Research and Study Notes

Research and Study Notes

These are my personal notes, below is a list of topics, which I'll be adding to over time.

access control
  1. Overview

    • ISO 27000:2018 3.1 defines access control - Means to ensure that access is authorized and restricted based on business and security requirements.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

attack
  1. Overview

    • ISO 27000:2018 3.2 defines attack - attempt to destroy, expose, alter, disable, steal or gain unauthorized access to mor make unauthorized use of an asset.
  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

audit
  1. Overview

    • ISO 27000:2018 3.3 defines audit - systematic, independent and documented process for obtaining audit evidence and evanluating it objectively to determine the extent to which the audit criteria are fulfilled.
  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

audit scope
  1. Overview

    • ISO 27000:2018 3.4 defines audit scope - extent and boundaries of an audit.
  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

authentication
  1. Overview

    • ISO 27000:2018 3.5 defines authentication - provision of assurance that a claimed characteristic of an entity is correct.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

authenticity
  1. Overview

    • ISO 27000:2018 3.6 defines authenticity - property that an entity is what it claims to be.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

availability
  1. Overview

    • ISO 27000:2018 3.7 defines availability - property of being accessible and usable on demand by an authorized entry.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

base measure
  1. Overview

    • ISO 27000:2018 3.8 defines base measure - measure defined in terms of an attribute and the method for quantifying it.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

competence
  1. Overview

    • ISO 27000:2018 3.9 defines competence - ability to apply knowledge and skills to achieve intended results.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

confidentiality
  1. Overview

    • ISO 27000:2018 3.10 defines confidentiality - property that information is not made abailable or disclosed to unauthorized individuals, entities, or processes.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

conformity
  1. Overview

    • ISO 27000:2018 3.11 defines conformity - fulfilment of a requirement
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

consequence
  1. Overview

    • ISO 27000:2018 3.12 defines consequence - outcome of an event affecting objectives
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

continual improvement
  1. Overview

    • ISO 27000:2018 3.13 defines continual improvement - recurring activity to enhance performance
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

control
  1. Overview

    • ISO 27000:2018 3.14 defines control - measure that is modifying risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

control objective
  1. Overview

    • ISO 27000:2018 3.15 defines control objective - statement describing what is to be achieved as a result of implementing controls.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

correction
  1. Overview

    • ISO 27000:2018 3.16 defines correction - action to eliminate a detected nonconformity.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

corrective action
  1. Overview

    • ISO 27000:2018 3.17 defines corrective action - action to eliminate the cause of a nonconformity and to prevent recurrence
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

derived measure
  1. Overview

    • ISO 27000:2018 3.18 defines derived measure - measure that is defined as a function of two or more values of base measures.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

documented information
  1. Overview

    • ISO 27000:2018 defines documented information - information required to be controlled and maintained by an organization and the medium on which it is contained.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

effectiveness
  1. Overview

    • ISO 27000:2018 3.20 defines effectiveness - extent to which planned activities are realized and planned results achieved.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

event
  1. Overview

    • ISO 27000:2018 3.21 defines event - occurence of change of a particular set of circumstances
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

external context
  1. Overview

    • ISO 27000:2018 3.22 defines external context - external environment in which the organization seeks to achieve its objectives
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

governance of information security
  1. Overview

    • ISO 27000:2018 3.23 defines governance of information security - system by which an organization's information security activities are directed and controlled.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

governing body
  1. Overview

    • ISO 27000:2018 3.24 defines governing body - person or group of people who are accountable for the performance and conformity of the organization.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

indicator
  1. Overview

    • ISO 27000:2018 3.25 defines indicator - measure that provides an estimate of evaluation
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information processing facilities
  1. Overview

    • ISO 27000:2018 3.27 defines information processing facilities - any information processing system, service or infrastructure, or the physical location housing it
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information need
  1. Overview

    • ISO 27000:2018 3.26 defines information need - insight necessary to manage objectives, goals, risks and problems.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

indicator
  1. Overview

    • ISO 27000:2018 3.25 defines indicator - measure that provides an estimate of evaluation
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information security
  1. Overview

    • ISO 27000:2018 3.28 defines information security - preservation of confidentiality, integrity, and availability of information
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information security compliance
  1. Overview
    *

  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

information security continuity
  1. Overview

    • ISO 27000:2018 3.29 defines information security continuity - processes and procedures for ensuring continued informtion security opertions.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information security event
  1. Overview

