Term
|
Definition
a packet that turns on the urgent, push, and fin flags
Can be used as a DoS attack. |
|
|
Term
|
Definition
[image]
Uses a single ping with a spoofed source address sent to a broadcast address. This causes every device to reply to the spoofed source address, causing a DoS attack. |
|
|
Term
|
Definition
Hash function based upon the Merkle-Damgard construction
160-bit fixed output |
|
|
Term
| SHA-1 vs SHA-2 bit output |
|
Definition
SHA-1 creates a 160-bit fixed output
SHA-2 creates a 256-bit fixed output |
|
|
Term
|
Definition
Message Digest 5
128-bit hash value |
|
|
Term
|
Definition
Unified Extensible Firmware Interface
Newer kind of BIOS
Contains a pre-boot environment with its own shell, drivers, and applications (not an OS) |
|
|
Term
|
Definition
Mandatory Access Control
Define security clearance levels and associate every object in the organization to a specific level
Defined by admins |
|
|
Term
|
Definition
Discretionary Access Control
Owners control access. Common in most OS. |
|
|
Term
|
Definition
Role Based Access Control
Admins define roles |
|
|
Term
|
Definition
Attribute-based access control
Grants access based on a set of admin define parameters (IP address, time of day, desired action, relationship to data, etc) |
|
|
Term
|
Definition
Interconnection Security Agreement
Defines security controls between a federal agency and external system |
|
|
Term
|
Definition
Business Partners Agreement
Between manufacturers and resellers |
|
|
Term
|
Definition
Service Level Agreement
Terms of provided services (uptime, response time, etc.) |
|
|
Term
|
Definition
Memorandum of understanding
Legal basis for protecting information assets |
|
|
Term
| Diamond Model of Intrusion Analysis |
|
Definition
Illustrates that an "adversary" uses a "capability" over an "infrastructure" against a "victim"
[image] |
|
|
Term
| Lockheed Martin cyber kill chain |
|
Definition
|
|
Term
|
Definition
Open Indicators of Compromise
An open framework meant for sharing threat intelligence information in a machine-readable format. |
|
|
Term
|
Definition
| Globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. |
|
|
Term
|
Definition
Lightweight directory access protocol
Used for communication between applications and directory services servers
389 |
|
|
Term
|
Definition
Internet Message Access Protocol
Internet protocol that lets you sync your email inbox across multiple devices.
993 (over SSL) |
|
|
Term
|
Definition
Database management system
3306 |
|
|
Term
|
Definition
| Concept of layering various network appliances and configurations to create a more secure and defensible architecture |
|
|
Term
|
Definition
Unified Threat Management
A single piece of hardware or software that provides multiple security functions |
|
|
Term
|
Definition
| Process that creates and runs VMs |
|
|
Term
|
Definition
Rivest, Shamir, Adelman
Old (1977)
Public key cryptography (encrypt, decrypt, digital signatures) |
|
|
Term
|
Definition
Pretty Good Privacy
Asymmetric encryption |
|
|
Term
|
Definition
Elliptic-curve cryptography
Allows for smaller public-keys to provide the same amount of security |
|
|
Term
|
Definition
| Symmetric-key block cipher |
|
|
Term
|
Definition
Asymmetric cryptographic method that's used to decide on a symmetric key between 2 devices
Used for Perfect Forward Secrecy |
|
|
Term
|
Definition
|
|
Term
|
Definition
| brute force attack using a large number of usernames and one password |
|
|
Term
|
Definition
| Payment Card Industry Data Security Standard |
|
|
Term
|
Definition
| Protected health information |
|
|
Term
|
Definition
General Data Protection Regulation
regulation created in the European Union that creates provisions and requirements to protect the personal data of European Union (EU) citizens |
|
|
Term
|
Definition
| Personally identifiable information |
|
|
Term
|
Definition
Network Access Control
Unifies endpoint security technology (such as anti-virus, host intrusion prevention, and vulnerability assessment), user/system authentication, and network security enforcement.
