Core 2 Vocabulary PDF

Summary

This document contains a glossary of computer terms and definitions. It provides explanations of various computer-related concepts and technologies.

Full Transcript

Glossary
Core 2 accounts settings Windows Settings
pages relating to user account creation
2-step verication Authentication and maintenance.
mechanism that uses a separate
active directory (AD) Network directory
channel to authorize a sign-on attempt
service for Microsoft Windows domain
or to transmit an additional credential.
networks that facilitates authentication
This can use a registered email account
and authorization of user and computer
or a contact phone number for an SMS
accounts.
or voice call.
active listening A technique in
3-2-1 backup rule Best practice maxim
communications to ensure that you
stating that at any given time there
capture all the information that the
should be at least three copies of data
other person is “transmitting,” including
stored on two media types, with one
non-verbal cues such as tone of voice
copy held of site.
or gestures. There are various active
32-bit versus 64-bit Processing modes listening techniques for ensuring that
referring to the size of each instruction you are “getting the right message,” such
processed by the CPU. 32-bit CPUs as summarizing, reecting (matching
replaced earlier 16-bit CPUs and were the speaker’s communication style),
used through the 1990s to the present interpreting, and verbal attends (such as
day, though most PC and laptop CPUs “Uh-huh,” or “I see.”)
now work in 64-bit mode. The main 64 bit
ad blocker Browser feature or add-in
platform is called AMD64 or EM64T
that prevents third-party content from
(by Intel). Software can be compiled as
being displayed when visiting a site.
32-bit or 64-bit. 64-bit CPUs can run most
32-bit sotware, but a 32 bit CPU cannot administrative tools Folder in Control
execute 64-bit software. Panel containing default Microsoft
management consoles used to congure
802.1X Standard for encapsulating EAP
the local system.
communications over a LAN (EAPoL) or
WLAN (EAPoW) to implement port-based administrator Privileged user account
authentication. that has been granted memberships of
the Administrators security group. There
acceptable use policy (AUP) Policy that
is also an account named Administrator,
governs employees’ use of company
but this is usually disabled by default.
equipment and Internet services. ISPs
may also apply AUPs to their customers. Advanced Encryption Standard (AES)
Symmetric 128-, 192-, or 256-bit block
access control list (ACL) Collection
cipher used for bulk encryption in
of access control entries (ACEs) that
modern security standards, such as
determines which subjects (user
WPA2, WPA3, and TLS.
accounts, host IP addresses, and so
on) are allowed or denied access to the AirDrop iOS eature or simple le
object and the privileges given (read- sharing via Bluetooth.
only, read/write, and so on).
alarm system Physical intrusion
access control vestibule Secure entry detection and warning that can use
system with two gateways, only one of circuit, motion, proximity, and duress
which is open at any one time. triggers.
accessibility prepane macOS utility Android Cell phone/smartphone/tablet
related to desktop and input/output OS developed by the Open Handset
device accessibility conguration. Alliance (primarily driven by Google).

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 1 21/03/22 2:47 PM
 2 | Glossary

Unlike iOS, it is an open-source OS, derivable from the public one. An
based on Linux. asymmetric key cannot reverse the
operation it performs, so the public key
antivirus scan (A-V) Software capable
cannot decrypt what it has encrypted,
of detecting and removing virus
for example.
infections and (in most cases) other
types of malware, such as worms, authentication, authorization, and
Trojans, rootkits, adware, spyware, accounting (AAA) Security concept
password crackers, network mappers, where a centralized platorm veries
DoS tools, and so on. subject identication, ensures the
subject is assigned relevant permissions,
APK Android app package format used
and then logs these actions to create an
when sideloading software from a
audit trail.
source other than a trusted store.
authenticator app Software that allows
APP Default extension for a macOS
a smartphone to operate as a second
app subdirectory when installed to the
authentication factor or as a trusted
Applications folder.
channel or 2-step verication.
Apple File System (APFS) Deault le
automation Use of scripts to perform
system for macOS-based computers and
conguration steps without requiring
laptops.
manual intervention.
Apple ID Cloud-based service allowing
AutoRun/AutoPlay Windows
users to synchronize settings and
mechanisms for automatic actions to
manage apps, le sharing, and backups
occur when a peripheral storage device
between multiple Apple devices.
is attached.
application programming interace
backdoor Mechanism for gaining
(API) Methods exposed by a script or
access to a computer that bypasses
program that allow other scripts or
or subverts the normal method of
programs to use it. For example, an API
authentication.
enables software developers to access
functions of the TCP/IP network stack backup Security copy of production
under a particular operating system. data made to removable media, typically
according to a regular schedule.
Apps settings Windows Settings pages
Diferent backup types (ull, incremental,
relating to conguration o Windows
or diferential) balance media capacity,
Features and third-party software apps.
time required to backup, and time
apt-get One of the package required to restore.
management tools available in Linux for
backup chain Sequence of jobs starting
installing and updating software.
with a full backup and followed by either
asset Thing of economic value. For incremental or diferential backups to
accounting purposes, assets are implement a media rotation scheme.
classied in diferent ways, such as
badge reader Authentication
tangible and intangible or short term
mechanism that allows a user to present
and long term. Asset management
a smart card to operate an entry system.
means identifying each asset and
recording its location, attributes, and bash Command interpreter and
value in a database. scripting language for Unix-like systems.
asset tagging Practice of assigning BAT Extension or the batch le ormat
an ID to assets to associate them with that is used to execute a series of
entries in an inventory database. Windows CMD shell commands.
asymmetric encryption cipher Cipher BIOS/UEFI password Passwords
that uses public and private keys. The set in system rmware to prevent
keys are mathematically linked, using unauthorized booting of a computer
either Rivel, Shamir, Adleman (RSA) (user password) or changes to system
or elliptic curve cryptography (ECC) setup (supervisor password).
alogrithms, but the private key is not

