Acronyms explained Flashcards

Question

BYOD

Answer 1

Bring Your Own Device (BYOD) refers to a policy that allows employees to use their personal devices (such as smartphones, tablets, and laptops) for work purposes. BYOD can increase productivity and flexibility but also introduces security challenges. Implementing strong security measures and policies is crucial to protect organizational data on personal devices.

Answer 2

Certificate Authority (CA) is a trusted organization that issues digital certificates used to verify the identity of entities and to facilitate secure communication over networks. CAs play a critical role in public key infrastructure (PKI) by ensuring that the parties involved in a digital transaction are who they claim to be. This helps maintain the integrity and security of online communications

Answer 3

Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is a type of challenge-response test used to determine whether the user is human. It helps prevent automated bots from accessing websites and performing malicious activities such as spamming or data scraping. CAPTCHAs often involve recognizing distorted text or selecting images that meet certain criteria."

Answer 4

Corrective Action Report (CAR) is a document outlining the steps taken to address and correct issues or non-conformities identified during audits or incident investigations. CARs help organizations improve their processes, prevent recurrence of issues, and ensure compliance with standards and regulations. They are an essential part of continuous improvement and quality management systems

Answer 5

Cloud Access Security Broker (CASB) is a security policy enforcement point placed between cloud service users and cloud applications. It provides visibility, compliance, data security, and threat protection for cloud-based services. CASBs help organizations secure their cloud environments by enforcing policies and monitoring user activities

Answer 6

Cipher Block Chaining (CBC) is a mode of operation for block ciphers that enhances the security of encrypted data. In CBC mode, each plaintext block is XORed with the previous ciphertext block before being encrypted, ensuring that identical plaintext blocks produce different ciphertext blocks. This adds an additional layer of security by making patterns in the plaintext less discernible

Answer 7

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol used in wireless security standards such as WPA2. CCMP provides data confidentiality, authentication, and integrity by using AES encryption. It is more secure than its predecessor TKIP and is widely used to protect Wi-Fi communications

Answer 8

Closed-Circuit Television (CCTV) is a surveillance system that uses video cameras to transmit a signal to a specific, limited set of monitors. CCTV is commonly used for security monitoring in various settings such as businesses, public spaces, and homes. It helps deter criminal activity, monitor for suspicious behavior, and collect evidence for investigations

Answer 9

Computer Emergency Response Team (CERT) is a group of experts who handle computer security incidents. CERTs are responsible for identifying, assessing, and responding to cybersecurity threats and vulnerabilities. They provide support and guidance to organizations during incidents and help improve overall cybersecurity posture through training and awareness programs

Answer 10

Cipher Feedback (CFB) is a mode of operation for block ciphers that allows encryption of smaller units of data than the block size. CFB turns a block cipher into a self-synchronizing stream cipher, enabling encryption of data streams and ensuring that identical plaintext segments produce different ciphertext. It is useful for encrypting data of varying lengths."

Answer 11

Challenge-Handshake Authentication Protocol (CHAP) is a security protocol used to authenticate users or devices in network connections. CHAP periodically verifies the identity of the client by using a three-way handshake and a shared secret. This method helps prevent unauthorized access and protects against replay attacks by using different challenge values for each authentication

Answer 12

Confidentiality, Integrity, and Availability (CIA) is a fundamental model in information security that ensures the protection of data. Confidentiality means protecting data from unauthorized access, integrity ensures data is accurate and unaltered, and availability ensures that data and systems are accessible when needed. The CIA triad is a cornerstone of cybersecurity practices and policies

Answer 13

Chief Information Officer (CIO) is an executive responsible for managing and overseeing an organization's information technology (IT) strategy and operations. The CIO ensures that IT systems support the organization's goals, manages IT budgets, and leads initiatives to improve technology infrastructure. They play a critical role in aligning IT with business objectives and ensuring cybersecurity

Answer 14

Computer Incident Response Team (CIRT) is a group of professionals dedicated to responding to and managing computer security incidents. CIRT members are responsible for identifying, analyzing, and mitigating cybersecurity threats. They help organizations recover from incidents, improve security measures, and reduce the risk of future attacks

Answer 15

Content Management System (CMS) is software used to create, manage, and modify digital content on websites. CMS platforms provide tools for users to design, publish, and maintain web content without requiring extensive technical knowledge. Popular CMSs include WordPress, Joomla, and Drupal, which are widely used for creating and managing websites

Answer 16

Continuity of Operations Plan (COOP) is a strategy that ensures the continuation of essential functions during and after a disaster or disruption. COOP outlines procedures for maintaining operations, recovering critical systems, and ensuring that vital services remain available. It is crucial for organizational resilience and disaster recovery planning

Answer 17

Corporate-Owned, Personally-Enabled (COPE) is a policy that provides employees with company-owned devices that they can use for both work and personal purposes. COPE offers better control over security and management of devices while still allowing employees the flexibility to use the devices for personal tasks. It helps organizations maintain security while supporting employee productivity

Answer 18

Contingency Plan (CP) is a set of procedures and guidelines designed to help an organization respond to unexpected events and disruptions. CPs outline steps to take in emergencies, such as natural disasters, cyberattacks, or system failures, to ensure that critical functions can continue or be quickly restored. Effective contingency planning is essential for minimizing downtime and impact on operations."

Answer 19

Cyclic Redundancy Check (CRC) is an error-detecting code used to detect accidental changes to raw data. It is commonly used in digital networks and storage devices to ensure data integrity. CRC generates a checksum based on the data, which is compared at the receiving end to verify that the data has not been altered or corrupted during transmission

Answer 20

Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their expiration dates. CRLs are used to check the validity of a certificate and ensure that it is not used for malicious purposes. Regularly updating and checking CRLs is crucial for maintaining the security of public key infrastructure (PKI)."

Answer 21

Chief Security Officer (CSO) is an executive responsible for an organization's security, including physical security, cybersecurity, and risk management. The CSO develops and implements security policies, oversees security operations, and ensures compliance with regulations. They play a key role in protecting the organization's assets, personnel, and information

Answer 22

Cloud Service Provider (CSP) is a company that offers cloud computing services, such as infrastructure, platforms, and software, to other businesses and individuals. CSPs provide scalable and flexible resources over the internet, allowing organizations to manage workloads and applications without investing in physical hardware. Common CSPs include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)."

Answer 23

Certificate Signing Request (CSR) is a block of encoded text submitted to a Certificate Authority (CA) to apply for a digital certificate. A CSR contains information such as the organization's name, domain, and public key. The CA uses the CSR to create and issue a digital certificate that can be used for secure communications and authentication

Answer 24

Cross-Site Request Forgery (CSRF) is a web security vulnerability that allows an attacker to induce users to perform actions that they do not intend to perform. By exploiting the trust that a website has in a user's browser, attackers can make unauthorized requests on behalf of the user. Implementing anti-CSRF tokens and verifying request origins are common defenses against CSRF attacks

Answer 25

Channel Service Unit (CSU) is a device used to connect a digital communication line, such as a T1 line, to a network router or other data terminal equipment. CSUs perform signal regeneration, loopback testing, and line conditioning to ensure reliable data transmission. They are essential components in telecommunications networks for maintaining signal integrity

Answer 26

Counter-Mode/CBC-MAC Protocol (CTM) is a cryptographic protocol that combines Counter Mode encryption with Cipher Block Chaining Message Authentication Code (CBC-MAC) for securing data. CTM provides both confidentiality and data integrity, making it suitable for protecting sensitive information in various applications. It is used in protocols like IEEE 802.11i for securing wireless communications

Answer 27

Chief Technology Officer (CTO) is an executive responsible for overseeing the development and implementation of technology within an organization. The CTO focuses on technology strategy, innovation, and aligning technological advancements with business goals. They play a crucial role in driving technological growth, ensuring competitive advantage, and managing tech-related risks."

