...
AV - Antivirus
AWS - Amazon Web services
CIDR - (Classless Inter-Domain Routing or super netting)
CIS - Center for Internet Security (CIS) Controls
CPU - Central Processing unit (the brain of a computer)
CSP - Cloud Service Provider
CVE - Common Vulnerabilities and Exposures/Exploits
CVSS - Common vulnerability scoring system
DC - Domain Controller
DNS - Domain Name Server
DQL - Data query language
EDR - Endpoint Detection and response
EOL - End of life
EPSS - Exploit prediction scoring system
Ediths notes: psa, rmn, mrr, cia triad, dandu, agents & agent types, assests, nvd, nist, smb, msp.
...
Sherry’s Comments/Notes
API - Application Programming Interface
Attack Surface Mapper - identify and evaluate potential vulnerabilities in a network that could be exploited by threat actors
AV - Antivirus
AWS - Amazon Web services
CIDR - (Classless Inter-Domain Routing or super netting)
CIS - Center for Internet Security (CIS) Controls
CPU - Central Processing unit(brain of a computer)
CSP - Cloud Service Provider
CVE - stands for Common Vulnerabilities and Exposures/Exploits. The system provides a method for publicly sharing information on cybersecurity vulnerabilities and exposures.
CVSS - Common vulnerability scoring system
CVSS only tells you how bad a vulnerability could be, not how likely it is that hackers will actually use it.
DC - Domain Controller
DNS - Domain Name Server
DQL - Data query language
EDR - Endpoint Detection and response
EOL - End of life
EPSS - Exploit prediction scoring system - http://first.org scoring 0-100 this tries to predict how probably it is that a specific vulnerability will be used by hackers in the real world. Likelihood of exploitation
GPO - Group Policy Objects - a collection of Group Policy settings that defines what a system will look like and how it will behave for a defined group of users.
FIPS - Federal Information Processing Standards - Set of standards established by the NIST (National Institute of Standards and Technology in US. Relevant information systems and computer security
HIPAA - Health Information Portability and Accountability Act
Https - Hypertext Transfer Protocol
IOT - Internet of Everything
IP address - Internet Protocol
LAN - Local Area Network
LDAP - Lightweight Directory Access Protocol
MFA - Multi-factor Authentication
MSP - Managed service provider
MSSP - Managed security service provider
NAS - Network attached storage
NFS - Network File System- file access storage protocols or rules for efficient file sharing over a network
NIST- National Institute of Standards and Technology(National Vulnerability Database)
Nmap - Network Mapper
PaaS - Platform as a Service
PCI-DSS - Payment Card Industry Data Security Standard
PII - Personally Identifiable Information (email address, birth date, ss number, bank info)
PSA - Professional service automation
RAM - Random access memory
RMM - Remote monitoring and management - RMM software is used to do two things: a) gather information from remote endpoints and networks to assess their health, and b) perform various remote IT management tasks on them without disruption.
SaaS - Software as a Service
SFTP - secure file transfer protocol (SFTP)
SLA - Service Level Agreement
SMB - server message block PORT 445 File and print sharing
SMTP - Simple mail transfer protocol
SNMP - (Simple Network Management Protocol)
SSH - Secure shell - (remotely access a sites server)
SSL - Secure socket layers, is the standard in online security. It is used to encrypt data sent over the internet between a client and a server; this prevents many types of attacks (HTTPS)secure
Tcp - Transmission control protocol
TLS - Transport Layer Security (TLS) is the upgraded version of SSL that fixes existing SSL vulnerabilities
UI - User Interface
URL - Uniform Resource Locator - to find resource on internet
VLAN - virtual local area network
VOIP - Voice over internet protocol
VPN - Virtual Private Network
WAN - Wide area network
WAP - Wireless Application Protocol
WAS - Web Application Security