Knowledge of terms to know
What is dropper?
A dropper is a small helper program that facilitates the delivery and installation of malware.
Spammers and other bad actors use droppers to circumvent the signatures that anti-virus programs use to block or quarantine malicious code. It’s much easier to change the dropper, should its signature become recognized, than it would be to rewrite the malicious codebase.
Droppers, like many of their larger Trojan horse counterparts, can be persistent or non-persistent. Non-persistent droppers install malware and then automatically remove themselves. Persistent droppers copy themselves to a hidden file and stay there until they complete the task they were created for.
What is File Transfer Protocol (FTP)?
File Transfer Protocol (FTP) is a client/server protocol used for transferring files to or from a host computer. FTP may be authenticated with user names and passwords.
Anonymous FTP allows users to access files, programs and other data from the Internet without the need for a user ID or password. Web sites are sometimes designed to allow users to use “anonymous” or “guest” as a user ID, and an email address for a password. Publicly available files are often found in a specified directory and can be easily transferred to a user’s computer.
FTP is the Internet standard for moving or transferring files from one computer to another using TCP or IP networks. File Transfer Protocol is also known as RFC 959.
What is Social Networking Site (SNS)?
A social networking site is an online platform that allows users to create a public profile and interact with other users. Social networking sites usually allow a new user to provide a list of people with whom they share a connection, and then allow the people on the list to confirm or deny the connection. After connections are established, the new user can search the networks of connections to make more connections.
A social networking site is also known as a social networking website or social website.
Social networking sites have different rules for establishing connections, but they often allow users to view the connections of a confirmed connection. They may even suggest further connections based on a person’s established network.
Some social networking websites, like LinkedIn, are used for establishing professional connections, while sites like Facebook straddle the line between private and professional. There are also many networks that are built for a specific user base, such as cultural or political groups within a given area, or even traders in financial markets.
Social networking websites are easy to confuse with social media sites. A social networking site is any site that has a public or semi-public profile page, including dating sites, fan sites and so on. A social media site has profiles and connections, combined with the tools to easily share online content of all types.
It’s also helpful to think about examples of social media and social networking in order to tell the two apart.
Arguably over the first decade of the 21st century, Facebook, as a platform, became the most widely used social media site, and the most widely used social networking site as well.
What is Prescriptive analytics?
Prescriptive analytics is the area of business analytics (BA) dedicated to finding the best course of action for a given situation. Prescriptive analytics is related to both descriptive and predictive analytics.
Prescriptive analytics is used to suggest decision options for how to take advantage of a future opportunity or mitigate a future risk, and illustrate the implications of each decision option. In practice, prescriptive analytics can continually and automatically process new data to improve the accuracy of predictions and provide better decision options.
Advancements in the speed of computing and the development of complex mathematical algorithms applied to the data sets have made prescriptive analysis possible. Specific techniques used in prescriptive analytics include optimization, simulation, game theory and decision-analysis methods.
Dia is a program to draw structured diagrams Technical flowcharts and diagrams. Combines a wide array of technical objects and ease of use to create a tool that’s widely appreciated by IT Pros.
jq is a flexible command-line JSON processor for Linux/UNIX. This fast, lightweight solution works well with UNIX pipes and offers extensive functionality for interrogating, manipulating and working with a JSON file.
PagerDuty Incident Reponse process is a partial version of their internal documentation on how to deal with major incidents, including what to do before, during and after.
ueli is a keystroke launcher for Windows and macOS that searches for applications on your computer. You can specify which folders to search and which file extension should be used to recognize an application.
Packetbomb Wireshark Minicourse is designed to help you make the most of Wireshark.
CotEditor is an open-source plain-text editor built for macOS. The GUI looks and acts like a Mac-native app, and its rapid launch feature gets you working immediately.
TestSSLServer is a command-line tool for contacting an SSL/TLS server to get information on its configuration. Works through your internal network, so you can test servers before they are accessible from the internet. Gathers supported protocol versions and cipher suites; supported certificate(s) used; key type, size, and the hash function used in the signature; type and size of ephemeral Diffie-Hellman parameters (or elliptic curve for ECDHE cipher suites) and offers support of Deflate compression.
MicroSIP is a portable, open-source SIP softphone for Windows. It enables you to make high-quality VoIP calls (person-to-person or on regular telephones) via the open SIP protocol. Allows you to choose any SIP provider and get free person-to-person calls and low-cost international calls.
Autopsy is a digital forensics platform and GUI for other digital forensics tools that is relied on by law enforcement, military and corporate examiners when they need to find out what happened on a computer. Can also be used to recover photos from a camera’s memory card.
Knowledge of terms to know
What is NetOps (network operations)?
NetOps (network operations) is a blended approach to network management that allows an enterprise to respond quickly to new requests and events while minimizing manual intervention.
Historically, enterprise networking teams have provisioned, deployed and managed infrastructure manually. As a result, many networks are overly fragile and complex and require unique fixes when broken. When each component requires a high degree of human attention and input, scalability is inherently limited. Automating the re-use of established provisioning, configuration and deployment policies makes network infrastructure management more consistent and improves both performance and security.
