Red Team
Blue Team
Penetration Testing
Hackers Do This
Acronyms
100

Process in which white-hat hackers are given permission to access a system in an attempt to penetrate defenses to locate vulnerabilities 

What is penetration testing?

100

Real-time streams of data that provide information on potential cyber threats and risks. 

What is threat intelligence feed?

100

Penetration test for which the tester is given complete information and full knowledge of the system. 

What is white box test?

100

Act of moving around, usually in a vehicle, and searching for wireless networks. 

What is war driving?

100

SIEM stands for 

security information and event management 

200

Security assessment that searches a computer or network for potential vulnerabilities or weak security configurations. 

What is vulnerability scan?

200

Security assessment that monitors user behavior and compares it to established baseline information. 

What is user behavior analysis?

200

Penetration test in which the tester has no knowledge of the system. 

What is black box test?

200

Discovery and gathering of data without the target being aware it is happening. 

What is passive reconnaissance?

200

SOAR stands for

Security Orchestration, Automation, and Response 

300

Practice of proactively searching for cyber threats and vulnerabilities not already detected or identified in a network. 

What is threat hunting?

300

Periodic exercise that evaluates a company’s security preparedness. 

What is security assessment?

300

Test that attempts to move from a normal user to achieve root or admin privileges while accessing a system. 

What is escalation of privilege?

300

Method that determines the status of communication ports on a system. 

What is port scanning?

300

UBA stands for

user behavior analysis

400

Permission given by a company or organization to another party to access or hack a system in an effort to determine how susceptible the system is to unauthorized access or penetration. 

What is penetration testing authorization?

400

Software product that supports organizational security by real-time collecting and compiling log data generated in a network and producing analyzed results and reports. 

What is SEIM?

400

Point of a penetration test in which the tester refocuses attention from the initial point of entry to begin looking for targets and other resources on a network. 

What is Pivot?

400

Act of intercepting a data packet as it crosses a specific network point. 

What is packet capture?

400

CVE is 

Common Vulnerabilities and Exposure 

List of known security threats identified by the US Department of Homeland Security. 

500

Document that specifies in detail the manner in which penetration testing will be conducted. 

What is rules of engagement (RoE)?

500

Security solution that uses an array of software tools and solutions that allows for a collection of data from multiple sources and generates an automatic response 

What is SOAR?

500

Act of a pen tester attempting to maintain a connection after a successful exploit 

What is persistence?

500

Gathering information about a system; is also called pre-attack technique. 

What is footprinting?

500

CVSS is

Common Vulnerability Scoring System 

Open industry standard used to assess system vulnerabilities and their severity.