SECURITY+ BLOG INDEX

 Blog Index

Click on the name or phrase to take you to that post. We will add new links to existing posts on an ongoing basis.

802.1x

AAA

ABAC, DAC, MAC, RBAC

Access control vestibule

Acquisition
Active/Active Load Balancing
Adaptive Identity
Adware

Amplification Attack

Ansible
API (Application Programming Interface)
APT (Advanced Persistent Threat)

ARP Poisoning / Spoofing

Asymmetric Encryption

Authentication Factors

Backups Explained, Differential, Incremental, Full

Banner Grabbing

BCP (Business Continuity Plan)
BEC (Business Email Compromise)

Blockchain

Blue Team

Bluetooth Attacks

Bollards
Brand Impersonation
Buffer Overflow
Bug Bounty
CASB (Cloud Access Security Broker)

Certificates

Certutil Video

Chain of Custody
Change Management
Clean Desk Policy

Cloud Responsibility Matrix

Code Signing
Containers

CRL / OCSP

CSRF (Cross-Site Request Forgery)

CVE / CVSS

CVSS Metrics

Cyber Kill Chain

Dark Web

DATA GOVERNANCE ROLES

Data Controller

Data Custodian
Data Owner
Data Processor

***********************************

DATA PROTECTION

Data at Rest
Data in Transit
Data in Use

***********************************

Data Retention
Data Sovereignty

Diamond Model of Intrusion Analysis

Diffie Hellman

dig

Digital Signature

Directory Traversal Attack
DKIM
DMARC

DNSENUM

DNS Hijacking

DNS Records

DrDoS
EAP-FAST
EAP-TLS
EAP-TTLS

E-Discovery
EDR
Elasticity

Email Attacks

ESP (Encapsulating Security Payload)
Expansionary Risk Appetite
Fail Closed

Fail Open

False Positive / False Negative

Flow Collector
Fuzzing

GDPR (General Data Protection Regulation)

GDPR

Right to be Forgotten

***************************************

Geofencing
Geographic Restrictions
Geolocation
GPS Tagging
Guard Rails

Hashing Algorithms: MD5, SHA, RIPEMD, HMAC

Homomorphic Encryption
Honeyfile
Honeypot / Honeynet
Honeytoken

HSTS

IaC (Infrastructure as Code)

IAM (Identity and Access Management)

IKE Phase 1
IMAP

Impossible Travel

inSSIDer

IPSec
IPSec Transport Mode
ISACs

ISO

Jailbreaking, Rooting, Sideloading

Journaling

JSON (JavaScript Object Notation)

Juice Jacking

Jump Box / Jump Server

Kerberoasting

Kerberos

Kerberos, Radius, SAML

Key Escrow
Key Stretching
KPI (Key Performance Indicator)

K-Rated Fencing

Lateral Movement

Legal hold

Linux Permissions
Load Balancing

MAC Flooding

Malware Types Part 2

Malware Types Part 3

Managed PDU

Media Sanitization Methods

Metadata
Microservices
Mimikatz

Mission Essential Functions

MITRE ATT&CK

MOA (Memorandum of Agreement)

MSSP

MTBF
MTTF
Nation State

NetFlow

Netstat

NFC
NGFW (Next Generation Firewall)
Nikto

nslookup

OAuth
OCSP (Online Certificate Status Protocol)

OCSP Stapling
OpenID Connect

Order of Volatility
OSINT (Open Source Intelligence)
OWASP

OWASP Dependency-Track
PAM (Privilege Access Management)

Pass-the-Hash Attack

Password Attacks - Offline

Password Attacks Online

Password Reuse

Passwordless Authentication

Password Policy

Password Spraying Attack

PBKDF2

PCI DSS

PDU (Power Distribution Unit)

PEAP

Percent Encoding

Persistence - Load Balancing
Phishing Campaign

Pivoting

Playbook
Policy Administrator (Zero Trust)
Policy Engine (Zero Trust)
POP3 (Post Office Protocol 3)

Port Numbers

Pressure sensors
Pretexting

Purple Team

Quantitative Assessment

Quishing

Race Condition
Rapid Elasticity

Red Team

Regionally Diverse Backups
Reverse Engineering
Right to be Forgotten
Risk Register

RPO (Recovery Point Objective)

RTO (Recovery Time Objective)
RTOS (Real-Time Operating System)
SaaS (Software as a Service)
Salting Passwords
SAN (Storage Area Network)
SASE

SCAP (Security Content Automation Protocol)

SDN
SD-WAN
Secure Enclave

Security Controls
Security Control Categories
SED (Self-Encrypting Drive)
SELinux
Sensitive Data
Serverless
Session Hijacking
SFTP vs SCP
Shadow IT
Shodan
Side Channel Attack
SIEM
Single Pane of Glass

SIP (Session Initiation Protocol)
SMB (Server Message Block)
S/MIME
Smishing
SMTP (Simple Mail Transfer Protocol)
SNMP
SOAR (Security Orchestration, Automation, and Response)
SOC 2 Type 1 and 2
SPF (Sender Policy Framework)

SQL Injection

SSL Stripping / SSL/TLS Downgrade

SSRF (Server-Side Request Forgery)
Steganography

STIGs
STIX
Strings
Supply Chain Security

SWG (Secure Web Gateway)

SY0-701 Acronym Flashcards

SY0-701 Acronyms Video

Symmetric Encryption

Syslog
TAXII
Tcpdump

Tcpreplay
TFTP
theHarvester

THREAT ACTORS

Competitor
Hacktivist
Insider
Nation-State / APT
Organized Crime / Criminal Syndicate
Unskilled / Script Kiddie

********************************

Threat Scope Reduction
Threat Vector
Tokenization
TPM (Trusted Platform Module)
UEBA

USB Data Blocker

UTM (Unified Threat Management)
Vishing
VM Escape
VM Sprawl
Vulnerable Software
WAF (Web Application Firewall)
Watering Hole Attack
WEP

White Team

Whois Command

Wireless Authentication Methods

Wireless Heat Map
Workforce Multiplier
Worm
WPA
XDR

XMAS Tree Scan
XXE attack

XSS (Cross-Site Scripting Attack)

Yellow Team

Zero Trust Policy Administrator
Zero Trust Policy Engine
ZTA (Zero Trust Architecture)