11.9. 常见术语

11.9.1. 系统相关

  • WMI (Windows Management Instrumentation)

11.9.2. 网络相关

11.9.2.1. 网络协议

  • 轻型目录访问协议 (Lightweight Directory Access Protocol, LDAP)

  • 标识名 (Distinguished Name, DN)

  • 相对标识名 (Relative Distinguished Name, RDN)

  • 服务器消息块 (Server Message Block, SMB)

  • 网络文件共享系统 (Common Internet File System, CIFS)

  • SMTP (Simple Mail Transfer Protocol)

  • 简单网络管理协议 (Simple Network Management Protocol, SNMP)

  • POP3 (Post Office Protocol 3)

  • IMAP (Internet Mail Access Protocol)

  • HTTP (HyperText Transfer Protocol)

  • HTTPS (HyperText Transfer Protocol over Secure Socket Layer)

  • 动态主机配置协议 (Dynamic Host Configuration Protocol, DHCP)

  • 远程过程调用 (Remote Procedure Call, RPC)

  • Java调试线协议 (Java Debug Wire Protocol, JDWP)

  • 网络文件系统 (Network File System, NFS)

  • 服务主体名称 (Service Principal Names, SPN)

  • 简单身份验证 (Simple Authentication and Security Layer, SASL)

  • 链路本地多播名称解析 (Link-Local Multicast Name Resolution, LLMNR)

11.9.2.2. 路由系统

  • 自治系统 (Autonomous System, AS)

  • 内部网关协议 (Interior Gateway Protocol, IGP)

  • 外部网关协议 (External Gateway Protocol, EGP)

  • 域内路由选择 (interdomain routing)

  • 域间路由选择 (intradomain routing)

  • 路由信息协议 (Routing Information Protocol, RIP)

  • 开放最短路径优先 (Open Shortest Path First, OSPF)

  • 动态路由协议 (Dynamic Routing Protocols, DRP)

  • 首跳冗余性协议 (First Hop Redundancy Protocols, FHRP)

  • 热备份路由器协议 (Hot Standby Router Protocol, HSRP)

  • 虚拟路由冗余协议 (Virtual Router Redundancy Protocol, VRRP)

  • 网关负载均衡协议 (Gateway Load Balancing Protocol, GLBP)

  • 网络地址转换 (Network Address Translation, NAT)

  • 点对点协议 (Point-to-Point Protocol, PPP)

  • 生成树协议 (Spanning Tree Protocol, STP)

  • QUIC (Quick UDP Internet Connections)

11.9.2.3. 网络应用

  • 证书透明度 (Certificate Transparency, CT)

  • DNS证书颁发机构授权 (DNS Certification Authority Authorization, CAA)

  • 应用级网关 (Application Level Gateway, ALG)

11.9.2.4. Kerberos

  • 密钥分发中心 (Key Distribution Center, KDC)

  • 认证服务器 (Authentication Server, AS)

  • 票据授权服务器 (Ticket Granting Server, TGS)

11.9.3. 开发相关

  • REST (Representation State Transformation)

  • 持续集成 (Continuous Integration, CI)

  • 持续交付 (Continuous Deployment, CD)

  • 函数即服务 (Function as a Service, FaaS)

  • 容器即服务 (Container as a Service, CaaS)

  • 软件即服务 (Software as a Service, SaaS)

  • 平台即服务 (Platform as a Service, PaaS)

  • 基础设施即服务 (Insfrastructure as a Service, IaaS)

11.9.4. 安全相关

  • 缺点 (defect / mistake)
    • 软件在实现上和设计上的弱点

    • 缺点是缺陷和瑕疵的统称

  • 缺陷 (bug)
    • 实现层面的软件缺点

    • 容易被发现和修复

    • 例如:缓冲区溢出

  • 瑕疵 (flaw)
    • 一种设计上的缺点,难以察觉

    • 瑕疵往往需要人工分析才能发现

    • 软件系统中错误处理或恢复模块,导致程序不安全或失效

  • 漏洞 (vulnerability)
    • 可以用于违反安全策略的缺陷或瑕疵

  • IAST (Interactive Application Security Testing)

  • DAST (Dynamic Application Security Testing)

  • SAST (Static Application Security Testing)

  • ATT&CK™ (Adversarial Tactics, Techniques, and Common Knowledge, ATT&CK)

  • 横向移动 (Lateral Movement)

11.9.4.1. 安全开发

  • 安全信息和事件管理 (Security Information Event Management, SIEM)

  • 自动化响应SOAR模型 (Security Orchestration, Automation and Response, SOAR)

  • SDL (Security Development Lifecycle)

11.9.4.2. 安全策略

  • 跨域资源共享策略 (Cross-Origin Resource Sharing, CORS)

  • 发件人策略框架 (Sender Policy Framework, SPF)

  • 域名密钥识别邮件 (DomainKeys Identified Mail, DKIM)

  • 基于域名的消息认证报告与一致性协议 (Domain-based Message Authentication, Reporting and Conformance, DMARC)

  • DNSSEC (The Domain Name System Security Extensions)

  • 基于DNS的命名实体身份验证 (DNS-based Authentication of Named Entities, DANE)

11.9.4.3. 安全模型

  • 构建安全成熟度模型 (Building Security In Maturity Model, BSIMM)

11.9.5. 攻击相关

11.9.5.1. 漏洞类型

  • 跨站脚本攻击 (Cross Site Scripting, XSS)

  • 跨站请求伪造 (Cross-Site Request Forgery, CSRF)

  • 中间人攻击 (Man-in-the-middle, MITM)

  • 服务端请求伪造 (Server Side Request Forgery, SSRF)

  • 高级持续威胁 (Advanced Persistent Threat, APT)

  • 远程命令执行 (Remote Command Execute, RCE)

  • 远程代码执行 (Remote Code Execute, RCE)

  • 带外数据 (Out-Of-Band, OOB)

11.9.5.2. 攻击方式

  • 鱼叉攻击 (Spear Phishing)

  • 水坑攻击 (Water Holing)

  • 分布式拒绝服务 (Distributed Denial of Service, DDoS)

11.9.6. 防御相关

  • IoC (Indicators of Compromise)

11.9.6.1. 防御技术

  • 网络检测响应 (Network-based Detection and Response, NDR)

  • 终端检测响应 (Endpoint Detection and Response, EDR)

  • 托管检测响应 (Managed Detection and Response, MDR)

  • 扩展检测响应 (Extended Detection and Response, XDR)

  • 自适应安全架构 (Adaptive Security Architecture, ASA)

  • 零信任网络访问 (Zero Trust Network Access, ZTNA)

  • 云安全配置管理 (Cloud Security Posture Management, CSPM)

11.9.6.2. 防护设施

  • 入侵检测系统 (Intrusion Detection System, IDS)

  • 主机型入侵检测系统 (Host-based Intrusion Detection System, HIDS)

  • 主机入侵防御系统 (Host Intrusion Prevent System, HIPS)

  • RASP (Runtime Application Self-protection)

  • 统一端点管理 (Unified Endpoint Management, UEM)

11.9.7. 运维

  • 智能运维 (Artificial Intelligence for IT Operations, AIOps)

  • 风险和脆弱性评估 (Risk and Vulnerability Assessments, RVA)

  • 计算机安全应急响应组 (Computer Emergency Response Team, CERT)

11.9.8. 认证

  • 双因素认证 (Two-Factor Authentication, 2FA)

  • 多因素认证 (Multi-Factor Authentication, MFA)

  • 一次性密码 (One-Time Password, OTP)