different frequencies to reduce interference and crosstalk. |
| OISSG |
Open Information Systems Securiity Group; organization which supports ISSAF. |
| OSSIM |
Open Source Security Information Management; is an open source security information and event management system, integrating a selection of tools designed to aid network administrators in computer security, intrusion detection and prevention. |
| OSSTMM |
Open-Source Security Testing Methodology Manual; standard set of penetration tests to achieve security metrics. Considered to be a de facto standard for the highest level of testing and it ensures high consistency and remarkable accuracy |
| OTP |
One-Time Passwords; |
| OWASP |
Open Web Application Security Project; open-source application security project that assist the organizations to purchase, develop and maintain software tools, software applications and knowledge-based documentation for Web application security |
| OWASP |
Online Web Application Security Project; an online community, produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. |
| PaaS |
Platform as a Service; offers the platform for the development of applications and services. |
| PCI/DSS |
Proprietary informationn security standard for organizations that handle cardholder information for the major debit, credit, prepaid, e-purse, ATM and POS cards. |
| PE |
Portable Executables; a file format for executables, object code, DLLs, FON Font files, and others used in 32-bit and 64-bit versions of Windows operating systems. The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code. |
| PEAP |
Protected Extensible Authentication Protocol; a protocol tha tencapsulates the EAP within an encryption and authenticated Transport Layer Security (TLS) tunnel. |
| PGP |
Pretty Good Privacy; a protocol used to encrypt and decrypt data that provides authentication and cryptographic privacy. |
| PIN |
Personal Identificaiton Numbers; |
| PKI |
Public Key Infrastructure; a security architecture developed to increase the confidentiality of information exchanged over the insecure Internet. |
| PLC |
Power-Line Communication; protocol where electrical sires are used to transmit power and data from one end point to another end point. |
| PSH |
Push; when the flag is set to “1”, indicates that the sender has raised the push operation to the receiver. |
| PSK |
Pre-Shared Key; |
| RA |
Registration Authority; Acts as the verfier for the certificate authority. |
| RADIUS |
Remote Authentication Dial-In User Service; a centralized authentication an authorization managemet system. |
| RAT |
Remote Access Trojans; provide attackers with full control over th victim’s system, enabling them to remotely access files private conversaitons, accounting data, etc. |
| RBAC |
Role-Based Access Control; simplifies the assignment of privileges. Ensures that individuals have all the privileges necessary to perform their duties |
| RIPEMD |
RACE Integrity Primitives Evaluation Message Digest; 160-bit hash algorithm. |
| ROE |
Rules of Engagement; formal permission to conduct a penetration test. There are provided rights and estrictions to the test team for performing the test. |
| ROSI |
Return on Security Investment; reduction of an organization’s expenditure on IT security by identifying and remediating vulnerability or weaknesses |
| RPC |
Remote Procedure Call; technology used for creatin distributed client/server programs. |
| RSA |
Rivest Shamir Adleman; internet encryption and authentication system; defacto encryption standard. |
| RST |
Reset; when there is an error in the current connection, the flag is set to “1” and it aborts the connection in response to the error. |
| SaaS |
Software-as-a-Service; offers application software to subscribers on demand over the Internet. |
| SAM |
Security Accounts Manager; a database to manage user accounts and password in the hased format instead of plain text. |
| SEM |
Security Event Management; deals with real-time monitoring, correlation of eents, notifications and console views. |
| SET |
Social Engineering Toolkit; open-source Python-drive tool aimed at penetration testing via social engineering. |
| SHA |
Secure Hashing Algorithm; generates a cryptographically secure one-way hash. |
| SIEM |
Security and Incident and event Management; Systems used to manage andstore huge collection of log data from different sources like networks, applications, devices, secuiry and user activity in real time. |
| SIM |
Security Information Management; supports permanent storage, analysis and reporting of log data. |
| SLA |
Service Level Agreement; a commitment between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed between the service provider and the service user. |
| SMS |
Short Message Service; a text messaging service component of most telephone, internet, and mobile-device systems. |
| SMTP |
Simple Mail Transfer Protocol; uses Mail Exchange servers to direct the mail via DNS and runs on port 25. |
| SNMP |
Simple Network Management Protocol; An Internet-standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior. |
| SOAP |
Simple Object Access Protocol; a lightweight and simple XML-based protocol designed to exchange structured and type information on the web. |
| SOX |
Sarbanes Oxley Act; designed to protect investors and the public by increasing the accuracy and reliability of ccorporate disclosures |
| SPAN |
Switched Port Analyzer; a Cisco switch also known as “port mirroring.” Monitors netowkr traffon on one or more ports on the switch. |
| SSDP |
Simple Service Discovery Protocol; network protocol that communicates with machines when querying them with routable multicast addresses. Controls communication for the UPnP feature. |
| SSID |
Service Set Identifier; a code that identifies the network to which packets on a wireless network belong. |
| SSL |
Secure Sockets Layer; an application layer protocol for the anaging the security of a message transmission on the Internet. |
| SSRF |
Server Side Request Forgery; a type of exploit where an attacker abuses the functionality of a server causing it to access or manipulate information in the realm of that server that would otherwise not be directly accessible to the attacker. |
| SYN |
Synchronize; notifies the transmission of new sequence number. |
| TKIP |
Temporal Key Internet Protocol; is an encryption protocol included as part of the IEEE 802.11i standard for wireless LANs. |
| TLS |
Transport Layer Security; a protocol to establish a secure connection between a client and a server and ensure privacy and integrity of information during transmission. |
| TOFU |
Trust on First Use; a security model used by client software which needs to establish a trust relationship with an unknown or not-yet-trusted endpoint. |
| UBA |
User Behavior Analytics; process of tracking user behavior to detect malicious attacks, potential threats and financial frauds |
| UML |
User-Mode Linux; an open source which is used to create virtual machines and is efficient in deploying honeypots. |
| UPnP |
Universal Plug and Play; set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing, communications, and entertainment. |
| URG |
Urgent; instructs the system to process the data contained in packets as soon as possible. |
| VA |
Validation Authority; Stores certificates with their public keys. |
| VLAN |
Virtual Local Area Network; |
| VPN |
Virtual Private Network; a network tha tprovides secure access to the private network through the Internet. Used for connectin wide area networks. |
| WAF |
Web Application Firewall; filters, monitors, and blocks HTTP traffic to and from a web application. This is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. |
| WEP |
Wired Equivalent Privacy; an encryption algorithm fo IEEE 802.11 wireless networks. It is old and original wireless security statndard. |
| WPA |
Wi-Fi Protected Access; advanced wireless encryption protocol using TKIP and MIC to provide stronger encryption and authentication. |
| WPA2 |
WI-Fi Protected Access version 2; a type of encryption used to secure the vast majority of Wi-Fi networks. A WPA2 network provides unique encryption keys for each wireless client that connects to it. |
| XMAS |
Christmas Scan; a probe with the FIN, URG and PUSH TCP flags set. |
| XSS |
Cross-Site Scripting; an attacker injects HTML tags or scripts into a target website. |
| XXE |
XML External Entity; an attack where an application is able to parse XML input from an unreliable source because of the misconfigured XML parser. |
