Glossary

Question 1

Assurance

Answer 1

A positive acknowledgement designed to provide confidence.

Question 2

Asymmetric cryptography

Answer 2

A cryptographic system requiring two separate keys, one of which is private and one of which is public.

Question 3

Acceptable Use Policy (AUP)

Answer 3

A policy used to identify what personal use of company resources is acceptable.

Question 4

Accountability

Answer 4

The principle of holding individuals and entities responsible for their actions and decisions related to information security.

Question 5

Accredited

Answer 5

Accredited refers to the official recognition or certification given to an individual, organization, or program that meets specific standards or criteria set by a reputable accrediting body.

Question 6

Active Content

Answer 6

Content on a website that is either interactive, such as internet polls, or dynamic, such as animated pictures, JavaScript applications or ActiveX applications.

Question 7

Analysis

Answer 7

The detailed examination of the elements or structure of an entity.

Question 8

Anti-Virus

Answer 8

Software designed to negate or destroy a computer virus

Question 9

Assessment

Answer 9

An estimation of the nature or quality of an entity.

Question 10

Asset

Answer 10

Something that has a value to an organisation

Question 11

Audit

Answer 11

A formal inspection of an organisation’s processes or procedures.

Question 12

Authentication

Answer 12

The assurance that a person or entity is who they claim to be.

Question 13

Authorisation

Answer 13

the process of granting or restricting access to resources, systems, or information based on the permissions and privileges assigned to individuals or entities, ensuring that only authorised users can perform certain actions or access specific data.

Question 14

Availability

Answer 14

The property of being accessible where and when required by an authorised person, entity, or process.

Question 15

Avoidance

Answer 15

Avoidance refers to the deliberate action of eliminating or staying away from a particular risk or situation to prevent its occurrence or potential negative impact.

Question 16

Backdoor

Answer 16

A method of bypassing normal authentication methods, securing illegal remote access to a computer.

Question 17

Baseline controls

Answer 17

Standards that are used to define how systems should be configured, and managed securely.

Question 18

Biometric

Answer 18

Biometric identifiers are the distinctive, measurable characteristics used to label, describe and identify individuals.
E.G. Face recognition, finger print, voice recognition.

Question 19

Bring your own device (BYOD)

Answer 19

A scheme adopted by some organisations that permits staff to use their own desktop and laptop, computers, tablets and smartphones.

Question 20

Business continuity (BC)

Answer 20

The ability of an organisation to continue to function in order to deliver its products or services at an acceptable level following a business disruption.

Question 21

Business Continuity and Disaster Recovery (BCDR)

Answer 21

BCDR focuses on maintaining critical business functions, processes, and infrastructure during and after disruptive events, such as natural disasters, cyber attacks, or system failures, to ensure the organization can continue operating and recover swiftly.

Question 22

Business impact analysis (BIA)

Answer 22

The process of analysing the consequences a business disruption might have upon the organisation’s assets.

Question 23

Certification

Answer 23

A process confirming that a person has reached a predefined level of Achievement.

Question 24

Classification

Answer 24

The arrangement of items into taxonomic groups in the information security context, it labels information to identify any defined processing, handling, storage or transmission measures required to ensure appropriate security.

Question 25

Code of conduct

Answer 25

A policy that may apply to individuals to ensure that they behave in a certain way.

Question 26

Compliance

Answer 26

Acting in accordance with a set of rules or a policy.

Question 27

Confidentiality

Answer 27

The principle of ensuring that sensitive information is only accessed or disclosed by authorized individuals and protected from unauthorized access or disclosure.

Question 28

Corrective controls

Answer 28

Security measures and actions taken in response to identified security incidents, vulnerabilities, or non-compliance issues to mitigate risks, rectify the situation, and prevent future occurrences. (A form of Risk treatment)

Question 29

Countermeasure

Answer 29

An action taken to counteract a threat.

Question 30

Cover time

Answer 30

The minimum time for which information must remain secret.

Question 31

Cross site request forgery (CSRF)

Answer 31

Cross-Site Request Forgery (CSRF) is an attack where an attacker tricks a user’s browser into performing unwanted actions on a trusted website without the user’s knowledge or consent.

Question 32

Cross-Site Scripting (XXS)

Answer 32

A type of web vulnerability that allows attackers to inject malicious scripts or code into web pages viewed by other users. Occurs when a website or web application does not properly validate or sanitize user input, such as input entered into input fields or parameters in URLs.