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 2 21/03/22 2:47 PM
 Glossary | 3

BitLocker Feature of Windows allowing brute orce attack Type of password
for encryption of NTFS-formatted drives. attack where an attacker uses an
The encryption key can be stored in a application to exhaustively try every
TPM chip on the computer or on a USB possible alphanumeric combination to
drive. crack encrypted passwords.
blue screen o death (BSOD) Microsoft cache (browser) Cookies, site les, orm
status screen that indicates an error data, passwords, and other information
from which the system cannot recover stored by a browser. Caching behavior
(also called a stop error). Blue screens can be enabled or disabled, and data
are usually caused by bad driver can be cleared manually.
software or hardware faults (memory
cat command Linux command to view
or disk). Other operating systems use
and combine (concatenate) les.
similar crash indicators, such as Apple’s
pinwheel and Linux’s kernel panic cd command Command-line tool used
message. to navigate the directory structure.
bollards Sturdy vertical post installed Certicate Manager console (certmgr.
to control road trac or designed msc) Console related to managing
to prevent ram-raiding and vehicle- digital certicates or the current user
ramming attacks. and trusted root certication authority
certicates.
Boot Conguration Data (BCD)
Information about operating systems certicate o destruction Validation
installed on the computer located from an outsourcing provider of
in \boot\bcd on the system partition. recycling/repurposing services that
The BCD can be modied using the media has been destroyed or sanitized
bcedit command-line tool or mscong. to the agreed standard.
boot method (OS setup) Device used to certicate warning Browser indication
start the setup program and hold source that a site connection is not secure
les or installing or upgrading an OS. because the certicate is invalid or the
issuing CA is not trusted.
boot sector virus Malicious code
inserted into the boot sector code or chain o custody Record of evidence-
partition table of a storage device that handling from collection to presentation
attempts to execute when the device is in court to disposal.
attached.
change management Process
bootleg app Software that illegally through which changes to the
copies or imitates a commercial product conguration o inormation systems
or brand. are implemented as part of the
organization’s overall conguration
bootrec command Windows command
management eforts.
in Windows allowing for the repair (or
attempted repair) of the boot manager chkdsk command Command-line tool
and boot loader. that veries the integrity o a disk’s le
system.
botnet Group of hosts or devices that
has been infected by a control program chmod command Linux command for
called a bot, which enables attackers to managing le permissions.
exploit the hosts to mount attacks.
chown command Linux command for
branch In scripting and programming, managing the account owner or les
control statement that uses a condition and directories.
to determine which code block to
Chrome OS Proprietary OS developed
execute next.
by Google to run on specic laptop
bring your own device (BYOD) Security (chromebooks) and PC (chromeboxes)
framework and tools to facilitate use hardware.
of personally owned devices to access
clean install OS setup method where
corporate networks and data.
the target disk is repartitioned and