NetOps also integrates network analytics tools to flag potential performance issues, gather and present relevant data and trigger automated remediation processes. Intent-based networking (IBN), a separate network initiative that relies heavily on automation, is an additional component of NetOps.
The evolution of NetOps is making it more critical for network professionals to possess basic automation and programming skills, as well as the soft skills needed to collaborate proactively with other teams and users.
What is Future Date Testing?
Future date testing is a software testing method in which test machine data is set to a future date for the purpose of testing the date sensitivity of an application. This method was developed as a response to the controversy surrounding the Millennium bug.
With future date testing, a computer system’s clock is preset to determine potential errors or unexpected behavior. Financial and insurance institutions use this testing method to determine and verify security software results and variations.
The future date testing method was spurred by the Millennium (Y2K) bug, which many feared because at that time, programmers did not test software in this manner. After Y2K, software developers began implementing future date testing with all new software releases.
What is Integrated risk management (IRM)?
Integrated risk management (IRM) is a set of coordinated business practices and supporting software tools that contribute to an organization’s ability to understand and manage risk holistically across all departments and third-party dependencies.
Traditional governance, risk and compliance (GRC) programs are often implemented in silos. The goal of IRM is to examine risk in the broad context of business goals and align the organization’s risk appetite with its need to maintain a competitive advantage.
To be successful, an IRM initiative should be collaborative and involve both IT and business-side leaders. Broadly speaking, there are four key pillars required to support an integrated risk management (IRM) strategy. The organization must:
- Align cybersecurity strategy with business strategy outcomes.
- Build an engaged, risk-aware culture.
- Include risk as criteria for making business decisions.
- Proactively determine what metrics will be used for reporting and evaluating risk management success.
What is Distributed File System (DFS)?
A distributed file system (DFS) is a file system with data stored on a server. The data is accessed and processed as if it was stored on the local client machine.
The DFS makes it convenient to share information and files among users on a network in a controlled and authorized way. The server allows the client users to share files and store data just as if they are storing the information locally. However, the servers have full control over the data, and give access control to the clients.
What is Fifth-generation wireless (5G)?
Fifth-generation wireless (5G) is the latest iteration of cellular technology. Wireless network operators in four countries — the United States, Japan, South Korea and China — are largely driving the first 5G buildouts.
Unlike 4G, which requires large, high-power cell towers to radiate signals over longer distances, 5G wireless signals are transmitted through large numbers of small cell stations located in places like light poles or building roofs.
The use of multiple small cells is necessary because the millimeter wave (MM wave) spectrum — the band of spectrum between 30 and 300 gigahertz (GHz) that 5G relies on to generate high speeds — can only travel over short distances and is subject to interference from weather and physical obstacles, like buildings or trees.
In addition to improvements in speed, capacity and latency, 5G also offers network management features — among them network slicing, which enables mobile operators to create multiple virtual networks within a single physical 5G network.
What is Data communications (DC)?
Data communications (DC) is the process of using computing and communication technologies to transfer data from one place to another, or between participating parties.
DC enables the movement of electronic or digital data between two or more network nodes, regardless of geographical location, technological medium or data contents.
What is Business Intelligence (BI) Architecture?
A business intelligence architecture is a framework for the various technologies an organization deploys to run business intelligence and analytics applications. It includes the IT systems and software tools that are used to collect, integrate, store and analyze BI data and then present information on business operations and trends to corporate executives and other business users.
The underlying BI architecture is a key element in the implementation of a successful business intelligence program that uses data analysis and reporting to help an organization track business performance, optimize business processes, identify new revenue opportunities, improve strategic planning and make more informed decisions overall.
What is Sprint?
In Agile product development, a sprint is a set period of time during which specific work has to be completed and made ready for review.
Each sprint begins with a planning meeting. During the meeting, the product owner (the person requesting the work) and the development team agree upon exactly what work will be accomplished during the sprint. The development team has the final say when it comes to determining how much work can realistically be accomplished during the sprint, and the product owner has the final say on what criteria need to be met for the work to be approved and accepted.
The duration of a sprint is determined by the team’s facilitator, the manager of the Scrum framework. Once the team reaches a consensus for how many days a sprint should last, all future sprints should be the same for the duration of the project. Traditionally, a sprint lasts 30 days.
What is Future Proof?
Future proof is a buzzword that describes a product, service or technological system that will not need to be significantly updated as technology advances. In reality, very few things are truly future proof. In any field that depends heavily on technology, a regular cycle of replacing and updating appears to be the norm.
Trying to ensure that a product or system is future proof is often a fruitless labor. While certain aspects of a system remain fairly consistent – such as the materials used to build it – the design and capabilities are bound to be outdone as improved versions are released.
Cloud computing is sometimes touted as a future proof solution because the updates and upgrades are invisible to the end user. While this gives the appearance of being future proof, there are still teams of developers working like hell to make sure a cloud computing solution keeps up with current technology.