Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
158 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
802.1x |
Port-based authentication protocol. Wireless can use this. |
|
|
|
3DES |
Triple digital encryption standard. A symmetric algorithm used to encrypt data and provide confidentiality. Designed to replace DES, but not as efficient as AES. |
|
|
|
AAA |
Authentication, authorization and accounting. AAA protocol used in remote access systems. |
|
|
|
ACE |
Access control entry. ACEs are contained within a ACDL in NTFS. |
|
|
|
ACL |
Access control list. List of rules used to grant access to a resource. In NTFS, a group of ACEs make up a ACL. |
|
|
|
AES |
Advanced encryption standard. A symmetric algorithm used to encrypt data and provide confidentiality. Used in a wide assortment of cryptography scheme's. Includes key sizes 128 bits, 192 bits, and 256 bits. |
|
|
|
AES256 |
Advanced encryption standard 256 bit. |
|
|
|
AH |
Authentication Header. IPsec includes AH and ESP. AH provides authentication and integrity. ESP provides that+confidentiality. AH is identified with protocol ID number 51. |
|
|
|
ALE |
Annual loss expectancy. Calculated with single loss expectancy and annual rate of occurrence. SLE x ARO = ALE |
|
|
|
AP |
Access point, short for wireless access point. Provides access to wired connection for wireless clients. |
|
|
|
ARO |
Annual rate of occurrence. How many times something is expected to occur in a year. SLE x ARO = ALE |
|
|
|
ARP |
Address resolution protocol. Resolves IP addresses to MAC addresses. ARP poisoning attacks can reroute addresses to attackers through false MAC address updates. VLAN segregation can prevent ARP poisoning attacks. |
|
|
|
AUP |
Acceptable use policy. Defines proper system usage. Describes purpose of systems and networks, how to access them, and responsibilities of users. |
|
|
|
BCP |
Business continuity plan. Helps an organization predict and plan for outages of critical services and functions. Includes BIA and solutions. |
|
|
|
BIA |
Business impact analysis. Identifies critical requirements and recovery time/point objectives but does not give solutions. |
|
|
|
BIOS |
Basic input/output system. Computer's firmware used to manipulate settings such as date and time, boot drive and access password. |
|
|
|
BOTS |
Network robots. Automated program or system used to complete one or more tasks. A malicious botnet is a group of computers called zombies connected through a command-and-control server. Uses malware to join computers to botnet and can launch DDoS to attacks against other victims. Can include hundreds of outbound connections and can use IRC (internet relay chat) channels. |
|
|
|
CA |
Certificate authority. Organization that manages, issues and signs certificates and is part of a PKI. Certificates are an important part of asymmetric encryption. They include public keys with details of the owner and the CA that issued the cert. |
|
|
|
CAC |
Common access card, used by DoD. |
|
|
|
CAN |
Controller area network. Standard they allows microcontrollers and devices to communicate without a host computer. |
|
|
|
CCMP |
Counter mode with cipher block chaining message authentication code protocol. Encryption protocol based on AES used with WPA2 for wireless security. It is more secure than TKIP, used with original WPA. |
|
|
|
CCTV |
Closed-circuit television. Video surveillance. |
|
|
|
CERT |
Computer emergency response team. Group of experts called in for security incidents. Also known as CIRT, SIRT, or IRT. |
|
|
|
CHAP |
Challenge handshake authentication protocol. Authentication mechanism where server challenges the client. MS-CHAPv2 is an improvement on CHAP and use mutual authentication. |
|
|
|
CIA |
Confidentiality, integrity and availability. These three form the security triad. |
|
|
|
COOP |
Continuity of Operations Plan. A hot site has all current data of primary site and is ready to go within an hour. A cold site has power and connectivity needed for COOP but little else. A warm site is in between. |
|
|
|
CRC |
Cyclical Redundancy Check. Error detection code to detect accidental changes that can affect integrity of data |
|
|
|
CRL |
Certification revocation list. certificates that have been revoked |
|
|
|
DAC |
Discretionary Access Control. Access control model where all objects have owners and owners can modify permissions. Microsoft's NTFS uses DAC. |