    • ISO 27000:2018 3.30 defines information security event - identified occurrence of a system, service or network state indicating a possible breach of information security policy or failure of controls, or a previously unknown situation that can be security relevant.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information security incident
  1. Overview

    • ISO 27000:2018 3.31 defines information security incident - single or a serices of unwanted or unexpected information security events that have a significant probability of compromising business operations and threatening information security
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information security incident management
  1. Overview

    • ISO 27000:2018 3.32 defines information security incident management - set of processes for detecting, reporting, assessing, responding to, dealing with, and learning from information security incidents.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

Information Security Management Systems ISMS
  1. Overview
    *

  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

Information Security Management Systems Professional ISMS Professional
  1. Overview

    • ISO 27000:2018 3.33 defines information security management systems professional - person who establishes, implements, maintains and continuously improves one or more information security management system processes.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information sharing community
  1. Overview

    • ISO 27000:2018 3.34 defines information sharing community - group of organizations that agree to share information
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

information system
  1. Overview

    • ISO 27000:2018 3.35 defines information system - set of applications, services, information technology assets, or other information-handling components.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

integrity
  1. Overview

    • ISO 27000:2018 3.36 defines integrity - property of accuracy and completeness.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

interested party
  1. Overview

    • ISO 27000:2018 3.37 defines interested party - as the preferred term over stakeholder (admitted term) - person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

International Organization for Standardization ISO
  1. Overview

    • The International Organization for Standardization "(ISO) is an independent, non-governmental international organization with a membership of 164 national standards bodies...bringing together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards." Ref https://www.iso.org/home.html
    • Begun operations 1947 and based out of Geneva, Switzerland. Knowing the acronym for the name would be different for the different languages, "the founders decided to give it the short form ISO. ISO is derived from the Greek isos, meaning equal. Whatever the country, whatever the language, we are always ISO." Ref https://www.iso.org/about-us.html
    • Standards "include almost every industry, from technology, to food safety, to agriculture and healthcare." Ref https://www.iso.org/home.html
  2. Articles

  3. Books

  4. Resources

  5. See Also

6. Log
 * [20191026 Added International Organization for Standardization ISO Overview and Resources.](#ISO)
internal context
  1. Overview

    • ISO 27000:2018 3.38 defines internal context - internal environment in which the organization seeks to achieve its objectives.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

ISO 27000 Series
  1. Overview

    • ISO 27000:2018 Information Technology - Security Techniques - Information Security Management Systems - Overview and Vocabulary.
    • First in the ISO 27000 Series, which gives an overview of the ISO 27000 Series, the vocabulary used, the ISMS, why it's important, critical success factors, and a listing of the ISMS family of standards.
  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

ISO 27001
  1. Overview

    • ISO 27001:2013 Information Technology - Security Techniques - Information Security Management Systems - Requirements
  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

ISO 27002
  1. Overview
    *

  2. Articles

  3. Books

  4. Resources

  5. See Also

  6. Log

level of risk
  1. Overview

    • ISO 27000:2018 3.39 defines level of risk - magnitude of a risk expressed in terms of the combination of consequences and their likelihood.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

likelihood
  1. Overview

    • ISO 27000:2018 3.40 defines likelihood - chance of something happening
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

management system
  1. Overview

    • ISO 27000:2018 3.41 defines management system - set of interrelated or interacting elements of an organization to establish policies and objectives and processes to achieve those objectives.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

measure
  1. Overview

    • ISO 27000:2018 3.42 defines measure - variable to which a value is assigned as the result of measurement.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

measurement
  1. Overview

    • ISO 27000:2018 3.43 defines measurement - process to determine a value.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

measurement function
  1. Overview

    • ISO 27000:2018 3.44 defines measurement function - algorithm or calculation performed to combine two or more base measures.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

measurement method
  1. Overview

    • ISO 27000:2018 3.45 defines measurement method - logical sequence of operations, described generically, used in quantifying an attribute with respect to a specified scale.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

monitoring
  1. Overview

    • ISO 27000:2018 3.46 defines monitoring - determining the status of a system, a process or an activity.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

nonconformity
  1. Overview

    • ISO 27000:2018 3.47 defines nonconformity - non-fulfilment of a requirement.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

objective
  1. Overview

    • ISO 27000:2018 3.49 defines objective - result to be achieved.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

