Cyber Security

Risk Management

A process of identifying, assessing and controlling threats. Applies administrative actions and comprehensive solutions to ensure adequate protection.

Risk Management Framework

Federal government policy and standards that dictate how United States government IT systems must be architected, secured, and monitored. It helps secure information systems developed by the National Institute of Standards and Technology.

Routing

A process of selecting a path for traffic from source to a particular destination. Performed by a router. 

SANS GIAC certifications

Global Information Assurance Certification founded by the SANS Institute. It offers more than 30 security certifications across different levels. Ensures that a certified individual has the knowledge and skills necessary for a practitioner in key areas of computer, information and software security.

Security Architecture

A plan and set of principles that should be provided to achieve security goals. Defines when and where to apply security controls.

Security+

A vendor-neutral, internationally-recognized information security certification by the CompTIA (the Computing Technology Industry Association). Certifies that information security professionals have two years of full-time security-related work experience.

SIEM

Stands for Security Information and Event Management. Enables to detect, monitor, analyze and respond to security events or incidents within a real-time IT environment. Multiple security applications and devices can be managed.

SCAP

Stands for Security Content Automation Protocol. It's a set of open standards for sharing security data developed by the U.S. National Institute of Standards and Technology (NIST). Enables the automated vulnerability management, measurement, and policy compliance evaluation of systems deployed in an organization.

SOC

Stands for Security Operations Center. A centralized unit that monitors and analyzes an organization’s security posture, and deals with cybersecurity incidents.

SSCP

Stands for Systems Security Certified Practitioner. It's a vendor-neutral entry-level information security certification issued by the International Information System Security Certification Consortium, also known as (ISC)².

STIG

Stands for Security Technical Implementation Guide. It contains policy requirements for security programs and best practices for Information Assurance (IA) enabled applications. Based on Department of Defense (DoD) policy and security controls.

switching

A mechanism of directing a signal or data element toward a particular hardware address or hardware pieces. It makes it possible to connect multiple devices on the same network within a building or campus.

Threat remediation

A process by which organizations identify and resolve threats to their systems. Occurs when the threat can be eradicated. It is dependent on the type, category and priority that the threat falls into.

TS/SCI

Stands for Top Secret / Sensitive Compartmented Information. It's a US DoD security clearance. Eligibility for access to TS/SCI is determined by a Single Scope Background Investigation (SSBI) or periodic reinvestigation.

TTP

Stands for the Tactics, Techniques and Procedures of cyber threats. The highest-level description of the behavior or methods of working of cyber adversaries.

Vulnerability Assessment

A process of identifying, analyzing and ranking vulnerabilities in computer systems, applications, and network infrastructures. 

Vulnerability Management

A process of identifying, classifying, remediating, and mitigating security vulnerabilities. It is integral to computer security and network security.

Web Application Firewall

An application firewall for HTTP applications that protects servers. It filters and monitors HTTP traffic between a web application and the Internet.

Web Proxy

A computer or a software system that acts as a gateway between a local network and a larger-scale network such as the internet. It provides increased performance and security and helps filter what users connected to the network can access.

Wireless security

A subset of network security that prevents unauthorized and malicious access to computers or data using wireless networks. It is delivered through wireless devices.

Development by Synergize.digital

Sign up for updates
straight to your inbox