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 3 21/03/22 2:47 PM
 4 | Glossary

formatted, removing any existing OS counter mode with cipher block
and/or data les. chaining message authentication
code protocol (CCMP) Encryption
command and control (C2 or C&C)
protocol used for wireless LANs that
Infrastructure of hosts and services with
addresses the vulnerabilities of the WEP
which attackers direct, distribute, and
protocol.
control malware over botnets.
cp command Command-line tool for
command prompt (cmd.exe) Basic
copying les in Linux.
shell interpreter for Windows.
credit card transactions Regulated
compatibility concern Considerations
data related to processing nancial
that must be made when using an app
transactions.
in an environment with multiple device
and OS platforms. cron job Scheduled task that is
managed by the Linux cron daemon.
complexity requirement Rules
designed to enforce best-practice cross-site scripting (XSS) Malicious
password selection, such as minimum script hosted on the attacker’s site or
length and use of multiple character coded in a link injected onto a trusted
types. site designed to compromise clients
browsing the trusted site, circumventing
computer security incident response
the browser’s security model of trusted
team (CSIRT) Team with responsibility
zones.
for incident response. The CSIRT must
have expertise across a number of cryptominer Malware that hijacks
business domains (IT, HR, legal, and computer resources to create
marketing, for instance). cryptocurrency.
condentiality, integrity, and cybersecurity Protection of computer
availability (CIA triad) Three principles systems and digital information
of security control and management. resources from unauthorized access,
Also known as the information security attack, theft, or data damage.
triad. Also referred to in reverse order
denitions Information about new
as the AIC triad.
viruses and other malware used to
conguration management Process update antivirus scanners.
through which an organization’s
Deragment and Optimize Drives tool
information systems components are
(drgui.exe) Fragmentation occurs when
kept in a controlled state that meets
a data le is not saved to contiguous
the organization’s requirements,
sectors on an HDD and reduces
including those for security and
performance. The defragmenter
compliance.
mitigates this and can also perform
console Device that implements input optimization operations for SSDs.
and output for a command shell. In
denial o service attack (DoS) Any
Linux, multiple virtual consoles support
type of physical, application, or network
use of a single host by multiple user
attack that afects the availability o a
sessions simultaneously.
managed resource.
content ltering Security measure
desktop Graphical OS interface that
performed on email and Internet
allows programs to run within window
trac to identiy and block suspicious,
containers. Desktop styles include tools
malicious, and/or inappropriate content
for launching apps, such as the Windows
in accordance with an organization’s
Start Menu, and managing apps, such
policies.
as the Windows taskbar. Changes to the
Control Panel Legacy management desktop style over the course of version
interace or conguring user and and feature updates can be confusing
system settings in Windows. for users.
copy command Command-line tool for desktop management sotware
copying les in Windows. General category of software designed

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 4 21/03/22 2:47 PM
 Glossary | 5

to facilitate remote support of desktops digital rights management (DRM)
and mobile devices on a corporate Copyright protection technologies for
network. digital media. DRM solutions usually
try to restrict the number of devices
developer mode Mobile-device
allowed for playback of a licensed
feature designed for testing apps
digital le, such as a music track or
during development that may weaken
ebook.
corporate security protections if
misused. digital signature Message digest
encrypted using the sender’s private
Device Manager Primary interface for
key that is appended to a message to
conguring and managing hardware
authenticate the sender and prove
devices in Windows. Device Manager
message integrity.
enables the administrator to disable
and remove devices, view hardware dir command Command-line utility that
properties and system resources, and displays information about the contents
update device drivers. of the current directory.
device wipe Remote-initiated factory directory File system object used to
reset of a mobile device that removes all organize other le system objects into
user data and settings. containers.
Devices and Printers Control Panel Disk Clean-up (cleanmgr.exe)
app or using and conguring attached Windows utility for removing temporary
hardware. les to reclaim disk space.
Devices settings Windows Settings Disk Management console
pages or using and conguring (diskmgmt.msc) Console related to
attached hardware. initializing, partitioning, and formatting
disk drives.
d/du commands Command-line tools
used to report storage usage in Linux. Disk Utility macOS tool or disk and le
system support tasks.
dictionary attack Type of password
attack that compares encrypted diskpart command Command-line
passwords against a predetermined list utility used to congure disk partitions.
of possible password values.
distributed denial o service attack
diferential backup Job type in which (DDoS attack) An attack that uses
all selected les that have changed since multiple compromised hosts (a botnet)
the last full backup are backed up. to overwhelm a service with request or
response trac.
dig command Utility to query a DNS
server and return information about distribution method Formats for
a particular domain name or resource provisioning application installation les,
record. such as via optical discs, downloads, and
image les.
digital certicate Identication and
authentication information presented DMG macOS installer format that can
in the X.509 format and issued by a be copied directly to the Applications
Certicate Authority (CA) as a guarantee folder.
that a key pair (as identied by the
DMZ host Home router implementation
public key embedded in the certicate)
of DMZ where all ports with no existing
is valid for a particular subject (user or
forwarding rules are opened and
host).
directed to a single LAN host.
digital orensics Process of gathering
Dock macOS feature for managing
and submitting computer evidence to
applications from the desktop; similar to
trial. Digital evidence is latent, meaning
the Windows taskbar.
that it must be interpreted. This means
that great care must be taken to domain Group of hosts that is within
prove that the evidence has not been the same namespace and administered
tampered with or alsied. by the same authority.

