Meltdown Vulnerability in Intel and ARM processors. Reported January 3, 2018. Website Wikipedia ZDNet The Verge (Processor flaw exposes 20 years of devices to new attack) The Verge (How to protect your PC against the major 'Meltdown' CPU security flaw)
Charles Babbage An English polymath. A mathematician, philosopher, inventor and mechanical engineer, Babbage originated the concept of a digital programmable computer. December 26, 1791 – October 18, 1871. Wikipedia Computer History Museum
Isaac Asimov American writer and professor of biochemistry at Boston University. He was known for his works of science fiction and popular science. Asimov was a prolific writer. January 2, 1920 - April 6, 1992. Wikipedia
404 error Not Found Wikipedia
5G 5th generation cellular network. Expected to become a standard in the early 2020s Wikipedia
* (asterisk) * Regular expression used to match zero or more characters. Wikipedia
$ (dollar sign) Regular expression that matches the end of a line. Example: foobar$ will find a line ending in the word foobar. Wikipedia
\%3B regular expression hex equivalent of ; (semicolon) character
\%6F regular expression hex equivalent of "o" character.
\%4F regular expression hex equivalent of "O" character.
\%72 regular expression hex equivalent of "r" character. Website Wikipedia
\%52 regular expression hex equivalent of "R" character. Website Wikipedia
x regular expression to ignore white spaces in a pattern.
\%3D regular expression hex equivalent of = (equal) character.
\%23 regular expression hex equivalent of hash character.
i regular expression case-insensitive
\-\- regular expresion double-dash.
(x+y)2 (x+y)(x+y) Wolfram|Alpha
802.1X (aka: EAP over IEEE 802, EAP over LAN) IEEE Standard for Port-based Network Access Control (PNAC). It is part of the IEEE 802.1 group of networking protocols. It provides an authentication mechanism to devices wishing to attach to a LAN or WLAN. Wikipedia
403 error Forbidden Wikipedia
3DES-Encrypt-Decrypt-Encrypt (3DES-EDE) The way 3DES encrypts plaintext.
3COM Founded in 1979. Wikipedia
32-Bit (x86-32 or x86) Supports up to 4 GB of memory. Wikipedia
224.0.0.9 RIPv2 broadcast address
224.0.0.10 EIGRP multicast address
.mp3 File extension for an MP3 file. The name .mp3 was chosen by the Fraunhofer team on July 14, 1995. Wikipedia
\%27 Hex equivalent of single-quote character.
attack Attack = Motive (Goal) + Method + Vulnerability.
Mission Impossible - Fallout Released July 27, 2018. IMDB
X-Men Released July 14, 2000 IMDB Nerdist
WWDC 2020 Apple Worldwide Developers Conference June 22-26 all online. Website Wikipedia Apple Newsroom
sandbox Security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. Isolated space where untested code and experimentation can safely occur separate from the production environment. Wikipedia
Simple Object Access Protocol (SOAP) Messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. Allows developers to invoke processes running on disparate operating systems (such as Windows, macOS, and Linux) to authenticate, authorize, and communicate using Extensible Markup Language (XML). Since Web protocols like HTTP are installed and running on all operating systems, SOAP allows clients to invoke web services and receive responses independent of language and platforms. Wikipedia
Static Application Security Testing (SAST) set of technologies designed to analyze application source code, byte code and binaries for coding and design conditions that are indicative of security vulnerabilities. SAST solutions analyze an application from the “inside out” in a nonrunning state, prior to going into production. Gartner
REpresentational State Transfer (REST) Lightweight and scalable software architectural style that defines a set of constraints to be used for creating Web services. Web services that conform to the REST architectural style, called RESTful Web services, provide interoperability between computer systems on the Internet. RESTful Web services allow the requesting systems to access and manipulate textual representations of Web resources by using a uniform and predefined set of stateless operations. Other kinds of Web services, such as SOAP Web services, expose their own arbitrary sets of operations. Wikipedia
Web Application Firewall (WAF) Detects how applications interact with the environment.Optimal for detecting SQL injections and XSS.
