-
Notifications
You must be signed in to change notification settings - Fork 0
Dictionary
Note
Dictionaries / lists of terms starts here.
Note
LLMNR (Link-Local Multicast Name Resolution)
A protocol for resolving hostnames to IP addresses within a local network without requiring a DNS server.
Note
SMB Relay
Instead of cracking passwords, we can intercept the hashes and send those on (relay them) to other machines and potentially gain access
Note
Gaining Shell Access
Exploiting features in order to control the victim machine remotely, with a command line tool
Note
IPv6 Attacks
Attacks against the IPv6 network protocol which is enabled by default on Windows server devices.
Note
Passback Attacks
TBC
Note
A simulated cyberattack against a system to identify vulnerabilities.
Here is the content with the headings (##) alphabetized, while keeping the original format:
Note
A prolonged and targeted cyberattack in which an intruder gains access to a network and remains undetected.
Note
A suite of tools for assessing Wi-Fi network security.
Note
A technique where an attacker sends falsified ARP messages over a local network.
Note
The total sum of the vulnerabilities that can be exploited in a system.
Note
A secret method of bypassing normal authentication to gain access to a system.
Note
The defenders who protect the organization's assets and respond to attacks.
Note
A network of compromised devices controlled by an attacker.
Note
Attempting to gain access by trying all possible combinations of credentials.
Note
Overwriting a program's memory, leading to arbitrary code execution.
Note
A program that rewards individuals for finding and reporting vulnerabilities.
Note
A popular tool for web application security testing.
Note
A technique used to trick users into clicking on something different from what they perceive.
Note
Servers that attackers use to communicate with compromised systems.
Note
Collecting credentials from users by tricking them into entering them into a fake website or form.
Note
Using leaked username/password pairs from one breach to access other sites.
Note
An attack that tricks a user into performing actions on a web application without their consent.
Note
Injecting malicious scripts into web pages viewed by other users.
Note
The unauthorized transfer of data from a computer or other device.
Note
An attack designed to make a system unavailable by overwhelming it with traffic.
Note
A type of brute force attack that uses a list of common passwords or words.
Note
A DoS attack using multiple systems to flood the target.
Note
An attack where false DNS information is inserted into a DNS resolver's cache.
Note
The unintentional download of malicious software to a user’s device.
Note
Secretly listening to private communications.
Note
Extracting user names, machine names, network resources, and other services.
Note
A code or software that takes advantage of a vulnerability.
Note
A network security device that monitors and filters incoming and outgoing network traffic.
Note
Collecting data on a target system or network to map out its structure.
Note
The process of collecting, analyzing, and preserving digital evidence.
Note
Encryption that covers all the data on a disk.
Note
A testing technique that involves inputting random data to find vulnerabilities.
Note
A network of honeypots that simulate a network to lure attackers.
Note
A decoy system set up to attract and detect attackers.
Note
A fast and flexible password-cracking tool.
Note
The approach taken by an organization to handle a security breach or attack.
Note
A security risk that comes from within the organization, typically from employees or contractors.
Note
A device or software application that monitors network traffic for suspicious activity.
Note
Similar to IDS but actively prevents detected threats.
Note
A password-cracking tool.
Note
Recording the keystrokes of a user to capture sensitive information.
Note
A model used to describe the stages of a cyberattack, from reconnaissance to exfiltration.
Note
Malicious software designed to disrupt, damage, or gain unauthorized access to a system.
Note
The use of online advertising to spread malware.
Note
Intercepting and possibly altering communication between two parties.
Note
A popular penetration testing framework used to develop and execute exploit code.
Note
Capturing and analyzing network packets to detect and troubleshoot issues.
Note
A web server scanner that tests for vulnerabilities.
Note
A network scanning tool used to discover hosts and services on a network.
Note
The act of making something unclear or unintelligible to obscure its meaning.
Note
An organization that provides resources to improve software security.
Note
A list of the most critical security risks to web applications.
Note
An open-source web application security scanner.
Note
The process of regularly updating software to fix vulnerabilities.
Note
The second Tuesday of each month when Microsoft releases security updates.
