All relevance

Question 1

ENISA

Answer 1

European Union Agency for Cybersecurity – provides guidance on cybersecurity including definitions and threat models.

Question 2

DREAD

Answer 2

A threat evaluation model that scores threats based on Damage, Reproducibility, Exploitability, Affected users, and Discoverability.

Question 3

CVSS

Answer 3

Common Vulnerability Scoring System – a standardized framework for rating the severity of software vulnerabilities.

Question 4

CIA

Answer 4

Confidentiality, Integrity, Availability – the core triad of information security objectives.

Question 5

STRIDE

Answer 5

A Microsoft-developed threat modelling framework: Spoofing, Tampering, Repudiation, Information Disclosure, Denial of Service, Elevation of Privilege.

Question 6

VAX/VMS

Answer 6

Virtual Address eXtension / Virtual Memory System – an old operating system by DEC, targeted by the Father Christmas worm.

Question 7

DECNet

Answer 7

Digital Equipment Corporation Network – a proprietary network protocol suite used with DEC systems.

Question 8

IoT

Answer 8

Internet of Things – networked devices embedded with sensors and software for data exchange.

Question 9

MS SDL

Answer 9

Microsoft Security Development Lifecycle – a software development process focused on building secure software.

Question 10

ISO

Answer 10

International Organization for Standardization – issues global standards, including those for information security.

Question 11

NIST

Answer 11

National Institute of Standards and Technology – US-based agency that develops cybersecurity and privacy frameworks.

Question 12

BSI

Answer 12

British Standards Institution – UK-based organization providing standards including for IT and cybersecurity.

Question 13

USB

Answer 13

Universal Serial Bus – a standard interface for connecting peripherals to a computer; often restricted in security policies.

Question 14

IP

Answer 14

Internet Protocol – a foundational protocol in the internet suite, often used in IP-restricted access policies.

Question 15

ACL

Answer 15

Access Control List – Specifies permissions attached to files for users and groups.

Question 16

UID

Answer 16

User Identifier – Unique number assigned to each user on the system.

Question 17

GID

Answer 17

Group Identifier – Unique number assigned to each group on the system.

Question 18

RUID

Answer 18

Real User ID – The ID of the user who launched the process.

Question 19

EUID

Answer 19

Effective User ID – The ID used for permission checks, enabling temporary privilege escalation.

Question 20

SUID

Answer 20

Saved User ID – Stores previous EUID, allowing privilege regaining.

Question 21

RGID

Answer 21

Real Group ID – Group ownership of the process at creation.

Question 22

EGID

Answer 22

Effective Group ID – Used during access checks to allow group-based privileges.

Question 23

SGID

Answer 23

Saved Group ID – Stores previous EGID for similar purpose as SUID.

Question 24

TOC/TOU

Answer 24

Time Of Check / Time Of Use – Type of vulnerability where a condition changes between check and usage.

Question 25

RM

Answer 25

Reference Monitor – Abstract concept that mediates all access between subjects and objects in a system.

Question 26

TCB

Answer 26

Trusted Computing Base – Hardware/software base used to implement security mechanisms like RM.

Question 27

ESP

Answer 27

Extended Stack Pointer – Register that points to the top of the current stack.

Question 28

EBP

Answer 28

Extended Base Pointer – Register used to reference the base of the current stack frame.

Question 29

EIP

Answer 29

Extended Instruction Pointer – Register pointing to the next instruction to be executed.

Question 30

BSS

Answer 30

Block Started by Symbol – Memory segment for uninitialized global/static variables.

Question 31

ASLR

Answer 31

Address Space Layout Randomization – Mitigation technique to randomize memory addresses.

Question 32

NOP

Answer 32

No Operation – Assembly instruction that does nothing; used in NOP sleds in exploits.

Question 33

IIS

Answer 33

Internet Information Services – Microsoft's web server application, exploited in CodeRed.

Question 34

SHA

Answer 34

Secure Hash Algorithm – Cryptographic hash function (e.g., SHA-512 used in /etc/shadow).

Question 35

JVM

Answer 35

Java Virtual Machine – A sandboxed execution environment for Java programs.

Question 36

OS

Answer 36

Operating System – Manages hardware and software resources of a system.

Question 37

CSV

Answer 37

Comma-Separated Values – Format requested for flashcard export (mentioned outside slide content).

Question 38

OSI

Answer 38

Open Systems Interconnection - conceptual model with seven network layers.

Question 39

TCP

Answer 39

Transmission Control Protocol - reliable, connection-oriented protocol at transport layer.

Question 40

IP

Answer 40

Internet Protocol - delivers packets across networks using IP addresses.

Question 41

IPv4

Answer 41

Internet Protocol version 4 - 32-bit addressing format with ~4.3 billion addresses.

Question 42

IPv6

Answer 42

Internet Protocol version 6 - 128-bit addressing format with vast address space.

Question 43

CIDR

Answer 43

Classless Inter-Domain Routing - flexible IP address allocation using slash notation (/n).

Question 44

NAT

Answer 44

Network Address Translation - maps private IPs to public IPs at network edges.

Question 45

AS

Answer 45

Autonomous System - large network under single administrative control.

Question 46

BGP

Answer 46

Border Gateway Protocol - manages routing between autonomous systems.

Question 47

iBGP

Answer 47

Internal BGP - routing protocol within an autonomous system.