NACs wills can new devices in a sandbox environment before allowing them onto the network. |
|
|
Term
|
Definition
Sender Policy Framework
email authentication protocol and part of email cybersecurity used to stop phishing attacks
It allows your company to specify who is allowed to send email on behalf of your domain. |
|
|
Term
|
Definition
Data Sharing and Use Agreement
States that personal data can only be collected for a specific purpose |
|
|
Term
|
Definition
Advanced Encryption Standard
Symmetric
Very popular |
|
|
Term
|
Definition
Triple Data Encryption Standard
Symmetric algorithm using 3 keys
- 1st key encrypts
- 2nd key decrypts
- 3rd key encrypts
Replaced by AES |
|
|
Term
|
Definition
|
|
Term
|
Definition
Recovery Point Objectives
(Think: how far back in time is the backup that I want to be able to restore from?) |
|
|
Term
|
Definition
| Mean Time Between Failures |
|
|
Term
|
Definition
|
|
Term
|
Definition
Mean Time To Detect
Average time it takes to discover a security incident |
|
|
Term
| Difference between full, incremental, and differential backups |
|
Definition
|
|
Term
|
Definition
Peripheral Component Interconnect
Bus used to provide low-speed connectivity to expansion cards.
Mostly replaced by the faster PCIe bus. |
|
|
Term
|
Definition
| Popular password cracking tool |
|
|
Term
|
Definition
|
|
Term
|
Definition
| used to create reverse shells for remote access |
|
|
Term
|
Definition
allows attackers to bypass network security mechanisms like firewalls
Basically the attacker initiates an outgoing connecter to themselves from the victim's computer for command and control |
|
|
Term
|
Definition
public key certificate that can be used with multiple subdomains of a domain
ex: *.skykick.com |
|
|
Term
|
Definition
Wired Equivalent Privacy
Security algorithm for 802.11 wireless networks
Obsolete |
|
|
Term
|
Definition
positioned at cloud network edge and lets proper traffic in
listens to the outside internet |
|
|
Term
|
Definition
| assigning permissions to the top of a folder tree, which then automatically assigns every folder in the tree underneath to inherit the same permissions |
|
|
Term
|
Definition
Layer 2 Tunneling Protocol
1701 |
|
|
Term
|
Definition
88
network authentication protocol that allows for communication over a non-secure network |
|
|
Term
| active vs. passive scanning |
|
Definition
passive: gathering open-source or publicly available information
active: direct probing |
|
|
Term
|
Definition
| User chooses from list of approved devices chosen by the company |
|
|
Term
|
Definition
Company-Owned / Personally Enabled
company provides the device and places some restrictions on functionality |
|
|
Term
|
Definition
File Transfer Protocol
21 control port
20 used to transfer files |
|
|
Term
|
Definition
Secure Shell
22
Designed to transmit data through a remote connection |
|
|
Term
|
Definition
Terminal Access Controller Access Control System
Cisco proprietary protocol used for AAA services
49 |
|
|
Term
|
Definition
Domain Name System
Used to associate IP addresses with domain names
53 |
|
|
Term
|
Definition
Dynamic Host Configuration Protocol
67/68 |
|
|
Term
|
Definition
Hypertext Transfer Protocol
80 |
|
|
Term
|
Definition
Post Office Protocol
E-mail protocol that allows e-mail clients to communicate with e-mail servers
Only one-way communication
110 |
|
|
Term
|
Definition
Internet Message Access Protocol
E-mail protocol used by e-mail clients to communicate with e-mail servers
2 way communication
143, 993 |
|
|
Term
|
Definition
Simple Network Management Protocol
Protocol used to monitor and manage network devices on IP networks
161/162 |
|
|
Term
|
Definition
Lightweight Directory Access Protocol
Used to manage and communicate with directories
389 |
|
|
Term
|
Definition
Lightweight Directory Access Protocol Secure
Secure version of LDAP that uses TLS for encryption
Mutual authentication between client and server.
636, 3269 |
|
|
Term
|
Definition
File Transfer Protocol Secure
can run on ports 20/21 or 989/990 |
|
|
Term
|
Definition
Internet Message Access Protocol Secure
993 |
|
|
Term
|
Definition
|
|
Term
|
Definition
Remote Authentication Dial-In User Service
used to provide AAA for network services
1812,1813 |
|
|
Term
|
Definition
developed as an upgrade to RADIUS
3868 |
|
|
Term
|
Definition
Secure Real Time Protocol
replaced RTP and is a protocol used to stream audio and video communication using UDP
5004 |
|
|
Term
|
Definition
Layer 2 Tunneling Protocol
Used to create point to point connections, like VPNs over a UDP connection.