Question 33

Cryptanalysis

Answer 33

The practice of analysing and deciphering encrypted data or cryptographic systems with the goal of uncovering the original information, discovering weaknesses in the encryption algorithms, or finding methods to bypass or break the encryption.

Question 34

Cryptography

Answer 34

The art and science of encoding information to secure it from unauthorized access or modification during transmission or storage.

Question 35

Data leakage (also known as data loss prevention)

Answer 35

Measures taken to prevent the unauthorised extraction of data from an organisation.

Question 36

Decryption

Answer 36

The process of taking encrypted information and returning it to a state of Plaintext.

Question 37

Defence in depth

Answer 37

A security strategy that involves implementing multiple layers of defence mechanisms and controls to protect against various types of threats and attacks. Rather than relying on a single security measure, defence in depth seeks to create overlapping layers of security that complement and reinforce one another.

Question 38

Deming Cycle

Answer 38

The Deming Cycle, also known as the Plan-Do-Check-Act (PDCA) cycle, is a continuous improvement model used to achieve quality control and process improvement. It involves four iterative steps: planning (identifying objectives and processes), doing (implementing the plan), checking (monitoring and evaluating the results), and acting (making necessary adjustments and standardizing improvements) in order to continually enhance performance and efficiency.

Question 39

Denial of service (DoS)

Answer 39

A malicious attack or deliberate action that disrupts or overwhelms a computer system, network, or service, rendering it inaccessible or unusable for legitimate users.

Question 40

Directive controls

Answer 40

Security measures that use policies, procedures, and guidelines to provide explicit instructions and guidance to individuals or entities, ensuring compliance with security requirements and mitigating risks.

Question 41

Disaster recovery (DR)

Answer 41

The process and strategies put in place to restore and recover critical systems, data, and infrastructure after a disruptive event or disaster, aiming to minimize downtime and resume normal operations as efficiently and effectively as possible.

Question 42

Distributed Denial of Service (DDoS)

Answer 42

A cyber attack where multiple compromised devices or systems flood a target network or server with a massive volume of traffic, rendering it inaccessible to legitimate users.

Question 43

Detective controls

Answer 43

A form of risk treatment, these are tactical controls that identify events while they are taking place.

Question 44

Digital certificate

Answer 44

An electronic document that uses a digital signature to bind a public key with an identity -information such as the name of a person or an organisation, their address and so forth.

Question 45

Digital signature

Answer 45

A mathematical scheme for demonstrating the authenticity of a digital message or document.

Question 46

DOM-based XSS (Document Object Model Cross site scripting)

Answer 46

The malicious script or code manipulates the Document Object Model (DOM) of a web page, affecting its behaviour and potentially compromising the security of the user’s session.

Question 47

Domain

Answer 47

A domain is a unique and recognizable name associated with a website or network that allows users to access resources on the internet.

Question 48

Encryption

Answer 48

The process of encoding messages (or information) in such a way that eavesdroppers or hackers cannot read it but authorised parties can.

Question 49

Evaluation

Answer 49

the systematic assessment and analysis of something to determine its effectiveness, quality, and value, providing insights for decision-making and improvement.

Question 50

False positive

Answer 50

An indication that something has been detected or has happened when in fact, it has not happened.

Question 51

Firewall

Answer 51

A technological barrier designed to prevent unauthorised or unwanted communications between computer networks or hosts.

Question 52

GDPR (General Data Protection Regulation)

Answer 52

The General Data Protection Regulation (GDPR) is a comprehensive EU law that regulates the processing and protection of personal data to ensure individuals’ privacy rights are upheld.

Question 53

General Data Protection Regulation (GDPR)

Answer 53

A comprehensive data protection and privacy regulation introduced by the European Union (EU) in 2018. It establishes rules and guidelines for the collection, processing, and storage of personal data of individuals within the EU, and grants them greater control and rights over their personal information, while imposing obligations on organizations that handle such data to ensure its protection and lawful use.

Question 54

Governance

Answer 54

Governance refers to the processes, policies, and practices implemented by an organization or governing body to ensure effective decision-making, accountability, and the proper management of resources. It involves establishing frameworks, structures, and controls to guide the actions and behaviours of individuals and entities within an organization, with the ultimate goal of achieving organizational objectives and fulfilling responsibilities to stakeholders.