GitHub Social network for programmers. Website Wikipedia YouTube (GitHub Training & Guides)
Gil Amelio Named CEO of Apple Computer February 2, 1996 Wikipedia This Day in Tech History
GameCube Video game console made by Nintendo. First released in Japan September 14, 2001. Wikipedia
Google Pixel 2 Smartphone from Google. Announced October 4, 2017. Website Wikipedia
Google I/O 2017 May 17 - May 19 at the Shoreline Amphitheatre in Mountain View, California. Website
blank page suppression Where the printer removes blank pages from a job. HP
DEF CON 28 SAFE MODE August 6-9, 2020 online. Website
DEF CON China 2 On Hold - Dates TBD. 751D Park in Beijing, China. Website
DEF CON 30 Aug. 11-14, 2022 Website
Blend GUI design tool developed by Microsoft. Wikipedia
blanks Artificial data added to fill blocks in a block cipher.
Blue Gene Supercomputer from IBM. Announced December 1999. Wikipedia
Blaise de Vigenère Vigenère cipher. April 5, 1523 - February 19, 1596 Wikipedia
Black Hat USA 2020 Now in its 23rd year, Black Hat USA is the world's leading information security event, providing attendees with the very latest security research, development and trends. Black Hat USA 2020 will be entirely virtual this year, held over the same dates, August 1-6. August 1-6, 2020. Website
Black Hat Asia 2020 The information security community comes together for esteemed Trainings taught by industry experts, innovative research presentations at Briefings, the latest open-source tool demos in Arsenal, and the Business Hall featuring top-tier solutions and service providers. Black Hat returns to Marina Bay Sands in Singapore, September 29 - October 2, 2020. Website
Black Hat USA 2019 August 3-8, 2019. Website
Global AppSec San Francisco 2020 October 19-23, 2020 Website
Microsoft Build 2020 First all-digital conference from Microsoft. May 19–21, 2020. Website
Solo: A Star Wars Story Released May 25, 2018. IMDB
data integrity (checksum) Maintenance of, and the assurance of the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. The term is broad in scope and may have widely different meanings depending on the specific context – even under the same general umbrella of computing. Wikipedia
entity integrity Concerned with ensuring that each row of a table has a unique and non-null primary key value; this is the same as saying that each row in a table represents a single instance of the entity type modelled by the table. A requirement of E. F. Codd in his seminal paper is that a primary key of an entity, or any part of it, can never take a null value. Wikipedia
Hash-Based Message Authentication Code (HMAC) (aka: Keyed-Hash Message Authentication Code [KHMAC]) Data integrity algorithm guaranteeing the integrity of a message. Adds a secret key to the hash function. Wikipedia
Unique Identifier (UID) Any identifier which is guaranteed to be unique among all identifiers used for those objects and for a specific purpose. Wikipedia
PCI Express 5.0 PCI-SIG officially announced the release of the final PCI-Express 5.0 specification May 29, 2019 Wikipedia
Digital Signature Algorithm (DSA) (authentication) Federal Information Processing Standard (FIPS) for digital signatures, based on the mathematical concept of modular exponentiation and the discrete logarithm problem. DSA is a variant of the Schnorr and ElGamal signature schemes. DSA signature generation is faster than DSA signature verification. Attributed to David W. Kravitz. Filed under U.S. Patent 5,231,668 July 26, 1991. Adopted by the U.S. government in 1993 with FIPS 186. Wikipedia
Bruce Schneier American cryptographer, computer security professional, privacy specialist and writer. Born January 15, 1963. Website Wikipedia
Cyan, Magenta, Yellow, Key (black) (CMYK) color model Wikipedia
DC-to-DC converter Converts DC from one voltage level to another. Wikipedia
Deadlock waiting for a process that never finishes. Wikipedia
Dialed Number Identification Service (DNIS) Wikipedia
Digital Subscriber Line Access Multiplexer (DSLAM) Wikipedia
Digital Signal 3 (DS3) 44.736Mbps Wikipedia
Digital Signal 1 (DS1) (T1 line) 1.544Mbps bandwidth Wikipedia T1Rex
Digital Signal 0 (DS0) Adapter Cisco
Digital Rights Management (DRM)
Digital Millennium Copyright Act (DMAC)
Digital Serial Interface (DSI) Protocol for controlling lighting in buildings. Wikipedia
Digital Signal 0 (DS0) Dedicated line (not shared) at 64Kbps. 24 bundled is a DS1 line or T1 line. Wikipedia
subquery Query linked to another query. Wikipedia
Network Operating System (NOS) Specialized operating system for a network device such as a router, switch or firewall. Designed to support many users and share resources between them in a client-server architecture. Early examples of client-server operating systems include Novell NetWare, Solaris, Windows NT/2000/XP/Server 2003, HP-UX, AIX and Linux. This description of operating systems is now largely historical, as common operating systems include a network stack to support a client–server model. Wikipedia Netacad