|
|
|
DACL |
Discretionary Access Control List. List of access control entries (ACEs) in Microsoft's NTFS. each ACE has a security identifier (SID) and w permission. |
|
|
|
DDoS |
Distributed denial of service. Used to make services unavailable to users. Often launched from zombies in botnets. |
|
|
|
DEP |
Data execution prevention. Security measure in some operating systems that prevents applications from deleting data from a non-executable region. |
|
|
|
DES |
Digital encryption standard. Older encryption standard that used 56 bit. It is considered cracked. |
|
|
|
DHCP |
Dynamic Host Configuration Protocol. Service used to dynamically assign TCP/IP configuration information to clients. Used to assign IP addresses, subnet masks, DNS servers and more. |
|
|
|
DLL |
Dynamic Link Library. Compiled set of code that can be pulled from other programs. |
|
|
|
DLP |
Data Loss Protection. Network-based DLP program can analyze network traffic to make sure confidential data doesn't leave organization. |
|
|
|
DMZ |
Demilitarized Zone. Area between two firewalls separating the internet from an internal Network. Provides layer of protection. |
|
|
|
DNS |
Domain name system. Used to resolve host names to IP addresses. Primary service used on internet and internal networks. Uses port 53. Pharming attack is a DNS poisoning attack that redirects traffic to another website. |
|
|
|
DoS |
Denial of service. Attack from a single source trying to disrupt the services of another system. |
|
|
|
DRP |
Disaster recovery plan. Document used in case of hurricane, flood or fire. Lists critical systems and prioritizes services to be restored. |
|
|
|
DSA |
Digital signature algorithm. Encrypted hash of a message. Sender's private key encrypts the message and recipient decrypts with the sender's public key. Provides authentication, integrity and non-repudiation. |
|
|
|
EAP |
Extensible Authentication Protocol. An authentication framework that provides general guidance for authentication methods. Variations include LEAP and PEAP |
|
|
|
ECC |
Elliptic curve cryptography. An asymmetric encryption algorithm commonly used with smaller wireless devices. It uses smaller key sizes and requires less processing power than many other encryption methods |
|
|
|
EFS |
Encrypting File System. A feature within NTFS on Windows systems that supports encrypting individual files or folders for confidentiality. |
|
|
|
EMI |
Electromagnetic interference. Interference caused by motors, power lines, and fluorescent lights. Cables can be shielded to protect signals from EMI |
|
|
|
ESP |
Encapsulating Security Protocol. IPsec includes both AH and ESP. AH provides authentication and integrity, and ESP provides confidentiality, integrity, and authentication. ESP is identified with protocol ID number 50 |
|
|
|
FTP |
File Transfer Protocol. Used to upload and download files to an FTP server. FTP uses ports 20 and 21. Secure FTP (SFTP) uses SSH for encryption on port 22. FTP Secure (FTPS) uses SSL or TLS for encryption. |
|
|
|
FTPS |
File Transfer Protocol Secure. An extension of FTP that uses SSL or TLS to encrypt FTP traffic. Some implementations of FTPS use ports 989 and 990. |
|
|
|
GPG |
GNU Privacy Guard. Free software that is based on the OpenPGP standard. It is similar to PGP but avoids any conflict with existing licensing by using open standards. |
|
|
|
GPO |
Group Policy object. Group Policy is used within Microsoft Windows to manage users and computers. It is implemented on a domain controller within a domain. Administrators use it to create password policies, lock down the GUI, configure host-based firewalls, and much more. |
|
|
|
GPS |
Global Positioning System. GPS tracking can help locate lost mobile devices |
|
|
|
GRE |
Generic Routing Encapsulation. A tunneling protocol developed by Cisco Systems. |
|
|
|
GUI |
Graphical user interface. Users interact with the graphical elements instead of typing in commands from a text interface. Windows is an example of a GUI. |
|
|
|
HDD |
Hard disk drive. A disk drive that has one or more platters and a spindle. In contrast, USB flash drives use flash memory. |
|
|
|
HIDS |
Host-based intrusion detection system. An IDS used to monitor an individual server or workstation. It protects local resources on the host such as the operating system files. |