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 5 21/03/22 2:47 PM
 6 | Glossary

domain name system (DNS) Service equipment lock Physical security
that maps ully qualied domain name device that restricts access to ports and
labels to IP addresses on most TCP/IP internal components to key holders.
networks, including the Internet.
erasing/wiping Using a third-party
drive navigation input (x:) Command- tool to fully erase storage media before
line utility used to select the working drive. recycling or repurposing, minimizing the
risk of leaving persistent data remnants.
dumpster diving The social engineering
technique of discovering things about escalation In the context of support
an organization (or person) based on procedures, incident response, and
what it throws away. breach-reporting, escalation is the
process of involving expert and senior
dynamic host conguration protocol
staf to assist in problem management.
(DHCP) Protocol used to automatically
assign IP addressing information to event viewer (eventvwr.msc) Windows
hosts that have not been congured console related to viewing and exporting
manually. events in the Windows logging le
format.
ease o access Windows Settings pages
related to desktop and input/output everyone System security group that
device accessibility conguration. represents any account, including
unauthenticated users.
electrostatic discharge (ESD) Metal
and plastic surfaces can allow a charge evil twin Wireless access point that
to build up. This can discharge if a deceives users into believing that it is a
potential diference is ormed between legitimate network access point.
the charged object and an oppositely
execution control Process of
charged conductive object. This
determining what additional software
electrical discharge can damage silicon
may be installed on a client or server
chips and computer components if they
computer beyond its baseline to prevent
are exposed to it.
the use of unauthorized software.
encrypting le system (EFS) Microsoft’s
expiration requirement Rules
le-level encryption eature available or
designed to enforce best-practice
use on NTFS.
password use by forcing regular
end o lie (EOL) Product life cycle selection of new passwords.
phase where mainstream vendor
exploit Specic method by which
support is no longer available.
malware code infects a target host,
endpoint detection and response often via some vulnerability in a
(EDR) Software agent that collects software process.
system data and logs for analysis by
ext3 Standard Linux le system that
a monitoring system to provide early
includes journaling and has since been
detection of threats.
replaced with ext4.
end-user license agreement (EULA)
ext4 One o the deault le systems in
Contract governing the installation and
modern Linux versions that supports
use of software.
journaling and large volumes.
enterprise wipe Remote-initiated
extended le allocation table (exFAT)
wipe of a mobile device that removes
64-bit version o the FAT le system
corporate apps and data only.
with support or larger partition and le
equipment grounding Wire that sizes.
provides a return path for electrical
Extensible Authentication Protocol
current as a safety feature; if an
(EAP) Framework for negotiating
electrical connection short circuits
authentication methods that enables
into the metal chassis, a ground wire
systems to use hardware-based
ensures that the current ows to ground
identiers, such as ngerprint
rather than electrocuting someone
scanners or smart card readers, for
handling the faulty device.

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 6 21/03/22 2:47 PM
 Glossary | 7