Computer Emergency Response Team (CERT) [aka: Computer Emergency Readiness Team, Computer Security Incident Response Team (CSIRT)] Expert group that handles computer security incidents. USA CERT created by the Defense Advanced Research Projects Agency (DARPA) and run by the Software Engineering Institute (SEI) at the Carnegie Mellon University. CERT name first used in 1988 by the CERT Coordination Center (CERT-CC) at Carnegie Mellon University (CMU). SEI Website Wikipedia
Internet Control Message Protocol version 6 (ICMPv6) ICMP for IPv6
Internet Corporation for Assigned Names and Numbers (ICANN) Wikipedia Website
Internet Engineering Steering Group (IESG) Website Wikipedia
Internet Engineering Task Force (IETF)
Internet Group Management Protocol (IGMP)
Internet Information Server (IIS) Wikipedia
Internet Information Services (IIS) Wikipedia
Internet Key Exchange (IKE) (UDP port 500, RFC 2409) Used to set up a security association (SA) in the IPsec protocol suite to authenticate users and devices. Builds on the Oakley protocol and ISAKMP. Uses X.509 certificates for authentication. Several types of authentication: username, password, one-time password, biometrics, PSK, and digital certificates. Originally defined by the IETF in RFC 2407, RFC 2408 and RFC 2409 November 1998. Wikipedia RFC 2407 RFC 2408 RFC 2409
Internet Key Exchange (IKE) Phase 1 Authentication. 3 keys exchanged. Main mode or aggressive mode.
Internet Key Exchange (IKE) Phase 2 Key Exchange. IPsec transform sets. unidirectional IPsec SAs.
Internet Message Access Protocol (IMAP) (IMAP: port 143, IMAPS: port 993) Protocol for email retrieval. IMAP Secure (IMAPS) operates over SSL or TLS. Designed by Mark Crispin in 1986. Wikipedia
Internet Printing Protocol (IPP) Proposed by Novell in 1996. Wikipedia
Internet Protocol (IP) The network layer service implemented by the TCP/IP protocol suite. (Connectionless, Best Effort (unreliable), Media Independent.) Wikipedia YouTube
Internet Protocol Flow Information Export (IPFIX)
Internet Protocol Security (IPsec) Framework of open standards defining how a VPN can be configured and secured. Provides data integrity, peer authentication, data confidentiality (encryption). Not bound to any encryption, authentication, security algorithms, or keying technology. Uses Authentication Headers (AH), Encapsulating Security Payloads (ESP), and Security Associations (SA) as part of its security architecture. The Cisco IPsec implementation uses DES and 3DES in Cipher Block Chaining (CBC) mode. Works at the network layer (Layer 3) encapsulating IP packets. Uses a plaintext Layer 3 header to allow for routing compatibility. When configuring, a few basic parts must be provided: IPsec protocol, confidentiality, integrity, authentication, and secure key exchange. Wikipedia
Internet Protocol Security (IPsec) Authentication Guaranties message comes from the right person and was not forged. (PSK, RSA)
Intel Core i7 7700K Kaby Lake CPU from Intel. 4 Cores, 8 Threads, 8M Cache, up to 4.50 GHz, 91W TDP Released January 3, 2017. Intel ARK Wikipedia
Internet Protocol Security (IPsec) Confidentiality encrypts traffic so it can not be read. (encryption if ESP: DES, 3DES, AES, SEAL)
Internet Protocol Security (IPsec) Configuration Steps: ACLs, ISAKMP (IKE) policy, IPsec transform set, crypto ACL, crypto map.
access-list (acl) permit ahp (source) (wildcard) (destination) (wildcard)access-list (acl) permit esp (source) (wildcard) (destination) (wildcard)access-list (acl) permit udp (source) (wildcard) (destination) (wildcard) eq isakmpinterface s0/0/0ip access-group (acl) incrypto isakmp policy integer 1-10,000 /*1 = highest priority*/authentication pre-shareencryption desgroup 1hash md5 /*If hash is not specified, will use SHA*/lifetime 86400crypto isakmp key (keystring) address (peer-address) crypto isakmp key (keystring) hostname (hostname) crypto isakmp key cisco123 address 172.30.1.2crypto isakmp key cisco123 address 172.30.2.2crypto ipsec transform-set (transform-set-name) (tranform1) (transform2) (transform3) (transform4)crypto ipsec transform-set VPN-SET esp-aes 256 esp-sha-hmacaccess-list (acl) {permit | deny} (protocol) (source) (source-wildcard) (destination) (destination-wildcard)access-list 110 permit tcp 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255crypto map (map-name) (seq-num) ipsec-manualmatch address (access-list) set [peer | pfs | transform-set | security-association]interface (interface-id) crypto map MYMAPcrypto map CMAP 10 ipsec-isakmp match address 110 set peer 172.30.2.2 default set peer 172.30.3.2 set pfs group1 set transform-set mine set security-association lifetime seconds 86400Intel Core i9-7980XE CPU from Intel. Announced at Computex 2017 May 30, 2017. Website Wikipedia
Infrastructure as a Service (IaaS) Wikipedia
IN Equality operator. Can be used in place of INTERSECT if IN is not supported by the DBMS.