Question 55

Hardening

Answer 55

Hardening refers to the process of strengthening and securing a computer system, network, or software application to reduce vulnerabilities and enhance resistance against potential threats and attacks. It involves implementing security measures, such as configuring system settings, removing unnecessary services, applying patches and updates, enforcing access controls, and implementing encryption, to minimize the attack surface and improve the overall security posture of the system. Hardening measures aim to protect against unauthorized access, data breaches, and other security risks.

Question 56

Hash digest or hash function

Answer 56

A hash digest, also known as a hash value or hash code, is the output generated by a hash function when it processes input data. A hash function is a mathematical algorithm that takes an input (such as a file, message, or data) and produces a fixed-size alphanumeric string, which represents a unique “digest” of the input. The hash function processes the input in a way that any slight change in the input will result in a significantly different hash value. Hash functions are commonly used in cryptography, data integrity verification, password storage, and digital signatures.

Question 57

Hashing

Answer 57

Hashing is the process of applying a hash function to input data in order to generate a fixed-size output, known as a hash value or hash code. The hash function takes the input and applies a mathematical algorithm to produce a unique and representative hash value. The resulting hash value is typically used to verify the integrity of data, compare files or messages for similarity, store passwords securely, and provide quick data retrieval in data structures like hash tables

Question 58

Identification

Answer 58

The process of confirming the identity of an individual or entity.

Question 59

integrity

Answer 59

Integrity refers to the quality or state of information or data being complete, accurate, and unaltered throughout its lifecycle.

Question 60

Mitigation

Answer 60

Mitigation is the process of implementing measures to reduce the potential impact or severity of a threat or risk.

Question 61

Acceptance

Answer 61

Acceptance is the conscious decision to tolerate a risk without implementing additional measures to mitigate or control it.

Question 62

MTD (Maximum Tolerable Downtime)

Answer 62

MTD refers to the maximum duration of time that an organization can tolerate being without its critical business functions or IT systems after a disruption or disaster occurs. It represents the upper limit of acceptable downtime beyond which the organization’s viability and objectives may be seriously compromised.

Question 63

Non-Repudiation

Answer 63

Non-repudiation is the assurance that the originator of a message cannot deny their involvement or the authenticity of the message sent.

Question 64

OSA Framework

Answer 64

The Open Security Architecture (OSA) is a framework related to technical and functional security controls. OSA offers a comprehensive overview of crucial security components, principles, issues, and concepts that underlie architectural decisions involved in designing effective security architectures. However, OSA can only be used if the security architecture has already been designed.

Question 65

Penetration testing

Answer 65

Penetration testing, often referred to as pen testing, is a systematic process of evaluating the security of a computer system, network, or application by simulating real-world attacks. It involves authorized attempts to exploit vulnerabilities and identify weaknesses in order to assess the overall security posture and potential risks.

Question 66

Privileged User Management (PUM)

Answer 66

The processes, controls, and technologies implemented to manage and secure the access and activities of privileged users within an organization. It involves identifying and managing accounts with elevated privileges, such as system administrators or IT administrators, and implementing measures to control and monitor their access to sensitive systems, data, and resources. PUM aims to mitigate the risks associated with privileged access, ensure accountability, and protect against unauthorized or malicious actions by privileged users.

Question 67

Reflected XSS (Reflected Cross-Site Scripting)

Answer 67

The malicious script or code is embedded in a URL or input field and is then reflected back to the user in the website’s response. The script is executed when the user clicks on the manipulated link or interacts with the vulnerable input field.

Question 68

Repository

Answer 68

a central location in which data is stored and managed.

Question 69

RPO (Recovery Point Objective)

Answer 69

RPO represents the maximum tolerable amount of data loss that an organization can afford during a disruption or disaster. It defines the point in time to which data must be recovered in order to resume operations with an acceptable level of data integrity. RPO is often measured in terms of time, indicating the maximum acceptable time gap between the last data backup and the occurrence of the disruption.

Question 70

RTO (Recovery Time Objective)

Answer 70

RTO is the targeted duration of time within which a business process, system, or service needs to be restored after a disruption. It defines the time frame within which the organization aims to recover its critical functions and resume normal operations following a disaster. RTO typically includes the time required for incident response, recovery procedures, and restoration activities.