Answer 28

Common Vulnerabilities and Exposures (CVE) is a list of publicly disclosed information security vulnerabilities and exposures. Each CVE entry contains an identifier, a description, and references to vulnerability reports and patches. CVEs help organizations identify and address security flaws in software and hardware, improving overall cybersecurity posture."

Answer 29

Common Vulnerability Scoring System (CVSS) is a standardized framework for rating the severity of security vulnerabilities. CVSS provides a numerical score that reflects the potential impact of a vulnerability, helping organizations prioritize their response and remediation efforts. The scoring system considers factors like exploitability, impact, and the complexity of attacks

Answer 30

Choose Your Own Device (CYOD) is a policy that allows employees to select from a range of company-approved devices for work purposes. CYOD provides a balance between user preference and organizational control over device security. It helps ensure that devices meet security standards while offering employees some flexibility in their choice of technology

Answer 31

Discretionary Access Control (DAC) is a type of access control system where the owner of a resource determines who can access it and what permissions they have. It provides flexible and fine-grained control but can be less secure than other access control models if not managed properly

Answer 32

Database Administrator (DBA) is responsible for the installation, configuration, upgrading, administration, monitoring, maintenance, and security of databases in an organization. DBAs ensure that databases run efficiently and securely, supporting data management and storage requirements

Answer 33

Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt normal traffic of a targeted server, service, or network by overwhelming it with a flood of internet traffic from multiple sources. DDoS attacks can cause significant downtime and disruption for online services."

Answer 34

Data Execution Prevention (DEP) is a security feature that helps prevent code execution from non-executable memory regions. It protects against certain types of exploits by marking areas of memory as non-executable, thereby preventing malicious code from running in those areas

Answer 35

Data Encryption Standard (DES) is an older symmetric-key block cipher encryption algorithm that encrypts data in 64-bit blocks using a 56-bit key. DES is considered insecure due to its short key length and vulnerability to brute-force attacks, leading to its replacement by more secure algorithms like AES

Answer 36

Dynamic Host Configuration Protocol (DHCP) is a network management protocol used to dynamically assign IP addresses and other network configuration parameters to devices on a network. DHCP simplifies network administration by automating the assignment of IP addresses

Answer 37

Diffie-Hellman Ephemeral (DHE) is a key exchange protocol that provides forward secrecy by generating a unique session key for each communication session. It is used in secure communications to ensure that even if a session key is compromised, past sessions remain secure

Answer 38

DomainKeys Identified Mail (DKIM) is an email authentication method that uses digital signatures to verify that an email message was sent from an authorized domain. DKIM helps prevent email spoofing and ensures the integrity of email messages

Answer 39

Dynamic Link Library (DLL) is a file that contains code and data that can be used by multiple programs simultaneously. DLLs help modularize applications, making them easier to update and maintain, but they can also be a vector for malware if not properly secured

Answer 40

Data Loss Prevention (DLP) refers to strategies and tools designed to prevent sensitive data from being lost, stolen, or accessed by unauthorized users. DLP solutions monitor, detect, and block the unauthorized transmission of sensitive information

Answer 41

Domain-based Message Authentication, Reporting & Conformance (DMARC) is an email authentication protocol that builds on SPF and DKIM to detect and prevent email spoofing. DMARC allows domain owners to publish policies on how to handle unauthenticated emails and provides reporting capabilities

Answer 42

Destination Network Address Translation (DNAT) is a type of NAT used to change the destination IP address of incoming traffic. It is commonly used in load balancing and to direct traffic to specific servers within a private network

Answer 43

Domain Name System (DNS) is a **hierarchical and decentralized** naming system for computers, services, or other resources connected to the internet or a private network. DNS translates human-readable domain names (e.g., www.example.com) into IP addresses (e.g., 192.0.2.1)

Answer 44

Denial of Service (DoS) attack is an attempt to make a machine or network resource unavailable to its intended users by overwhelming it with a flood of requests. Unlike DDoS, DoS attacks typically originate from a single source."

Answer 45

Data Protection Officer (DPO) is an organizational role required under the GDPR responsible for overseeing data protection strategy and implementation to ensure compliance with data protection laws. The DPO acts as a liaison between the organization and regulatory authorities

Answer 46

Disaster Recovery Plan (DRP) is a documented process or set of procedures to recover and protect a business IT infrastructure in the event of a disaster. DRPs include strategies for restoring hardware, applications, and data to ensure business continuity.

Answer 47

Digital Signature Algorithm (DSA) is a Federal Information Processing Standard for digital signatures. It is used to generate and verify digital signatures, providing authentication and integrity for electronic documents and communications

Answer 48

Digital Subscriber Line (DSL) is a family of technologies that provide internet access by transmitting digital data over the wires of a local telephone network. DSL is widely used for broadband internet connections

Answer 49

Extensible Authentication Protocol (EAP) is an authentication framework used in wireless networks and point-to-point connections. EAP supports multiple authentication methods, including passwords, digital certificates, and token cards

Answer 50

Electronic Codebook (ECB) is a simple mode of operation for block ciphers that encrypts each block of data independently. ECB is not recommended for use because it can reveal patterns in the plaintext, making it vulnerable to certain types of attacks

Answer 51

Elliptic Curve Cryptography (ECC) is a public key encryption technique that uses elliptic curve theory to provide the same level of security as other encryption methods with smaller key sizes. ECC is widely used for secure communication and digital signatures."

Answer 52

Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) is a **key exchange protocol** that provides forward secrecy using elliptic curve cryptography. ECDHE **generates a unique session key** for each communication session, enhancing security for encrypted connections

Answer 53

Elliptic Curve Digital Signature Algorithm (ECDSA) is a **variant of the Digital Signature Algorithm (DSA)** that uses elliptic curve cryptography. ECDSA provides a high level of security with shorter key lengths, making it efficient for digital signatures."

Answer 54

Endpoint Detection and Response (EDR) is a cybersecurity technology that monitors and responds to threats on endpoints, such as computers and mobile devices. EDR solutions provide real-time visibility, detection, and automated response to security incidents

Answer 55

Encrypting File System (EFS) is a feature of Windows that provides file-level encryption. EFS helps protect sensitive data by encrypting files on disk, making them inaccessible to unauthorized users without the decryption key.