|
|
|
HIPS |
Host-based intrusion prevention system. An extension of a host-based IDS. Designed to react in real time to catch an attack in action. |
|
|
|
HMAC |
Hash-based Message Authentication Code. An HMAC is a fixed length string of bits similar to other hashing algorithms such as MD5 and SHA-1, but it also uses a secret key to add some randomness to the result. |
|
|
|
HSM |
Hardware security module. A removable or external device that can generate, store, and manage RSA keys used in asymmetric encryption. High-volume ecommerce sites use HSMs to increase the performance of SSL sessions. High-availability clusters needing encryption services can use clustered HSMs. |
|
|
|
HTML |
Hypertext Markup Language. Language used to create web pages served on the Internet. HTML documents are displayed by web browsers and delivered over the Internet using HTTP or HTTPS. It uses less than and greater than characters (< and >) to create tags. Many sites use input validation to block these tags and prevent cross-site scripting attacks. |
|
|
|
HTTP |
Hypertext Transfer Protocol. Used for web traffic on the Internet and in intranets. HTTP uses port 80. |
|
|
|
HTTPS |
Hypertext Transfer Protocol Secure. Encrypts HTTP traffic with SSL or TLS using port 443 |
|
|
|
HVAC |
Heating, ventilation, and air conditioning. HVAC systems increase availability by regulating airflow within datacenters and server rooms. They use hot and cold to regulate the cooling, thermostats to ensure a relatively constant temperature, and humidity controls to reduce the potential for static discharges, and damage from condensation. They are often integrated with fire alarm systems and either have dampers or the ability to be turned off in the event of a fire. |
|
|
|
IaaS |
Infrastructure as a Service. A cloud computing technology useful for heavily utilized systems and networks. Organizations can limit their hardware footprint and personnel costs by renting access to hardware such as servers. Compare to PaaS and SaaS. |
|
|
|
ICMP |
Internet Control Message Protocol. Used for diagnostics such as ping. Many DoS attacks use ICMP. It is common to block ICMP at firewalls and routers. If ping fails, but other connectivity to a server succeeds, it indicates that ICMP is blocked. |
|
|
|
ID |
Identification. For example, a protocol ID identifies a protocol based on a number. AH is identified with protocol ID number 51 and ESP is identified with protocol ID number 50. |
|
|
|
IDS |
Intrusion detection system. A detective control used to detect attacks after they occur. A signature-based IDS (also called definition-based) uses a database of predefined traffic patterns. An anomaly-based IDS (also called behavior-based) starts with a performance baseline of normal behavior and compares network traffic against this baseline. An IDS can be either host-based (HIDS) or network-based (NIDS). In contrast, a firewall is a preventative control that attempts to prevent the attacks before they occur. An IPS is a preventative control that will stop an attack in progress. |
|
|
|
IEEE |
Institute of Electrical and Electronic Engineers. International organization with a focus on electrical, electronics, and information technology topics. IEEE standards are well respected and followed by vendors around the world. |
|
|
|
IGMP |
Internet Group Management Protocol. Used for multicasting. Computers belonging to a multicasting group have a multicasting IP address in addition to a standard unicast IP address. |
|
|
|
IIS |
Internet Information Services. A Microsoft Windows web server. IIS comes free with Microsoft Windows Server products. |
|
|
|
IKE |
Internet Key Exchange. Used with IPsec to create a secure channel over port 500 in a VPN tunnel. |
|
|
|
IMAP4 |
Internet Message Access Protocol v4. Used to store e-mail on servers and allow clients to manage their e-mail on the server. IMAP4 uses port 143. |
|
|
|
IPS |
Intrusion prevention system. A preventative control that will stop an attack in progress. It is similar to an active IDS except that it’s placed in line with traffic. An IPS can actively monitor data streams, detect malicious content, and stop attacks in progress. |
|
|
|
IPsec |