authentication and establish secure process of formatting a partition that
tunnels through which to submit allows an OS to make use of a mass
credentials. storage device, such as an HDD, SSD,
or thumb drive.
extension (browser) Add-on that uses
the browser API to implement new leless malware Exploit techniques
functionality. that use the host’s scripting
environment to create malicious
acial recognition Biometric
processes.
authentication mechanism that uses an
infrared camera to verify that the user’s FileVault macOS disk encryption
face matches a 3D model recorded at product.
enrollment.
nd command Command-line Linux
acial recognition lock Mobile-device tool used to search the le system.
bio-gesture authentication mechanism
Finder File management app in macOS.
that requires the user to scan his or her
face to unlock the device. ngerprint lock Mobile-device bio-
gesture authentication mechanism that
actory reset Standard routine created
requires the user to scan his or her
by manufacturer that can be invoked
ngerprint to unlock the device.
to restore an appliance to its shipped
state, clearing any user customization, ngerprint scanner Biometric
conguration, or modication. authentication device that can produce
a template signature of a user’s
ailed login attempts restriction
ngerprint and then subsequently
Mobile-device authentication
compare the template to the digit
mechanism that progressively delays or
submitted for authentication.
blocks unlock attempts after multiple
failures. rmware Software instructions
embedded on a hardware device such
ast startup Power-saving option
as a computer motherboard. Modern
allowing swift resume from sleep via
types o rmware are stored in ash
an image of system memory contents
memory and can be updated more
saved to a hibernation le.
easily than legacy programmable
FAT32 (le allocation table) 32-bit read-only memory (ROM) types.
le system used principally or system
older redirection In Windows,
partitions and removable media.
redirecting an individual user prole
eature update Release paradigm folder, such as Documents or Pictures,
introduced for Windows 10 where to a network share.
signicant changes and new eatures
ootprinting Phase in an attack or a
are distributed via Windows Update on
penetration test in which the attacker
a semiannual schedule.
or tester gathers information about the
encing Security barrier designed to target before attacking it.
prevent unauthorized access to a site
orce quit macOS tool for halting a
perimeter.
process; equivalent to the process
File Explorer Options Control Panel management functionality in Task
app related to view and browsing Manager.
settings for File Explorer.
ormat command Command-line utility
File History Windows feature for or creating a le system on a partition.
backing up user data.
ull backup Job type in which all
le sharing Windows rewall selected les, regardless o prior state,
conguration that opens the network are backed up.
ports required to operate as a le/print
use Circuit breaker designed to protect
server.
the device and users of the device
le system Structure or le data from faulty wiring or supply of power
indexing and storage created by a (overcurrent protection).

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 7 21/03/22 2:47 PM
 8 | Glossary

Gaming settings Windows Settings reduces the chance of collisions, where
pages related to game mode settings two diferent inputs produce the same
and Xbox integration. output.
gpupdate/gpresult commands hibernate Power-saving state where the
Command-line tools to apply and contents of memory are saved to hard
analyze group policies. Group policies disk (hiberl.sys) and the computer is
are a means o conguring registry powered of. Restarting the computer
settings. restores the desktop.
grandather-ather-son (GFS) hive File storing conguration data
Media rotation scheme that labels corresponding to a section of the
tapes/devices used for backup jobs Windows registry.
in generations, with the youngest
home older Default local or network
generation having a shorter retention
older or users to save data les to.
period than the oldest.
home router SOHO device providing
grep command Linux command for
Internet routing via a ull ber, DSL,
searching and ltering input. This can
cable, or satellite link. These appliances
be used as a le search tool when
also provide a 4-port LAN switch and
combined with ls.
Wi-Fi plus a rewall.
group policy editor (gpedit.msc)
iCloud Mobile/cloud computing
Console related to conguring detailed
oce-productivity and data-storage
user and system registry settings via
suite operated by Apple and closely
policies.
integrated with macOS and iOS.
group policy object (GPO) On a
icong command Deprecated
Windows domain, a way to deploy per-
Linux command tool used to gather
user and per-computer settings such as
inormation about the IP conguration
password policy, account restrictions,
o the network adapter or to congure
rewall status, and so on.
the network adapter.
guest Non-privileged account that is
image deployment Deployment
permitted to access the computer/
method where the target disk is written
network without authenticating.
with an image of the new OS.
GUID partition table (GPT) Modern
impact to business/operation/
disk partitioning system allowing large
network/device Considerations that
numbers of partitions and very large
should be made when planning the
partition sizes.
installation or upgrade of new apps.
hard token USB storage key or smart
impersonation Social engineering
card with a cryptographic module that
attack where an attacker pretends to be
can hold authenticating encryption keys
someone he or she is not.
securely.
implicit deny Basic principle of security
hardware compatibility list (HCL)
stating that unless something has
Before installing an OS, it is vital to
explicitly been granted access, it should
check that all the PC components have
be denied access.
been tested for compatibility with the
OS (that they are on the Hardware incident response plan (IRP)
Compatibility List [HCL] or Windows Procedures and guidelines covering
Logo’d Product List). Incompatible appropriate priorities, actions, and
hardware may not work or may even responsibilities in the event of security
prevent the installation from completing incidents, divided into preparation,
successfully. detection/analysis, containment,
eradication/recovery, and post-incident
hash Function that converts an
stages.
arbitrary-length string input to a xed-
length string output. A cryptographic incremental backup Job type in which
hash function does this in a way that all selected les that have changed

