2.0

Question 1

MFD

Answer 1

Multifunction devices
A device, such as a printer, with multiple functions, such as printing and scanning.

Question 2

SoC

Answer 2

System on a Chip
The integration of complete system functions on a single chip in order to simplify construction of devices.

Question 3

RTOS

Answer 3

Real-Time Operating System
Are designed for devices where the processing must occur in real time and data cannot be queued or buffered for any significant length of time.

Question 4

IaaS

Answer 4

Allows an organization to outsource its equipment requirements, including the hardware and all support operations. The IaaS service provider owns the equipment, houses it in its data center, and performs all the required hardware maintenance.
Ex. Amazon Web Services (AWS), Microsoft Azure

Question 5

SaaS

Answer 5

Software as a Service
Any software or application provided to users over a network such as the Internet. Internet users access the SaaS applications with a web browser.
Ex. Gmail, Yahoo! Mail, Google Docs, One Drive etc.

Question 6

PaaS

Answer 6

Platform as a Service
provides customers with a preconfigured computing platform they can use as needed. It provides the customer with an easy-to-configure operating system, combined with appropriate applications and on-demand computing.
Ex. Salesforce, Github, Docker

Question 7

TOTP

Answer 7

Time-based One-Time Password
A password that is used once and is only valid during a specific time period.

Question 8

WAF

Answer 8

Web Application Firewall
A firewall that operates at the application level, specifically designed to protect web applications by examining requests at the application stack level.

Question 9

Public Cloud

Answer 9

A cloud service that is rendered over a system open for public use. Services are available from third-party companies, such as Amazon, Google, Microsoft, and Apple.

Question 10

Community Cloud

Answer 10

A cloud system is one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor.

Question 11

Private Cloud

Answer 11

A cloud system where it is essentially reserved resources used only by your organization if your organization is highly sensitive to sharing resources.

Question 12

Hybrid Cloud

Answer 12

Is a combination of two or more clouds. They can be private, public, community, or a combination of these.

Question 13

Federation

Answer 13

Defines policies, protocols, and practices to manage identities across systems and organizations. Federation’s ultimate goal is to allow users to seamlessly access data or systems across domains.
Ex. Provide network access to others, not just employees but partners, suppliers, customers, etc.

Question 14

DNS sinkhole

Answer 14

Domain Name System sinkhole
This is a technique used to redirect malicious or unwanted traffic to a specific IP address. It’s often used as a security measure to block access to malicious domains or to filter out unwanted content.

Question 15

Honeynet

Answer 15

A network designed to look like a corporate network but is made attractive to attackers. A honeynet is a collection of honeypots.

Question 16

Honeypot

Answer 16

Is a server that is designed to act like a real server on a corporate network, but rather than having real data, the honeypot possesses fake data.

Question 17

Screened subnet (formerly known as DMZ)

Answer 17

Demilitarized zone
A network segment that exists in a semi-protected zone between the Internet and the inner, secure trusted network.

Question 18

UPS

Answer 18

Uninterruptible power supply
Provides short-term power and can protect against power fluctuations.

Question 19

Blockchain

Answer 19

A distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes.
Keeps track of transactions.

Question 20

Asymmetric encryption

Answer 20

Uses two keys (public and private) created as a matched pair.

Question 21

Symmetric encryption

Answer 21

Uses the same key to encrypt and decrypt data.

Question 22

Faraday cage

Answer 22

Room/ cage that prevents radio frequency (RF) signals or Electromagnetic interference (EMI) from entering into or emanating beyond a room.

Question 23

Obfuscation

Answer 23

Altering the format, structure, or presentation of data or code without changing its functionality, making it challenging for adversaries to interpret or exploit the information.

Question 24

Key stretching

Answer 24

Cryptographic technique used to enhance the security of passwords or cryptographic keys by increasing their complexity and resistance to brute-force attacks.

Question 25

Digital signature

Answer 25

An electronic, encrypted, stamp of authentication on digital information such as email messages, macros, or electronic documents. Used for non-repudiation and integrity.

Question 26

MSP

Answer 26

Managed Service Provider
A third party that manages aspects of a system under some form of service agreement.