Answer 56

Enterprise Resource Planning (ERP) is a type of software used by organizations to manage and integrate the important parts of their businesses. ERP software systems integrate planning, purchasing, inventory, sales, marketing, finance, and human resources

Answer 57

Electronic Serial Number (ESN) is a unique identifier assigned to mobile devices such as cell phones. ESNs are used to identify devices on mobile networks and to help prevent theft and fraud

Answer 58

Encapsulating Security Payload (ESP) is a component of the IPsec suite that provides encryption, authentication, and integrity for IP packets. ESP helps protect data transmitted over IP networks by ensuring that it is encrypted and tamper-proof

Answer 59

File Access Control List (FACL) is a list of permissions attached to a file or directory that specifies which users or system processes can access the file and what operations they can perform. FACLs provide fine-grained control over file access. It is used in **Linux**

Answer 60

Full Disk Encryption (FDE) is a security measure that encrypts all the data on a disk drive, ensuring that data cannot be read without the correct decryption key. FDE helps protect sensitive information in case the device is lost or stolen

Answer 61

File Integrity Monitoring (FIM) is a security process that involves checking files and directories for unauthorized changes. FIM solutions alert administrators to potential security breaches by monitoring critical system and application files

Answer 62

Field-Programmable Gate Array (FPGA) is an integrated circuit that can be configured by the customer or designer after manufacturing. FPGAs are used in various applications for customizable hardware implementations, including security and encryption

Answer 63

False Rejection Rate (FRR) is the rate at which a biometric security system incorrectly rejects an authorized user. A high FRR indicates that the system is not user-friendly, as it fails to recognize legitimate users

Answer 64

File Transfer Protocol (FTP) is a standard network protocol used to **transfer files from one host to another over a TCP-based network**. FTP is commonly used for uploading and downloading files to and from a server. **Insecure protocol**

Answer 65

File Transfer Protocol Secure (FTPS) is an extension to FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. FTPS provides **secure file transfer** by encrypting the data and control channels

Answer 66

Galois/Counter Mode (GCM) is a mode of operation for symmetric key cryptographic block ciphers. It provides both data authenticity (integrity) and confidentiality, making it widely used in securing data transmissions."

Answer 67

General Data Protection Regulation (GDPR) is a comprehensive data protection law enacted by the European Union to safeguard personal data and ensure privacy. GDPR imposes strict regulations on data handling and grants individuals rights over their personal data

Answer 68

GNU Privacy Guard (GPG) is an encryption software that provides cryptographic privacy and authentication. It is used for securing data communications and ensuring the integrity of data, supporting encryption, decryption, and digital signatures.**GnuPG allows you to encrypt and sign your data and communications**

Answer 69

Group Policy Object (GPO) is a feature in Windows that allows administrators to manage and configure operating systems, applications, and user settings in an Active Directory environment. GPOs help enforce security policies and configurations across multiple devices

Answer 70

Global Positioning System (GPS) is a satellite-based navigation system that provides location and time information anywhere on Earth. GPS is widely used in various applications, including navigation, mapping, and timing

Answer 71

Graphics Processing Unit (GPU) is a specialized processor designed to accelerate graphics rendering and parallel processing tasks. GPUs are commonly used in gaming, professional visualization, and increasingly in scientific computing and machine learning

Answer 72

Generic Routing Encapsulation (GRE) is a tunneling protocol used to encapsulate various network layer protocols inside virtual point-to-point links. GRE is used to create VPNs and other secure connections over the internet."

Answer 73

High Availability (HA) refers to systems or components that are continuously operational for a long time. HA aims to minimize downtime and ensure that critical services and applications remain accessible even during failures or maintenance

Answer 74

Hard Disk Drive (HDD) is a data storage device that uses spinning disks coated with magnetic material to store and retrieve digital information. HDDs are widely used for storing large amounts of data in computers and servers

Answer 75

Host-based Intrusion Detection System (HIDS) is a security system that monitors and analyzes the internals of a computing system to detect suspicious activity. HIDS helps identify potential threats and breaches on individual hosts or devices

Answer 76

Host-based Intrusion Prevention System (HIPS) is a security system that monitors and potentially prevents malicious activities on a host. HIPS provides protection by blocking suspicious actions and ensuring system integrity

Answer 77

Hash-based Message Authentication Code (HMAC) is a mechanism that combines a cryptographic hash function with a secret key to provide data integrity and authenticity. HMAC is used to verify the authenticity of a message or data

Answer 78

HMAC-based One-Time Password (HOTP) is a one-time password algorithm based on HMAC. It is used for two-factor authentication, generating a unique password for each authentication attempt

Answer 79

Hardware Security Module (HSM) is a physical device that provides secure management, processing, and storage of cryptographic keys. HSMs are used to enhance security for sensitive cryptographic operations

Answer 80

HyperText Markup Language (HTML) is the standard language for creating and designing web pages and web applications. HTML defines the structure and layout of a web document by using various tags and elements

Answer 81

HyperText Transfer Protocol (HTTP) is the foundation of data communication on the World Wide Web. HTTP defines how messages are formatted and transmitted, and how web servers and browsers should respond to various commands

Answer 82

HyperText Transfer Protocol Secure (HTTPS) is an extension of HTTP that uses encryption protocols, such as SSL or TLS, to secure data transfer over the internet. HTTPS ensures that data transmitted between a web server and a client is encrypted and secure

Answer 83

Heating, Ventilation, and Air Conditioning (HVAC) systems control the climate and air quality in buildings. In data centers, HVAC systems are crucial for maintaining the optimal temperature and humidity levels for IT equipment

Answer 84

Infrastructure as a Service (IaaS) is a cloud computing model that provides virtualized computing resources over the internet. IaaS allows organizations to rent virtual machines, storage, and networking resources on a pay-as-you-go basis."

Answer 85

Infrastructure as Code (IaC) is the practice of managing and provisioning computing infrastructure using machine-readable configuration files. IaC enables automated deployment and consistent configuration of IT resources

Answer 86

Identity and Access Management (IAM) is a framework of policies and technologies that ensure the right individuals have access to the right resources at the right times for the right reasons. IAM helps secure and manage digital identities

Answer 87

,"Internet Control Message Protocol (ICMP) is a network layer protocol used for error messages and operational information. ICMP is commonly used for network diagnostics and troubleshooting, such as the ping command."

Answer 88

Industrial Control System (ICS) refers to systems and devices used to control industrial processes, such as manufacturing, energy production, and water treatment. ICS includes SCADA systems and DCS, which monitor and control industrial operations

Answer 89

International Data Encryption Algorithm (IDEA) is a symmetric key block cipher used for data encryption. IDEA provides high security and is used in various cryptographic applications to protect sensitive information.

Answer 90

Intermediate Distribution Frame (IDF) is a distribution point for connecting and managing telecommunications cabling between the main distribution frame (MDF) and individual end devices in a building or campus

Answer 91

Identity Provider (IdP) is an entity in an identity management system that creates, maintains, and manages identity information. IdPs authenticate users and provide identity assertions to service providers for access control

Answer 92

Intrusion Detection System (IDS) is a security system that monitors network or system activities for malicious activities or policy violations. IDS alerts administrators to potential threats and breaches, helping protect IT infrastructure

Answer 93

Institute of Electrical and Electronics Engineers (IEEE) is a professional association dedicated to advancing technology. IEEE develops standards for various technologies, including networking (e.g., IEEE 802.11 for Wi-Fi)."

Answer 94

Internet Key Exchange (IKE) is a protocol used to set up a secure, authenticated communications channel between two parties. IKE is part of the IPsec suite and helps establish security associations and key management."

Answer 95

Instant Messaging (IM) is a form of real-time communication between two or more people based on typed text. IM is commonly used in personal and business contexts for quick and direct communication

Answer 96

Internet Message Access Protocol (IMAP) is a protocol for accessing and managing email messages on a mail server. IMAP allows users to view and manipulate their emails as if they were stored locally, enabling synchronization across multiple devices

Answer 97

Indicator of Compromise (IoC) is a piece of data that suggests that an endpoint or network may have been breached. IoCs are used in threat detection and incident response to identify potential security incidents."

Answer 98

Internet of Things (IoT) refers to the network of physical objects embedded with sensors, software, and connectivity to collect and exchange data. IoT enables smart devices to communicate and interact with each other and with centralized systems

Answer 99

Internet Protocol (IP) is the principal communications protocol for relaying packets of data across network boundaries. IP addresses are used to identify and locate devices on a network."

Answer 100

Intrusion Prevention System (IPS) is a network security device that monitors network traffic for malicious activity and takes action to prevent the threat. IPS can block or reject harmful traffic to protect the network."