organization
  1. Overview

    • ISO 27000:2018 3.50 defines organization - person or group of people that has its own funtions with responsibilities, authorities and relationships to achieve its objectives
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

outsource
  1. Overview

    • ISO 27000:2018 3.51 defines outsource - make an arrangement where an external organization performs part of an organization's function or process.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

performance
  1. Overview

    • ISO 27000:2018 3.52 defines performance - measurable result
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

policy
  1. Overview

    • ISO 27000:2018 3.53 defines policy - intentions and direction of an organization, as formally expressed by its top management
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

process
  1. Overview

    • ISO 27000:2018 3.54 defines process - set of interrelated or interacting activities which transforms inputs into outputs.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

reliability
  1. Overview

    • ISO 27000:2018 3.55 defines reliability - property of consistent intended behaviour and results.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

requirement
  1. Overview

    • ISO 27000:2018 3.56 defines requirement - need or expectation that is stated, generally implied or obligatory.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

residual risk
  1. Overview

    • ISO 27000:2018 3.57 defines residual risk - risk remaining after risk treatment.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

review
  1. Overview

    • ISO 27000:2018 3.58 defines review - activity undertaken to determine the suitability, adequacy and effectiveness of the subject matter to achieve established objectives.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

review object
  1. Overview

    • ISO 27000:2018 3.59 defines review object - specific item being reviewed.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

review objective
  1. Overview

    • ISO 27000:2018 3.60 defines review objective - statment describing what is to be achieved as a result of a review.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk
  1. Overview

    • ISO 27000:2018 3.61 defines risk - effect of uncertainty on objectives.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk acceptance
  1. Overview

    • ISO 27000:2018 3.62 defines risk acceptance - informed decision to take a particular risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk analysis
  1. Overview

    • ISO 27000:2018 3.63 defines risk analysis - process to comprehend the nature of risk and to determine the level of risk
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk assessment
  1. Overview

    • ISO 27000:2018 3.64 defines risk assessment - overall process of risk identification, risk analysis and risk evaluation.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk communication and consultation
  1. Overview

    • ISO 27000:2018 3.65 defines risk communication and consultation - set of continual and iterative processes that an organization conducts to provide, share or obtain information, and to engage in dialogue with stakeholders regarding the managment of risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk criteria
  1. Overview

    • ISO 27000:2018 3.66 defines risk criteria - terms of reference against which the significance of risk is evaluated.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk evaluation
  1. Overview

    • ISO 27000:2018 3.67 defines risk evaluation - process of comparing the results of risk analysis with risk criteria to determine whether the risk and or its magnitude is acceptable or tolerable.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk identification
  1. Overview

    • ISO 27000:2018 3.81 defines risk identification - process of finding, recognizing and describing risks
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk management
  1. Overview

    • ISO 27000:2018 3.69 defines risk management - coordinated activities to direct and control an organization with regard to risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk management process
  1. Overview

    • ISO 27000:2018 3.70 defines risk management process - systematic application of management policies, procedures and practices to the activities of communicating, consulting, establishing the context and identifying, analysing, evaluating, treating, monitoring and reviewing risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk owner
  1. Overview

    • ISO 27000:2018 3.71 defines risk owner - person or entity with the accountability and authority to manage a risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

risk treatment
  1. Overview

    • ISO 27000:2018 3.72 defines risk treatment - process to modify risk.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

security implementation standard
  1. Overview

    • ISO 27000:2018 3.73 defines security implementation standard - document specifying authorized ways for realizing security.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

stakeholder
  1. Overview

    • ISO 27000:2018 3.37 defines stakeholder - as an addmitted term though interested party is the preferred term) - person or organization that can affect, be affected by, or perceive itself to be affected by a decision or activity.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

threat
  1. Overview

    • ISO 27000:2018 3.74 defines threat - potential cause of an unwanted incident, which can result in harm to a system or organization.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

top management
  1. Overview

    • ISO 27000:2018 3.75 defines top management - person or group of people who directs and controls an organization at the highest level.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

trusted information communication entity
  1. Overview

    • ISO 27000:2018 3.76 defines trusted information communication entity - autonomous organization support information exchange within an information sharing community.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

vulnerability
  1. Overview

    • ISO 27000:2018 3.77 defines vulnerability - weakness of an asset or control that can be exploited by one or more threats.
  2. Articles