Question 71

SABSA Framework

Answer 71

The Sherwood Applied Business Security Architecture, is a policy-driven framework. It helps define the critical questions that security architecture can only answer: what, why, when, and who. The goal of SABSA is to ensure that after the design of security services, they are then delivered and supported as an integral part of the enterprise’s IT management. One downside, however, is that SABSA doesn’t get into specifics regarding technical implementation.

Question 72

Security Architecture Framework

Answer 72

is a structured approach or model that provides guidelines and principles for designing and implementing effective security measures within an organization’s infrastructure and systems.
Examples: TOGAF, SABSA, OSA.

Question 73

Security Operations Centre (SOC)

Answer 73

It is a centralized facility or team within an organization that is responsible for monitoring, detecting, analysing, and responding to cybersecurity incidents and threats. The primary function of a SOC is to maintain the security of an organization’s systems, networks, and data by actively monitoring and managing security events and incidents in real-time.

Question 74

SOC 1 (Statement on Standards for Attestation Engagements No. 18, SSAE 18)

Answer 74

Is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It focuses on evaluating the effectiveness of internal controls over financial reporting (ICFR) within a service organization. This report assesses the design effectiveness of the controls at a specific point in time.

Question 75

SOC 2 (Service Organization Control 2)

Answer 75

is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA). It focuses on evaluating and reporting on the controls implemented by service organizations related to security, availability, processing integrity, confidentiality, and privacy of customer data. This report assesses the design effectiveness as well as the operating effectiveness of the controls over a specified period (generally six to twelve months).

Question 76

SQL (Structured Query Language)

Answer 76

It is a programming language used for managing and manipulating relational databases. SQL is commonly used to create, retrieve, update, and delete data stored in databases, as well as to define database schemas, create tables, and establish relationships between tables. It is widely used in the field of database management systems and plays a crucial role in interacting with and managing data in relational databases.

Question 77

SQL injection

Answer 77

SQL (Structured Query Language) injection is a web security vulnerability that allows an attacker to insert malicious SQL code into a web application’s database query, potentially gaining unauthorized access, manipulating data, or executing arbitrary commands.

Question 78

Stored XSS (Stored Cross-Site Scripting)

Answer 78

The malicious script or code is permanently stored on the target website or web application. Whenever a user accesses the affected page, the script is executed.

For example, let’s say there is a vulnerability in the platform’s comment system that does not properly sanitize user input. The attacker takes advantage of this vulnerability by posting a comment containing a malicious script. The script is stored on the platform’s server and becomes part of the comment’s content.

When other users view the affected comment, their web browsers execute the malicious script unknowingly. The script can perform various actions, such as stealing sensitive information (like login credentials or personal data), redirecting users to malicious websites, or even initiating unauthorized actions on behalf of the user.

Question 79

symmetric

Answer 79

Symmetric refers to a cryptographic system or algorithm that uses the same key for both encryption and decryption processes.

Question 80

Threat

Answer 80

A threat is a potential event or circumstance that can cause harm, damage, or compromise to an organization’s assets, operations, or information systems.

Question 81

TOGAF Framework

Answer 81

The Open Group Architecture Framework, helps determine which problems need to be solved within the security infrastructure in a business. Its primary focus is on the organization’s goal and scope, as well as the preliminary phases of security architecture. TOGAF does not, however, give specific guidance on ways to address security issues.

Question 82

Trojan (Trojan Horse)

Answer 82

A type of malicious software (malware) that disguises itself as a legitimate or harmless program, file, or attachment to deceive users and gain unauthorized access to their computer systems or networks.

Question 83

Zero-Day

Answer 83

A type of cyber attack that takes advantage of a previously unknown vulnerability or weakness in software, hardware, or a computer system. It occurs before the vulnerability is discovered or a patch is released, making it challenging to defend against and potentially causing significant damage.

Question 84

Administrative

Answer 84

Administrative controls are policies, procedures, or rules implemented to manage and regulate behaviours, actions, and responsibilities within an organization, aiming to ensure compliance, accountability, and effective security management.

Question 85

Security practitioner

Answer 85

A security practitioner is an individual who specializes in the field of security and is responsible for implementing and managing various security measures to protect information, systems, networks, or physical assets from threats and risks.

