http://wiki.reidsherman.com/ 2026-06-11T23:52:17+00:00 http://wiki.reidsherman.com/ http://wiki.reidsherman.com/_media/wiki:dokuwiki.svg text/html 2026-06-11T23:24:32+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/sow?rev=1781220272&do=diff Statement of Work SOW A document that describes who will do it, When it will be completed by, And how success will be measured. text/html 2026-06-11T23:23:22+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/comptia_security?rev=1781220202&do=diff Security+ Exam <https://www.professormesser.com/security-plus/sy0-701/sy0-701-video/sy0-701-comptia-security-plus-course/> General Security Concepts Security Controls CIA Triad non-repudiation Authentication, Authorization, and Accounting Gap Analysis Zero Trust Deception and Disruption Change Management Public Key Infrastructure Encryption Blockchain Certificates Threats, Vulnerabilities, Mitigation Threat Actors Threat Vectors Incident Response Phishing Watering Hole Attack… text/html 2026-06-11T23:21:42+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/moa?rev=1781220102&do=diff memorandum of agreement MOA a formal document that defines expectations, responsibilities , and security requirements between organizations Similar to an MOU, which means memorandum of understanding, which is generally less formal and more about intent text/html 2026-06-11T22:45:07+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/utm?rev=1781217907&do=diff Unified Threat Management (UTM) All in one cybersecurity approach that consolidates multiple security functions into a single hardware appliance or cloud solution * Firewall, VPN * text/html 2026-06-11T22:39:26+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/siem?rev=1781217566&do=diff Security Information and Event Management (SIEM) A core cybersecurity solution that aggregates, analyzes, and correlates log data across an IT infrastructure Real time threat detection Good for forensics as well, determining where the threat came in from text/html 2026-06-11T18:04:17+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/networking_ports?rev=1781201057&do=diff Network Ports Port Network Process Protocol 20 ftp - data tcp 21 ftp - control tcp 22 ssh (secure shell) tcp 23 telnet tcp 25 smtp tcp 53 dns tcp & udp 80 http tcp 443 https tcp udp is used for dns because it is faster, doesn't require the 3 way handshake that tcp requires text/html 2026-06-11T18:03:09+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/ports?rev=1781200989&do=diff Network Ports Port Network Process Protocol 20 ftp - data tcp 21 ftp - control tcp 22 ssh (secure shell) tcp 23 telnet tcp 25 smtp tcp 53 dns tcp & udp 80 http tcp 443 https tcp udp is used for dns because it is faster, doesn't require the 3 way handshake that tcp requires text/html 2026-06-11T17:56:18+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/security_controls?rev=1781200578&do=diff Security Controls Systems put in place to keep people from getting access to resources they shouldn't have access to. Tracking whether or not the systems have been accessed Preventative: limits access to the resource Deterrent: disincentivizing people from accessing a resource through consequences, threats, warnings, etc text/html 2026-06-11T17:51:26+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/on_path_attack?rev=1781200286&do=diff On Path (Man in the Middle) a malicious person positions themself between two communicating devices or systems. Allows the attacker to intercept all data being exchanged in real time without either party realizing it. text/html 2026-06-09T23:50:18+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/incident_response?rev=1781049018&do=diff Incident Response Six steps * 1. prepare: establish a formal incident response plan * 2. identify: monitor network and system events, correlate alerts, and detect anaomalous behavior to confirm if a security incident has occurred * 3. contain: isolate compromised systems to stop the attack from spreading text/html 2026-06-09T23:46:00+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/remote_access_trojan_rat?rev=1781048760&do=diff Remote Access Trojan RAT a type of malware that provides the attacker with administrative control and covert surveillance of the infected device often used for keylogging text/html 2026-06-09T23:45:54+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/rat?rev=1781048754&do=diff remote_access_trojan_rat text/html 2026-06-09T23:45:21+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/list_of_security_plus_acronyms?rev=1781048721&do=diff Key Security+ Acronyms and Definitions <https://zerotomastery.io/cheatsheets/security-plus-cheat-sheet/> AAA (Authentication, Authorization, and Accounting) - a security framework that ensures only authorized individuals are able to access resources. ABAC (Attribute Based Access Control) - evaluates attributes to determine the access. text/html 2026-06-09T23:42:29+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/rootkit?rev=1781048549&do=diff Rootkit Malware that hides in the kernel of the operating system Very hard to find because it won't show up as a separate process To mitigate, some UEFI BIOS options allow you to run in secure boot, where the cryptographic signature is compared to ensure integrity text/html 2026-06-09T23:39:45+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/logic_bomb?rev=1781048385&do=diff Logic Bomb Malware that waits for a specific event, like a datetime, or a user to login, before activating text/html 2026-06-09T20:52:38+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/scada?rev=1781038358&do=diff SCADA (Supervisory Control and Data Acquisition) a combination of software and hardware elements that lets industrial organizations monitor, gather, process, and control data in real-time. It acts as the central nervous system for manufacturing, utilities, and critical infrastructure, allowing operators to oversee complex operations from a central location text/html 2026-06-09T20:11:47+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/replay_attack?rev=1781035907&do=diff Replay Attack Cyber threat where an attacker intercepts a data transmission and maliciously resends or delays it text/html 2026-06-09T20:09:44+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/race_conditions?rev=1781035784&do=diff Race Condition Occurs in a program when multiple threads or processes access shared data simultaneously and the final outcome depends on the unpredictable order that the scheduler executes them text/html 2026-06-09T20:07:51+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/dns_poisoning?rev=1781035671&do=diff DNS Poisoning Also known as DNS Cache Poisoning or DNS Spoofing Cyberattack where fraudulent data is injected into the DNS Cache, redirecting traffic from legit websites to frauds read more: <https://www.logicmonitor.com/deep-dive/dns-monitoring/dns-poisoning-attacks> text/html 2026-06-09T19:12:08+00:00 reidjs (reidjs@undisclosed.example.com) http://wiki.reidsherman.com/eap?rev=1781032328&do=diff Extensible Authentication Protocol An authentication framework used in network and internet connections