Question 48

eBGP

Answer 48

External BGP - routing protocol between different autonomous systems.

Question 49

TTL

Answer 49

Time To Live - value that limits a packet's lifespan in hops.

Question 50

DNS

Answer 50

Domain Name System - resolves domain names to IP addresses.

Question 51

RR

Answer 51

Resource Record - unit of DNS data including name, type, value, TTL.

Question 52

QID

Answer 52

Query ID - unique 16-bit ID for DNS requests.

Question 53

NS

Answer 53

Name Server - DNS record type pointing to authoritative name server.

Question 54

A

Answer 54

Address - DNS record mapping hostname to IPv4 address.

Question 55

AAAA

Answer 55

Quad-A - DNS record mapping hostname to IPv6 address.

Question 56

PTR

Answer 56

Pointer - reverse DNS record mapping IP to hostname.

Question 57

CNAME

Answer 57

Canonical Name - DNS alias record.

Question 58

MX

Answer 58

Mail Exchanger - DNS record specifying a mail server.

Question 59

HINFO

Answer 59

Host Information - DNS record detailing hardware and OS.

Question 60

NXDOMAIN

Answer 60

Non-Existent Domain - DNS error when domain does not exist.

Question 61

NOERROR

Answer 61

No Error - DNS response code indicating successful query.

Question 62

DNSSEC

Answer 62

DNS Security Extensions - adds digital signatures to DNS replies.

Question 63

DoT

Answer 63

DNS over TLS - secures DNS via TLS encryption (RFC 7858).

Question 64

DoH

Answer 64

DNS over HTTPS - secures DNS via HTTPS protocol (RFC 8484).

Question 65

DoQ

Answer 65

DNS over QUIC - secures DNS using QUIC, a UDP-based protocol (RFC 9250).

Question 66

QUIC

Answer 66

Quick UDP Internet Connections - secure, low-latency UDP-based transport protocol.

Question 67

DoS

Answer 67

Denial of Service - attack to make services unavailable via flooding.

Question 68

DDoS

Answer 68

Distributed Denial of Service - DoS using multiple sources.

Question 69

MitM

Answer 69

Man-in-the-Middle - attacker intercepts and modifies communication.

Question 70

ARP

Answer 70

Address Resolution Protocol - maps IP addresses to MAC addresses.

Question 71

ISN

Answer 71

Initial Sequence Number - first TCP sequence number, must be unpredictable.

Question 72

RST

Answer 72

Reset - TCP flag to abruptly terminate a connection.

Question 73

SYN

Answer 73

Synchronize - TCP flag to start a connection.

Question 74

ACK

Answer 74

Acknowledgement - TCP flag to confirm receipt of packets.

Question 75

FIN

Answer 75

Finish - TCP flag to gracefully end a connection.

Question 76

RIR

Answer 76

Regional Internet Registry - allocates IP blocks to LIRs.

Question 77

LIR

Answer 77

Local Internet Registry - allocates IPs to ISPs and organizations.

Question 78

IANA

Answer 78

Internet Assigned Numbers Authority - oversees global IP address allocation.

Question 79

JISC

Answer 79

Joint Information Systems Committee - manages UK educational IP infrastructure.

Question 80

RIPE

Answer 80

Réseaux IP Européens - European RIR managing IP allocation.

Question 81

WHOIS

Answer 81

Who Is - tool to look up domain or IP registry information.

Question 82

Term

Answer 82

Full Form

Question 83

HTTP

Answer 83

HyperText Transfer Protocol

Question 84

HTTPS

Answer 84

HTTP Secure

Question 85

URL

Answer 85

Uniform Resource Locator

Question 86

URI

Answer 86

Uniform Resource Identifier

Question 87

URN

Answer 87

Uniform Resource Name

Question 88

HTML

Answer 88

HyperText Markup Language

Question 89

CSS

Answer 89

Cascading Style Sheets

Question 90

JS

Answer 90

JavaScript

Question 91

DOM

Answer 91

Document Object Model

Question 92

SOP

Answer 92

Same Origin Policy

Question 93

TLS

Answer 93

Transport Layer Security

Question 94

SSL

Answer 94

Secure Sockets Layer

Question 95

STS

Answer 95

Strict-Transport-Security

Question 96

SQL

Answer 96

Structured Query Language

Question 97

SQLi

Answer 97

SQL Injection

Question 98

XSS

Answer 98

Cross-Site Scripting

Question 99

CSP

Answer 99

Content Security Policy

Question 100

CSRF / XSRF

Answer 100

Cross-Site Request Forgery

Question 101

SVT

Answer 101

Secret Validation Token

Question 102

HMAC

Answer 102

Hash-based Message Authentication Code

Question 103

UI

Answer 103

User Interface

Question 104

API

Answer 104

Application Programming Interface

Question 105

MitM

Answer 105

Man-in-the-Middle

Question 106

TOFU

Answer 106

Trust On First Use

Question 107

CVE

Answer 107

Common Vulnerabilities and Exposures

Question 108

GET

Answer 108

HTTP GET Method

Question 109

POST

Answer 109

HTTP POST Method

Question 110

iframe

Answer 110

Inline Frame

Question 111

Referer Header

Answer 111

HTTP Referer Header

Question 112

Origin Header

Answer 112

HTTP Origin Header