1701 |
|
|
Term
|
Definition
Transmission Control Protocol
Provides error checking |
|
|
Term
|
Definition
User Datagram Protocol
fire and forget |
|
|
Term
|
Definition
Point to Point Tunneling Protocol
Deprecated protocol for VPNs
1723 |
|
|
Term
|
Definition
Extensible Authentication Protocol
framework that allows for numerous different mechanisms of authentication, including things like simple passwords, digital certificates, and public key infrastructure |
|
|
Term
|
Definition
Microsoft Challenge Handshake Authentication Protocol version 2
Password based authentication protocol that is widely used as an authentication method in PPTP-based VPNs
Can be used with EAP |
|
|
Term
|
Definition
used to exchange cryptographic keys over a public channel securely
Asymmetric (public key) |
|
|
Term
|
Definition
Cyclic Redundancy Check
error-detecting code used in storage devices to detect accidental changes in raw data
blocks of data get a short check value attached based on the remainder of their contents' polynomial division |
|
|
Term
|
Definition
Exact Data Match
Pattern matching technique
ex: find SSNs using xxx-xx-xxxx |
|
|
Term
|
Definition
Cross-Site Scripting
injection of malicious scripts into trusted websites, and using the web app to send these scripts to a different end-user |
|
|
Term
|
Definition
Managed Security Service Provider
Security as a service |
|
|
Term
|
Definition
redirect traffic from legitimate website to a bogus website (usually combined with phishing)
ex: redirect facebook.com to a malicious site that has the same login page and phish peoples' login creds |
|
|
Term
|
Definition
| code injection on web apps to reveal sensitive data or modify data |
|
|
Term
|
Definition
The Family Educational Rights and Privacy Act
Protects the privacy of student educational records |
|
|
Term
|
Definition
Gramm-Leach-Bliley Act
Protects the privacy of individual financial information. |
|
|
Term
|
Definition
Sarbanes-Oxley Act
Dictates requirements for storing and retaining an organization's financial and business documents.
Must be publicly-traded with a market value of at least 75M. |
|
|
Term
|
Definition
Health Insurance Portability and Accountability Act
rules and regulations around medical records |
|
|
Term
|
Definition
| temporary files on a hard disk used as virtual memory |
|
|
Term
|
Definition
|
|
Term
|
Definition
Controlled Unclassified Information
Federal non-classified information that must be protected with a set of regulations |
|
|
Term
|
Definition
| creates tools and environments for exercises to be performed |
|
|
Term
|
Definition
|
|
Term
|
Definition
| the hard drive is encrypted by default, and the key is destroyed during the erasing operation |
|
|
Term
|
Definition
| a system in which a randomly generated private key is used only once to encrypt a message that is then decrypted by the receiver using a matching one-time pad and key |
|
|
Term
|
Definition
| An application that allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets (ping request and replies). |
|
|
Term
|
Definition
Sends custom ICMP, UDP, or TCP packets and displays any replies.
Handy when trying to probe hosts behind a firewall. |
|
|
Term
|
Definition
| Pinging the subnet's broadcast IP. |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Like Hping but supports IPv6 |
|
|
Term
|
Definition
eliminating hard drive info
ex: cryptographic erasure |
|
|
Term
| Information Assurance (IA) |
|
Definition
| managing risks related to the handling of data |
|
|
Term
|
Definition
Certificate Revocation List
a list of digital certificates that have been revoked by the issuing certificate authority (CA) before their actual or assigned expiration date |
|
|
Term
| private IP address spaces |
|
Definition
10.x.x.x
172.16-31.x.x
192.168.x.x |
|
|
Term
|
Definition
| Method of detecting unknown new viruses or modified old viruses. |
|
|
Term
|
Definition
Digital Signature Algorithm
Asymmetric algorithm |
|
|
Term
|
Definition
|
|
Term
|
Definition
| the Syslog server is a centralized log management solution |
|
|
Term
|
Definition
Trusted Platform Module
A secure cyrptoprocessor that is attached to the motherboard. Protects computer data through encryption/decryption. |
|
|
Term
|
Definition
Pluggable Authentication Module
looks like a USB; used as a software key |
|
|
Term
|
Definition
|
|
Term
|
Definition
Federal Information Security Management Act
US law to protect government info against threats |
|
|
Term
|
Definition
Children's Online Privacy Protection Act