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 8 21/03/22 2:47 PM
 Glossary | 9

since the last full or incremental backup ipcong command Command tool
(whichever was most recent) are used to gather information about the IP
backed up. conguration o a Windows host.
indexing options Control Panel jailbreak Removes the protective seal
app related to search database and any OS-specic restrictions to give
maintenance. users greater control over the device.
inheritance File system access- JavaScript Scripting language used
control-concept where child objects to add interactivity to web pages and
are automatically assigned the same HTML-format email.
permissions as their parent object.
JS Extension or the JavaScript le ormat.
in-place upgrade OS installation
key (registry) In the Windows registry,
method where the setup program is
a key is analogous to a folder on the
launched from an existing OS. This can
le system. Keys are used to group like
typically retain user data les, settings,
settings together in a hierarchy that is
and third-party apps.
logical to navigate.
insider threat Type of threat actor who
key exchange Any method by which
is assigned privileges on the system and
cryptographic keys are transferred
causes an intentional or unintentional
among users, thus enabling the use of a
incident.
cryptographic algorithm.
instant search Windows feature
Keychain macOS app for managing
allowing rapid search of apps, data
passwords cached by the OS and
folders, messages, and the web.
supported browser/web applications.
instant secure erase (ISE) Media
keylogger Malicious software or
sanitization command built into HDDs
hardware that can record user
and SSDs that are self-encrypting that
keystrokes.
works by erasing the encryption key,
leaving remnants unrecoverable. knowledge base (KB) Searchable
database of product FAQs (Frequently
Internet o Things (IoT) Devices that
Asked Questions), advice, and known
can report state and conguration
troubleshooting issues. The Microsoft
data and be remotely managed over IP
KB is ound at support.microsot.com.
networks.
least privilege Basic principle of
Internet Options Control Panel applet
security stating that something should
allowing conguration o the Internet
be allocated the minimum necessary
Explorer web browser.
rights, privileges, or information to
Internet Protocol address (IP) perform its role.
Format for logical host and network
lessons learned report (LLR) An
addressing. In IPv4, a 32-bit binary
analysis of events that can provide
address is expressed in dotted decimal
insight into how to improve response
notation, such as 192.168.1.1. In IPv6,
and support processes in the future.
addresses are 128-bit expressed
as hexadecimal (for example, lighting Physical security mechanisms
2001:db8::0bcd:abcd:ef12:1234). that ensure a site is suciently
illuminated for employees and guests
iOS OS for Apple’s iPhone smartphone
to feel safe and for camera-based
and most iPad tablet models.
surveillance systems to work well.
ip command Linux command tool
Linux Open-source OS packaged in
used to gather information about
distributions supported by a wide range
the IP conguration o the network
of hardware and software vendors.
adapter or to congure the network
adapter. local account User account that can
be authenticated again and allocated
iPadOS OS for some models of the
permissions for the computer that hosts
Apple iPad tablet.
the account only.

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 9 21/03/22 2:47 PM
 10 | Glossary

Local Users and Groups console md command Command-line tool for
(lusrmgr.msc) Console for creating and creating directories.
managing user and group accounts with
member server Any application server
the authentication and permissions
computer that has joined a domain but
scope of the local system.
does not maintain a copy of the Active
locator app Cloud app that uses mobile- Directory database.
device location service to identify its
metered connection Windows feature
current position on a map and enable
for indicating that network data transfer
security features to mitigate theft or loss.
is billable and for setting warnings and
login script Code that performs a series caps to avoid unexpected charges from
of tasks automatically when a user the provider.
account is authenticated.
Microsot account Cloud-based SSO
loop In scripting and programming, service allowing users to synchronize
control statement that executes code settings between multiple Windows
repeatedly based on a condition. devices.
low level ormat Using a vendor tool Microsot Management Console
to fully erase storage media before (MMC) Utility allowing Windows
recycling or repurposing, minimizing the administrative tools to be added as
risk of leaving persistent data remnants. snap-ins to a single interface.
ls command Linux command for listing Mission Control App facilitating
le system objects. multiple desktops in macOS.
lunchtime attack A malicious action mobile device management (MDM)
that takes place when a threat actor Process and supporting technologies for
exploits an unlocked and unattended tracking, controlling, and securing the
desktop or mobile device to gain organization’s mobile infrastructure.
unauthorized access.
motion sensor Alarm system triggered
macOS Proprietary OS designed by by movement as detected by microwave
Apple for their range of iMac computers, radio reection or passive inrared
Mac workstations, and MacBook sensors.
portables.
move command Command-line tool for
Magic Mouse/Trackpad Touch-enabled moving les in Windows.
mouse and trackpad hardware for Apple
multiactor authentication (MFA)
computers.
Authentication scheme that requires the
magnetometer Handheld or walk- user to present at least two diferent
through metal detector designed to factors as credentials; for example,
detect concealed weapons. something you know, something you
have, something you are, something you
Mail applet Control Panel applet related
do, and somewhere you are. Specifying
to conguration o Microsot Outlook
two factors is known as 2FA.
email accounts and storage les.
mv command Command-line tool for
mapped drive Windows mechanism for
moving les in Linux.
navigating shared network folders by
assigning them with drive letters. Nano Command-line text editor
operated by CTRL key combinations.
master boot record (MBR) Sector
on a mass storage device that holds Nearby Share Android feature for
information about partitions and the OS simple le sharing via Bluetooth.
boot loader.
net commands Windows command
material saety data sheet (MSDS) suite for managing user/group accounts
Information sheet accompanying and shares.
hazardous products or substances that
netstat command Cross-platform
explains the proper procedures for
command tool to show network
handling and disposal.

