Acronyms "N, O, P"

Question 1

NAC

Answer 1

Network Access Control

• Provides visibility, access control, and compliance
• Can define and implement strict access management controls for networks
• Centralized solution to end-point security
• Uses IEEE 802.1X standard
• Usually works with TACACS or RADIUS to verify authentication

Question 2

NAS

Answer 2

Network Attached Storage

Question 3

NAT

Answer 3

Network Address Translation

Question 4

NDA

Answer 4

Non-Disclosure Agreement

Question 5

NFC

Answer 5

Near-Field Communications

• Used for mobile payments, key cards, smart cards

Question 6

NFV

Answer 6

Network Functions Virtualization

• Virtualizes entire classes of network node functions into building blocks

Question 7

NGFW

Answer 7

Next-Generation Firewall

Question 8

NG-SWG

Answer 8

Next-Generation Secure Web Gateway

Question 9

NIC

Answer 9

Network Interface Card

Question 10

NIDS

Answer 10

Network Intrusion Detection System

Question 11

NIPS

Answer 11

Network Intrusion Prevention System

Question 12

NIST

Answer 12

National Institute of Standards & Technology

Question 13

NOC

Answer 13

Network Operations Center

• Ensures that an organization’s IT infrastructure continues to function properly

Question 14

NTFS

Answer 14

New Technology File System

Question 15

NTLM

Answer 15

New Technology Lan Manager

• Replaced by Kerberos
• Used to authenticate user identity and protect the integrity and confidentiality of their activity
• SSO tool
• Relies on a challenge-response protocol to confirm the user without requiring them to submit a password
• NTLM has known vulnerabilities and is typically only still used for legacy clients and server
• NTLM relies on a three-way handshake between the client and server to authenticate a user, while Kerberos uses a two-part process that leverages a ticket granting service or key distribution center (KDC)

Question 16

OAUTH

Answer 16

Open Authentication

• Token-based authentication
• Lets organizations share info across third-party services without exposing their users’ usernames/passwords

Question 17

NTP

Answer 17

Network Time Protocol

Question 18

OCSP

Answer 18

Online Certificate Status Protocol

• Used by CAs to check the revocation status of an X.509 digital certificate

Question 19

OID

Answer 19

Object Identifier

• Standard for naming any object, concept, or thing

Question 20

OS

Answer 20

Operating System

Question 21

OSI

Answer 21

Open Systems Interconnection

Question 22

OSPF

Answer 22

Open Shortest Path First

• Distributes routing information between routers

Question 23

OSINT

Answer 23

Open Source Intelligence

Question 24

OT

Answer 24

Operational Technology

• Hardware/software that detects or causes a change by directly monitoring and/or controlling industrial equipment, assets, processes, and events

Question 25

OTG

Answer 25

On-The-Go

Question 26

OTA

Answer 26

Over-The-Air - Pushing updates for software, configuration settings, or even encryption keys, on remote devices

Question 27

OVAL

Answer 27

Open Vulnerable Assessment Language - Community standard to promote open and publicly available security content, and to standardize the transfer of this information

Question 28

OWASP

Answer 28

Open Web Application Security Project

Question 29

P12

Answer 29

PKCS#12 - Archive file format for storing cryptography objects as a single file - Used to bundle a private key with its X.509 certificate, or to bundle the members of a chain of trust - Think of it as a container for X.509 public key certs, private keys, CRLs, and generic data

Question 30

P2P

Answer 30

Peer-to-Peer

Question 31

PaaS

Answer 31

Platform as a Service

Question 32

PAC

Answer 32

Proxy Auto Configuration - Used to define how web browsers and other user agents can automatically choose the appropriate proxy server for fetching URLs - Contains a JavaScript function that returns a string with one or more access method specifications

Question 33

PAM

Answer 33

Privileged Access Management - Safeguarding identities with special access or admin capabilities

Question 34

PAM (Authentication)

Answer 34

Pluggable Authentication Modules - Used to separate the tasks of authentication from applications - Apps can call PAM libraries to check permissions

Question 35

PAP

Answer 35

Password Authentication Protocol - Two-way handshake to provide the peer system with a simple method to establish its identity

Question 36

PAT

Answer 36

Port Address Translation

Question 37

PBKDF2

Answer 37

Password-based Key Derivation Function 2 - Key derivation functions with a sliding computation cost, which is used to reduce vulnerabilities of brute-force attacks - Applies a pseudorandom function (like HMAC) to the input password along with a salt value, and repeats this process multiple times to produce a derived key - Derived key can then be used as a cryptographic key

Question 38

PCI DSS

Answer 38

Payment Card Industry Data Security Standard - Security standards to use when accepting, processing, storing, or transmitting credit card information

Question 39

PDU

Answer 39

Power Distribution Unit - Provides multiple electric power outputs

Question 40

PE

Answer 40

Portable Executable

Question 41

PEAP

Answer 41

Protected Extensible Authentication Protocol - Provides a method to transport securely authenticated data including legacy password-based protocols, via 802.11 wifi - Uses tunneling between PEAP clients and an auth server

Question 42

PED

Answer 42

Portable Electronic Device - Devices like phones, laptops, pagers, radios, etc..

Question 43

PEM

Answer 43

Privacy Enhanced Mail - File format for storing and sending cryptographic keys, certificates, and other data - For example, when using SSH, you will often use a .pem file - Encodes the binary data using base64 - Starts with `-----BEGIN` a label and then `-----`

Question 44

PFS

Answer 44

Perfect Forward Secrecy - Feature of specific key agreement protocols that give assurances that session keys will not be compromised, even if long-term secrets used in the session key exchange are compromised - ie: for HTTPS, the long-term secret is usually the private key of the server

Question 45

PGP

Answer 45

Pretty Good Privacy - Encryption program used to provide cryptographic privacy and authentication for data communication - Useful for signing, encrypting, and decrypting texts, e-mails, files, directories, and whole disk partitions

Question 46

PHI

Answer 46

Personal Health Information

Question 47

PII

Answer 47

Personally Identifiable Information

Question 48

PIN

Answer 48

Personal Identification Number

Question 49

PIV

Answer 49

Personal Identity Verification - MFA on a smartcard - Used for identity proofing

Question 50

PKCS

Answer 50

Public Key Cryptography Standards - Group of standards for public keys

Question 51

PKI

Answer 51

Public Key Infrastructure - Roles, policies, hardware, software, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption

Question 52

POP

Answer 52

Post Office Protocol - Most commonly used message request protocol for transferring messages from e-mail servers to e-mail clients

Question 53

PoC

Answer 53

Proof of Concept

Question 54

POTS

Answer 54

Plain Old Telephone Service

Question 55

PPP

Answer 55

Point-to-Point Protocol - Communication between two routers directly without any hosts or other networks in between - Data Link Layer

Question 56

PPTP

Answer 56

Point-to-Point Tunneling Protocol - Obsolete method of implementing virtual private networks - Port 1723

Question 57

PSK

Answer 57

Pre-Shared Key - Shared secrets sent using a secure channel before it needs to be used

Question 58

PTZ

Answer 58

Pan-Tilt-Zoom - Camera that can be remotely controlled, including zoom and directional control

Question 59

PUP

Answer 59

Potentially Unwanted Program

Question 60

PBX

Answer 60

Private Branch Exchange - Telephone system that switches calls between users on local line - Multiline telephone system

Question 61

PCAP

Answer 61

Packet Capture - Collects and records packet data from a network which can then be analyzed