Answer 101

Internet Protocol Security (IPsec) is a suite of protocols used to secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet in a communication session. IPsec is used to establish secure VPNs

Answer 102

Incident Response (IR) refers to the process of identifying, investigating, and mitigating security incidents. IR involves a structured approach to handle breaches and minimize the impact of cyberattacks

Answer 103

Internet Relay Chat (IRC) is a protocol used for real-time text communication over the internet. IRC is used in various applications, including group chats, discussions, and collaboration."

Answer 104

Incident Response Plan (IRP) is a predefined set of instructions and procedures for detecting, responding to, and recovering from security incidents. An IRP helps organizations manage and mitigate the impact of cybersecurity events."

Answer 105

International Organization for Standardization (ISO) is an independent, non-governmental international organization that develops and publishes standards for a wide range of industries and technologies.

Answer 106

Internet Service Provider (ISP) is a company that provides individuals and organizations access to the internet. ISPs offer various services, including internet connectivity, email, and web hosting

Answer 107

Information Systems Security Officer (ISSO) is a role responsible for ensuring the security of an organization's information systems. The ISSO develops and implements security policies, conducts risk assessments, and monitors compliance

Answer 108

Initialization Vector (IV) is a random or pseudo-random value used in cryptography to ensure that identical plaintexts encrypt to different ciphertexts. IVs add randomness to encryption, enhancing security by preventing pattern analysis."

Answer 109

Key Distribution Center (KDC) is a part of the Kerberos protocol used for authenticating users and services on a network. The KDC issues tickets that grant access to services, ensuring secure communication within a domain."

Answer 110

Key Encryption Key (KEK) is a cryptographic key used to encrypt other keys, such as session keys or data encryption keys. KEKs provide an additional layer of security for key management and distribution

Answer 111

Layer 2 Tunneling Protocol (L2TP) is a tunneling protocol used to support virtual private networks (VPNs). L2TP does not provide encryption by itself but is often used with IPsec to secure data transmission."

Answer 112

Local Area Network (LAN) is a network that connects devices within a limited area, such as a home, school, or office building. LANs enable resource sharing and communication between connected devices

Answer 113

Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral protocol for accessing and managing directory information services. LDAP is commonly used for authentication and authorization in various applications

Answer 114

Lightweight Extensible Authentication Protocol (LEAP) is a proprietary wireless LAN authentication method developed by Cisco. LEAP provides dynamic WEP keys for enhanced security but has known vulnerabilities

Answer 115

Monitoring as a Service (MaaS) is a cloud-based service model that provides monitoring and management of IT infrastructure. MaaS helps organizations keep track of their network performance, security, and compliance

Answer 116

Media Access Control (MAC) address is a unique identifier assigned to a network interface for communications on the physical network segment. MAC addresses are used to ensure that data packets are delivered to the correct device on a LAN

Answer 117

Mandatory Access Control (MAC) is a type of access control where the operating system enforces security policies that restrict access based on user classifications and labels. MAC provides a high level of security by strictly controlling access to resources

Answer 118

Message Authentication Code (MAC) is a cryptographic checksum used to verify the integrity and authenticity of a message. MACs ensure that the data has not been altered and that it comes from a legitimate source

Answer 119

Metropolitan Area Network (MAN) is a network that spans a city or a large campus. MANs are larger than LANs but smaller than wide area networks (WANs), and they typically connect multiple LANs within a geographic area

Answer 120

Master Boot Record (MBR) is a special type of boot sector at the beginning of partitioned storage devices like hard drives. The MBR contains information about the disk's partitions and a small amount of executable code for bootstrapping the operating system.

Answer 121

Message Digest Algorithm 5 (MD5) is a widely used cryptographic hash function that produces a 128-bit hash value. MD5 is used for data integrity verification but is considered weak and vulnerable to collision attacks."

Answer 122

Main Distribution Frame (MDF) is a distribution frame in a telecommunications network where cables from different devices connect. The MDF serves as a central point for connecting and managing telecommunications circuits

Answer 123

Mobile Device Management (MDM) is a security software used by IT departments to manage, monitor, and secure employees' mobile devices. MDM ensures that devices comply with organizational policies and provides remote management capabilities

Answer 124

Multi-Factor Authentication (MFA) is a security process that requires users to provide two or more verification factors to gain access to a resource. MFA enhances security by combining something you know (password), something you have (token), and something you are (biometric)."

Answer 125

Multi-Function Device (MFD) is an office machine that incorporates the functionality of multiple devices in one, such as a printer, scanner, copier, and fax machine. MFDs help save space and cost in office environments."

Answer 126

Multi-Function Printer (MFP) is a device that combines printing, scanning, copying, and faxing capabilities. MFPs are commonly used in both home and office settings to consolidate multiple functions into a single device."

Answer 127

Machine Learning (ML) is a subset of artificial intelligence (AI) that enables computers to learn from and make decisions based on data. ML algorithms improve their performance over time by identifying patterns and making predictions

Answer 128

Multimedia Messaging Service (MMS) is a standard way to send multimedia messages, such as images, audio, and video, over a cellular network. MMS extends the functionality of SMS to include multimedia content

Answer 129

Memorandum of Agreement (MOA) is a document that outlines the terms and details of an agreement between parties, including the roles and responsibilities of each party. MOAs are used to formalize collaborations and partnerships

Answer 130

Memorandum of Understanding (MOU) is a non-binding agreement between two or more parties that outlines the terms and details of an understanding. MOUs are used to establish mutual intentions and clarify the scope of collaboration

Answer 131

Multi-Protocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses. MPLS improves the speed and efficiency of data flow

Answer 132

Measurement Systems Analysis (MSA) is a statistical method used to assess the accuracy and precision of measurement systems. MSA ensures that measurements are reliable and consistent across different measurement devices and processes

Answer 133

Microsoft Challenge-Handshake Authentication Protocol (MSCHAP) is an authentication protocol used in Windows-based networks. MSCHAP provides mutual authentication between a client and a server using a three-way handshake

Answer 134

Managed Service Provider (MSP) is a third-party company that remotely manages a customer's IT infrastructure and end-user systems. MSPs provide a range of services, including network management, security, and data backup

Answer 135

Managed Security Service Provider (MSSP) is a type of MSP that focuses specifically on providing security services. MSSPs monitor and manage security devices and systems, helping organizations protect against cyber threats

Answer 136

Mean Time Between Failures (MTBF) is a measure of the reliability of a system or component, representing the average time between failures. MTBF is used to predict the lifespan and maintenance needs of hardware and systems

Answer 137

Mean Time to Failure (MTTF) is the average time a system or component operates before experiencing a failure. MTTF is used to estimate the reliability and durability of non-repairable systems."

Answer 138

Mean Time to Repair (MTTR) is the average time required to repair a system or component and restore it to full functionality. MTTR is used to assess the maintainability and downtime of systems."

Answer 139

Maximum Transmission Unit (MTU) is the largest size of a packet that can be transmitted over a network medium. MTU affects the efficiency and performance of data transmission, with larger MTUs allowing more data to be sent in a single packet."

Answer 140

Network Access Control (NAC) is a security solution that controls and manages access to a network based on predefined security policies. NAC helps ensure that only compliant and authenticated devices can connect to the network."

Answer 141

Network Address Translation (NAT) is a method used to remap IP addresses by modifying network address information in the IP header of packets while they are in transit. NAT improves security and conserves the number of IP addresses in use."