Internet Protocol Security. Used to encrypt traffic on the wire and can operate in both tunnel mode and transport mode. It uses tunnel mode for VPN traffic. IPsec is built into IPv6, but can also work with IPv4 and it includes both AH and ESP. AH provides authentication and integrity, and ESP provides confidentiality, integrity, and authentication. IPsec uses port 500 for IKE with VPN connections. |
|
|
|
IPv4 |
Internet Protocol version 4. Identifies hosts using a 32-bit IP address. IPv4 is expressed in dotted decimal format with decimal numbers separated by dots or periods like this: 192.168.1.1. |
|
|
|
IPv6 |
Internet Protocol version 6. Identifies hosts using a 128-bit address. IPv6 is expressed as eight groups of four hexadecimal characters (numbers and letters), such as this: FE80: 0000:0000:0000: 20D4:3FF7:003F:DE62. |
|
|
|
IRC |
Internet Relay Chat. A form of real-time Internet text messaging often used with chat sessions. Some botnets have used IRC channels to control zombie computers through a command and control server. |
|
|
|
ISP |
Internet Service Provider. Company that provides Internet access to customers. |
|
|
|
IV |
Initialization vector. An provides randomization of encryption keys to help ensure that keys are not reused. WEP was susceptible to IV attacks because it used relatively small IVs. In an IV attack, the attacker uses packet injection, increasing the number of packets to analyze, and discovers the encryption key. |
|
|
|
KDC |
Key Distribution Center. Part of the Kerberos protocol used for network authentication. The KDC issues time-stamped tickets that expire. |
|
|
|
L2TP |
Layer 2 Tunneling Protocol. Tunneling protocol used with VPNs. L2TP is commonly used with IPsec (L2TP/IPsec). L2TP uses port 1701. |
|
|
|
LAN |
Local area network. Group of hosts connected within a network. |
|
|
|
LANMAN |
Local area network manager. Older authentication protocol used to provide backward compatibility to Windows 9x clients. LANMAN passwords are easily cracked due to how they are stored. |
|
|
|
LDAP |
Lightweight Directory Access Protocol. Language used to communicate with directories such as Microsoft’s Active Directory. It provides a central location to manage user accounts and other directory objects. LDAP uses port 389 when unencrypted and port 636 when encrypted. |
|
|
|
LEAP |
Lightweight Extensible Authentication Protocol. A modified version of the Challenge Handshake Authentication Protocol (CHAP) created by Cisco. |
|
|
|
MAC |
Mandatory Access Control. Access control model that uses sensitivity labels assigned to objects (files and folders) and subjects (users). SELinux (deployed in both Linux and UNIX platforms) is a trusted operating system platform using the MAC model. Other access control models are DAC and RBAC. |
Linux uses this. |
|
|
MAC |
Media access control. A 48-bit address used to uniquely identify network interface cards. It also called a hardware address or a physical address, and is commonly displayed as six pairs of hexadecimal characters. Port security on a switch can limit access using MAC filtering. Wireless access points can use MAC filtering to restrict access to only certain clients, though an attacker can easily beat this. |
48-bit address for network interface cards. |
|
|
MAC |
Message authentication code. Method used to provide integrity for messages. A MAC uses a secret key to encrypt the hash. Some versions called HMAC. |
Sometimes called HMAC |
|
|
MAN |
Metropolitan area network. A computer network that spans a metropolitan area such as a city or a large campus |
|
|
|
MBR |
Master Boot Record. An area on a hard disk in its first sector. When the BIOS boots a system, it looks at the MBR for instructions and information on how to boot the disk and load the operating system. Some malware tries to hide here. |
|
|
|
MD5 |
Message Digest 5. A hashing function used to provide integrity. MD5 uses 128 bits. A hash is simply a number created by applying the algorithm to a file or message at different times. The hashes are compared to each other to verify that integrity has been maintained. |
|
|
|
MITM |
Man in the middle. A MITM attack is a form of active interception allowing an attacker to intercept traffic and insert malicious code sent to other clients. Kerberos provides mutual authentication and helps prevent MITM attacks. |
|
|
|
MS-CHAP |
Microsoft Challenge Handshake Authentication Protocol. Microsoft’s implementation of CHAP. MS-CHAPv2 provides mutual authentication. |
