>
SudoStudy
Glossary
Practice Exams
Flashcards
Reference
Glossary
200+ Security+ terms. Search by name, acronym, or definition.
>
All
Access Control
Application Security
Cloud Security
Compliance
Concepts
Cryptography
Frameworks
Identity & Access
Network Security
Risk & Compliance
Security Assessment
Security Controls
Security Operations
Threats
Vulnerabilities
A
B
C
D
E
F
G
H
I
K
L
M
N
O
P
R
S
T
U
V
W
X
Z
145 terms
ACL
·
Access Control List
Access Control
▼
AES
·
Advanced Encryption Standard
Cryptography
▼
Application Whitelisting
Security Controls
▼
APT
·
Advanced Persistent Threat
Threats
▼
ASLR
·
Address Space Layout Randomization
Security Controls
▼
Asymmetric Encryption
Cryptography
▼
Attack Surface
Concepts
▼
Authentication
Identity & Access
▼
Authorization
Identity & Access
▼
AV
·
Antivirus
Security Controls
▼
BCP
·
Business Continuity Plan
Risk & Compliance
▼
bcrypt
Cryptography
▼
Block Cipher
Cryptography
▼
Botnet
Threats
▼
Brute Force Attack
Threats
▼
Buffer Overflow
Vulnerabilities
▼
C2
·
Command and Control
Threats
▼
CA
·
Certificate Authority
Cryptography
▼
CASB
·
Cloud Access Security Broker
Cloud Security
▼
Chain of Custody
Security Operations
▼
CIA Triad
Concepts
▼
Credential Stuffing
Threats
▼
CRL
·
Certificate Revocation List
Cryptography
▼
Cryptographic Hash Function
Cryptography
▼
CSF
·
NIST Cybersecurity Framework
Frameworks
▼
CSP
·
Content Security Policy
Application Security
▼
CSRF
·
Cross-Site Request Forgery
Application Security
▼
CVE
·
Common Vulnerabilities and Exposures
Vulnerabilities
▼
CVSS
·
Common Vulnerability Scoring System
Vulnerabilities
▼
DAC
·
Discretionary Access Control
Access Control
▼
Data Classification
Risk & Compliance
▼
Data Exfiltration
Threats
▼
DDoS
·
Distributed Denial of Service
Threats
▼
Deception Technology
Security Controls
▼
Defense in Depth
Concepts
▼
DEP
·
Data Execution Prevention
Security Controls
▼
DHCP Snooping
Network Security
▼
Dictionary Attack
Threats
▼
Digital Certificate
Cryptography
▼
Digital Forensics
Security Operations
▼
Digital Signature
Cryptography
▼
DLP
·
Data Loss Prevention
Security Controls
▼
DMARC
·
Domain-based Message Authentication Reporting and Conformance
Network Security
▼
DNS Tunneling
Threats
▼
DR
·
Disaster Recovery
Risk & Compliance
▼
ECC
·
Elliptic Curve Cryptography
Cryptography
▼
EDR
·
Endpoint Detection and Response
Security Controls
▼
Encryption
Cryptography
▼
Endpoint Security
Security Controls
▼
False Negative
Security Operations
▼
False Positive
Security Operations
▼
FIDO2 / WebAuthn
Identity & Access
▼
Fileless Malware
Threats
▼
Firewall
Network Security
▼
Fuzzing
Vulnerabilities
▼
GDPR
·
General Data Protection Regulation
Compliance
▼
GPO
·
Group Policy
Identity & Access
▼
Hashing
Cryptography
▼
HIPAA
·
Health Insurance Portability and Accountability Act
Compliance
▼
HMAC
·
Hash-based Message Authentication Code
Cryptography
▼
Honeypot
Security Controls
▼
HSTS
·
HTTP Strict Transport Security
Application Security
▼
IAM
·
Identity and Access Management
Identity & Access
▼
IDS
·
Intrusion Detection System
Security Controls
▼
Incident Response Playbook
Security Operations
▼
Insider Threat
Threats
▼
IOC
·
Indicator of Compromise
Security Operations
▼
IPS
·