Answer 142

Non-Disclosure Agreement (NDA) is a legally binding contract that establishes a confidential relationship between parties. NDAs are used to protect sensitive information from being disclosed to unauthorized individuals

Answer 143

Near Field Communication (NFC) is a short-range wireless technology that enables communication between devices within a few centimeters. NFC is commonly used for contactless payment systems, access control, and data exchange

Answer 144

Next-Generation Firewall (NGFW) is an advanced type of firewall that provides capabilities beyond traditional firewalls, such as application awareness, integrated intrusion prevention, and cloud-delivered threat intelligence

Answer 145

Network Intrusion Detection System (NIDS) is a security system that monitors and analyzes network traffic for suspicious activities and potential threats. NIDS helps detect and respond to cyber attacks on a network

Answer 146

Network Intrusion Prevention System (NIPS) is a security solution that monitors network traffic to detect and prevent suspicious activities and attacks. NIPS actively blocks or mitigates threats to protect the network

Answer 147

National Institute of Standards and Technology (NIST) is a U.S. federal agency that develops and promotes standards for technology and industry. NIST provides guidelines and best practices for cybersecurity and information protection

Answer 148

New Technology File System (NTFS) is a file system developed by Microsoft for Windows operating systems. NTFS provides advanced features such as file and folder security, compression, and support for large volumes

Answer 149

NT LAN Manager (NTLM) is a suite of Microsoft security protocols intended to provide authentication, integrity, and confidentiality to users. NTLM is used for network logins and secure data exchange in Windows environments."

Answer 150

Network Time Protocol (NTP) is a protocol used to synchronize the clocks of computers over a network. NTP ensures that all systems within a network have accurate and consistent time settings."

Answer 151

OAuth, Open Authorization is an open standard for access delegation commonly used to grant websites or applications limited access to user information without exposing passwords. OAuth is used for token-based authentication and authorization

Answer 152

Online Certificate Status Protocol (OCSP) is a protocol used to check the revocation status of digital certificates in real-time. OCSP provides a method for determining whether a certificate is still valid or has been revoked."OID

Answer 153

Object Identifier (OID) is a globally unique identifier used to name an object in a hierarchical structure. OIDs are used in various standards and protocols, such as SNMP and LDAP, to uniquely identify objects

Answer 154

Operating System (OS) is the software that manages hardware and software resources on a computer. The OS provides a user interface and controls the execution of applications and services

Answer 155

Open Source Intelligence (OSINT) refers to the collection and analysis of publicly available information from open sources, such as the internet, social media, and public records. OSINT is used for security, intelligence, and investigative purposes."

Answer 156

Open Shortest Path First (OSPF) is a link-state routing protocol used in IP networks. OSPF calculates the shortest path for data packets based on the topology of the network and is commonly used in large enterprise networks

Answer 157

Operational Technology (OT) refers to hardware and software systems used to monitor and control industrial processes, such as manufacturing, energy production, and transportation. OT includes SCADA systems and industrial control systems.

Answer 158

Over-the-Air (OTA) refers to the wireless transmission and reception of data, such as updates or configurations, to devices. OTA is commonly used for firmware updates in mobile devices and IoT devices

Answer 159

Open Vulnerability and Assessment Language (OVAL) is a standard for representing and communicating security information. OVAL is used to automate the assessment and reporting of security vulnerabilities and compliance

Answer 160

PKCS #12 (P12) is a standard for storing and transporting cryptographic keys and certificates in a secure format. P12 files are commonly used to distribute private keys and certificates for secure communication."

Answer 161

Peer-to-Peer (P2P) is a decentralized network architecture where each participant (peer) has equal privileges and can initiate or complete transactions without a central server. P2P is commonly used for file sharing and distributed computing

Answer 162

Platform as a Service (PaaS) is a cloud computing model that provides a platform allowing customers to develop, run, and manage applications without dealing with the underlying infrastructure. PaaS simplifies application development and deployment

Answer 163

Proxy Auto-Configuration (PAC) is a method used to automatically configure web browsers to use a proxy server. A PAC file contains a JavaScript function that determines the appropriate proxy for a given URL."

Answer 164

Privileged Access Management (PAM) is a set of technologies and practices designed to secure, control, and monitor access to an organization's critical systems and data by privileged users. PAM helps mitigate the risks associated with privileged access

Answer 165

Pluggable Authentication Module (PAM) is a framework used in Unix-like operating systems to integrate multiple authentication methods. PAM provides a way to develop programs that are independent of the underlying authentication scheme

Answer 166

Password Authentication Protocol (PAP) is a simple authentication protocol used to verify a user's identity. PAP transmits usernames and passwords in plaintext, making it less secure compared to more advanced authentication protocols

Answer 167

Port Address Translation (PAT) is a type of NAT that allows multiple devices on a local network to be mapped to a single public IP address with different port numbers. PAT conserves public IP addresses and enables multiple devices to share a single internet connection

Answer 168

Password-Based Key Derivation Function 2 (PBKDF2) is a key derivation function that applies a pseudorandom function to the input password along with a salt value and repeats the process many times. PBKDF2 is used to produce a cryptographic key from a password."

Answer 169

Private Branch Exchange (PBX) is a private telephone network used within an organization. PBX systems manage incoming and outgoing calls and provide features such as voicemail, call forwarding, and conference calling

Answer 170

Packet Capture (PCAP) is a method used to capture and analyze network traffic. PCAP files contain raw network data and are used for network troubleshooting, performance analysis, and security monitoring

Answer 171

Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. PCI DSS helps protect cardholder data and reduce fraud

Answer 172

Protocol Data Unit (PDU) is a unit of data specified in a protocol of a given layer and consists of protocol control information and user data. PDUs are used in networking to manage data transmission and communication between devices

Answer 173

Protected Extensible Authentication Protocol (PEAP) is an authentication protocol that encapsulates EAP within a secure TLS tunnel. PEAP provides an extra layer of security for wireless communication by protecting EAP authentication exchanges

Answer 174

Portable Electronic Device (PED) refers to any small, portable electronic device that can store, process, or transmit data. Examples include smartphones, tablets, laptops, and USB drives

Answer 175

Privacy-Enhanced Mail (PEM) is a standard for securing email communications using encryption and digital signatures. PEM files also refer to a file format commonly used to store and share cryptographic keys and certificates

Answer 176

Perfect Forward Secrecy (PFS) is a property of secure communication protocols where session keys are not compromised even if the server's private key is compromised. PFS ensures that past communication remains secure even if long-term keys are compromised

Answer 177

Pretty Good Privacy (PGP) is an encryption program that provides cryptographic privacy and authentication for data communication. PGP is used for securing emails, files, and other forms of data transfer."

