Dictionary
Routing refers to the process of directing network traffic between devices while ensuring secure and efficient data transmission. It involves implementing protocols and controls (like firewalls or encryption) to protect data paths from attacks such as eavesdropping, hijacking, or misdirection.
A Proof of Concept is often a piece of code or an application that is used to demonstrate an idea or theory is possible. They are often used to demonstrate vulnerabilities.
Intrusion Detection System (IDS) is a system that detects unauthorized network and system intrusions. Examples include detecting unauthorized devices connected to the local network and unauthorized users accessing a system or modifying a file.
Payment Card Industry Digital Security Standard (PCI DSS). An information security standard administered by the Payment Card Industry Security Standards Council that is for organizations that handle branded credit cards from the major card schemes.
DES (Data Encryption Standard) was a symmetric encryption method in 1977 and uses a 56-bit key. With the advancement in computing power, in 1999, a DES key was successfully broken in less than 24 hours, motivating the shift to 3DES.
3DES (Triple DES) is the DES applied three times; consequently, the key size is 168 bits, though the effective security is 112 bits. 3DES was more of an ad-hoc solution when DES was no longer considered secure. 3DES was deprecated in 2019 and should be replaced by AES; however, it may still be found in some legacy systems.
AES (Advanced Encryption Standard) was adopted as in 2001 as the new symmetric encryption standard. Its key size can be 128, 192, or 256 bits.
Server Message Block (SMB) is a communication protocol originally developed in 1983 by Barry A. Feigenbaum at IBM and intended to provide shared access to files and printers across nodes on a network of systems running IBM's OS/2. It also provides an authenticated inter-process communication (IPC) mechanism.
API, which stands for Application Programming Interface, is a set of rules and protocols for building software and applications. An API allows different software programs to communicate with each other. It defines methods of communication between various components, including the kinds of requests that can be made, how they're made, the data formats that should be used, and conventions to follow.
JSON or JavaScript Object Notation is an open standard file and data interchange format that uses human-readable text to store and transmit data objects consisting of attribute–value pairs and arrays.
XML or Extensible Markup Language is a markup language that defines a set of rules for encoding documents in a format that is both human-readable and machine-readable.
XSS or Cross-Site Scripting is a type of security vulnerability typically found in web applications. It allows attackers to inject malicious scripts into web pages viewed by other users. These scripts can then steal sensitive information, like user's cookies, session tokens, or other sensitive data.
Multipurpose Internet Mail Extensions (MIME) is an Internet standard that extends the format of email messages to support text in character sets other than ASCII, as well as attachments of audio, video, images, and application programs.
Remote Code Execution (RCE) is a vulnerability that allows an attacker to run arbitrary code on a remote system. If exploited successfully, it often leads to full system compromise.
Careers in Ciber
Role: Protect organizations by assessing networks, identifying vulnerabilities, and collaborating with engineers/stakeholders to implement defenses.
Key Responsibilities