  3. Books

  4. Resources

  5. See Also
    *

  6. Log

2BeAdded
802.1Q
802.1W
A3 Problem Solving
Access Control
Access Control Lists ACLs
Access Point AP
Accessibility
Active Directory
Active Directory Federation Services
Active Directory LightWeight Directory Services
Active Directory Role
Active Reconnaissance
AD Forest
AD Global Catalog
Ad Hoc
Ad Hoc Mode
Address Resolution Protocol ARP
Address Space Layout Randomization
Adobe
Adobe Flash
Advanced Encryption Standard 256 AES256
Advanced Encryption Standard AES
Advanced Persistent Threat APT
Adware
Affinity
Agile Software Development
AirPlay-ng
Algorithm
Alias Name Record ANAME
Altdns
Alternate Data Streams ADS
AlwaysonVPN
Amass
Amazon
Amplification
Anew
Anger
Annualized Loss Expectancy ALE
Annualized Rate of Occurrence ARO
Ansible
Anti Forensics
Anti Money Laundering
Anti spoofing
Anti Virus
Apache Subversion SVN
API Keys
APlus
Apple
Application Delivery Controller ADC
Application Layer
Application Level Gateway Firewall
Application Programming Interface API
Application Service Attacks
Application Service Provider ASP
Aquatone
Arbitrary Code Execution ACE
Arduino
Arp
ARP Poisoning
ARP Spoofing
Arpspoof
Artificial Intelligence AI
Assembly
Asterisk
Asymmetric Key Cryptography
Attack
Attack Surface
Attribution Based Access Control ABAC
Audit
Auditing
Audit Scope
Authenticatio
Authentication Authorization Accounting AAA
Authentication Header
Authenticity
Authority
Automater
Automation
Availability
Azure
Azure Advisor
Azure Availability Zones
Azure Regions
Azure Traffic Manager
Backbone
Backdoors
Backup Recovery Disaster BRDR
Banner Grabbing
Base Antenna
Base Measure
Basel II
Bash
Bashbunny
Basic Input Output System BIOS
Bastion Host
Batteries
Beacon Frame
Berkeley Internet Name Domain BIND
Berkeley Packet Filter BPF
Buttercup
Big Data
Biology
Biometrics
Birthday Attack
Bitcoin
Black Bag
Blackbox
BlackHat
Blogging
Blue Bugging
Blue Jacking
Blue Snarfing
Blue Sniffing
Blue Team
Bluetooth
Bluetooth Low Energy BLE
Body Language
Bootstrap
Botnet
Bots
Brand
Breaches
Bridge
Bridge Protocol Data Unit BPDU
Bridging
Bring Your Own Device BYOD
Broadcast
Broadcast Domain
Broken Access Control
Broken Authentication
Browser Helper Object
Brute Force
BSD
Buffer Overflow
Bug Bounty
Burned In Address BIA
Burp Suite
Bus Network
Business
Business Availability Center BAC
Business Continuity Planning BCP
Business Impact Analysis BIA
Business Intelligence BI
Business Partners Agreement BPA
C
Cabling
Cache
Cain and Abel
California Consumer Privacy Act CACP
Canonical Name Record CNAME
Cantennas
CAPTCHA
Capture The Flag CTF
Career 
Carrier Sense Multiple Access with Collision Detection CSMACD
Carrier Sense Multiple Access with Collision Avoidance CSM ACA
Cascading Style Sheets CSS
CCNA
CEH
Censys
CentOS
Central Processing Unit CPU
Crt.sh
Certificate Authority CA
Certificate Pinning
Certificate	Revocation List CRL
Certificate Signing Request CSR
Certificates
Certspotter
Challenge Handshake Authentication Protocol CHAP
Change Management
Channel Service Unit CSU
Checksum
Checksum File
Chief Information Officer CIO
Chief Security Officer CSO
Chief Technology Officer CTO
Choose Your Own Device CYOD
CIA Triad
Cipher Block Chaining CBC
Cipher Feedback CFB
Circuit Level Gateway Firewall
Circuit Switched
Cisco
Cisco Discovery Protocol CDP
CISSP
Citrix
Citrix ADC Netscaler
Click Jacking
Client Server Model
Closed Circuit Television CCTV
Cloud Computing
Cloud Service Provider CSP
Coding
Collision
Collision Domains
Command Injection
Command Line Interface CLI
Command Prompt
Common Access Card CAC