|
|
|
MTU |
Maximum Transmission Unit. The MTU identifies the size of data that can be transferred. |
|
|
|
NAC |
Network access control. Inspects clients for health and can restrict network access to unhealthy clients to a remediation network. Clients run agents and these agents report status to a NAC server. NAC is used for VPN and internal clients. MAC filtering is a form of NAC. |
|
|
|
NAT |
Network Address Translation. A service that translates public IP addresses to private and private IP addresses to public. It hides addresses on an internal network. |
|
|
|
NIDS |
Network-based intrusion detection system. IDS used to monitor a network. It can detect network-based attacks, such as smurf attacks. A NIDS cannot monitor encrypted traffic, and cannot monitor traffic on individual hosts. |
|
|
|
NIPS |
Network-based intrusion prevention system. An IPS that monitors the network. An IPS can actively monitor data streams, detect malicious content, and stop attacks in progress. |
|
|
|
NIST |
National Institute of Standards and Technology. NIST is a part of the U.S. Department of Commerce, and it includes an Information Technology Laboratory (ITL). The ITL publishes special publications related to security that are freely available for download here: http://csrc.nist.gov/publications/PubsSPs.html. |
|
|
|
NOOP |
No operation, sometimes listed as NOP. NOOP instructions are often used in a buffer overflow attack. An attacker often writes a large number of NOOP instructions as a NOOP sled into memory, followed with malicious code. |
|
|
|
NOS |
Network Operating System. Software that runs on a server and enables the server to manage resources on a network. |
|
|
|
NTFS |
New Technology File System. A file system used in Microsoft operating systems that provides security. NTFS uses the DAC model. |
|
|
|
NTLM |
New Technology LANMAN. Authentication protocol intended to improve LANMAN. The LANMAN protocol stores passwords using a hash of the password by first dividing the password into two seven-character blocks, and then converting all lowercase letters to uppercase. This makes LANMAN easy to crack. NTLM stores passwords in LANMAN format for backward compatibility, unless the passwords are greater than fifteen characters. NTLMv1 is older and has known vulnerabilities. NTLMv2 is newer and secure. |
|
|
|
NTP |
Network Time Protocol. Protocol used to synchronize computer times. |
|
|
|
OS |
Operating system. For example, SELinux is a trusted OS that can help prevent malicious code from executing. |
|
|
|
OVAL |
Open Vulnerability Assessment Language. International standard proposed for vulnerability assessment scanners to follow. |
|
|
|
P2P |
Peer-to-peer. P2P applications allow users to share files such as music, video, and data over the Internet. Data leakage occurs when users install P2P software and unintentionally share files. Organizations often block P2P software at the firewall and detect running software with port scans. |
|
|
|
PaaS |
Platform as a Service. Provides cloud customers with an easy-to-configure operating system and on-demand computing capabilities. Compare to IaaS and SaaS. |
|
|
|
PAP |
Password Authentication Protocol. An older authentication protocol where passwords are sent across the network in clear text. Rarely used today. |
|
|
|
PAT |
Port Address Translation. A form of network address translation. |
|
|
|
PBX |
Private Branch Exchange. A telephone switch used to telephone calls. |
|
|
|
PEAP |
Protected Extensible Authentication Protocol. PEAP provides an extra layer of protection for EAP. PEAP-TLS uses TLS to encrypt the authentication process by encapsulating and encrypting the EAP conversation in a Transport Layer Security (TLS) tunnel. Since TLS requires a certificate, PEAP-TLS requires a certification authority (CA) to issue certificates. |
|
|
|
PED |
Personal Electronic Device. Small devices such as cell telephones, radios, CD players, DVD players, video cameras, and MP3 players. |
|
|
|
PGP |
Pretty Good Privacy. Commonly used to secure e-mail communications between two private individuals but is also used in companies. It provides confidentiality, integrity, authentication, and non-repudiation. It can digitally sign and encrypt e-mail. It uses both asymmetric and symmetric encryption. |