US law that defines regulations around collecting data on children under 13 |
|
|
Term
|
Definition
| Facilitates the sharing of information within a user profile between sites |
|
|
Term
|
Definition
Open ID Connect
Authentication protocol that can be implemented as special types of OAuth flows with precisely defined token fields |
|
|
Term
|
Definition
Active Directory Federation Services
From Microsoft; provides SSO access to users |
|
|
Term
|
Definition
Security Assertion Markup Language
Open standard for exchanging authentication and authorization data between parties |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Annual Rate of Occurrence |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Complete suite of wireless exploitation tools |
|
|
Term
|
Definition
|
|
Term
|
Definition
| used to connect to shared resources (i.e. network printers) |
|
|
Term
|
Definition
23
Not secure; sends all data in cleartext |
|
|
Term
|
Definition
| method of sorting cryptographic keys |
|
|
Term
| order of volatility (forensics) |
|
Definition
1. CPU, cache, and register contents
2. routing tables, ARP caches, process tables, kernel statistics
3. live network connections and data flows
4. RAM
5. temporary file system / swap space
6. data on hard disk
7. remotely logged data
8. data stored on archival media / backups |
|
|
Term
|
Definition
| Injecting a Carriage Return / Line Feed character (\r or \n) |
|
|
Term
|
Definition
Trivial File Transfer Protocol
69 |
|
|
Term
| Data owner responsibilities |
|
Definition
Integrity, confidentiality, availability, and privacy
Directs data stewards and data custodians |
|
|
Term
|
Definition
| responsible for data quality |
|
|
Term
|
Definition
| Managing the system on which the data assets are stored |
|
|
Term
|
Definition
| responsible for oversight of PII/SPI/PHI assets |
|
|
Term
|
Definition
| alters its binary code to change its signature and avoid detection by antimalware scanners |
|
|
Term
|
Definition
Infrared
Require a direct line of sight |
|
|
Term
|
Definition
| Redundant Array of Independent Disks |
|
|
Term
|
Definition
| Data is striped across multiple disks |
|
|
Term
|
Definition
|
|
Term
|
Definition
Data is striped across multiple disks along with parity
Parity is used to rebuild the drives if there is a disk failure |
|
|
Term
|
Definition
Minimum of 4 disks
Striped and mirrored |
|
|
Term
|
Definition
| when an organization decides to deflect a risk to another organization |
|
|
Term
|
Definition
| determines the purposes and means by which personal data is processed |
|
|
Term
|
Definition
Desktop as a Service
Virtualized desktop environment from within a cloud-based service
Also known as VDI |
|
|
Term
|
Definition
| Fraud claiming that there is malware on computer and that the user must buy their fake malware removal tool (which is actually malware) |
|
|
Term
|
Definition
|
|
Term
| How to find buffer overflows |
|
Definition
| Static code analysis tools |
|
|
Term
|
Definition
| SQL is a lot more loose on syntax |
|
|
Term
|
Definition
| Extensible Markup Language |
|
|
Term
|
Definition
managerial
operational
technical |
|
|
Term
|
Definition
| based on overall risk management |
|
|
Term
|
Definition
| people-executed procedures |
|
|
Term
|
Definition
|
|
Term
|
Definition
preventative
detective
corrective
deterrent
compensating
physical |
|
|
Term
|
Definition
used after the event to minimize the extent of the damage
i.e. backups |
|
|
Term
|
Definition
used when there is no way to directly address the threat
i.e. fire suppression systems |
|
|
Term
|
Definition
| fire extinguishing system used in data centers and server rooms |
|
|
Term
|
Definition
| brute force attack where large numbers of leaked credentials are entered into websites until they are matched to an existing account |
|
|
Term
|
Definition
| infrared shines into the eye to identify the pattern of blood vessels |
|
|
Term
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Relying Party
Provide services to members of a federation |
|
|
Term
| How does SAML provide SSO? |
|
Definition
| Allows the SP to establish a trust relationship with an IdP so the SP can trust the user without the user needing to authenticate with the SP. The User Agent (browser of user) requests a resource from the SP or RP (resource host). If the user agent does not already have a valid session, the SP redirects the user agent to the IdP, which requests the user's creds. If correct, the IdP sends verification to the SP and the SP establishes a session for the user and provides them with access to the resource. |