Answer 178

Protected Health Information (PHI) refers to any information in a medical record that can be used to identify an individual and that was created, used, or disclosed in the course of providing health care services. PHI is protected under laws such as HIPAA

Answer 179

Personally Identifiable Information (PII) refers to any data that can be used to identify an individual, such as name, address, Social Security number, and biometric data. Protecting PII is crucial for privacy and security

Answer 180

Personal Identity Verification (PIV) is a standard for smart card-based identification and authentication used by U.S. federal employees and contractors. PIV cards provide secure access to government facilities and information systems

Answer 181

Public Key Cryptography Standards (PKCS) are a set of standards for public key cryptography developed by RSA Laboratories. PKCS includes specifications for cryptographic algorithms, key exchange, and secure data transmission

Answer 182

Public Key Infrastructure (PKI) is a framework for managing digital certificates and public-key encryption. PKI enables secure communication and authentication over networks by using a hierarchy of trusted certificate authorities

Answer 183

Post Office Protocol (POP) is a protocol used by email clients to retrieve messages from a mail server. POP3, the latest version, downloads emails to the local device and usually deletes them from the server

Answer 184

Plain Old Telephone Service (POTS) refers to the traditional analog voice transmission phone system. POTS is the standard telephone service that operates over copper wires

Answer 185

Point-to-Point Protocol (PPP) is a data link layer communication protocol used to establish a direct connection between two network nodes. PPP is commonly used for internet dial-up connections and other point-to-point links

Answer 186

Point-to-Point Tunneling Protocol (PPTP) is a VPN protocol used to create secure tunnels over the internet. PPTP supports data encryption and authentication for secure communication

Answer 187

Pre-Shared Key (PSK) is a shared secret used in cryptographic protocols for securing communication. PSK is commonly used in wireless networks for WPA/WPA2 authentication

Answer 188

Pan-Tilt-Zoom (PTZ) refers to the capabilities of a camera to pan horizontally, tilt vertically, and zoom in and out. PTZ cameras are used in surveillance systems to cover large areas and focus on specific details."

Answer 189

Potentially Unwanted Program (PUP) refers to software that may be unwanted by the user, such as adware or spyware. PUPs can be intrusive and may compromise system performance or security."

Answer 190

Registration Authority (RA) is an entity within a Public Key Infrastructure (PKI) responsible for accepting requests for digital certificates and authenticating the entity making the request. The RA acts as a mediator between the user and the Certificate Authority (CA)."

Answer 191

Research and Development in Advanced Communications Technologies in Europe (RACE) was a European Union research program aimed at developing advanced communication technologies. The RACE program contributed to the development of the GSM mobile communication standard

Answer 192

Rapid Application Development (RAD) is a software development methodology that emphasizes quick development and iteration of prototypes over extensive planning. RAD aims to produce high-quality systems quickly by using user feedback and iterative development cycles

Answer 193

Remote Authentication Dial-In User Service (RADIUS) is a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) management for users connecting to a network service. RADIUS is commonly used for managing user access to Wi-Fi networks

Answer 194

Redundant Array of Independent Disks (RAID) is a data storage technology that combines multiple physical disk drives into one or more logical units for redundancy, performance improvement, or both. RAID helps protect data against drive failures and improves storage performance

Answer 195

Remote Access Service (RAS) allows users to connect to a network or computer from a remote location. RAS is commonly used by employees to access corporate networks from home or while traveling

Answer 196

Remote Access Trojan (RAT) is a type of malware that allows an attacker to gain unauthorized access and control over a computer or network. RATs are used for espionage, data theft, and system manipulation

Answer 197

Role-Based Access Control (RBAC) is a method of restricting access to resources based on the roles assigned to users within an organization. RBAC simplifies management of user permissions by assigning permissions to roles rather than individuals

Answer 198

Rule-Based Access Control (RBAC) is a type of access control mechanism where access decisions are based on a set of rules defined by the system administrator. This approach is used to enforce security policies and automate access management

Answer 199

Rivest Cipher 4 (RC4) is a stream cipher designed by Ron Rivest in 1987. RC4 is known for its simplicity and speed, but it has been found to have vulnerabilities and is no longer considered secure for most applications

Answer 200

Remote Desktop Protocol (RDP) is a proprietary protocol developed by Microsoft that provides a user with a graphical interface to connect to another computer over a network connection. RDP is commonly used for remote management and support

Answer 201

Radio-Frequency Identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. RFID is commonly used in inventory management, access control, and contactless payment systems

Answer 202

RACE Integrity Primitives Evaluation Message Digest (RIPEMD) is a family of cryptographic hash functions. RIPEMD-160, a 160-bit version, is commonly used for data integrity and digital signatures

Answer 203

Return on Investment (ROI) is a financial metric used to evaluate the profitability of an investment. ROI is calculated by dividing the net profit from an investment by the cost of the investment."

Answer 204

Recovery Point Objective (RPO) is the maximum acceptable amount of data loss measured in time. RPO defines the point in time to which data must be restored after a disaster to resume normal operations

Answer 205

Rivest-Shamir-Adleman (RSA) is a widely used public-key cryptosystem for secure data transmission. RSA encryption relies on the computational difficulty of factoring large prime numbers."

Answer 206

Remote Triggered Black Hole (RTBH) is a network security technique used to mitigate denial-of-service (DoS) attacks by directing malicious traffic to a 'black hole' where it is discarded. RTBH helps protect networks from overwhelming traffic

Answer 207

Recovery Time Objective (RTO) is the maximum acceptable amount of time to restore a system or service after a disaster. RTO defines the time frame within which operations must be resumed to avoid unacceptable consequences."

Answer 208

Real-Time Operating System (RTOS) is an operating system designed to process data and execute tasks in real-time, with minimal latency. RTOS is commonly used in embedded systems and applications requiring precise timing and reliability

Answer 209

Real-time Transport Protocol (RTP) is a network protocol for delivering audio and video over IP networks. RTP is widely used in streaming media, telephony, and video conferencing

Answer 210

Secure/Multipurpose Internet Mail Extensions (S/MIME) is a standard for public key encryption and digital signing of MIME data. S/MIME provides end-to-end security for email communication

Answer 211

Software as a Service (SaaS) is a cloud computing model where software applications are delivered over the internet on a subscription basis. SaaS allows users to access software without managing the underlying infrastructure

Answer 212

Simultaneous Authentication of Equals (SAE) is a secure password-based authentication protocol used in Wi-Fi networks. SAE provides protection against offline dictionary attacks and is used in WPA3 security

Answer 213

Security Assertion Markup Language (SAML) is an XML-based framework for exchanging authentication and authorization data between parties. SAML is used for single sign-on (SSO) to enable users to authenticate once and access multiple applications

Answer 214

Storage Area Network (SAN) is a high-speed network that provides access to consolidated, block-level data storage. SANs are used to improve the performance and availability of storage resources."

Answer 215

Subject Alternative Name (SAN) is an extension to the X.509 specification for digital certificates that allows additional domain names or IP addresses to be associated with a certificate. SAN is commonly used for securing multiple domains with a single certificate."

Answer 216

Secure Access Service Edge (SASE) is a network architecture that combines network security functions with wide area networking capabilities to support the dynamic secure access needs of organizations. SASE enables secure and fast access to cloud applications and services

Answer 217

Supervisory Control and Data Acquisition (SCADA) is a system used to monitor and control industrial processes. SCADA systems gather real-time data from sensors and equipment, allowing operators to manage and optimize operations

Answer 218

Security Content Automation Protocol (SCAP) is a suite of standards used to automate vulnerability management, security measurement, and compliance evaluation. SCAP helps organizations ensure their systems are secure and compliant with regulations

Answer 219

Simple Certificate Enrollment Protocol (SCEP) is a protocol used to simplify the issuance and management of digital certificates. SCEP allows devices to request and renew certificates automatically from a certificate authority

Answer 220

Software-Defined Wide Area Network (SD-WAN) is a network architecture that uses software to control the management and operation of WAN connections. SD-WAN optimizes traffic routing, improves performance, and enhances security

Answer 221

Software Development Kit (SDK) is a collection of software tools, libraries, and documentation that developers use to create applications for specific platforms or environments. SDKs provide the resources needed to develop, test, and deploy software

Answer 222

Software Development Life Cycle (SDLC) is a process used for planning, creating, testing, and deploying information systems. SDLC provides a structured approach to software development, ensuring high-quality and efficient delivery

Answer 223

Secure Development Lifecycle Management (SDLM) is the practice of integrating security considerations into every phase of the software development lifecycle. SDLM aims to build secure software by identifying and mitigating security risks early."