|
|
|
PII |
Personally Identifiable Information. Information about individuals that can be used to trace a person’s identity, such as a full name, birthdate, biometric data, and identifying numbers such as a Social Security number (SSN). Organizations have an obligation to protect PII and often identify procedures for handling and retaining PII in data policies. |
|
|
|
PIN |
Personal identification number. A number known by a user and entered for authentication. PINs are often combined with smart cards to provide two-factor authentication. |
|
|
|
PIV |
Personal identity verification card. A specialized type of smart card used by United States federal agencies. It includes photo identification and provides confidentiality, integrity, authentication, and non-repudiation for the users. It is similar to a CAC. |
|
|
|
PKI |
Public Key Infrastructure. Group of technologies used to request, create, manage, store, distribute, and revoke digital certificates. Certificates are an important part of asymmetric encryption. Certificates include public keys along with details on the owner of the certificate and on the CA that issued the certificate. Certificate owners share their public key by sharing a copy of their certificate. |
|
|
|
POP3 |
Post Office Protocol v3. Used to transfer e-mail from mail servers to clients. POP3 uses port 110. |
|
|
|
POTS |
Plain old telephone service. Voice grade telephone service available. |
|
|
|
PPP |
Point-to-Point Protocol. Used to create remote access connections. |
|
|
|
PPTP |
Point-to-Point Tunneling Protocol. Tunneling protocol used with VPNs. PPTP uses TCP port 1723. |
|
|
|
PSK |
Pre-shared key. A secret shared among different systems. Wireless networks support Personal Mode, where each device uses the same PSK. In contrast, Enterprise Mode uses an 802.1x or RADIUS server for authentication. |
|
|
|
PTZ |
Pan tilt zoom. Refers to cameras that can pan (move left and right), tilt (move up and down), and zoom to get a closer or a wider view |
|
|
|
RA |
Recovery agent. A designated individual who can recover or restore cryptographic keys. In the context of a PKI, a recovery agent can recover private keys to access encrypted data. |
|
|
|
RADIUS |
Remote Authentication Dial-In User Service. Provides central authentication for remote access clients. RADIUS encrypts the password packets and uses UDP. In contrast, TACACS+ encrypts the entire authentication process and uses TCP. |
|
|
|
RAID |
Redundant Array of Inexpensive (or Independent) Disks. Multiple disks added together to increase performance or provide protection against faults. |
|
|
|
RAID-0 |
Disk striping. RAID-0 improves performance but does not provide fault tolerance. |
|
|
|
RAID-1 |
Disk striping. RAID-0 improves performance but does not provide fault tolerance. |
|
|
|
RAID-5 |
Disk striping with parity. RAID-5 uses three or more disks and provides fault tolerance |
|
|
|
RAM |
Random Access Memory. Volatile memory within a computer that holds active processes, data, and applications. Data in RAM is lost when the computer is turned off. Inspection of RAM can discover hooked processes from rootkits. Memory forensics analyzes data in RAM. |
|
|
|
RAS |
Remote Access Service. A server used to provide access to an internal network from an outside location. RAS is also known as Remote Access Server and sometimes referred to as Network Access Service (NAS). |
|
|
|
RBAC |
Role-based access control. An access control model that uses roles to define access and it is often implemented with groups. A user account is placed into a role, inheriting the rights and permissions of the role. Other access control models are MAC and DAC. |
Role |
|
|
RBAC |
Rule-based access control. An access control model that uses rules to define access. Rule-based access control is based on a set of approved instructions, such as an access control list. Other access control models are MAC and DAC. |
|
|
|
RC |
Ron’s Code or Rivest’s Cipher. Symmetric encryption algorithm that includes versions RC2, RC4, RC5, and RC6. RC4 is a secure stream cipher, and RC5 and RC6 are block ciphers. |
|
|
|
RFI |
Radio frequency interference. Interference from RF sources such as AM or FM transmitters. RFI can be filtered to prevent data interference, and cables can be shielded to protect signals from RFI. |
|
|
|
RIPEMD |