|
|
Term
|
Definition
|
|
Term
|
Definition
| data is modified or altered |
|
|
Term
|
Definition
| process of verifying that a created solution/software works for the user |
|
|
Term
| security regression testing |
|
Definition
| ensures that changes made to a system do not harm its security |
|
|
Term
|
Definition
Enhanced Interior Gateway Routing Protocol
routing protocol |
|
|
Term
|
Definition
Border Gateway Protocol
routing protocol |
|
|
Term
|
Definition
Security Orchestration, Automation, and Response
Uses runbooks |
|
|
Term
|
Definition
do not require credentials and do not get trusted access to the systems they are scanning
miss most vulnerabilities |
|
|
Term
|
Definition
creates perfect copies or forensic images of computer data without making changes to the original evidence
proprietary |
|
|
Term
|
Definition
| open-source tool used to create forensic images |
|
|
Term
|
Definition
| used to collect RAM content |
|
|
Term
|
Definition
| cross-platform, open-source forensic tool suite |
|
|
Term
|
Definition
eliminates data from being feasibly recovered, even in a lab environment
i.e. CE, degaussing |
|
|
Term
|
Definition
destroys the data on a HDD by eliminating the magnetic field
does not destroy the drive
does not work on an SSD |
|
|
Term
|
Definition
| inserting malicious data into an HTTP response header |
|
|
Term
|
Definition
| more than one person is required to complete a task |
|
|
Term
|
Definition
Certificate Signing Request
Submitted to a CA to request a digital certificate |
|
|
Term
|
Definition
Online Certificate Status Protocol
used to obtain the revocation status of a digital certificate |
|
|
Term
|
Definition
Password Authentication Protocol
does not encrypt the data and sends the password and username to the authentication server as plain text |
|
|
Term
|
Definition
| shows where communications occurred, by what protocol, to which devices, and how much content was sent |
|
|
Term
|
Definition
| provides the secure creation of VPN connections and the delivery of messages between VPN nodes |
|
|
Term
|
Definition
Sensitive Personal Information
opinions, beliefs, and nature of a person |
|
|
Term
|
Definition
Simple Mail Transfer Protocol
25, 465 |
|
|
Term
|
Definition
a Kerberos ticket that can grant other tickets in an AD environment
attackers can create golden tickets to grant admin access to other domain members |
|
|
Term
|
Definition
| compromise one central host (the pivot) that allows the attacker to spread to other hosts that would otherwise be inaccessible |
|
|
Term
|
Definition
User and Entity Behavior Analytics
system that detects suspicious activity from user accounts and computer hosts |
|
|
Term
|
Definition
| making the application point to a null point in memory (crashes the app) |
|
|
Term
|
Definition
Statement of Work
What will and will not be performed during a pen test |
|
|
Term
|
Definition
Master Service Agreement
Defines terms of future transactions between two parties. |
|
|
Term
|
Definition
Network Technology LAN Manager
SSO tool from Microsoft
128-bit fixed output |
|
|
Term
|
Definition
Committee of Sponsoring Organizations of the Treadway Commission
Guides governance-related topics |
|
|
Term
|
Definition
| limiting data collection to only what is required to fulfill a specific purpose |
|
|
Term
| What is required for evidence to be admissible in a court of law? |
|
Definition
|
|
Term
|
Definition
| Used in environments that enable you to set rules. |
|
|
Term
|
Definition
combining dictionary and brute force methods
ex: using passwords from a dictionary and adding numbers to the end (000, 001, ...) |
|
|
Term
|
Definition
| used to sanitize flash-based devices (SSD and USBs) when CE is not available |
|
|
Term
|
Definition
HMAC-based One-time Password Algorithm
Algorithm for token-based authentication. The auth server and client token are configured with the same shared secret. |
|
|
Term
|
Definition
| Hash based Message Authentication Code |
|
|
Term
|
Definition
PIV/CAC
Inserted into the smart card reader, then the PIN unlocks the card and allows the digital certificate to be presented to the system. |
|
|
Term
| AlienVault (AT&T Cybersecurity) Cyber Kill Chain |
|
Definition
| Specifically designed to avoid the rigidity of the Lockheed Martin cyber kill chain |
|
|
Term
|
Definition
| sending unsolicited messages over Bluetooth |
|
|
Term
|
Definition
| unauthorized access of information from a wireless device through a Bluetooth connection |