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 10 21/03/22 2:47 PM
 Glossary | 11

information on a machine running on site versus of site Media rotation
TCP/IP, notably active connections, and scheme that ensures at least one copy
the routing table. o data is held at a diferent location
to mitigate the risk of a disaster that
Network & Internet settings Windows
destroys all storage at a single site.
Settings pages related to interface
conguration, network proles, and OneDrive Cloud storage service
proxy conguration. operated by Microsoft and closely
integrated with Windows.
Network and Sharing Center Control
Panel related to interace conguration, on-path attack Attack where the threat
network proles, and discovery/le actor makes an independent connection
sharing settings. between two victims and is able to read
and possibly modiy trac.
network discovery Windows rewall
conguration that makes a host visible open-source Licensing model that
to network browsers. grants permissive rights to end-users,
such as to install, use, modify, and
network interace card (NIC) Adapter
distribute a software product and its
card that provides one or more Ethernet
source code, as long as redistribution
ports for connecting hosts to a network so
permits the same rights.
that they can exchange data over a link.
operator Programming object that can
network location awareness (NLA)
resolve the truth value of a condition,
Windows feature that categorizes
such as whether one variable is equal to
network prole as public or private.
another.
Each prole can have a diferent rewall
conguration, with public network types organizational unit (OU) Structural
being more restricted, by default. feature of a network directory that can
be used to group objects that should
network mask Number of bits applied
share a common conguration or
to an IP address to mask the network ID
organizing principle, such as accounts
portion from the host/interface ID portion.
within the same business department.
network topology diagram
original equipment manuacturer
Documentation showing how network
(OEM) In PC terms, companies that sell
nodes are connected by cabling or
Windows co-branded under their own
how they are logically identied and
logo. OEM Windows licenses are valid
connected, such as in IP networks.
only on the system that the software
New Technology Filing System (NTFS) was installed on, and the OEM must
64-bit deault le system or Windows, provide support.
with le-by-le compression and
palmprint scanner Biometric camera-
RAID support as well as advanced le
based scanner that uses unique features
attribute management tools, encryption,
of a palm shown by visible and infrared
and disk quotas.
light.
non-compliant system System whose
password attack Any attack where
conguration is diferent rom its secure
the attacker tries to gain unauthorized
baseline.
access to and use of passwords.
nslookup command Cross-platform
password manager Software that can
command tool for querying DNS
suggest and store site and app passwords
resource records.
to reduce risks from poor user choices
NTFS permissions ACL that mediates and behavior. Most browsers have a
local and network access to a le system built-in password manager.
object under Windows when the volume
pathping command Windows utility
is formatted with NTFS.
for measuring latency and packet loss
octal notation Linux le-permission across an internetwork.
mode that uses numeric values to
pattern lock Mobile-device
represent permissions.
authentication mechanism that requires

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 11 21/03/22 2:47 PM
 12 | Glossary