Common Information Model CIM
Common Internet File System CIFS
Commonspeak2
Communication
Communism
Community Emergency Response Team CERT
Competence
Competitors
Compliance Governance
Compression
CompTIA
Computer Incident Response Team CIRT
Computer Network Attack CNA
Computer Network Espionage CNE
Computer Science
Computing
Confidentiality
Configuration Compliance Scanner
Conformity
Connection Oriented
Connectionless
Consensus
Consequence
Conspire
Content Addressable Memory CAM
Content Management System CMS
Contingency Planning CP
Continual Improvement
Continuity of Operation Plan COOP
Continuous Delivery
Continuous Integration
Control
Control Objective
Control Objective for Information Technology COBIT
Controller Area Network CAN
Cookies
Corporate Owned Personally Enabled COPE
Corrective Action Report CAR
Counter Mode CBC Mac Protocol CCMP
Counter Mode CTM
Country Code Top Level Domain ccTLD
CPP
Crisis Preparedness
Crontab
Cross Site Request Forgery CSRF
Cross Site Request Forgery XSRF
Cross Site Scripting XSS
Cypto Currency
Cryptographic Attacks
Cryptographic Hashing
Cryptography
CSharp
Curl
Cyber War
Cyclical Redundancy Check CRC
CySAPlus
Daisy Chaining
Dark Web
Data
Data Center
Data Classification
Data Emanations
Data Encryption Standard DES
Data Execution Electronics DHE
Data Link Layer
Data Loss Prevention DLP
Data Mining
Data Protection
Data Protection Laws DPL
Data Sanitization
Data Science
Data Service Unit DSU
Database Administrator DBA
Databases
Datagram
Datasploit
Debugging
Deep Web
Default Gateway
Defcon
Defense in Breadth
Defense in Depth
Delegation Name Record DNAME
Demilitarized Zone DMZ
Denial of Service DoS
Deployment
Derived Measure
Destination Network Address Translation DNAT
Development
DevOps
Dictionary Attack
Diffie Hellman
Digital Encryption Standard DES
Digital Forensics Incident Response DFIR
Digital Ocean
Digital Signature Algorithm DSA
Digital Subscriber Line DSL
Direct Sequence Spread Spectrum DSSS
Directory Transversal
Disassociation
Disaster Recovery Plan DRP
Discretionary Access Control Lists DACLs
Disk Operating System DOS
Disk Partition
Disk Quotas
Distinguished Encoding Rules DER
Distributed Denial of Service DDoS
Distributed Reflective Denial of Service DRDoS
Distributed Switching
Diversity
DLLInjection
DNS Databases
DNS over HTTPS DoH
DNS Pharming
DNS Poisoning
DNS Queries Translations
DNS Resolvers
DNS Security Extensions DNSSEC
DNS spoofing
DNS Zones
Dnswalk
Docker
Documentation
Documented Information
Domain
Domain Admin
Domain Controller DC
Domain Hijacking
Domain Information Groper Dig
Domain Name Service DNS
dotNet
Double 802.1Q Encapsulation
Down Grade
Dropper
Drugs
Dumpster Diving
Duplex
Dynamic Application Security Test DAST
Dynamic Host Configuration Protocol DHCP
Dynamic Link Library DLL
Easter eggs
Effectiveness 
Egress Filter
Elastic Compute Cloud EC2
Electro Magnetic Interference EMI
Electro Magnetic Pulse EMP
Electronic Code Book ECB
Electronic Serial Number ESN
Electronics
Elliptic Curve Cryptography
Elliptic Curve Diffie Hellman Ephemeral ECDHE
Elliptic Curve Digital Signature Algorithm ECDSA
Email
Email Spoofing
Embedded
Encapsulating Security Payload ESP
Encrypting File System EFS
Encryption
Encryption at Rest
Encryption in Transit
End of Life Systems EOL
Endpoints
Enum
Enumeration
Ephemeral Port
Escalation of Privilege
ESP32
Ethical Hacking
Ethics
Etiquette
Evading IDS Firewalls Honeypots
Evasion Techniques
Event
Event Logs
Event Trace Logs ETL
Evil Twin
Exchange
ExclusiveOr XOR
Exfiltration
Exploit
Exploit Chain
Extended Service Set Identifier ESSID