Intrusion Prevention System
Security Controls
▼
IR
·
Incident Response
Security Operations
▼
Kerberos
Identity & Access
▼
Key Escrow
Cryptography
▼
Key Exchange
Cryptography
▼
Lateral Movement
Threats
▼
Log Management
Security Operations
▼
LotL
·
Living off the Land
Threats
▼
MAC
·
Mandatory Access Control
Access Control
▼
Malware
Threats
▼
MDM
·
Mobile Device Management
Security Controls
▼
MFA
·
Multi-Factor Authentication
Identity & Access
▼
MitM
·
Man-in-the-Middle Attack
Threats
▼
MITRE ATT&CK
Frameworks
▼
Network Segmentation
Network Security
▼
Non-Repudiation
Concepts
▼
OAuth 2.0
Identity & Access
▼
OCSP
·
Online Certificate Status Protocol
Cryptography
▼
OWASP Top 10
Application Security
▼
PAM
·
Privileged Access Management
Identity & Access
▼
Pass-the-Hash
Threats
▼
Patch Management
Security Controls
▼
PCI DSS
·
Payment Card Industry Data Security Standard
Compliance
▼
Penetration Testing
Security Assessment
▼
PFS
·
Perfect Forward Secrecy
Cryptography
▼
Phishing
Threats
▼
PKI
·
Public Key Infrastructure
Cryptography
▼
Port Security
Network Security
▼
Principle of Least Privilege
Concepts
▼
Privilege Escalation
Threats
▼
Rainbow Table
Threats
▼
Ransomware
Threats
▼
RBAC
·
Role-Based Access Control
Access Control
▼
Red Team
Security Assessment
▼
Risk Assessment
Risk & Compliance
▼
RPO
·
Recovery Point Objective
Risk & Compliance
▼
RSA
Cryptography
▼
RTO
·
Recovery Time Objective
Risk & Compliance
▼
Salt (Cryptography)
Cryptography
▼
SAML
·
Security Assertion Markup Language
Identity & Access
▼
SASE
·
Secure Access Service Edge
Cloud Security
▼
Security Awareness Training
Risk & Compliance
▼
SHA
·
Secure Hash Algorithm
Cryptography
▼
SIEM
·
Security Information and Event Management
Security Operations
▼
SOAR
·
Security Orchestration, Automation, and Response
Security Operations
▼
Social Engineering
Threats
▼
SoD
·
Separation of Duties
Concepts
▼
Spear Phishing
Threats
▼
SPF
·
Sender Policy Framework
Network Security
▼
SQLi
·
SQL Injection
Application Security
▼
SSO
·
Single Sign-On
Identity & Access
▼
SSRF
·
Server-Side Request Forgery
Application Security
▼
STIX / TAXII
Frameworks
▼
Supply Chain Attack
Threats
▼
Symmetric Encryption
Cryptography
▼
System Hardening
Security Controls
▼
Tabletop Exercise
Risk & Compliance
▼
Threat Hunting
Security Operations
▼
Threat Intelligence
Security Operations
▼
Threat Modeling
Security Assessment
▼
TLS
·
Transport Layer Security
Cryptography
▼
TOTP
·
Time-based One-Time Password
Identity & Access
▼
TPRM
·
Third-Party Risk Management
Risk & Compliance
▼
Trojan Horse
Threats
▼
TTPs
·
Tactics, Techniques, and Procedures
Frameworks
▼
UEBA
·
User and Entity Behavior Analytics
Security Operations
▼
VLAN
·
Virtual Local Area Network
Network Security
▼
VPN
·
Virtual Private Network
Network Security
▼
Vulnerability
Vulnerabilities
▼
Vulnerability Assessment
Security Assessment
▼
Vulnerability Management
Security Controls
▼
WAF
·
Web Application Firewall
Application Security
▼
Watering Hole Attack
Threats
▼
XDR
·
Extended Detection and Response
Security Controls
▼
XSS
·
Cross-Site Scripting
Application Security
▼
Zero Trust
Concepts
▼
Zero-Day Vulnerability
Vulnerabilities
▼
ZTNA
·
Zero Trust Network Access
Network Security
▼