Acronyms "Q, R, S"

Question 1

QA

Answer 1

Quality Assurance

Question 2

QoS

Answer 2

Quality of Service

Question 3

RA

Answer 3

Recovery Agent

Question 4

RACE

Answer 4

Research and Development in Advanced Communication Technologies in Europe

Question 5

RAD

Answer 5

Rapid Application Development

• Agile software development approach
• Focuses on ongoing software projects and user feedback and less on following a strict plan
• Emphasizes rapid prototyping over costly planning

Question 6

RADIUS

Answer 6

Remote Authentication Dial-in User Service

• Provides centralized authentication to protect networks against unauthorized use
• Could also be used for device administration, but its primary purpose is network authentication
• Combines authentication and authorization
• Encrypts only the password field, not the entire packet.

Question 7

RAID

Answer 7

Redundant Array of Inexpensive Disks

• Storage virtualization technology that combines multiple physical disk drive components into one or more logical units
• Used to increase data redundancy, performance, or both
• Striping - spreads blocks of data across multiple disks. Great for increased performance but provides zero data redundancy or protection
• Mirroring - copies the same data across disks. Provides data redundancy and protection from failure, but requires more disks which increases cost
• Parity - calculated value that gets used to restore data from multiple drives if one of the drives were to fail. This prevents the need to mirror using separate drives since parity is spread among disks.
• RAID 0 - striping
  
  • Needs 2 drives minimum
• RAID 1 - mirroring
  
  • Needs 2 drives minimum
• RAID 4 - striping and parity
  
  • Needs 3 drives minimum
• RAID 5 - striping and parity
  
  • Needs 3 drives minimum
• RAID 6 - striping and parity
  
  • Needs 4 drives minimum

Question 8

RAM

Answer 8

Random Access Memory

Question 9

RAS

Answer 9

Remote Access Server

Question 10

RAT

Answer 10

Remote Access Trojan

• Malware that gives the attacker admin control over the target computer
• Typically used to then take further action

Question 11

RBAC

Answer 11

Role-Based Access Control

• Used to assign rights and permissions based on roles of users
• Roles are usually assigned by groups

Question 12

RC4

Answer 12

Rivest Cipher 4

• Insecure
• WEP

Question 13

RCS

Answer 13

Rich Communication Services

• Communication protocol between mobile telephone carriers and between phone and carrier, aiming at replacing SMS messages with a text-message system that is richer, provides phonebook polling (for service discovery), and can transmit in-call multimedia. It is part of the broader IP Multimedia Subsystem. Google added support for end-to-end encryption for one-on-one conversations in their own extension.

Question 14

RFC

Answer 14

Request for Comment

Question 15

RFID

Answer 15

Radio Frequency Identifier

• Uses electromagnetic fields to automatically identify and track tags attached to objects
• Consists of a tiny radio transponder, a radio receiver, and a transmitter
• Made up of tags and readers

Question 16

RIPEMD

Answer 16

RACE Integrity Primitives Evaluation Message Digest

Question 17

ROI

Answer 17

Return on Investment

Question 18

RPO

Answer 18

Recovery Point Objective

• an RPO of 24 hours means that the data can be recovered (from a backup copy) to a point not more than 24 hours
• The maximum amount of data (measured by time) that can be lost after a recovery from a disaster or failure
• Used to determine the frequency of backups
• ie: if an RPO is 70 minutes, you require system backups every 70 minutes

Question 19

RSA

Answer 19

Rivest, Shamir, Adleman

• Algorithm used to encrypt and decrypt messages (public-key cryptosystem)
• Asymmetric…the public key can be known to everyone
• Messages encrypted using the public key can only be decrypted with the private key
• Slower than some

Question 20

RTBH

Answer 20

Remote Triggered Black Hole

• Can be used to drop traffic before it enters a protected network
• A common use is to mitigate DDoS

Question 21

RTO

Answer 21

Recovery Time Objective

• Max amount of time it can take to recover after a failure or disaster before the business is significantly impacted

Question 22

RTOS

Answer 22

Real-Time Operating System

• Event-driven and preemptive
• Switches between tasks based on their priorities (event-driven) or on a regular clocked interrupts and on events (time-sharing)

Question 23

RTP

Answer 23

Real-Time Transport Protocol

• Used to transfer audio/video over IP networks
• Streaming media, for example

Question 24

S/MIME

Answer 24

Secure/Multipurpose Internet Mail Extensions

• Provides a way to integrate public-key encryption and digital signatures into most modern email clients.
• This would encrypt all email information from client to client, regardless of the communication used between email servers

Question 25

SaaS

Answer 25

Software as a Service

Question 26

SAE

Answer 26

Simultaneous Authentication of Equals

• Secure password-based authentication and password-authenticated key agreement method

