Cyber Security

GCIA

Stands for GIAC Certified Intrusion Analyst. A certification issued by Global Information Assurance Certification. Demonstrates that an individual is able to configure and monitor intrusion detection systems, and to read, interpret, and analyze network traffic and related log files.

GCIH

Stands for GIAC Certified Incident Handler. A certification issued by Global Information Assurance Certification. Demonstrates that an individual is able to understand what a Security Incident is and to deal with an incident after it has occurred.

GRC

Stands for a Governance Risk and Compliance. It facilitates the formulation and sustained management of information security risks.

GSEC

Stands for GIAC Security Essentials Certification. Issued by Global Information Assurance Certification. Demonstrates that an individual understands information security beyond simple terminology and concepts.

HBSS

A Host Based Security System. Commercial-off-the-shelf (COTS) suite of software applications. Monitors, detects, and defends the Department of Defence (DoD) computer networks and systems.  

HIPS

Stands for Host Intrusion Prevention System. Aims to protect endpoint devices. Stops malware by monitoring the behavior of the code.

Identity and Access Management

A framework of policies and technologies that facilitates the management of electronic or digital identities. Controls who is authenticated and authorized to use resources.

Incident Response

A method of rapidly responding to security breaches or cyber attacks. Aims to detect an attack, limit the damage, manage it in a way that reduces recovery time and costs.

Information Assurance

A practice of protecting information and managing risks related to the use, processing, storage, and transmission of data and information systems. It ensures availability, integrity, authentication, confidentiality, and non-repudiation.

Information Security

An acronym of Information Security. It is practice of preventing unauthorized access as well as abuse of illegally acquired information. This also includes disclosure, modification, disruption or destruction, inspection or recording of information.

Intrusion Detection

Monitors a network or systems for malicious activity, policy violations or port scanners. Raises alerts on recognizing a known threat’s signature.

IPS

Stands for an intrusion prevention system. Identifies malicious activities such as policy violations or security threats. Denies network traffic based on a security profile and reports it.

ISO

ISO framework developed by the International Organization for Standardization. Helps organizations manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties.

ITIL

Stands for the Information Technology Infrastructure Library. It's a framework of best practices for delivering IT services within a business. Aims to improve efficiency and achieve predictable service delivery.

COBIT

Stands for Control Objectives for Information and Related Technologies. Created by a professional association ISACA, it is a roadmap for IT management and governance, information security, audit and risk management.

log analysis

A process of analyzing computer-generated records to diagnose and resolve issues within an application. Helps mitigate a variety of risks and meet compliance regulations.

Malware

Any software used to disrupt computer operations. Once it gains access to private computer systems, it can gather sensitive information or display unwanted advertising. There are many malware types that perform different functions; e.g., spyware, trojan horse, ransomware, worms, viruses, etc.

Malware Analysis

A process of determining and analyzing the functionality, origin and potential impact of given malware samples.

Nessus

A remote vulnerability scanner, that is used during vulnerability assessments and penetration testing engagements, including malicious attacks.

Network Address Translation

A process of translating the IP addresses of computers in a local network to a single IP address. It helps decrease the number of public IP addresses an organization or company use, for both economy and security purposes.

Network Security

A practice of preventing and protecting the underlying networking infrastructure against unauthorized intrusion into corporate networks. It is designed to protect the usability and integrity of the network and data.

Next Generation Firewall

A part of the third generation of firewall technology. It's a more advanced version of the traditional firewall that performs a more in-depth inspection. Includes such features as application awareness and control, integrated intrusion prevention, cloud-delivered threat intelligence.

NIST Cybersecurity Framework

US Government guidance for private sector organizations that assesses and improves their ability to prevent, detect, and respond to cyber attacks. 

PCI DSS

Stands for the Payment Card Industry Data Security Standard. Aims to increase controls around cardholder data to reduce credit card fraud.

QRadar

An enterprise security information and event management (SIEM) product. It provides security teams with the visibility and analytics needed to quickly detect, investigate and respond to threats. It"s available on premises and in a cloud environment.

Development by Synergize.digital

Sign up for updates
straight to your inbox