MSP support
– Network connectivity management
– Backups and disaster recovery
– Growth management and planning

Question 27

Continuous monitoring

Answer 27

To describe the technologies and processes employed to enable rapid detection of compliance issues and security risks. Check for a particular event, and then react.

Question 28

Stored Procedure

Answer 28

Stored procedures are precompiled scripted methods of data access (SQL)

Question 29

Normalization

Answer 29

The process of creating the simplest form, of a string, before processing.

Question 30

Attestation

Answer 30

Attestation can be done by a service that checks the credentials supplied, and if they are correct and match the required values, the service can attest that the entry is valid or correct.

Question 31

HOTP

Answer 31

HMAC-based One-Time Password algorithm

Keyed-hash message authentication code (HMAC). The keys are based on a secret key and a counter. Use them once, and never again.

Question 32

HE

Answer 32

Homomorphic Encryption

A set of algorithms that allows operations to be conducted on encrypted data, without decrypting and reencrypting.

Question 33

ECC

Answer 33

Elliptic curve cryptography

Instead of numbers, use curves!
– Uses smaller keys than non-ECC asymmetric
encryption
– Smaller storage and transmission requirements
– Perfect for mobile devices

Question 34

Key exchange

Answer 34

A cryptographic method used to share cryptographic keys between two entities.

Question 35

Ephemeral keys

Answer 35

Cryptographic keys that are used only once after generation.

Question 36

Diffie–Hellman key exchange

Answer 36

Cryptographic protocol used to securely exchange encryption keys over an insecure medium.

Question 37

Perfect forward secrecy

Answer 37

A feature of cryptographic systems that ensures that even if a long-term secret key is compromised, past communications remain secure. Generates random public keys for each session

Question 38

Steganography

Answer 38

hides data inside other data, it hides data in plain sight. The goal is to hide the data in such a way that no one suspects there is a hidden message.

Question 39

Stream Cipher

Answer 39

Encrypts data as a stream of bits or bytes rather than dividing it into blocks. It is done one at a time

Question 40

Block

Answer 40

A block cipher encrypts plaintext one block at a time.

Question 41

IP schema

Answer 41

An IP address plan or model

Question 42

IRM

Answer 42

Information Rights Document

To control how data is used. Restrict data access to unauthorized persons.

Question 43

Fake telemetry

Answer 43

A deception technology used to make honeynets and honeypots look real and appealing to would-be attackers.

Question 44

Edge computing

Answer 44

The practice of storing and processing data close to the devices that generate and use the data. Which could be within a local area network (LAN) or on devices themselves.

Question 45

Fog Computing

Answer 45

A distributed cloud architecture placed at various points in the network, including at the edge, in local data centers, and even in cloud data centers, forming a continuum of computing resources.

Question 46

Thin Client

Answer 46

A lightweight computer, with limited resources, whose primary purpose is to communicate with another machine

Question 47

Container

Answer 47

Services or applications within isolated containers or application cells.

Question 48

Microservices

Answer 48

They are small, independent code modules that perform specific functions, receive input (value), and produce output (value) through well-defined interfaces or APIs.

Question 49

Serverless Architecture

Answer 49

A cloud computing model where developers can build and run applications without managing the underlying infrastructure.

Question 50

Transfer gateway

Answer 50

A network connection that is used to interconnect virtual private clouds (VPCs) and on-premises networks. Using transit gateways, organizations can define and control communication between resources on the cloud provider’s network and their own infrastructure.

Question 51

Resource policies

Answer 51

Assigning permissions to cloud resources

Question 52

Service Integration

Answer 52

Deploying multiple connection from multiple cloud services

Question 53

SDN

Answer 53

Software-Defined Networking
an approach to networking that separates the control plane from the data plane, allowing centralized control and programmability of network devices through software-based controllers.

Question 54

SDV

Answer 54

Software-Defined Visibility

Ensures that all traffic is viewable and can be analyzed.

Question 55

Virtual machine (VM)
sprawl avoidance

Answer 55

Refers to strategies and practices aimed at preventing the uncontrolled proliferation of virtual machines within an IT environment.

Question 56

VM escape protection

Answer 56

Refers to measures and techniques implemented to prevent unauthorized access or exploitation of vulnerabilities that could allow an attacker to escape from a virtual machine (VM) and gain access to the underlying hypervisor or host system.