Question 86

Policy

Answer 86

A policy is a formal document that outlines the rules, guidelines, and principles that govern the behavior, decisions, and actions within an organization to achieve specific objectives or address specific concerns

Question 87

Procedure

Answer 87

A procedure is a documented sequence of steps or actions that provides specific instructions for carrying out a particular task, process, or activity within an organization.

Question 88

Law

Answer 88

A law is a binding and enforceable rule or regulation established by a governing authority to govern the behaviour of individuals or groups within a society.

Question 89

Standard

Answer 89

A standard is a documented set of criteria, guidelines, or specifications that provide a reference for consistent and reliable practices, processes, or products in a specific industry or field.

Question 90

Role-Based Access Control (RBAC)

Answer 90

It is an access control model where access permissions are based on the roles assigned to users.

Question 91

Mandatory Access Control (MAC)

Answer 91

It is a security model where access to resources is based on set policies and rules defined by a central authority or system administrator.

Question 92

Discretionary Access Control (DAC)

Answer 92

It is an access control model where access to resources is determined by the discretion of the resource owner or manager.

Question 93

Redundancy

Answer 93

Redundancy is the duplication or backup of critical resources to ensure continuous operation and minimize the impact of failures or disruptions.

Question 94

Intrusion Prevention System (IPS)

Answer 94

Intrusion Prevention System (IPS) is a security technology that actively monitors and analyses network traffic to detect and block potential threats or malicious activities in real-time.

Question 95

Intrusion Detection System (IDS)

Answer 95

Intrusion Detection System (IDS) is a security technology that passively monitors and analyses network traffic to identify and alert about potential security breaches or unauthorized activities.

Question 96

Quality Assurance and Control (QA/QC)

Answer 96

refers to the set of processes and activities undertaken to ensure that a product or service meets specified quality standards. It involves monitoring and evaluating the development or production process, identifying defects or deviations from requirements, and implementing corrective actions to improve quality and prevent issues.

Question 97

Source code analysis

Answer 97

Source code analysis is the process of examining the source code of a software application to identify programming errors, security vulnerabilities, and adherence to coding standards.

Question 98

Packet sniffing

Answer 98

Packet sniffing, also known as network sniffing or packet analysis, is the practice of capturing and inspecting network traffic in order to gather information or analyse its contents. It involves intercepting and examining the packets of data that are transmitted over a network, allowing an attacker to potentially access sensitive information, such as usernames, passwords, or other confidential data.

Question 99

White noise generation

Answer 99

White noise generation is a technique used to create a random, non-stop, and uniform sound signal that covers a wide range of frequencies. It is often used as a physical security control to mask or interfere with the detection of genuine electromagnetic emanations from computing equipment. The purpose is to confuse or prevent eavesdropping or unauthorized interception of sensitive information.

Question 100

Quantitative

Answer 100

Quantitative refers to a type of analysis or measurement that involves the use of numerical data and mathematical models to assess and quantify risks, impacts, probabilities, or other factors related to a particular subject or situation. It involves the use of quantitative methods and techniques to derive objective and measurable results.

Question 101

Qualitative

Answer 101

Qualitative refers to a type of analysis or assessment that focuses on non-numerical data and subjective factors to understand and evaluate a subject or situation. It involves gathering and interpreting qualitative data such as observations, opinions, interviews, and descriptions to gain insights, identify patterns, and make subjective judgments. Qualitative analysis often involves a more subjective and interpretive approach compared to quantitative analysis.

Question 102

Static Testing

Answer 102

Static testing is a software testing technique that is performed without executing the code. It involves analysing the software artifacts such as requirements, design documents, and source code to identify defects, compliance issues, and other quality concerns. Static testing techniques include code reviews, walkthroughs, inspections, and other forms of manual or automated analysis. The objective of static testing is to improve the quality of the software by identifying and addressing issues early in the development process.

Question 103

Dynamic Testing

Answer 103

Dynamic testing is a software testing technique that involves executing the software and observing its behaviour to evaluate its performance, functionality, and other dynamic characteristics. It is performed by running the software with various inputs and verifying if the actual output matches the expected output. Dynamic testing can include activities such as functional testing, integration testing, system testing, performance testing, and security testing. The goal of dynamic testing is to ensure that the software functions correctly and meets the specified requirements.

