Acronyms

Question 1

AE

Answer 1

Authenticated Encryption

Question 2

AES

Answer 2

Advanced Encryption Standard

Question 3

AK

Answer 3

Authentication Key

Question 4

API

Answer 4

Application Programming Interface

Question 5

APT

Answer 5

Advanced Persistent Threat

Question 6

ASA

Answer 6

Adaptive Security Appliance

Question 7

AVT

Answer 7

Advanced Volatile Threat`

Question 8

BCP

Answer 8

Business Continuity Plan

Question 9

C2 or C&C

Answer 9

Command and Control

Refers to the communication channel used by attackers to remotely control compromised systems within a network. It allows threat actors to issue commands, exfiltrate data, and coordinate malicious activities like botnet attacks.

It’s basically the evil HQ radio line to their army of hacked machines. 📡💀💻

Question 10

CHAP

Answer 10

Challenge-Handshake Authentication Protocol

Question 11

CIA

Answer 11

Confidentiality
Integrity
Availability

Question 12

CIO

Answer 12

Chief Information Officer

A company officer with the primary responsibility of managing information technology assets and procedures.

Question 13

CIRT / CSIRT / CERT

Answer 13

Computer Incident Response Team
Computer Security Incident Response Team
Computer Emergency Response Team

Team with responsibility for incident response. The CSIRT must have expertise across a number of business domains (IT, HR, legal, and marketing, for instance).

Question 14

CSO

Answer 14

Chief Security Officer

Typically, the job title of the person with overall responsibility for information assurance and systems security.

Question 15

CTO

Answer 15

Chief Technology Officer

A company officer with the primary role of making effective use of new and emerging computing platforms and innovations.

Question 16

DBMS

Answer 16

Database Management System

Question 17

DDF

Answer 17

Data Decryption Field

Question 18

DEK

Answer 18

Data Encryption Key

Question 19

DES

Answer 19

Data Encryption Standard

Question 20

DevOps

Answer 20

Development and Operations

A combination of software development and systems operations, and refers to the practice of integrating one discipline with the other.

Question 21

DevSecOps

Answer 21

Development and Security and Operations

A combination of software development, security operations, and systems operations, and refers to the practice of integrating each discipline with the others.

Question 22

DSA

Answer 22

Digital Signature Algorithm

Question 23

DRA

Answer 23

Data Recovery Agent

Question 24

DRP

Answer 24

Disaster Recovery Plan

Question 25

DSA

Answer 25

Digital Signature Algorithm

Question 26

ECC

Answer 26

Elliptic Curve Cryptography

Question 27

ECDSA

Answer 27

Elliptic Curve Digital Signature Algorithm

Question 28

EFS

Answer 28

Encrypting File System

Question 29

FDE

Answer 29

Full-disk Encryption

Question 30

FEK

Answer 30

File Encryption Key

Question 31

FIPS

Answer 31

Federal Information Processing Standards

Question 32

GPG

Answer 32

GNU Privacy Guard

Question 33

HMAC

Answer 33

Hash-Based Message Authentication Code

Question 34

HSM

Answer 34

Hardware Security Module

Question 35

IDEA

Answer 35

International Data Encryption Algorithm

Question 36

IDS

Answer 36

Intrusion Detection System

Question 37

IPS

Answer 37

Intrusion Prevention System

Question 38

IPsec

Answer 38

Internet Protocol Security

Question 39

ISSO

Answer 39

Information Systems Security Officer Organizational role with technical responsibilities for implementation of security policies, frameworks, and controls.

Question 40

KEK

Answer 40

Key Encryption Key

Question 41

KMIP

Answer 41

Key Management Interoperability Protocol

Question 42

LOC

Answer 42

Low Observable Characteristic

Question 43

MD5

Answer 43

Message-Digest Algorithm #5

Question 44

MEK

Answer 44

Media Encryption Key

Question 45

NTLM

Answer 45

New Technology LAN Manager

Question 46

OTP

Answer 46

One-Time Pad

Question 47

PBKDF2

Answer 47

Password-Based Key Derivation Function 2

Question 48

PCSM

Answer 48

Personal Computer Security Module

Question 49

PGP

Answer 49

Pretty Good Privacy

Question 50

PKCS#1

Answer 50

The Public Key Cryptography Standard #1 (PKCS#1)

