Command that searches inside a file that match a parameter
Grep
Exceptionally versatile command line assessment tool
Nmap
Non profit organization that helps web developers secure their apps
OWASP (Open Web App Security Project)
Uses cyber weapons to promote a political or religious agenda
Hacktivist
Device that combines traditional filtering with IDS, IPS, SSL inspection, and malware detection
Hint: NOT a UTM
NGFW (Next Generation Firewall)
Command that only references the first 10 lines of the specified file
Head
GUI tool associated with Nmap
Zenmap
Publicly available information used to understand threat actor tactics and techniques
OSINT (Open Source Intelligence)
Threat actors whose activities lead to increased risk as a result of their privileged access or employment
Insider threat
GUI packet capture tool, known for its use of filters
Wireshark
Command to change permissions on Linux
Chmod
Industry-standard method to display the severity of a vulnerability in layman's terms
CVSS (Common Vulnerability Score System)
Clue or warning that something MIGHT be amiss
IoC (Indicator of Compromise)
Well-funded and talented actors who are primarily interested in espionage as an APT
Nation State
Command-line packet analysis utility
Tcpdump
Command used to download files from web sites over the Internet
wget
List of requirements agreed to before accomplishing a vulnerability scan
RoE (Rules of Engagement)
A solution that helps organizations detect, analyze, and respond to security threats before they harm business operations
SIEM (Security Information & Event Management )
Uses scripts obtained on dark web
Script Kiddie
Security model that requires strict and continuous authentication (no matter the origin of the device/request) and assumes every request is a threat
Zero Trust
Command that can create a file, merge files together, and output info from a file
Concatenate (cat)
Term used when actively finding out information concerning a device, such as OS type and version
Fingerprinting
Lightweight open-standard web file format used to transport and store data
JSON (JavaScript Object Notation)
Cyber threat activities usually used to fund illicit activities
Organized crime
Routing technique relates to diverting traffic into a honeypot for further analysis
Sinkhole