Extensible Authentication Protocol EAP
Extensible Markup Language XML
External Context
External Recon
Eyewitness
F5
Facebook
FaceTime
Fair Credit Reporting Act
False Negative
False Positive
Familiarity Liking
Federal Communications Commission FCC
File Allocation Table FAT
File Transfer Protocol FTP
Firewalls
Firmware
Flash
Flexible Single Master Operation FSMO Roles
Footprinting
Fraggle
Fragmentation
Frame
Frequency Hopping Spread Spectrum FHSS
Frida
Full Tunnel
Fully Qualified Domain Name FQDN
Fuzzing
General
General Data Protection Regulation GDPR
Generational
Generic Top Level Domain gTLD
Git
GitHub
GitHub Pages
GNS3
Go
Goals
Google Cloud Associate Cloud Engineer
Google Dorks
Google Hacking Database GHDB
Graham Leach Bliley GLBA
Grammar
Gray Hat
Graybox
Grep
Group Policy Objects GPOs
Hackathon
Hacker Summer Camp
Hackers
Hacking Mobile Platforms
Hacking Web Servers
Hacking Wireless Networks
Hacktivist
Half Duplex
Hardware
Hardware Security Module HSM
Hashes
Header Manipulation
Health Information Tech Clinical Health HITECH
Health Insurance Portability Accountability Act HIPAA
Heap Spraying
Herbs
Hidden
High Performance File System HPFS
HINFOTXT Records
History
Hoax
Homebrew
Honey Files
Honey Users
Honeypots
Host Intrusion Detection System HIDS
Hping
Httprobe
Hubs
Hybrid Cloud
Hybrid Cryptosystem
Hyperlink
Hypertext Markup Language HTML
Hypertext Transfer Protocol HTTP
Hypertext Transfer Protocol Secure HTTPS
HyperV
Hypervisor
Ideas Streams
Identity Theft
Impersonation
Implicit Deny
Incident Management
Incident Response
Incident Response Policy
Incident Response Team
Indicators of Compromise IoC
Industrial Espionage
Infiltration
Information Security Management System 
Infrastructure as Code
Injection
Insider Threats
Insuffient Logging and Monitoring
Intellectual Property IP
Internet Control Message Protocol ICMP
Internet Protocol IP
Internet Relay Chat IRC
Internet Assigned Numbers Authority IANA
Internet Engineering Task Force IETF
Internet Storm Center ISC
Interrogation
Intrusion
Intrusion Detection System Intrusion Prevention System IDS IPS
Information Security Management System ISMS
Integrity
Interactive Application Security Test IAST
Internet Storm Center ISC
Internet Message Access Protocol IMAP
Internet of Things IoT
Interrogation
Interview Skills
Intrusion
IoTHacking
iOSDev
IPv4
IPv6
Insecure Deserialization
IT Infrastructure Library ITIL
IT Service Management ITSM
Jamming
Java
JavaScript
Jekyll
Jenkins
Jira
Jobs
John the Ripper JTR
Journaling File System
Jquery
JSON
K8s
Kali
Kerberos
Kernel Based Virtual Machine KVM
Keylogger
Kill
Kill Chain
Knock.py
Known Cipher Text
Known Plain Text
Kubernetes
Lab
LAN Manager LM
Lateral Movement
Lazyrecon
LDAP Injection
Leadership
Learning
Lie Detection
Light Weight Directory Access Protocol LDAP 
LinkedIn
Linux
Linux Plus
Linux Professional Institure Certification LPIC
Listening
Load Balancers
Local Host
Local Host File
Local Shared Object LSO
Lockpicking
Logging
Logic Bomb
Logical Link Control LLC Sublayer
Loop Prevention
MAC Address
MAC address Table
MAC Filtering
Mac Spoofing
Machine Learning
MacOS
Mail Exchanger MX Record
Maintenance Hook
Malformed Packets
Malicious AddOns
Maltego
Malware
Malware Threats
Man in the Browser MitB
Man in the Middle MitM
Man Traps
Managing
Mandatory Access Control MAC
MariaDB
Markdown
Massdns
Math
Maximum Transmission Unit MTU
MCSA
MDK3
Media Access Control MAC Sublayer
Medical Devices
Meetings
Megaping
Memory Leak
Memory Skills
Mesh Network
Message Digest 5 MD5
Metacharacters
Metadata
Metasploit
Microservices
Microsoft
Microsoft Conferences
Microsoft MVP
