IT&Sec Movies/Shows
Early 90's film with the catch phrase "Hack the Planet"
Hackers
These words make up the OWASP acronym
Open Web Application Security Project
DLP
Data Loss Prevention
Organization need to periodically test disaster recovery and business continuity plans despite proving they work due to
Environmental changes that may render them ineffective over time.
This operational team houses information security professionals responsible for monitoring and analyzing the organization's security posture on an ongoing basis
Security Operations Center or SOC or CSOC
TV show known for a popular meme "Hello IT, Have you tried turning it off and on again"
The IT Crowd
This is the 1st most critical web application vulnerability according to the OWASP Web Top 10 - 2017
Injection
EDR
Endpoint Detection and Response
What commonly takes place when you insert specially crafted and excessively long data into an input field?
Buffer Overflow
These discussion-based exercises bring different team members to meet in an informal, classroom setting to discuss their roles during an emergency and their responses to a particular emergency situation
Table-Top Exercises
An improvised line used when the printer on scene displayed "PC Load Letter"
Office Space
This is a popular open-source web application firewall
Mod Security
GRC
Governance, Risk Management, and Compliance
An site that has all necessary PCs, servers, and telecommunications in a ready state
hot-site
This modeling procedure is used for optimizing security by identifying objectives and vulnerabilities, defining countermeasures to prevent, or mitigate the effects of, threats to an asset
Threat Modeling
"Follow the white rabbit"
The Matrix
This is a form of black box testing that works by providing invalid, unexpected or random data
Fuzzing
PCI-DSS
Payment Card Industry Data Security Standard
Alice wants to send an email to Bob, who is several network hops away from her. What is the best approach to protecting the confidentiality of the message
S/MIME or Secure Multipurpose Internet Mail Extensions
This is the term/abreviation typically used to 'profile' a bad actor
TTPs or Tactics (Tools), Techniques and Procedures
"I'm not hiring him, he uses spaces not tabs"
Silicon Valley
This is a authentication token commonly used for stateless sessions
JSON Web Token
(ISC)²
International Information Systems Security Certification Consortium
To make a copy of an object and modify the attributes of the second copy
Polyinstantiation
This phase of the incidence response lifecycle involves using 'break-glass' procedures to access admin/root accounts to verify and check access levels and activity across the system
Containment, Eradication and Recovery