Question 27

SAML

Answer 27

Security Assertions Markup Language

• XML-based markup language for security assertions
• Allows an IdP to authenticate users and then pass an auth token to another application (service provider)

Question 28

SAN (Network)

Answer 28

Storage Area Network

• Dedicated, independent high-speed network that interconnects and delivers shared pools of storage devices to multiple servers

Question 29

SAN (Digital Certificates)

Answer 29

Subject Alternative Name

• Extension to X.509 that allows various values to be associated with a security certificate

Question 30

SCADA

Answer 30

System Control and Data Acquisition

• Control system for high-level supervision of machines and processes

Question 31

SCAP

Answer 31

Security Content Automation Protocol

• A synthesis of interoperable specifications derived from community ideas

Question 32

SCEP

Answer 32

Simple Certificate Enrollment Protocol

• Makes the request and issuing of digital certificates as simple as possible

Question 33

SDK

Answer 33

Software Development Kit

• Collection of software development tools you can install in one package

Question 34

SDLC

Answer 34

Software Development Life Cycle

Question 35

SDLM

Answer 35

Software Development Life Cycle Methodology

Question 36

SDN

Answer 36

Software Defined Networking

• Makes networking a bit more like cloud computing than traditional network management by defining network technology via software

Question 37

SDV

Answer 37

Software Defined Visibility

• Framework that allows customers, security and network equipment vendors, as well as MSPs, to control and program Gigamon’s Visibility Fabric via REST-based APIs

Question 38

SED

Answer 38

Self-Encrypting Drive

• Data gets encrypted as it gets added to disk (HDD and SSD)

Question 39

SEH

Answer 39

Structured Exception Handler

• A way of handling both software and hardware exceptions/failures gracefully

Question 40

SFTP

Answer 40

Secure File Transfer Protocol

Question 41

SHA

Answer 41

Secure Hashing Algorithm

Question 42

SHTTP

Answer 42

Secure Hypertext Transfer Protocol

• Obsolete Alternative to HTTPS

Question 43

SIEM

Answer 43

Security Information and Event Management

Question 44

SIM

Answer 44

Subscriber Identity Module

• SIM Card for phones

Question 45

SIP

Answer 45

Session Initiation Protocol

• Used to initiate, maintain, and terminate real-time sessions that include voice, video, and messaging apps

Question 46

SLA

Answer 46

Service Level Agreement

Question 47

SLE

Answer 47

Single Loss Expectancy

• Monetary value of an asset
• % of loss for each realized threat

Question 48

SMS

Answer 48

Short Message Service

Question 49

SMTP

Answer 49

Simple Mail Transfer Protocol

Question 50

SMTPS

Answer 50

Simple Mail Transfer Protocol Secure

Question 51

SNMP

Answer 51

Simple Network Management Protocol

• Networking protocols used for the management and monitoring of network-connected devices in IP networks

Question 52

SOAP

Answer 52

Simple Object Access Protocol

• Lightweight XML-based protocol that’s used for exchanging information in decentralized, distributed application environments
• Versus REST, which mostly uses JSON

Question 53

SOAR

Answer 53

Security Orchestration Automation Response

• Technologies that enable orgs to collect inputs monitored by the security operations team
• ie: alerts from the SIEM and other security tech where incident analysis and triage can be performed by leveraging a combination of human and machine power

Question 54

SOC (Hardware)

Answer 54

System on a Chip

• Raspberry Pi is an example of SoC
• Multiple components running on a single chip

Question 55

SOC

Answer 55

Security Operations Center

Question 56

SPF

Answer 56

Sender Policy Framework

• Email-authentication technique which is used to prevent spammers from sending messages on behalf of your domain

Question 57

SPIM

Answer 57

Spam over Instant Message

Question 58

SQL

Answer 58

Structured Query Language

Question 59

SQLi

Answer 59

Structured Query Language Injection

Question 60

SRTP

Answer 60

Secure Real-Time Transfer Protocol

• Provides encryption, message authentication and integrity, and replay attack protection to the RTP data

Question 61

SSD

Answer 61

Solid State Drive

Question 62

SSH

Answer 62

Secure Shell

Question 63

SSL

Answer 63

Secure Sockets Layer

Question 64

SSO

Answer 64

Single Sign On

Question 65

STIX

Answer 65

Structured Threat Information eXchange

• XML structured language for sharing threat intelligence
• Like TAXII, STIX is a community-driven project

Question 66

STP

Answer 66

Shielded Twisted Pair

Question 67

SWG

Answer 67

Secure Web Gateway

• Protects users from web-based threads and applies and enforces corporate acceptable use policies
• Instead of connecting directly to a website, the user accesses the SWG, which then connects the user to the desired website
• This helps with URL filtering, web visibility, malicious content inspection, web access controls, and more