Versions Compared

Version Old Version 2 New Version Current
Changes made by

Edith Dominguez

Sherry McManus

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Ediths notes: psa, rmn, mrr, cia triad, dandu, agents & agent types, assests, nvd, nist, smb, msp.

...

Sherry’s Comments/Notes

  • API - Application Programming Interface

  • Attack Surface Mapper -  identify and evaluate potential vulnerabilities in a network that could be exploited by threat actors

  • AV - Antivirus

  • AWS - Amazon Web services

  • CIDR - (Classless Inter-Domain Routing or super netting)

  • CIS - Center for Internet Security (CIS) Controls

  • CPU - Central Processing unit(brain of a computer)

  • CSP -  Cloud Service Provider

  • CVE -  stands for Common Vulnerabilities and Exposures/Exploits. The system provides a method for publicly sharing information on cybersecurity vulnerabilities and exposures.

  • CVSS -  Common vulnerability scoring system

CVSS only tells you how bad a vulnerability could be, not how likely it is that hackers will actually use it.

  • DC - Domain Controller

  • DNS - Domain Name Server

  • DQL - Data query language

  • EDR - Endpoint Detection and response

  • EOL - End of life

  • EPSS - Exploit prediction scoring system - http://first.org scoring 0-100 this tries to predict how probably it is that a specific vulnerability will be used by hackers in the real world. Likelihood of exploitation

  • GPO - Group Policy Objects - a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.

  • FIPS - Federal Information Processing Standards - Set of standards established by the NIST (National Institute of Standards and Technology in US. Relevant information systems and computer security

  • HIPAA - Health Information Portability and Accountability Act

  • Https - Hypertext Transfer Protocol

  • IOT - Internet of Everything

  • IP address - Internet Protocol

  • LAN - Local Area Network

  • LDAP - Lightweight Directory Access Protocol

  • MFA - Multi-factor Authentication

  • MSP - Managed service provider

  • MSSP - Managed security service provider

  • NAS - Network attached storage

  • NFS - Network File System- file access storage protocols or rules for efficient file sharing over a network

  • NIST- National Institute of Standards and Technology(National Vulnerability Database)

  • Nmap - Network Mapper

  • PaaS - Platform as a Service

  • PCI-DSS - Payment Card Industry Data Security Standard

  • PII - Personally Identifiable Information (email address, birth date, ss number, bank info)

  • PSA - Professional service automation

  • RAM - Random access memory

  • RMM - Remote monitoring and management - RMM software is used to do two things: a) gather information from remote endpoints and networks to assess their health, and b) perform various remote IT management tasks on them without disruption.

  • SaaS - Software as a Service

  • SFTP - secure file transfer protocol (SFTP)

  • SLA - Service Level Agreement

  • SMB - server message block PORT 445 File and print sharing

  • SMTP - Simple mail transfer protocol

  • SNMP - (Simple Network Management Protocol)

  • SSH - Secure shell - (remotely access a sites server)

  • SSL - Secure socket layers, is the standard in online security. It is used to encrypt data sent over the internet between a client and a server; this prevents many types of attacks (HTTPS)secure

  • Tcp - Transmission control protocol

  • TLS - Transport Layer Security (TLS) is the upgraded version of SSL that fixes existing SSL vulnerabilities

  • UI - User Interface

  • URL - Uniform Resource Locator - to find resource on internet

  • VLAN - virtual local area network

  • VOIP - Voice over internet protocol

  • VPN - Virtual Private Network

  • WAN - Wide area network

  • WAP - Wireless Application Protocol

  • WAS - Web Application Security