International Data Encryption Algorithm (IDEA) [originally called Improved Proposed Encryption Standard (IPES)] Symmetric-key block cipher. Intended as a replacement for the Data Encryption Standard (DES). IDEA is a minor revision of an earlier cipher Proposed Encryption Standard (PES). Designed by James Massey of ETH Zurich and Xuejia Lai and was first described in 1991. Wikipedia
Jetico Encryption Software & Wiping Software Website
Lock It Down Locks your 'Content Sensitive' files and folders quickly and professionally using 128-bit Thayer encryption, which make it unable for others to view or use them without your consent, which results in a clean conscience and instant peace of mind. Website
kernel The core of an OS. Wikipedia
Virtual Private Network (VPN) IP tunnels that extend a private network across a public network, usually the internet. Enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Typically encrypted but does not need to be, such as in the case of GRE and Frame Relay. The encryption algorithm combines message text with a key to make the message unreadable by unauthorized receivers. Two kinds of VPNs: site-to-site and remote access. Can operate at OSI Layer 2 (Frame Relay, ATM, HDLC, PPP) or OSI Layer 3 (GRE, MPLS, IPsec). Wikipedia
chargeback Policy used by IT departments to allocate and/or bill the costs associated with each department's or division's usage. As of 2011, the chargeback mechanisms are often controversial in organizations. Wikipedia
AMD EPYC Family of server chips from AMD based on the Zen microarchitecture. Announced May 16, 2017. Released June 20, 2017. Website Wikipedia
E3 2019 June 11-13 in Las Angeles. Website Wikipedia
NT LAN Manager (NTLM) Suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. The NTLM protocol suite is implemented in a Security Support Provider, which combines the LAN Manager authentication protocol, NTLMv1, NTLMv2 and NTLM2 Session protocols in a single package. Whether these protocols are used or can be used on a system is governed by Group Policy settings, for which different versions of Windows have different default settings. NTLM passwords are considered weak because they can be brute-forced very easily with modern hardware. Successor to the authentication protocol in Microsoft LAN Manager (LANMAN). Wikipedia
aggregate functions (COUNT, MIN, MAX, and AVG) special functions that perform arithmetic computations over a set of rows. Usually used in conjunction with a GROUP BY clause to group the output of aggregate computations by one or more attribute rows that match a given condition.
WHERE SQL clause that narrows query results. Can be used with SELECT, UPDATE, and DELETE statements to restrict rows affected by the DDL command. Wikipedia
column list Represents one or more column names separated by commas. May also include computed columns, aliases, and aggregate functions.
column Each database table column represents an attribute. Each column has a distinct name.
SELECT SQL statement that returns a set of records from one or more tables. Main data retrieval command in SQL. Wikipedia
INSERT SQL command used in databases to add new rows to tables.
Data Manipulation Commands (DML) Allow you to add, modify, and delete rows from tables. Basic commands are; SELECT, INSERT, UPDATE, DELETE, COMMIT, and, ROLLBACK.
data definition commands Allows you to create tables and indexes. Commands are; CREATE TABLE, CREATE INDEX, ALTER TABLE, DROP TABLE, DROP INDEX. Many SQL constraints can be used with columns.
ANSI SQL data types Basic types include; NUMBER, NUMERIC, INTEGER, CHAR, VARCHAR, and DATE. Support is different in each RDBMS. Microsoft Access Equivalent ANSI SQL Data Types
SQL commands Can be divided into two overall categories: data definition language (DDL) and data manipulation language (DML) commands.
F8 2019 April 30 - May 1 Website
TO_NUMBER Oracle function used to convert a character string into a number. Digits are represented by “9”.
Microsoft Build 2018 May 7-9. Website