Note
The part of an exploit that performs the intended malicious action.
Note
A standard framework for conducting penetration tests.
Note
A method of tricking individuals into providing sensitive information by pretending to be a trustworthy entity.
Note
Using a compromised system as a launch point to attack other systems on the same network.
Note
A technique used to identify open ports and services on a networked device.
Note
Gaining higher-level permissions on a system.
Note
A combination of Red and Blue Teams that collaborate to improve overall security.
Note
Malware that encrypts files on a device, demanding a ransom for decryption.
Note
The process of gathering information about a target.
Note
A group of ethical hackers who simulate attacks to test the security of an organization.
Note
A more comprehensive testing strategy that involves simulating real-world attacks over an extended period.
Note
A shell session initiated by the target machine to the attacker’s machine.
Note
The process of identifying, analyzing, and evaluating risks.
Note
A wireless access point that has been installed on a network without authorization.
Note
A set of software tools that enable unauthorized access to a computer, often remaining hidden.
Note
Running programs in isolated environments to prevent them from affecting the main system.
Note
Actively probing a target to gather information about its network and systems.
Note
A solution that provides real-time analysis of security alerts generated by network hardware and applications.
Note
A centralized unit that deals with security issues at the organizational level.
Note
Tools that automate the response to security incidents.
Note
The overall security status of an organization's systems, networks, and information.
Note
An attack that involves taking over a user session to gain unauthorized access.
Note
A command-line interface that allows users to interact with the operating system.
Note
Online identities that are not a representation of who someone is - e.g. a fake identity, fake accounts. These are used to avoid someone noticing you are investigating them
Note
A targeted phishing attack aimed at a specific individual or organization.
Note
An attack that allows execution of malicious SQL statements on a database.
Note
An automated tool for detecting and exploiting SQL injection flaws.
Note
Protocols for encrypting data transmitted over a network.
Note
The practice of hiding data within other non-secret data.
Note
Attacking an organization by targeting less-secure elements in its supply chain.
Note
The process of proactively searching for cyber threats that are lurking undetected in a network.
Note
Information that helps organizations understand and mitigate cyber threats.
Note
The process of identifying and prioritizing potential threats to a system.
Note
A temporary passcode generated by an algorithm that uses the current time as one of its factors.
Note
Malicious software disguised as legitimate software.
Note
A security process that requires two separate forms of identification.
Note
A type of malware that replicates by modifying other programs and inserting its code.
Note
An attack that allows an attacker to escape the confines of a virtual machine and interact with the host operating system.
Note
A secure connection over a less-secure network, like the internet.
Note
A weakness in a system that can be exploited by a threat actor.
Note
An attack strategy where the attacker infects websites likely to be visited by a specific group of individuals.
Note
The process of exploiting vulnerabilities or misconfigurations in a Windows system to gain higher levels of access or permissions.
Note
A network protocol analyzer used to capture and analyze network traffic.
Note
A type of malware that replicates itself in order to spread to other computers.
Note
A vulnerability that is unknown to the software vendor and for which no patch exists.
Let me know if further changes are needed!
Here is the formatted list with the top 100 terms for Infrastructure, Networking, and Cloud Engineering:
## Infrastructure as Code (IaC) > [!NOTE] > The practice of managing and provisioning computing infrastructure through machine-readable definition files, rather than physical hardware configuration.Note
The creation of virtual versions of physical components, such as servers, storage devices, and network resources.
Note
Software that creates and runs virtual machines (VMs) by abstracting the underlying hardware.
Note
The process of packaging an application and its dependencies into a container that can run on any computing environment.
Note
Physical servers without any virtualization, where the operating system runs directly on the hardware.
Note
A device or software that distributes network or application traffic across multiple servers to ensure availability and reliability.
Note
A facility used to house computer systems and associated components, such as telecommunications and storage systems.
Note
A system design approach and associated service implementation that ensures a certain level of operational performance, typically uptime, for a higher than normal period.
Note
A set of policies and procedures to enable the recovery or continuation of vital technology infrastructure after a natural or human-induced disaster.
Note
The ability of a system to handle growing amounts of work by adding resources to the system.