Question 51

PKI

Answer 51

Public Key Infrastructure

Question 52

PUP / PUA

Answer 52

Potentially Unwanted Program Potentially Unwanted Application

Question 53

RAT

Answer 53

Remote Access Trojan

Question 54

RC

Answer 54

Rivest's Cipher

Question 55

RIPEMD

Answer 55

RACE Integrity Primitives Evaluation Message Digest

Question 56

RSA

Answer 56

Rivest-Shamir-Adleman

Question 57

SAM

Answer 57

Secure Application Module

Question 58

SED

Answer 58

Self-encrypting Drive

Question 59

SHA

Answer 59

Secure Hash Algorithm

Question 60

SOC

Answer 60

Security Operations Center

Question 61

SQL

Answer 61

Structured Query Language

Question 62

TDE

Answer 62

Transparent Data Encryption

Question 63

TLS

Answer 63

Transport Layer Security

Question 64

TPM

Answer 64

Trusted Platform Module

Question 65

WPA

Answer 65

Wi-Fi Protected Access

Question 66

PKI

Answer 66

Public Key Infrastructure

Question 67

CA

Answer 67

Certificate Authority

Question 68

PKCS

Answer 68

Public Key Cryptography Standards

Question 69

X.509

Answer 69

Digital certificates are based on the X.509 standard approved by the International Telecommunications Union and standardized by the Internet Engineering Task Force ( tools.ietf.org/html/rfc5280 ) The X.509 standard also defines an internet protocol that can be used to determine the validity or state of a certificate. This is called the Online Certificate Status Protocol (OCSP). OCSP can be used to simplify the process of checking whether or not a certificate is valid.