Mindfulness
Mindmaps
Mission Critical
Mitmf
Money Laundering
MSFVenom
Multi Factor Authentication MFA
Multicast
MySQL
Nagios
Name Lookups
Name Server Record NSrecord
Nameserver
Nation States
National Institute of Standards and Technology NIST
Near Field Communications NFC
Nessus
Net Bios
Netblock
Netcat
Netcraft
Netstat
Network
Network Address Card NIC
Network Address Translation NAT
Network Intrusion Detection System NIDS
Network Layer
Network Location Test Nltest
Network Plus
Network Mapping
Network Scanners
Network Security
Network Time Protocol NTP
New York Department of Financial Services Cybersecurity Rule
Nikto
Nishang
Nmap
Nolacon
Nonce
NonRepudiation
NonTransparent Proxy
NonUniform Memory Access NUMA
NSlookup
NULLScan
NXLog
O365
OAuth
Obfuscation
Object Exchange
Objective C
OCA
OCP
Okta
Omnidirection Antenna
OneDrive
OneNote
Open Redirect
Open Source Intelligence OSINT
OpenSSH
Openstego
Open System Interconnection model OSI Model
OpenVAS
Open Web Application Security Project OWASP
Operating Systems
Optical Character Recognition OCR
Oracle
Organized Crime
Organization Unique Identifier OUI
Orthogonal Frequency Division Frequency OFDM
OSCP
Out of Band
Out of Band External Entity OOBXXE
Outsourcing
Packet
Packet Filter Firewall
Packet Internet Groper Ping
Packet Radio
Packet Switched
Padded Cell
Panel Antenna
Parabolic Antenna
Parent Domain
Passive Reconnaissance
Pass The Hash
Passed
Passwords
Patching
Payload
Payment Card Industry Data Security Standard PCIDSS
Peerlyst
Peerlyst
Peer to Peer
Penetration Testing
Pentest Plus
Perception
Persistence
Personal Address Translation PAT
Personal Branding
Pharming
Philosophy
Phishing
Physical Layer
Physics
Piggy Backing
Ping of Death
Ping Sweeps
Pivoting
Platform as a Service PaaS
Pluralsight
Podcasts
Pointer Dereference
Point of Sales PoS
Policy
POODLE Attack
Port Forwarding
Port Knocking
Port Mirroring Spanning
Ports
Port Scanning
Port Security
Post Exploitation
Post Office Protocol POP3
Postman
PowerCLI
Power Over Ethernet POE
PowerShell
Powershell DSC
Powershell Empire
Powershell ISE
PowerSploit
Presence
Presentation Skills
Presentation Layer
Pretexting
Pretty Good Privacy PGP
Principles of Social Engineering
Privacy
Private Cloud
Private Key
Privilege Escalation
Procedure
Procman
Programming
Project Management
Protected Information
Protocol Analysis
Protocol Analyzer
Protocol Data Units PDUs
Protocols
Protocol Types
Proxy
Proxy Server
Psychology
Public Cloud
Public Key
Puppet
Python
Pythonista
Query ID QID
Race Conditions
Radare
Radiation
Radio Frequency identification RFID
Radius
Radio Frequency RF
Rainbow Tables
Rapid7
Rapid7 Forward DNS Dataset
Rapid7 IDR
Rapid7 Insight
Rapid7 IVM
Ransomeware
RasberryPi
Reconnaissance
Red Team
Refactoring
Regular Expressions
Remote Access Trojan RAT
Remote Code Execution RCE
Remote Desktop Protocol RDP
Remote Desktop Services RDS
Remote Procedure Call RPC
Remote Teams
Replay Attack
Replication
Request For Comments RFCs
Resource Records RR
Rest API
Revenge Porn
Reverse Domains
Reverse Engineering
Reverse Proxy
Reverse Translation
Ring
Ring Network
Risk
Risk Assessment
Robotics
Rogue AP
Root
Root Domain
Round Robin
Routers
Routing
Ruby
Russian
Rules of Engagement ROE
Sales
Sandbox
Sarbanes Oxley SOX
Satellite Communication SATCOM
Scanning Networks
Scarcity
Scrapy
Screen
Screens
Script Kiddies
Search Engine Optimization SEO
Secondary Victim
Securit
Security Assertion Markup Language SAML
Security Awareness
Security Information Event Management SEIM
Security Onion
Security Plus
Security Podcasts
Segmentation
Self Improvement
