S
Safety: Safety is the need to ensure that the people involved with the company, including employees, customers, and visitors, are protected from harm.
Salting: An additional safeguard that’s used to strengthen hash functions
Scareware: Malware that employs tactics to frighten users into infecting their device
Search Processing Language (SPL): Splunk’s query language
Secure File Transfer Protocol (SFTP): A secure protocol used to transfer files from one device to another over a network
Secure Shell (SSH): A program to log into another computer over a network, execute commands in a remote machine, and move files from one machine to another. A security protocol is used to create a shell with a remote system.
Secure Sockets Layer (SSL): A protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a public key to encrypt data that’s transferred over the SSL connection.
Security Architecture: A type of security design composed of multiple components,
Security Audit: A review of an organization’s security controls, policies, and procedures against a set of expectations.
Security Controls: Safeguards designed to reduce specific security risks
Security Ethics: Guidelines for making appropriate decisions as a security.
Security Frameworks: Guidelines used for building plans to help mitigate risk and threats to data and privacy
Security Governance: Practices that help support, define, and direct security efforts
Security Hardening: The process of strengthening a system to reduce its vulnerabilities and attack surface.
Security Information and Event Management (SIEM): An application that collects and analyzes log data to monitor critical activities in an organization
Security Mindset: The ability to evaluate risk and constantly seek out and identify the
Security Operations Center (SOC): An organizational unit dedicated to monitoring
Security Orchestration, Automation, and Response (SOAR): A collection of applications, tools, and workflows that use automation to respond to security events
Security Policy: A set of rules and practices that specify or regulate how a system or organization provides security services to protect sensitive and critical system resources.
Security Posture: An organization’s ability to manage its defense of critical assets and data and react to change
Security Zone: A segment of a company’s network that protects the internal network from the internet
Select: The third step of the NIST RMF that means to choose, customize, and capture documentation of the controls that protect an organization
Sensitive Data: A type of data that includes personally identifiable information (PII),
Sensitive Information: Sensitive information, as defined by the federal government, is any unclassified information that, if compromised, could adversely affect the national interest or conduct of federal initiatives.
Sensitive Personally Identifiable Information (SPII): A specific type of PII that falls
Separation of Duties: Separation of duties is the principle of splitting privileges among multiple individuals or systems.
Server: A system entity that provides a service in response to requests from other system entities called clients.
Session: A session is a virtual connection between two hosts by which network traffic is passed.
Session Cookie: A token that websites use to validate a session and determine how
Session Hijacking: Take over a session that someone else has established. An event when attackers obtain a legitimate user’s session ID.
Session ID: A unique token that identifies a user and their device while accessing a
Session: A sequence of network HTTP requests and responses associated with the
Set Data: Data that consists of an unordered collection of unique values
SHA1: A one-way cryptographic hash function. Also, see “MD5.”
Share: A share is a resource made public on a machine, such as a directory (file share) or printer (printer share).
Shared Responsibility: The idea that all individuals within an organization take an active role in lowering risk and maintaining both physical and virtual security
Shell: A Unix term for the interactive user interface with an operating system. The shell is the layer of programming that understands and executes the commands a user enters. In some systems, the shell is called a command interpreter. A shell usually implies an interface with a command syntax (think of the DOS operating system and its “C:>” prompts and user commands such as “dir” and “edit”). The command-line interpreter.
Signature Analysis: A detection method used to find events of interest
Signature: A pattern that is associated with malicious activity
Simple Network Management Protocol (SNMP): A network protocol used for monitoring and managing devices on a network
Single sign-on (SSO): A technology that combines several different logins into one
single threat actor, known as the “bot-herder”
Smartcard: A smartcard is an electronic badge that includes a magnetic strip or chip that can record and replay a set key.
Smishing: The use of text messages to trick users to obtain sensitive information or to
Smurf Attack: A network attack performed when an attacker sniffs an authorized user’s IP address and floods it with ICMP packets
Sniffer: A sniffer is a tool that monitors network traffic as it is received in a network interface.