Question 104

Systems Security Engineering Capability Maturity Model (SSE-CMM)

Answer 104

The Systems Security Engineering Capability Maturity Model (SSE-CMM) is a process-oriented information system evaluation method. It focuses on assessing and improving the capability of an organization’s security engineering processes. It provides a framework for evaluating and improving an organization’s ability to manage and secure its information systems throughout their lifecycle. The SSE-CMM emphasizes the process aspects of security engineering rather than assurance aspects.

Question 105

User input validation

Answer 105

User input validation is a security countermeasure that involves validating and sanitizing user input to ensure it adheres to expected formats and does not contain malicious code or characters. By implementing proper input validation techniques, such as parameterized queries or prepared statements, an application can effectively prevent SQL injection attacks by ensuring that user input is treated as data rather than executable code.

Question 106

Hexadecimals

Answer 106

Hexadecimal is a number system commonly used in computing and digital systems. It is a base-16 numbering system that uses digits from 0 to 9 and letters A to F to represent values from 0 to 15. In hexadecimal, each digit represents a four-bit binary value, making it a convenient way to represent and manipulate binary data. Hexadecimal numbers are often used to represent memory addresses, colour values, and binary data in programming and computer systems

Question 107

Virus

Answer 107

A virus is a type of malicious software that replicates itself and infects computer systems, causing damage and spreading to other computers.

Question 108

Worm

Answer 108

A worm is a type of malicious software that can self-replicate and spread across computer networks without requiring user interaction, often causing harm to the network or consuming system resources.

Question 109

Repudiation Attack

Answer 109

A repudiation attack refers to an unauthorized attempt to deny or reject the validity or involvement in a transaction, communication, or action. In other words, it involves one party falsely denying their participation or responsibility in an event, transaction, or communication. This type of attack can have serious consequences in various domains, such as e-commerce, digital signatures, legal agreements, and financial transactions, where proof of authenticity and accountability is crucial.

Question 110

Attribute-Based Access Control (ABAC)

Answer 110

It is an access control model that determines access to resources based on attributes associated with users, objects, and the environment. In ABAC, access decisions are made by evaluating the attributes of the requesting entity, the attributes of the resource being accessed, and the environmental conditions. This model allows for more fine-grained access control, as access decisions can be based on multiple attributes and conditions rather than relying solely on roles or permissions. ABAC offers flexibility and adaptability in managing access control policies, making it suitable for complex and dynamic environments.

Question 111

script kiddie

Answer 111

a person who uses existing computer scripts or codes to hack into computers, lacking the expertise to write their own.

Question 112

Information Security Management System (ISMS)

Answer 112

It is a systematic approach to managing sensitive company information, ensuring its confidentiality, integrity, and availability. An ISMS typically involves a set of policies, procedures, processes, and controls designed to manage risks and protect information assets. The implementation of an ISMS helps organizations establish a framework for identifying, assessing, and managing information security risks, as well as defining and implementing security controls to mitigate those risks. The goal of an ISMS is to ensure the confidentiality, integrity, and availability of information assets while meeting legal, regulatory, and business requirements. It often follows international standards such as ISO/IEC 27001 for establishing and maintaining an effective information security management system.

Question 113

Tangible

Answer 113

Tangible assets are the physical assets of an organization, the assets that can be seen and touched. Examples of tangible assets include computers, desks, and buildings.

Question 114

Intangible

Answer 114

An intangible asset is a non-monetary asset that cannot be seen or touched.

Question 115

Enabling

Answer 115

give (someone) the authority or means to do something; make it possible for.

Question 116

Corrective Action

Answer 116

Corrective action refers to the steps taken to address and resolve identified problems, errors, or non-conformities in order to prevent their recurrence and improve overall performance or compliance.

Question 117

Honeypot

Answer 117

A honeypot is a security mechanism designed to attract and deceive potential attackers, allowing organizations to observe and analyse their tactics, techniques, and behaviours.

Question 118

Trapdoor

Answer 118

A trapdoor is a hidden and deliberate vulnerability or backdoor intentionally built into a system or software, allowing unauthorized access or bypassing of security measures.

Question 119

PKI

Answer 119

PKI stands for Public Key Infrastructure, which is a system of technologies, policies, and procedures that enables the creation, distribution, and management of digital certificates and cryptographic keys to secure communication and verify the authenticity of users, devices, and data.

Question 120

Modem

Question 121

Router

Question 122

Switch

Question 123

Access Point

Question 124

Home Router

Question 125

IP