Note
The duplication of critical components or functions of a system to increase reliability and availability.
Note
The ability of a system to continue functioning when part of the system fails.
Note
A data center facility where businesses can rent space for servers and other computing hardware.
Note
Infrastructure that is hosted within the physical confines of an organization’s facilities.
Note
The delivery of computing services—including servers, storage, databases, networking, software—over the cloud (internet).
Note
The practice of processing data near the edge of the network, where the data is being generated, rather than in a centralized data-processing warehouse.
Note
A unit of measure defined as 1.75 inches, used to describe the height of equipment in a rack.
Note
A contract between a service provider and a customer that outlines the level of service expected during its term.
Note
A virtual machine sold as a service by an Internet hosting service.
Note
The process of copying and archiving computer data so it may be used to restore the original after a data loss event.
Note
A network that provides access to consolidated, block-level data storage.
Note
A dedicated file storage device that provides local area network (LAN) nodes with file-based shared storage through a standard Ethernet connection.
Note
A data storage virtualization technology that combines multiple physical disk drive components into one or more logical units for data redundancy and performance improvement.
Note
A modular server that fits into a chassis with other blade servers, sharing power and cooling resources.
Note
A device that provides emergency power to a load when the input power source or mains power fails.
Note
A centralized location from which IT professionals monitor, manage, and maintain network infrastructure.
Note
A set of practices that combine software development (Dev) and IT operations (Ops) to shorten the systems development lifecycle.
Note
The process of observing and checking the progress or quality of a system over time.
Note
The act of keeping a log of events, errors, and other operational details in software or hardware systems.
Note
The process of maintaining computer systems, servers, and software in a desired, consistent state.
Note
The process of managing a network of computers by regularly performing patch deployment to ensure systems are up-to-date and protected from vulnerabilities.
Note
The automated configuration, management, and coordination of computer systems, applications, and services.
Note
A cloud-computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers.
Note
Writing scripts to automate repetitive tasks in infrastructure and system management.
Note
A software implementation of a network function that can be deployed on a virtualized infrastructure.
Note
The automated process of managing the lifecycle of containers, especially in large, dynamic environments.
Note
The practice of collecting and analyzing data to ensure that infrastructure performs at its best and meets the needs of users.
Note
A computing environment that combines on-premises infrastructure, private cloud services, and a public cloud.
Note
A cloud computing model where the cloud infrastructure is dedicated to a single organization.
Note
A cloud computing model where the cloud infrastructure is owned and operated by a third-party cloud service provider, and resources are shared among multiple organizations.
Note
An open-source container orchestration platform that automates the deployment, scaling, and operation of application containers.
Note
A platform used to develop, ship, and run applications inside containers.
Note
An open-source cloud computing platform for building and managing public and private clouds.
Note
An open-source infrastructure as code software tool that enables users to define and provision data center infrastructure using a high-level configuration language.
Note
An open-source automation tool for configuration management, application deployment, and task automation.
Note
An open-source software configuration management tool that automates the management of infrastructure.
Note
An open-source automation platform that transforms infrastructure into code, enabling operations and development teams to manage environments.
Note
An open-source automation server used to automate parts of software development, such as building, testing, and deploying code.
Note
A development practice where developers integrate code into a shared repository frequently, with each integration automatically verified by a build.
Note
A software release process where code changes are automatically deployed to production after passing predefined tests.
Note
A software development practice where code changes are automatically prepared for a release to production.
Note
A discipline that applies aspects of software engineering to infrastructure and operations problems to create scalable and highly reliable software systems.
Note
The practice of dividing a network into smaller, more efficient subnetworks.
Note
The phonebook of the internet, translating domain names into IP addresses so browsers can load resources.
Note
A network management protocol that dynamically assigns IP addresses to devices on a network.
Note
A device that forwards data packets between computer networks.
Note
A device that connects devices on a computer network by using packet switching to receive, process, and forward data to the destination device.
Note
A network security device that monitors and filters incoming and outgoing network traffic based on an organization’s previously established security policies.
Note
A subnetwork that can group together a collection of devices from different physical LANs.