Answer 224

Software-Defined Networking (SDN) is an approach to networking that uses software-based controllers to manage network resources and traffic. SDN provides centralized control and automation of network operations, improving flexibility and efficiency."

Answer 225

Security-Enhanced Linux (SELinux) is a security architecture for Linux systems that provides mandatory access control (MAC). SELinux enforces security policies to restrict the actions that users and programs can perform, enhancing system security."

Answer 226

Self-Encrypting Drive (SED) is a hard drive or solid-state drive that automatically encrypts data stored on it. SEDs provide hardware-based encryption to protect data at rest from unauthorized access."

Answer 227

Structured Exception Handling (SEH) is a mechanism in Windows programming that provides a way to handle exceptions or errors that occur during program execution. SEH helps improve the robustness and reliability of software.

Answer 228

SSH File Transfer Protocol (SFTP) is a secure file transfer protocol that uses the SSH protocol to provide encryption and secure authentication. SFTP is used to transfer files securely over a network."

Answer 229

Secure Hash Algorithm (SHA) is a family of cryptographic hash functions designed to ensure data integrity. SHA algorithms produce a fixed-size hash value from input data and are widely used in security applications, such as digital signatures and certificates

Answer 230

Secure Hypertext Transfer Protocol (S-HTTP) is an extension of HTTP that provides encryption and secure communication between clients and servers. S-HTTP ensures data confidentiality and integrity during transmission

Answer 231

Security Information and Event Management (SIEM) is a solution that combines security information management (SIM) and security event management (SEM) to provide real-time analysis of security alerts and events. SIEM helps organizations detect and respond to security incidents

Answer 232

Subscriber Identity Module (SIM) is a small card used in mobile devices to store subscriber information and authentication data. SIM cards are essential for connecting to mobile networks and accessing services

Answer 233

Service Level Agreement (SLA) is a contract between a service provider and a customer that defines the level of service expected from the provider. SLAs specify performance metrics, responsibilities, and remedies for service failures

Answer 234

Single Loss Expectancy (SLE) is a measure of the potential financial loss that could occur from a single security incident. SLE is calculated by multiplying the asset value by the exposure factor."

Answer 235

Short Message Service (SMS) is a text messaging service that allows users to send and receive short text messages on mobile devices. SMS is widely used for communication and as a method for delivering notifications and alerts

Answer 236

Simple Mail Transfer Protocol (SMTP) is an internet standard protocol for sending email messages between servers. SMTP is used by email clients to send messages to mail servers and between mail servers for message relay

Answer 237

Simple Mail Transfer Protocol Secure (SMTPS) is a protocol that uses SSL/TLS to secure SMTP communications. SMTPS ensures that email messages are encrypted and protected during transmission

Answer 238

Simple Network Management Protocol (SNMP) is an internet standard protocol for managing and monitoring devices on IP networks. SNMP allows network administrators to collect information and configure devices remotely

Answer 239

Simple Object Access Protocol (SOAP) is a protocol for exchanging structured information in web services. SOAP uses XML to encode messages and relies on other application layer protocols for message negotiation and transmission

Answer 240

Security Orchestration, Automation, and Response (SOAR) refers to technologies that enable organizations to collect security data, automate response processes, and coordinate actions across multiple security tools. SOAR helps improve the efficiency and effectiveness of security operations

Answer 241

System on Chip (SoC) is an integrated circuit that combines all the components of a computer or electronic system onto a single chip. SoCs are used in mobile devices, embedded systems, and IoT devices to provide compact and efficient processing capabilities

Answer 242

Security Operations Center (SOC) is a centralized unit that monitors, detects, and responds to security incidents within an organization. The SOC team uses a combination of technology and processes to protect the organization from cyber threats."

Answer 243

Statement of Work (SOW) is a formal document that outlines the scope, objectives, and deliverables of a project. SOWs are used to define the work to be performed and the terms and conditions agreed upon by the parties involved

Answer 244

Sender Policy Framework (SPF) is an email authentication protocol that allows domain owners to specify which mail servers are authorized to send email on their behalf. SPF helps prevent email spoofing and phishing attacks

Answer 245

Spam over Instant Messaging (SPIM) refers to unsolicited and unwanted messages sent over instant messaging services. SPIM can be used for advertising, phishing, and spreading malware

Answer 246

Structured Query Language (SQL) is a standard programming language used to manage and manipulate relational databases. SQL is used for querying, updating, and managing data in databases

Answer 247

SQL Injection (SQLi) is a type of security vulnerability that occurs when an attacker injects malicious SQL code into a query. SQLi can be used to manipulate databases, steal data, and bypass authentication mechanisms

Answer 248

Secure Real-time Transport Protocol (SRTP) is a protocol for providing encryption, message authentication, and integrity for real-time audio and video communications. SRTP is used to secure VoIP and multimedia streaming

Answer 249

Solid-State Drive (SSD) is a data storage device that uses flash memory to store data. SSDs offer faster read and write speeds compared to traditional hard disk drives (HDDs)."

Answer 250

Secure Shell (SSH) is a cryptographic network protocol for secure communication over an unsecured network. SSH provides strong authentication and secure data transmission, commonly used for remote server administration."

Answer 251

Secure Sockets Layer (SSL) is a cryptographic protocol that provides secure communication over the internet. SSL has been deprecated and replaced by Transport Layer Security (TLS)."

Answer 252

Single Sign-On (SSO) is an authentication process that allows a user to access multiple applications or systems with a single set of credentials. SSO improves user convenience and reduces the number of login credentials."

Answer 253

Structured Threat Information Expression (STIX) is a standardized language for representing cyber threat information. STIX is used to share threat intelligence across organizations and systems."

Answer 254

Secure Web Gateway (SWG) is a security solution that filters and monitors web traffic to protect against threats and enforce policies. SWGs provide protection against malware, phishing, and other web-based threats

Answer 255

Terminal Access Controller Access-Control System Plus (TACACS+) is a protocol that provides centralized Authentication, Authorization, and Accounting (AAA) for users accessing a network. TACACS+ is widely used in large enterprise networks

Answer 256

Trusted Automated eXchange of Indicator Information (TAXII) is a protocol used to exchange cyber threat intelligence information. TAXII enables organizations to share and receive threat data in a standardized and automated manner

Answer 257

Transmission Control Protocol/Internet Protocol (TCP/IP) is a suite of communication protocols used to interconnect network devices on the internet. TCP/IP provides end-to-end communication, specifying how data should be packetized, addressed, transmitted, routed, and received

Answer 258

Ticket Granting Ticket (TGT) is a ticket used in the Kerberos authentication protocol. The TGT allows users to obtain service tickets for accessing various network services without repeatedly entering their credentials

Answer 259

Temporal Key Integrity Protocol (TKIP) is a security protocol used in Wi-Fi networks to enhance the security of WEP. TKIP provides per-packet key mixing, message integrity check, and re-keying mechanisms

Answer 260

Transport Layer Security (TLS) is a cryptographic protocol that provides secure communication over a computer network. TLS is the successor to SSL and ensures data privacy and integrity between communicating applications

Answer 261

Table of Contents (TOC) is a list of the titles of the parts of a book or document, organized in the order in which the parts appear. In the context of cybersecurity, TOC may also refer to the contents and structure of a digital document or report."