|
|
Term
|
Definition
Initialization Vector attack
An attack on wireless networks |
|
|
Term
|
Definition
| Command and control networks and systems designed to support industrial processes |
|
|
Term
|
Definition
| contactless card that utilizes RFID |
|
|
Term
|
Definition
| Time-based one-time password |
|
|
Term
|
Definition
| Willingness to tolerate risk |
|
|
Term
| Incident response process |
|
Definition
1. preparation
2. detection and analysis
3. containment, eradication, and recovery
4. post-incident activity |
|
|
Term
|
Definition
virus that protects itself from being reverse engineered
ex: changes its code during execution and encrypts its payloads |
|
|
Term
|
Definition
Management Information Base
Database used for managing the entities in a communication network |
|
|
Term
|
Definition
Digital Rights Management
Copyright protection technology for digital media |
|
|
Term
|
Definition
Digital Millennium Copyright Act
United States copyright law |
|
|
Term
| which auth protocol uses a shared secret? |
|
Definition
|
|
Term
|
Definition
Cross-Site Request Forgery
Unauthorized commands are transmitted from a user that the web application trusts. |
|
|
Term
| Do Apache web servers run as an admin by default? |
|
Definition
| No. Apache web servers run as a limited user by default. |
|
|
Term
|
Definition
| Requires both people to act together to accomplish some duty. |
|
|
Term
|
Definition
| Display and troubleshoot DNS records |
|
|
Term
|
Definition
| display network statistics |
|
|
Term
|
Definition
| Supervisory Control And Data Acquisition |
|
|
Term
|
Definition
| Industrial Control Systems |
|
|
Term
|
Definition
Browser Exploitation Framework
Pen testing tool that focuses on web browsers. |
|
|
Term
|
Definition
| A trusts B, and B trusts C, therefore A trusts C |
|
|
Term
| Which access control provides the strongest level of protection? |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
| Static code analysis tool |
|
|
Term
|
Definition
| testing technique to understand how a system behaves when stressed in unusual ways |
|
|
Term
|
Definition
| theft of information through Bluetooth |
|
|
Term
|
Definition
attaching to the beginning of data
used in URL phishing |
|
|
Term
| Is a PUP downloaded with the user's consent? |
|
Definition
|
|
Term
|
Definition
|
|
Term
|
Definition
Metal as a Service
Offers cloud style provisioning for physical servers |
|
|
Term
|
Definition
| theft of personal data from a payment card |
|
|
Term
|
Definition
| making an unauthorized copy of a payment card |
|
|
Term
|
Definition
|
|
Term
|
Definition
Server-Side Request Forgery
Access info from server |
|
|
Term
|
Definition
| failure in a program to release discarded memory |
|
|
Term
|
Definition
DOS
Sends disassociation packets to a mobile device so it's disconnected from an access point |
|
|
Term
|
Definition
uses lots of parenthesis
search.aspx?name=userName)(zone=*)
administrator)(&)) |
|
|
Term
|
Definition
Dynamic Link Library
shared libraries of functions |
|
|
Term
|
Definition
config file for software
text-based content |
|
|
Term
|
Definition
| used to obtain payment card info |
|
|
Term
|
Definition
Programmable Encryption Device
Used in payment cards |
|
|
Term
|
Definition
| Spam through Instant Messaging |
|
|
Term
|
Definition
|
|
Term
|
Definition
| Wireless Transport Layer Security |
|
|
Term
|
Definition
| installing an app on a mobile device without using the device's official application-distribution method |
|
|
Term
|
Definition
| altering an app's source code without changing its external behavior |
|
|
Term
|
Definition
|
|
Term
|
Definition
| hardened machine used for admin access to servers |
|
|
Term
|
Definition
special-purpose computer on a network designed to withstand attacks
ex: a proxy server with no other services running |
|
|
Term
|
Definition
| isolating a network from outside networks |
|
|
Term
|
Definition
| command line tool used to download files from the internet |
|
|
Term
| passive network monitoring |
|
Definition
| capturing traffic via network tap or span port or mirror port |
|
|
Term
| active network monitoring |
|
Definition
| injecting test traffic into a network and monitoring the route it takes |
|
|
Term
| what does the secure flag on a cookie do? |
|
Definition
| Prevents the browser from sending the cookie over an unencrypted channel |
|
|
Term
|
Definition
| File integrity monitoring program |
|
|
Term
|
Definition
| embedding location coordinates into a piece of data (i.e. photo or video) |
|
|
