Are you new to infosec? Here are some acronyms to know. (PART-1)

CIA (Confidentiality, Integrity, Availability)

The CIA triad is well-known Information Security model which is designed to guide policies for information security within an organization. read more

AAA (Authentication, Authorization, and Accounting)

AAA is a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services.

CIRT (Computer Incident Response Team)

It’s responsible for responding to security breaches, viruses and other potentially catastrophic incidents in enterprises that face significant security risks.

DMZ (demilitarized zone)

It’s a physical or logical subnetwork that contains and exposes an organization’s external-facing services to an untrusted, usually larger, network such as the Internet

PII (Personally Identifiable Information)

PII, is any data that could potentially be used to identify a particular person

PCI DSS (Payment Card Industry Data Security Standard)

Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements intended to ensure that all companies that process, store, or transmit credit card information maintain a secure environment.

OSINT (Open Source Intelligence)

Open-source intelligence is data collected from publicly available sources to be used in an intelligence context

CVE (Common Vulnerability and Exposure)

The Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures.

OWASP (Open Web Application Security Project)

The Open Web Application Security Project is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security.

APT (advanced persistent threat)

An advanced persistent threat is a stealthy threat actor, typically a nation state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period.

NOC (Network Operations Center )

It is one or more locations from which network monitoring and control, or network management, is exercised over a computer, telecommunication or satellite network.

SOC (Security Operations Center)

A security operations center is a centralized unit that deals with security issues on an organizational and technical level.

SCADA (supervisory control and data acquisition)

SCADA is a type of process control system architecture that uses computers, networked data communications and graphical Human Machine Interfaces (HMIs) to enable a high-level process supervisory management and control.

SOX (Sarbanes-Oxley Act)

In 2002, the United States Congress passed the Sarbanes-Oxley Act (SOX) to protect shareholders and the general public from accounting errors and fraudulent practices in enterprises, and to improve the accuracy of corporate disclosures. Reference:

Pursuing M. Tech. in Cyber Security and Incident Response. #LoveToPlayCTF #infosec #cybersecurity