Note
A method of remapping one IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
Note
A service that allows you to connect to the internet securely and privately by routing your connection through a server and hiding your online actions.
Note
A unique identifier assigned to a network interface controller for communications at the data link layer of a network segment.
Note
A conceptual framework used to describe the functions of a networking or telecommunication system in seven layers.
Note
The suite of communication protocols used to connect network devices on the internet.
Note
The maximum rate of data transfer across a given path.
Note
The delay before
a transfer of data begins following an instruction for its transfer.
Note
The rate of successful message delivery over a communication channel.
Note
A unit of data that is routed between an origin and a destination on the internet or any other packet-switched network.
Note
A networking utility used to test the reachability of a host on an Internet Protocol (IP) network and to measure the round-trip time for messages sent from the originating host to a destination computer.
Note
A network diagnostic tool that displays the route and measures transit delays of packets across an IP network.
Note
The process of distributing network traffic across multiple servers.
Note
The protocol used to exchange routing information between networks on the internet.
Note
A technique in high-performance telecommunications networks that directs data from one network node to the next based on short path labels rather than long network addresses.
Note
The description or measurement of the overall performance of a service, such as a telephony or computer network or a cloud computing service, particularly the performance seen by the users of the network.
Note
An approach to network management that enables dynamic, programmatically efficient network configuration in order to improve network performance and monitoring.
Note
An attack in which corrupted DNS data is inserted into the cache of a DNS resolver, returning an incorrect IP address.
Note
A protocol used for mapping an IP address to a physical machine address that is recognized in the local network.
Note
A network layer protocol used by network devices to diagnose network communication issues.
Note
An Internet Standard protocol for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.
Note
A service that allows instances in a private subnet to connect to services outside your VPC but prevents the outside services from initiating a connection with those instances.
Note
A defined set of rules used to control network traffic, allowing or denying communications based on criteria such as IP address, port number, or protocol.
Note
The process of redirecting a communication request from one address and port number combination to another while the packets traverse a network gateway, such as a router or firewall.
Note
A suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session.
Note
A method of carrying multiple VLANs over a single network link between devices.
Note
A server that acts as an intermediary for requests from clients seeking resources from other servers.
Note
A geographically distributed network of proxy servers and their data centers that delivers content to users based on their geographic location.
Note
The process of translating a domain name into its corresponding IP address.
Note
The practice of dividing a computer network into smaller parts, or segments, to improve performance and security.
Note
A data table stored in a router or a networked computer that lists the routes to particular network destinations.
Note
A list of rules used to grant or deny access to certain digital environments.
Note
A logical division of a computer network, in which all nodes can reach each other by broadcast at the data link layer.
Note
A network segment connected by a shared medium or through repeaters where simultaneous data transmissions can collide with one another.
Note
The time it takes for a data packet to travel from its source to its destination across a network.
Note
The arrangement of different elements (links, nodes, etc.) in a computer network.
Note
The maximum data transfer rate of a network or Internet connection.
Note
Policies and practices adopted to prevent and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
Note
A computer network that uses wireless data connections between network nodes.
Note
A family of computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN), and wide area networks (WAN).
Note
A set of standards that define communication for wireless local area networks (WLANs).
Note
A secure connection between two or more devices across a public network like the Internet.
Note
A method of modifying network address information in IP packet headers while in transit across a traffic routing device.
Note
The relationship between Internet service providers (ISPs) in which they exchange traffic between their networks.
Note
A device or software that distributes network or application traffic across multiple servers to ensure availability and reliability.
Note
The use of multiple cloud computing services in a single heterogeneous architecture.
Note
A software approach that involves building and running applications that fully exploit the advantages of the cloud computing delivery model.
Note
A cloud-computing execution model where the cloud provider dynamically manages the allocation and provisioning of servers.
Note
An architectural style that structures an application as a collection of loosely coupled services.
Note
The packaging of software code with all its dependencies so that it can run uniformly and consistently on any infrastructure.
Note
The automated arrangement, coordination, and management of complex computer systems, middleware, and services.
Note
A form of cloud computing that provides virtualized computing resources over the internet.
