SECURITY+ BLOG INDEX

 Blog Index

Click on the name or phrase to take you to that post. We will add new links to existing posts on an ongoing basis.

802.1x

AAA

ABAC, DAC, MAC, RBAC+

Access control vestibule

Acquisition

Active/Active Load Balancing
Adaptive Identity
Adware

Amplification Attack

Ansible
API (Application Programming Interface)
APT (Advanced Persistent Threat)
Attack Frameworks

Authentication Factors

Backups Explained, Differential, Incremental, Full

BCP (Business Continuity Plan)

BEC (Business Email Compromise)

Blockchain

Blue Team

Bluetooth Attacks

Bollards

Brand Impersonation
Buffer Overflow
Bug Bounty
CASB (Cloud Access Security Broker)

Certificates

Certutil Video
Change Management
Clean Desk Policy

Cloud Responsibility Matrix
Containers

CRL / OCSP

CSRF (Cross-Site Request Forgery)

CVE / CVSS

CVSS Metrics

Cyber Kill Chain

Dark Web

DATA GOVERNANCE ROLES

Data Controller

Data Custodian
Data Owner
Data Processor

***********************************

DATA PROTECTION

Data at Rest
Data in Transit
Data in Use

***********************************

Data Retention
Data Sovereignty

Diamond Model of Intrusion Analysis

Diffie Hellman

dig

Digital Signature

Directory Traversal Attack
DKIM
DMARC

DNSENUM

DNS Hijacking

DNS Records

DrDoS
EAP-FAST
EAP-TLS
EAP-TTLS
EDR
Elasticity

Email Attacks

ESP (Encapsulating Security Payload)
Expansionary Risk Appetite
Fail Closed

Fail Open

False Positive / False Negative

Flow Collector
Fuzzing

GDPR (General Data Protection Regulation)

GDPR

Right to be Forgotten

***************************************

Geofencing
Geographic Restrictions
Geolocation
GPS Tagging
Guard Rails

Hashing Algorithms: MD5, SHA, RIPEMD, HMAC

Homomorphic Encryption
Honeyfile
Honeypot / Honeynet
Honeytoken

HSTS

IaC (Infrastructure as Code)

IAM (Identity and Access Management)

IKE Phase 1
IMAP

Impossible Travel

IPSec
IPSec Transport Mode
ISACs

ISO

Jailbreaking, Rooting, Sideloading

Juice Jacking

Jump Box / Jump Server

Kerberoasting

Kerberos

Kerberos, Radius, SAML

Key Escrow
Key Stretching
KPI (Key Performance Indicator)

Lateral Movement

Legal Hold
Load Balancing

Media Sanitization Methods

Metadata

Microservices

Mimikatz

Mission Essential Functions

MITRE ATT&CK

MTBF

MTTF

Nation State

NetFlow

Netstat

NFC

NGFW (Next-Generation Firewall)

Nikto

nslookup

OAuth

OCSP

OpenID Connect

OSINT (Open-Source Intelligence)

OWASP

PAM (Privilege Access Management)

Pass-the-Hash Attack

Password Attacks - Offline

Password Attacks Online

Password Reuse

Passwordless Authentication

Password Policy

Password Spraying Attack

PBKDF2

PCI DSS

PEAP

Percent Encoding

Persistence

Phishing Campaigns

Pivoting

Playbook

Policy Administrator (Zero Trust)

Policy Engine (Zero Trust)

POP3 (Post Office Protocol 3)

Port Numbers

Pressure sensors

Pretexting

Purple Team

Quantitative Assessment

Quishing

Race Condition

Rapid Elasticity

Red Team

Regionally Diverse Backups

Reverse Engineering

Right to be Forgotten

Risk Register

RTOS (Real-Time Operating System)

SaaS (Software as a Service)

Salting Passwords

SAN (Storage Area Network)

SASE

SCAP (Security Content Automation Protocol)

SDN

SD-WAN

Secure Enclave

Security Control Categories

SED (Self-Encrypting Drive)

SELinux

Sensitive Data

Serverless

Session Hijacking

SFTP vs SCP

Shadow IT

Shodan

Side Channel Attack

SIEM

Single Pane of Glass

SMB (Server Message Block)

S/MIME

Smishing

SMTP (Simple Mail Transfer Protocol)

SNMP

SOAR (Security Orchestration, Automation, and Response)

SOC 2 Type 1 and 2

SPF (Sender Policy Framework)

SQL Injection

SSL Stripping / SSL/TLS Downgrade

SSRF (Server-Side Request Forgery)

Steganography

STIX

Strings

Supply Chain Security

SWG (Secure Web Gateway)

SY0-701 Acronym Flashcards

SY0-701 Acronyms Video

Symmetric Encryption

Syslog

TAXII

Tcpdump

TFTP

theHarvester

THREAT ACTORS

Competitor

Hacktivist

Insider

Nation-State / APT

Organized Crime / Criminal Syndicate

Unskilled / Script Kiddie

********************************

Threat Scope Reduction

Threat Vector

Tokenization

TPM (Trusted Platform Module)

UEBA

USB Data Blocker

UTM (Unified Threat Management)

Vishing
VM Escape
VM Sprawl

Vulnerable Software

WAF (Web Application Firewall)

Watering Hole Attack

WEP

White Team

Whois Command

Wireless Authentication Methods

Wireless Heat Map

Workforce Multiplier

Worm

WPA

XDR

XXE attack

XSS (Cross-Site Scripting Attack)

Yellow Team

Zero Trust Policy Administrator

Zero Trust Policy Engine

ZTA (Zero Trust Architecture)