Self Signed Certificates
Serverless
Server Message Block SMB
Server Side Request Forgery SSRF
Service
Service Account
Service Ports
Service Set Identifier SSID
Sensitive Data Exposure
Session Cookie
Session Hijacking
Session Initiation Protocol SIP
Session Layer
Shell Code
Shimming
Shodan.io
Shoulder Surfing
Simple Main Transfer Protocol SMTP
Simple Network Management Protocol SNMP
Simple Storage Service S3
Slack
Smurf
Sniffing
Snort
SOC2
SOC2 Type II
Social Engineering
Social Engineering Toolkit SET
Social Media
Soft Skills
Software Defined Networks SDN
Software Development Lifee Cycle SDLC
Software as a Service SaaS
Solarwinds
Soldering
Spanish
Spanning Tree
Spanning Tree Protocol STP
Sparse Files
Spread Spectrum
Speaking Skills
Spear Phishing
Split Tunnel
Splunk
Spokeo
Spoofing
Spyware
SQL Injection
SRV Records
SSL Accelerators
SSLDecryptor
Sslstrip
SSLTLS
Standards
Star Network
Start of Authority SOA Records
Stateful Inspection Firewall
Static Application Security Test SAST
Static Website
Statistics
Steganography
Storage
Storage as a Service SaaS
Strategy
Structured Query Language SQL
Sub Domain Take Overs
Sub Domains
Subject Matter Experts SMEs
Sublist3r
Subnetting
Substitution Ciphers
Survival Preparation
Swift
Switching
Switching Loop
Symmetric Key Cryptography 
Symmetric MultiProcessing SMP
Syn Flood
Syslog
Sysmon
System Access Control List SACLs
System Sprawl
Tactics Techniques and Protocols TTPs
Tailgating
TCPDUMP
TCPIP
Teletype Network Telnet
Terminal
Terminal Services TS
The Onion Router TOR
Threat Actor
Time of Check to Time of Use TOCTTOU
Time of Use TOU
Time to Live TTL
Token Ring
Top Level Domains TLDs
Topology
Traceroute
tracert
Tradecraft
Traffic Shaping
Training
Transitive Access
Transmission Control Protocol TCP
Transparent Proxy
Transport Layer
Transport mode
Triple Digital Encryption Standard 3DES
Trivial File Transfer Protocol FTP
Trojan
Trunking
Trusted Platform Module TPM
Trusted Third Party
Tunnel Mode
Turbonomics
Twitter
Typo Squatting
Ubuntu
Unicast
Uniform Resource Identifier URI
Uniform Resource Location URL
Universal Asynchronous Receiver Transceiver UART
Urban Planning
Urgency
URL Hijacking
User Account Control UAC
User Datagram Protocol UDP
Using Components with Known Vulnerabilities
Vagrant
VM Script
vCenter
vCPU
Veeam
Virtual Desktop Infrastructure VDI
Virtual LAN VLAN
VirtualIP VIP
Virtual Private Network VPN
Virtualization
Virus
Viruses
Virustotal
Vishing
Visual Studio Code VSCode
ViVIM
VLAN Hopping
VLAN Tagging
VMware
VMware Workstation
VMware Fusion
VMworld
Voice over Internet Protocol VoIP
Volume Shadow Copy Services VSS
Von Neumann Architecture
VPN Concentrator
Vulnerability
Vulnerability Analysis
Vulnerability Assessment
Vulnerability Management
Vulnerability Scan
Walk Throughs
War Chalking
War Dialing
War Driving
Warfare
Watering Hole Attack
Web Accessibility
Web Application Firewall WAF
Web Assembly WASM
Web Development
Web Hacking
Web Scraping
Webscreenshot.py
Well Known Port Numbers
Wget
Whaling
Whitebox
WhiteHat
Whois
Whois Lookup
WiFi Protected Access WPA
WiFi protected Setup WPS
Windows
Windows 10
Windows Event Forwarding WEF
Windows Internet Names Services WINS
Windows Management Instrumentation WMI
Windows Registry
Windows Remote Management WinRM
Windows Server Update Services WSUS
Windows Subsystem
Windows Terminal
Wired Equivalent Privacy WEP
Wireless
Wireless Access Point WAP
Wireless Channels
Wireshark
Workplace
Worm
Writing
WS-FED
X-callback-url
x .500
Xmas Attack
XML External Entity XXE
XML Injection
Yagi Antenna
Youtube
Zero Day
Zero Trust
Zerto
Zmap
Zombies
Zone Transfers