Sniffing: A synonym for “passive wiretapping.”
Social Engineering: A euphemism for non-technical or low-technology means – such as lies, impersonation, tricks, bribes, blackmail, and threats – used to attack information systems.
Social Media Phishing: A type of attack where a threat actor collects detailed
SOCKS: A protocol that a proxy server can use to accept requests from client users in a company’s network so that it can forward them across the Internet. SOCKS uses sockets to represent and keep track of individual connections. The client side of SOCKS is built into certain Web browsers and the server side can be added to a proxy server.
Software: Computer programs (which are stored in and executed by computer hardware) and associated data (which also is stored in the hardware) that may be dynamically written or modified during execution.
Source Port: The port that a host uses to connect to a server. It is usually a number greater than or equal to 1024. It is randomly generated and is different each time a connection is made.
Spam: The abuse of electronic messaging systems to indiscriminately send unsolicited bulk messages.
Spanning Port: Configures the switch to behave like a hub for a specific port.
Spear Phishing: A malicious email attack targeting a specific user or group of users,
Speed: The rate at which a device sends and receives data, measured by bits per second
Splunk Cloud: A cloud-hosted tool used to collect, search, and monitor log data
Splunk Enterprise: A self-hosted tool used to retain, analyze, and search an organization’s log data to provide security information and alerts in real-time
Spoof: Faking the sending address of transmission to gain illegal [unauthorized] entry into a secure system.
Spyware: Software that is secretly or surreptitiously installed into an information system without the knowledge of the system user or owner. Malware that’s used to gather and sell information without consent.
SQL (Structured Query Language): A programming language used to create, interact
SQL Injection: SQL injection is a type of input validation attack specific to database-driven applications where SQL code is inserted into application queries to manipulate the database. An attack that executes unexpected queries on a database.
Stakeholder: An individual or group that has an interest in any decision or activity of
Standard error: An error message returned by the OS through the shell
Standard input: Information received by the OS via the command line
Standard output: Information returned by the OS through the shell
Standards: References that inform how to set policies
STAR Method: An interview technique used to answer behavioral and situational
Stateful: A class of firewalls that keeps track of information passing through it and proactively filters out threats
Stateless: A class of firewall that operates based on predefined rules and does not keep track of information from data packets
Steganography: Methods of hiding the existence of a message or other data. This is different than cryptography, which hides the meaning of a message but does not hide the message itself. An example of a steganographic method is “invisible” ink.
Stored XSS Attack: An instance when a malicious script is injected directly into the server
String Concatenation: The process of joining two strings together
String data: Data consisting of an ordered sequence of characters
Style Guide: A manual that informs the writing, formatting, and design of documents
Subnetting: The subdivision of a network into logical groups called subnets
Substring: A continuous sequence of characters within a string
Sudo: A command that temporarily grants elevated permissions to specific users
Supply Chain: A system of organizations, people, activities, information, and resources, for creating and moving products including product components and/or services from suppliers through to their customers.
Supply-chain Attack: An attack that targets systems, applications, hardware, and/or
Suricata: An open-source intrusion detection system, intrusion prevention system, and
Switch: A switch is a networking device that keeps track of MAC addresses attached to each of its ports so that data is only transmitted to the ports that are the intended recipient of the data. A device that makes connections between specific devices on a network by sending and receiving data between them.
Symmetric Encryption: The use of a single secret key to exchange information
SYN Flood: A denial of service attack that sends a host more TCP SYN packets (request to synchronize sequence numbers, used when opening a connection) than the protocol implementation can handle.
Synchronization: Synchronization is the signal made up of a distinctive pattern of bits that network hardware looks for to signal the start of a frame.
Synchronize (SYN) Flood Attack: A type of DoS attack that simulates a TCP/IP connection and floods a server with SYN packets
Syntax Error: An error that involves invalid usage of a programming language
Syntax: The rules that determine what is correctly structured in a computing language
Syslog: Syslog is the system logging facility for Unix systems.