Question 70

OCSP

Answer 70

Online Certificate Status Protocol

Question 71

CRL

Answer 71

Certificate Revocation List

Question 72

CSR

Answer 72

Certificate Signing Request

Question 73

CN

Answer 73

Common Name

Question 74

FQDN

Answer 74

Fully Qualified Domain Name

Question 75

SAN

Answer 75

Subject Alternative Name

Question 76

IAM

Answer 76

Identity and Access Management

Question 77

AAA

Answer 77

Authentication, Authorization, and Accounting

Question 78

PoLP

Answer 78

Principle of Least Privilege

Question 79

MAC

Answer 79

Mandatory Access Control

Question 80

DAC

Answer 80

Discretionary Access Control

Question 81

RBAC

Answer 81

Role Based Access Control

Question 82

ABAC

Answer 82

Attribute Based Access Control

Question 83

UAC

Answer 83

User Account Control

Question 84

SID

Answer 84

Security Identifier

Question 85

GPO

Answer 85

Group Policy Object

Question 86

OU

Answer 86

Organizational Unit

Question 87

IdP

Answer 87

Identity Provider

Question 88

OTP

Answer 88

One Time Password

Question 89

FIDO

Answer 89

Fast Identity Online

Question 90

U2F

Answer 90

Universal 2nd Factor

Question 91

TOTP

Answer 91

Time-based One Time Password

Question 92

HOTP

Answer 92

HMAC-based One Time Password HMAC Hash-based Message Authentication Code

Question 93

HSM

Answer 93

Hardware Security Module

Question 94

SSO

Answer 94

Single Sign-On

Question 95

OIDC

Answer 95

OpenID Connect

Question 96

LSASS

Answer 96

Local Security Authority Subsystem Service

Question 97

SAM

Answer 97

Security Accounts Manager

Question 98

AD

Answer 98

Active Directory

Question 99

NTLM

Answer 99

NT LAN Manager

Question 100

PAM

Answer 100

Pluggable Authentication Module

Question 101

X.500

Answer 101

What LDAP is based on

Question 102

DN

Answer 102

Distinguished Name

Question 103

KDC

Answer 103

Key Distribution Center

Question 104

AS

Answer 104

Authentication Service

Question 105

TGT

Answer 105

Ticket Granting Ticket

Question 106

TGS

Answer 106

Ticket Granting Service

Question 107

CN

Answer 107

Common Name

Question 108

OU

Answer 108

Organizational Unit

Question 109

O

Answer 109

Organization

Question 110

C

Answer 110

Country

Question 111

DC

Answer 111

Domain Component

Question 112

SP

Answer 112

Service Provider

Question 113

SAML

Answer 113

Security Assertion Markup Language

Question 114

XML

Answer 114

eXtensible Markup Language

Question 115

SOAP

Answer 115

Simple Object Access Protocol

Question 116

REST

Answer 116

Representational State Transfer

Question 117

OAuth

Answer 117

Open Authorization

Question 118

JSON

Answer 118

JavaScript Object Notation

Question 119

JWT

Answer 119

JSON Web Token

Question 120

EAPoL

Answer 120

EAP over LAN

Question 121

EAP

Answer 121

Extensible Authentication ProtocoFl

Question 122

FRR

Answer 122

False Rejection Rate

Question 123

FAR

Answer 123

False Acceptance Rate

Question 124

CER

Answer 124

Crossover Error Rate

Question 125

FER

Answer 125

Failure to Enroll Rate

Question 126

ACL

Answer 126

Access Control List

Question 127

ACE

Answer 127

Access Control EntryA

Question 128

DAC

Answer 128

Discretionary Access Control

Question 129

SID

Answer 129

Security IDA

Question 130

DACL

Answer 130

Discretionary Access Control List

Question 131

SACL

Answer 131

System Access Control List

Question 132

SAM

Answer 132

Security Account Manager

Question 133

LSDOU

Answer 133

Local, Site, Domain, and OU The order in which GPOs are applied.

Question 134

PAM

Answer 134

Pluggable Authentication Module

Question 135

SSH

Answer 135

Secure Shell

Question 136

PPTP

Answer 136

Point-to-Point Tunneling Protocol

Question 137

VNC

Answer 137

Virtual Network Computing

Question 138

KDC

Answer 138

Key Distribution Center

Question 139

AS

Answer 139

Authentication Service

Question 140

TGT

Answer 140

Ticket Granting Ticket

Question 141

TGS

Answer 141

Ticket Granting Service

Question 142

SID

Answer 142

Security Identifier

Question 143

SP

Answer 143

Service Provider

Question 144

IdP

Answer 144

Identity Provider

Question 145

SAML

Answer 145

Security Assertion Markup Language

Question 146

SOAP

Answer 146

Simple Object Access Protocol

Question 147

REST

Answer 147

Representational State Transfer

Question 148

OAuth

Answer 148

Open Authorization

Question 149

SPAN

Answer 149

Switched Port Analyzer

Question 150

TAP

Answer 150

Test Access Point

Question 151

WAF

Answer 151

Web Application Firewall

Question 152

UTM

Answer 152

Unified Threat Management

Question 153

AUP

Answer 153

Acceptable Use Policy

Question 154

NIDS

Answer 154

Network Intrusion Detection System

Question 155

NIPS

Answer 155

Network Intrusion Protection System

Question 156

ESP

Answer 156

Encapsulating Security Payload

Question 157

ICV

Answer 157

Integrity Check Value

Question 158

SA

Answer 158

Security Association

Question 159

SD-WAN

Answer 159

Software-Defined Wide Area Network

Question 160

SASE

Answer 160

Secure Access Service Edge

Question 161

IAM

Answer 161

Identity and Access Management

Question 162

SBOM

Answer 162

Software Bill of Materials

Question 163

SCA

Answer 163

Software Composition Analysis

Question 164

NVD

Answer 164

National Vulnerability Database

Question 165

EAP

Answer 165

Extensible Authentication Protocol

Question 166

RADIUS

Answer 166

Remote Authentication Dian-In User Service

Question 167

EAPoL

Answer 167

EAP over LAN

Question 168

DTP

Answer 168

Dynamic Trunking Protocol

Question 169

SCP

Answer 169

Secure Copy Protocol

Question 170

UPnP

Answer 170

Universal Plug and Play

Question 171

PACS

Answer 171

Physical Access Control System

Question 172

OSINT

Answer 172

Open Source Intelligence

Question 173

PII

Answer 173

Personally Identifiable Information

Question 174

HIDS

Answer 174

Host-Based IDS

Question 175

NIDS

Answer 175

Network-Based IDS