Note
A cloud computing model that delivers hardware and software tools to users over the internet.
Note
A software licensing and delivery model in which software is licensed on a subscription basis and is centrally hosted.
Note
A category of cloud computing services that provides a platform allowing customers to develop, run, and manage application functionalities without the complexity of building and maintaining the infrastructure.
Note
A set of policies, controls, procedures, and technologies that work together to protect cloud-based systems, data, and infrastructure.
Note
A framework of policies and technologies for ensuring that the proper people in an enterprise have the appropriate access to technology resources.
Note
A cloud computing feature that automatically adjusts the amount of computational resources in a server farm based on the load.
Note
The ability of a cloud service to automatically scale computing resources up or down as needed.
Note
Physically separate locations within a cloud provider’s data centers that help safeguard applications and data from data center failures.
Note
An infrastructure as code (IaC) service from Amazon Web Services (AWS) that allows you to easily model and set up AWS resources.
Note
A service that enables governance, compliance, operational auditing, and risk auditing of your AWS account.
Note
A monitoring and observability service by AWS that provides data and actionable insights to monitor applications, understand and respond to system-wide performance changes, and optimize resource utilization.
Note
An object storage service that offers industry-leading scalability, data availability, security, and performance.
Note
An AWS service that lets you run code without provisioning or managing servers.
Note
A web service that provides resizable compute capacity in the cloud, designed to make web-scale cloud computing easier for developers.
Note
A virtual network dedicated to your AWS account, logically isolated from other virtual networks in the AWS Cloud.
Note
The deployment and management service for Azure, providing a consistent management layer that enables you to create, update, and delete resources in your Azure account.
Note
A set of services for DevOps, including CI/CD pipelines, version control, and Agile tools, integrated with
Azure.
Note
A managed, production-ready environment for running containerized applications, with support for Kubernetes orchestration.
Note
Google Cloud’s application management platform that provides a consistent development and operations experience for cloud and on-premises environments.
Note
Google Cloud’s fully-managed, serverless, highly scalable, and cost-effective multi-cloud data warehouse.
Note
A set of permissions that define what actions can be taken on what resources within a cloud environment.
Note
A service model in which data is maintained, managed, backed up remotely, and made available to users over a network.
Note
A security service provided by cloud vendors that protects cloud infrastructure and resources from network threats.
Note
An open-source system for automating the deployment, scaling, and management of containerized applications.
Note
A package manager for Kubernetes that helps you define, install, and upgrade even the most complex Kubernetes applications.
Note
An open-source service mesh that layers transparently onto existing distributed applications, providing services such as load balancing, service-to-service authentication, monitoring, and more.
Note
An open-source infrastructure as code software tool that enables users to define and provision data center infrastructure using a high-level configuration language.
Note
Ensuring that cloud usage adheres to laws, regulations, standards, and organizational policies.
Note
A service that provides a managed interface for developers to create, publish, maintain, monitor, and secure APIs at any scale.
Note
An extension of DevOps that integrates security practices into the DevOps approach.
Note
A fully distributed, software-defined managed service that provides global load balancing with a single IP address.
Note
An API object that manages external access to services in a cluster, typically HTTP.
Note
The process of managing and configuring networks and communication systems in cloud environments.
Note
The process of tracking, monitoring, and managing cloud usage and costs to optimize spending.
Note
The application of data analysis techniques to datasets stored in the cloud to uncover insights.
Note
The use of technology to manage and coordinate the interactions between different cloud services, typically in a multi-cloud environment.
Note
A dedicated infrastructure layer for making service-to-service communication safe, fast, and reliable, usually within microservices architectures.
Note
The practice of bringing together finance, technology, and business teams to collaborate on data-driven spending decisions in the cloud.
Note
The process of storing copies of data in a cloud environment to ensure its availability in case of system failures, disasters, or other data loss events.
Note
A computing environment that combines on-premises infrastructure, private cloud services, and a public cloud.
Note
The processes, rules, and policies that define how an organization operates in the cloud to ensure compliance, security, and effective management.
Note
A security approach designed specifically for securing cloud-native applications, which are built to leverage the cloud’s scalability and flexibility.