// Обновление от январь 2021 //

Администрирование и эксплуатация средств защиты информации
AV, IPD\IDS, WAF, SSO, IDM\IAM, DLP, DBF, NAC, GRC, rules, ACL, white listing, ID, SandBox, эвристический анализ, эмуляция API, REST,

Penetration test and ethnical hacking
metasploit, meterpreter, mimikatz, reverse shell, WPA2 KRACK, listener, nandshake, CVE, BurpSuite, W3af, PTES, OSSIM, MSF, PowerShell Empire, EternalBlue, meterssh, Raspberry Pi, DDE, DCOM, RPC, Dll Inject, SMB, Exploit, MiTM, sqlmap, TOR, backdoor, DNS tunneling, fingerprint, cobalt strike, NSA

Security operation center
TTP, MitRE, CERT, machine learning, IoC, ATT&CK,  Kill Chain, Threat Hunting, TTd\TTR\TTC, Yara, Loki, URL, MD5, SHA, CRC32, ATP

Digital forensic
autopsy, ntuser.dat, Thumbcache, Volatility framework, DEFT, FTK, dd, BelkaSoft, timeline, dump RAM, bash history, PCAP, Xplico, Encase Forensic, Memoryze, Oxygen Forensic

Linux security
PAM, sudo, SELinux, chmod, chroot, namespace, init.d, Linys, passwd, fail2ban, tcpdump, AppArmor, PolicyKit, Iptables, Tripwire, Firewalld, sealert, Audit.d, ecryptfs, cgroups, KVM, ssh, VNC, MLS/MCS, rhunter, chkrootkit, ClamAV, SpamAssassin, ModSecurity, NIST, CIS benchmark, US Military RedHat, AAA, MimiPenguin, PXEnum, bashark

Windows Server security
NAP, UAC, AD PKI, AppLocker, AD RMS, DEP, BitLocker, DirectAccess, SmartScreen, Credential Guard, Device Guard, Security group GPO, RDP, pass the hash, 3DES, Kerberos, TGM, SysVol, Terminal\VDI, DEP,

SecDevOps
Vault, Consuil, ZAP, GitLab, AWS, GCP, Helm, YAML, Ansible, token, JWT, OAth2, HTTPS, micro-services, VPC, Bastion Host, SOAP, Middlware, JBoss, BigData, Hoodop, ELK, Grafana, Prometheus, temp token, ECSDA, RSA, Terraform, Vagrant, Docker,  Kubernetes, KVM, CD/CI

Security coding
SAST, DAST, SCA, code review, SSDLC, Java security (framework), HTTPS, SSL\TSL, PKI, JWT, OAth2, SAML, REST API, JSON,  Spring, buffer overload, exploit, stack, serialization, OWASP, БДУ ФСТЭК

Reverse, exploit development, bug hunting
PE32, ELF, XSS, CSFR, Sql inject, Ring0, OllyDBG, IDA Pro, Radare2, ASM, x64, Stack, regirty CPU, MiTM, Ghidra, offset, stack, registry, unpack,  entropy

Network security
AAA, Radius server, TACACS+, scapy, tcpdump, wireshark, nmap, L2, L3, sniffing, spoofing, DNSSec, arp, vlan hopping, IPSec, GRE, BGP, trunk, Yersinia, hydra, port security (cisco), CAM overflow, DDoS, ACK\SYN, ping of death, fingerprinting, LOIC, Botnet, C&C, RAT, backdoor, DPI, frame, VPN

Audit and compliance check
ISO 27000-x, NIST 800-53-x, ITGC, SOX404, GDPR, CIS Benchmark, hardening, security by default, security by design, Lynis, MSBA, risk assessment,

Management, leading team
Helicopter review, OPEX\CAPEX, ROI, TCO, диаграмма Ганта, WorkFlow, бюджетирование (расход\доход)

#info