RACE Integrity Primitives Evaluation Message Digest. A hash function used for integrity. It creates fixed length hashes of 128, 160, 256, or 320 bits. |
|
|
|
RPO |
Recovery Point Objective. A Recovery Point Objective identifies a point in time where data loss is acceptable. It is related to the RTO and the BIA often includes both RTOs and RPOs. |
|
|
|
RSA |
An asymmetric algorithm used to encrypt data and digitally sign transmissions. It is named after its creators, Rivest, Shamir, and Adleman, and RSA is also the name of the company they founded together. RSA relies on the mathematical properties of prime numbers when creating public and private keys. |
|
|
|
RSTP |
Rapid Spanning Tree Protocol. An improvement over STP. STP and RSTP protocols are enabled on most switches and protect against switching loops, such as those caused when two ports of a switch are connected together. |
|
|
|
RTO |
Recovery Time Objective. An RTO identifies the maximum amount of time it can take to restore a system after an outage. It is related to the RPO and the BIA often includes both RTOs and RPOs. |
|
|
|
RTP |
Real-time Transport Protocol. A standard used for delivering audio and video over an IP network. |
|
|
|
S/MIME |
Secure/Multipurpose Internet Mail Extensions. Used to secure e-mail. S/MIME provides confidentiality, integrity, authentication, and non-repudiation. It can digitally sign and encrypt e-mail, including the encryption of e-mail at rest (stored on a drive) and in transit (data sent over the network). It uses RSA, with public and private keys for encryption and decryption, and depends on a PKI for certificates. |
|
|
|
SaaS |
Software as a Service. Applications provided over the Internet. Webmail is an example of a cloud-based technology. Compare to IaaS and PaaS. |
|
|
|
SCAP |
Security Content Automation Protocol. A method with automated vulnerability management, measurement, and policy compliance evaluation tools |
|
|
|
SCP |
Secure copy. Based on SSH, SCP allows users to copy encrypted files over a network. SCP uses port 22. |
|
|
|
SCSI |
Small Computer System Interface. Set of standards used to connect peripherals to computers. Commonly used for SCSI hard disks and/or tape drives. |
|
|
|
SDLC |
Software Development Life Cycle. A software development process. Many different models are available. |
|
|
|
SDLCM |
Software Development Life Cycle Methodology. The practice of using a SDLC when developing applications. |
|
|
|
SELinux |
Security-Enhanced Linux. A trusted operating system platform that prevents malicious or suspicious code from executing on both Linux and UNIX systems. It is one of the few operating systems that use the MAC model. |
|
|
|
SFTP |
Secure FTP. An extension of Secure Shell (SSH) using SSH to transmit the files in an encrypted format. SFTP transmits data using port 22. |
|
|
|
SHA |
Secure Hash Algorithm. A hashing function used to provide integrity. SHA1 uses 160 bits, and SHA-256 uses 256 bits. Hashing algorithms always provide a fixed-size bit-string regardless of the size of the hashed data. By comparing the hashes at two different times, you can verify integrity of the data. |
|
|
|
SHTTP |
Secure Hypertext Transfer Protocol. An alternative to HTTPS. Infrequently used. |
|
|
|
SID |
Security identifier. Unique set of numbers and letters used to identify each user and each group in Microsoft environments. |
|
|
|
SIM |
Subscriber Identity Module. A small smart card that contains programming and information for small devices such as cell phones. |
|
|
|
SLA |
Service level agreement. An agreement between a company and a vendor that stipulates performance expectations, such as minimum uptime and maximum downtime levels. |
|
|
|
SLE |
Single loss expectancy. Used to measure risk with annualized loss expectancy (ALE) and annualized rate of occurrence (ARO). The SLE identifies the expected dollar amount for a single event resulting in a loss. The calculation is SLE x ARO = ALE. |
|
|
|
SMTP |
Simple Mail Transfer Protocol. Used to transfer e-mail between clients and servers and between e-mail servers and other e-mail servers. SMTP uses port 25. |
|
|
|
SNMP |
Simple Network Management Protocol. Used to manage network devices such as routers or switches. SNMP agents report information via notifications known as SNMP traps, or SNMP device traps. |
|