Answer 262

Time-based One-Time Password (TOTP) is a temporary passcode generated by an algorithm that uses the current time as an input. TOTP is used in two-factor authentication (2FA) systems to enhance security

Answer 263

Time of Use (TOU) is a type of race condition where the state of a resource changes between the time it is checked (time of check, TOC) and the time it is used (time of use). This can lead to security vulnerabilities if an attacker can alter the resource's state in the interval between check and use, potentially exploiting the discrepancy for malicious purposes

Answer 264

Trusted Platform Module (TPM) is a hardware-based security feature embedded in devices to provide cryptographic functions. TPM is used for secure boot, hardware-based encryption, and ensuring the integrity of the system

Answer 265

Tactics, Techniques, and Procedures (TTP) are the behavior patterns of cyber adversaries, including their methods and tools. Understanding TTP helps organizations predict, detect, and defend against cyber threats

Answer 266

Transaction Signature (TSIG) is a security protocol used to authenticate DNS messages and ensure their integrity. TSIG uses shared secret keys to sign DNS messages between DNS servers."

Answer 267

User Acceptance Testing (UAT) is the final phase of software testing where the intended users test the software to ensure it meets their requirements and expectations. UAT validates that the software is ready for deployment."

Answer 268

Unmanned Aerial Vehicle (UAV), commonly known as a drone, is an aircraft operated without a human pilot on board. UAVs are used for various purposes, including surveillance, delivery, and aerial photography.

Answer 269

User Datagram Protocol (UDP) is a communication protocol used for low-latency, loss-tolerating connections. Unlike TCP, UDP is connectionless and does not guarantee delivery, order, or error checking, making it suitable for real-time applications like streaming

Answer 270

Unified Extensible Firmware Interface (UEFI) is a modern firmware interface for computers, designed to replace BIOS. UEFI provides enhanced security features, faster boot times, and support for large storage devices

Answer 271

Unified Endpoint Management (UEM) is an approach to managing and securing all endpoints within an organization from a single console. UEM includes management of mobile devices, laptops, desktops, and IoT devicesUPS

Answer 272

Uninterruptible Power Supply (UPS) is a device that provides emergency power to a load when the main power source fails. UPS systems ensure that critical systems remain operational during power outages

Answer 273

Uniform Resource Identifier (URI) is a string of characters that identifies a particular resource on the internet. URIs include URLs (Uniform Resource Locators) and URNs (Uniform Resource Names)."

Answer 274

Uniform Resource Locator (URL) is a specific type of URI that provides a way to access a resource on the internet. A URL includes the protocol, domain name, and path to the resource."

Answer 275

Universal Serial Bus (USB) is an industry standard for cables, connectors, and protocols used for connection, communication, and power supply between computers and electronic devices

Answer 276

Universal Serial Bus (USB) Flash Drive is a portable storage device that uses flash memory and connects to a computer via a USB port. USB flash drives are used for data storage and transfer."

Answer 277

Unified Threat Management (UTM) is a security solution that integrates multiple security functions, such as firewall, intrusion detection, and antivirus, into a single device or service. UTM simplifies security management and provides comprehensive protection."

Answer 278

Unshielded Twisted Pair (UTP) is a type of cabling used in networking, consisting of pairs of wires twisted together to reduce electromagnetic interference. UTP cables are commonly used in Ethernet networks

Answer 279

Visual Basic for Applications (VBA) is a programming language developed by Microsoft that is used for automating tasks in Microsoft Office applications. VBA allows users to create macros and custom functions to enhance productivity

Answer 280

Virtual Desktop Environment (VDE) refers to a desktop computing environment where the operating system, applications, and data are stored on a remote server. Users access the VDE over a network, providing flexibility and centralized management.

Answer 281

Virtual Desktop Infrastructure (VDI) is a technology that delivers desktop environments to end-users through virtual machines hosted on a centralized server. VDI enables secure and efficient management of desktop resources

Answer 282

Virtual Local Area Network (VLAN) is a logical subdivision of a physical network that groups together devices within a LAN. VLANs improve network segmentation, security, and performance by isolating broadcast domains

Answer 283

Variable Length Subnet Mask (VLSM) allows for the use of different subnet masks within the same network, enabling more efficient IP address allocation. VLSM reduces IP address wastage and improves network scalability

Answer 284

Virtual Machine (VM) is a software emulation of a physical computer that runs an operating system and applications. VMs enable multiple isolated environments on a single physical machine, improving resource utilization."

Answer 285

Voice over Internet Protocol (VoIP) is a technology that allows voice communication and multimedia sessions over the internet. VoIP converts voice signals into digital data and transmits them over IP networks

Answer 286

Virtual Private Cloud (VPC) is a secure, isolated cloud environment within a public cloud. VPCs provide the benefits of cloud computing while maintaining control over network configuration and security

Answer 287

Virtual Private Network (VPN) is a technology that creates a secure, encrypted connection over a less secure network, such as the internet. VPNs are used to protect data privacy and ensure secure remote access."

Answer 288

Video Teleconferencing (VTC) is a technology that enables live video communication between two or more locations. VTC is used for meetings, remote collaboration, and telemedicine

Answer 289

Web Application Firewall (WAF) is a security solution that protects web applications by filtering and monitoring HTTP traffic. WAFs prevent attacks such as SQL injection, cross-site scripting (XSS), and other web-based threats

Answer 290

Wireless Access Point (WAP) is a device that allows wireless devices to connect to a wired network using Wi-Fi. WAPs extend network coverage and enable wireless communication within a network

Answer 291

Wired Equivalent Privacy (WEP) is a security protocol for wireless networks, designed to provide a level of security comparable to a wired network. WEP has been found to have significant vulnerabilities and is largely replaced by WPA/WPA2

Answer 292

Wireless Intrusion Detection System (WIDS) monitors wireless networks for suspicious activity and potential security breaches. WIDS helps detect unauthorized access points, rogue devices, and network attacks

Answer 293

Wireless Intrusion Prevention System (WIPS) actively monitors and protects wireless networks by detecting and preventing unauthorized access and malicious activity. WIPS provides proactive security measures for wireless environmentsWO

Answer 294

Work Order (WO) is a document that provides instructions for the maintenance, repair, or operation of equipment or systems. WOs are used to track and manage tasks in various industries

Answer 295

Wi-Fi Protected Access (WPA) is a security protocol developed to secure wireless networks. WPA improves upon WEP by providing stronger encryption and authentication mechanisms. WPA2 is an enhanced version of WPA with even stronger security

Answer 296

Wi-Fi Protected Setup (WPS) is a network security standard that simplifies the process of connecting devices to a wireless network. WPS allows users to easily configure wireless security settings by pressing a button or entering a PIN

Answer 297

Wireless Transport Layer Security (WTLS) is a security protocol used to provide privacy and data integrity for wireless communications. WTLS is based on TLS and is used in mobile and wireless networks

Answer 298

Extended Detection and Response (XDR) is a security approach that integrates and correlates data from multiple security products to provide comprehensive threat detection and response. XDR enhances visibility and simplifies threat management across an organization

Answer 299

Extensible Markup Language (XML) is a flexible, structured language used for encoding documents and data. XML is widely used for data interchange between systems, including web services and APIs

Answer 300

,"Exclusive OR (XOR) is a logical operation used in cryptography and computer science. XOR compares two binary values and returns true if the values are different. XOR is used in encryption algorithms and error detection."

Answer 301

Cross-Site Request Forgery (XSRF) is a type of attack that tricks a user into performing unwanted actions on a web application where they are authenticated. XSRF exploits the trust a web application has in the user's browser

Answer 302

Cross-Site Scripting (XSS) is a security vulnerability that allows attackers to inject malicious scripts into web pages viewed by users. XSS can be used to steal sensitive information, manipulate web content, and launch phishing attacks