the user to input a join-the-dots pattern ping command Cross-platform
to unlock the device. command tool for testing IP packet
transmission.
perormance monitor (permon.msc)
Console for reporting and recording PKG macOS installer format that
resource utilization via counter data for supports complex setup tasks.
object instances.
plug-in (browser) Software
personal government-issued installed to a web browser to handle
inormation Data related to identity multimedia objects embedded in web
documents issued by governments, pages. Use of most plug-in types is
such as passports, social security IDs, now deprecated.
and driving licenses, that is liable to be
pop-up blocker Browser feature or
subject to strict legal and regulatory
extension that prevents sites from
compliance requirements.
creating new browser windows.
personal identication number
port orwarding Process in which a
(PIN) Number used in conjunction with
router takes requests from the Internet
authentication devices such as smart
for a particular application (such as
cards; as the PIN should be known
HTTP) and sends them to a designated
only to the user, loss of the smart card
host on the LAN.
should not represent a security risk.
port mapping Type of port forwarding
personalization settings Windows
where the external port is forwarded to
Settings pages related to customizing
a diferent internal port on the LAN host.
the appearance of the desktop using
themes. port triggering Mechanism to
congure access through a rewall or
personally identiable inormation
applications that require more than one
(PII) Data that can be used to identify
port. Basically, when the rewall detects
or contact an individual (or in the case
activity on outbound port A destined
of identity theft, to impersonate him
for a given external IP address, it opens
or her).
inbound access for the external IP
phishing Email-based social engineering address on port B for a set period.
attack, in which the attacker sends email
power ailure Complete loss of building
from a supposedly reputable source,
power.
such as a bank, to try to elicit private
information from the victim. Power Options Control Panel app
related to conguring power button/lid
phone settings Windows Settings
events and power-saving modes.
pages for associating a smartphone with
Windows. power users One of the default
Windows group accounts. Its use is
physical destruction Using drilling,
deprecated, but it is still included with
shredding, incineration, or degaussing
Windows to support legacy applications.
of storage media before recycling or
repurposing to minimize the risk of PowerShell (PS) Command shell
leaving persistent data remnants. and scripting language built on the.NET Framework that use cmdlets for
physical placement Considerations for
Windows automation.
installation location for PC and network
devices to ensure reliable and secure preboot execution environment (PXE)
operation. Feature of a network adapter that allows
the computer to boot by contacting
piggybacking Allowing a threat actor
a suitably congured server over the
to enter a site or controlled location
network.
without authorization.
pre-shared key (PSK) Wireless
PIN code lock Basic mobile-device
network authentication mode where a
authentication mechanism that requires
passphrase-based mechanism is used to
the correct number or passcode to
allow group authentication to a wireless
unlock the device.

Glossary

LICENSED FOR USE ONLY BY: SCOTT OBSNIUK · 26636441 · MAY 18 2022

A+ Core2_220-1102_Glossary_G1-G20.indd 12 21/03/22 2:47 PM
 Glossary | 13

network. The passphrase is used to public key During asymmetric
derive an encryption key. encryption, this key is freely distributed
and can be used to perform the reverse
pretexting Social engineering tactic
encryption or decryption operation of
where a team will communicate,
the linked private key in the pair.
whether directly or indirectly, a lie or
half-truth in order to get someone to pwd command Linux command for
believe a falsehood. showing the current directory (“Print
Working Directory”).
privacy settings Windows Settings
pages related to personal data collection PY Extension for a script written in the
and use. Python programming language.
private browsing Browser mode in Python High-level programming
which all session data and cache is language that is widely used for
discarded and tracking protection automation.
features are enabled by default.
quarantine The process of isolating
private key In asymmetric encryption, a le, computer system, or computer
the private key is known only to the network to prevent the spread of a virus
holder and is linked to, but not derivable or another cybersecurity incident.
from, a public key distributed to
Quick Assist Windows support feature
those with whom the holder wants to
allowing remote screen-sharing over the
communicate securely. A private key
Internet.
can be used to encrypt data that can be
decrypted by the linked public key or ransomware Malware that tries
vice versa. to extort money from the victim
by blocking normal operation of a
process Software program that has
computer and/or encrypting the victim’s
been executed and is running in system
les and demanding payment.
memory.
recovery Operation to recover system
programs and eatures Control
functionality and/or data integrity using
Panel applet allowing management
backup media.
of Windows Features and third-party
software. recovery partition OEM recovery
media enabling the user to reset the
prohibited content Data found on a
system to its actory conguration.
computer system that is not permitted
by policy or that is not compliant with recycle bin When les are deleted rom
relevant legislation or regulations. a local hard disk, they are stored in the
Recycle Bin. They can be recovered from
protected health inormation (PHI)
here if so desired.
Data that can be used to identify an
individual and includes information redirection Consequence of malware
about past, present, or future health infection where DNS and/or search
as well as related payments and data results are corrupted to redirect
used in the operation of a healthcare requests from legitimate site hosts to
business. spoofed sites or ads.
proxy server Server that mediates registry editor (regedit) Tool for
the communications between a client making direct edits to the registry
and another server. It can lter and database, such as adding or modifying
often modify communications as well keys or values. The Registry Editor
as provide caching services to improve can be used to make backups of the
performance. registry.
ps command Linux command for regulated data Information that has
retrieving process information. storage and handling compliance
requirements dened by national
PS1 Extension for the PowerShell script