Security +601 Acronyms and Definitions

Question 1

• Deprecated and considered insecure. Replaced by AES
• Symmetric
• Applies the DES cipher algorithm 3 times to each data block

Answer 1

3DES (Triple Digital Encryption Standard)

Question 2

Often used to describe RADIUS, or some other form of networking protocol that provides Authentication, Authorization, and Accounting

Answer 2

AAA (Authentication, Authorization, and Accounting)

Question 3

Database and identity service used to provide identity management

Answer 3

Active Directory (AD)

Question 4

• Set of rules that allow/permit or deny any traffic flow through routers
• Looks at the packet to determine whether it should be allowed or denied
• Works at layer 3 toprovide security by filtering & controlling the flow of trafficfrom one router to another

Answer 4

ACL (Access Control List)

Question 5

• Industry-standard for data security
• 128-bit, 192-bit, or 256-bit (strongest) implementations

Answer 5

AES (Advanced Encryption Standard)

Question 6

• This is the 256-bit implementation of AES
• The 256 references the bit size of keys

Answer 6

AES256 (Advanced Encryption Standards 256bit)

Question 7

• Used to authenticate origins of packets of data transmitted
• These headers don’t hide any data from attackers, but they do provide proof that the data packets are from a trusted source and that the data hasn’t been tampered with
• Helps protect against replay attacks

Answer 7

AH (Authentication Header)

Question 8

the theory and development of computer systems able to perform tasks that normally require human intelligence, such as visual perception, speech recognition, decision-making, and translation between languages.

Answer 8

AI (Artificial Intelligence)

Question 9

• DHS and CISA free program
• Enables organizations to share and receive machine-readable cyber threat indicators (CTIs) and defensive measures (DMs) in real-time
• Useful to monitor and defend networks against known threats

Answer 9

AIS (Automated Indicator Sharing)

Question 10

can expect x number of devices to fail per year

Answer 10

ALE (Annualized Loss Expectancy)

Question 11

Networking hardware device that provides Wi-Fi access, typically then connected via wire to the router, or directly integrated in the router itself

Answer 11

AP (Access Point)

Question 12

• used to allow applications to talk to one another
• For example: an application can query an API to retrieve data and then display that data or process it in some way

Answer 12

API (Application Programming Interface)

Question 13

Stealthy threat actor (usually nation-state or state-sponsored group) that gains unauthorized access to a system and remains undetected for a period of time

Answer 13

APT (Advanced Persistent Threat)

Question 14

The calculated probability that a risk will occur in a given year

Answer 14

ARO (Annualized Rate of Occurrence)

Question 15

Helps connect IP devices to MAC addresses

Answer 15

ARP (Address Resolution Protocol)

Question 16

Prevent exploitation of memory corruption vulnerabilities

Answer 16

ASLR (Address Space Layout Randomization)

Question 17

• Microsoft server-side scripting language and engine to create dynamic web pages

Answer 17

ASP (Active Server Page)

Question 18

• Knowledge base framework of adversary tactics and techniques based on real-world observations
• Helpful to build effective threat models and defenses against real threats

Answer 18

ATT&CK Adversarial Tactics, Techniques, and Common Knowledge

Question 19

Terms that users must accept in order to use a network, system, website, etc…

Answer 19

AUP (Acceptable Use Policy)

Question 20

• Typically uses signature-based detection
• Not effective against zero-days or polymorphic malware

Answer 20

AV (Antivirus)

Question 21

• Powerful UNIX shell and command language
• Used to issue commands that get executed, which can also be turned into shell scripts
• Often used for automation

Answer 21

BASH (Bourne Again Shell)

Question 22

• Plan used to create processes and systems of both prevention and recovery to deal with threats that a company faces
• This plan outlines how a business can continue delivering products and services if crap hits the fan

Answer 22

BCP (Business Continuity Planning)

Question 23

Used to predict the consequences a business would face if there were to be a disruption

Answer 23

BIA (Business Impact Analysis)

Question 24

• The postal service of the Internet”
• finds the best route for data to travel to reach its destination

Answer 24

BGP (Border Gateway Protocol)

Question 25

- Firmware that performs hardware initialization when systems are booting up, and to provide runtime services for the OS and programs - First software to run when you power on a device

Answer 25

BIOS (Basic Input/Output System)

Question 26

Defines a contract between two or more parties as to how a business should run

Answer 26

BPA (Business Partnership Agreement)

Question 27

- Frames that have spanning tree protocol information - Switches send these with a unique source MAC address to a multicast address with a destination MAC

Answer 27

BPDU (Bridge Protocol Data Unit)

Question 28

When employees use personal devices to connect to their organization’s networks and access work-related systems

Answer 28

BYOD (Bring Your Own Device)

Question 29

- An organization that validates the identities of entities through cryptographic keys by issuing digital certificates

Answer 29

CA (Certificate Authority)

Question 30

Smart card for active-duty personnel

Answer 30

CAC (Common Access Card)

Question 31

- These are the “problems” you have to solve from time to time to make sure that you are not a robot - Typically used for forms (signup, login, purchase, search, etc...) to defend against bots

Answer 31

CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart)

Question 32

Lists defects that need to be rectified

Answer 32

CAR (Corrective Action Report)

Question 33

- Acts as an intermediary between the cloud and on-premises - Monitors all activity - Enforces security policies -

Answer 33

CASB (Cloud Access Security Broker)

Question 34

- CBC is a mode of operation for block ciphers - Block ciphers (for encryption) by themselves would only work for a single block of data…a mode of operation like CBC can be used to give instructions on how to apply encryption to multiple blocks of data - CBC helps prevent issues of identical blocks, even if you have identical inputs. It does that by using an operation called XOR (exclusive-OR) - Each block gets XORed with the previous ciphertext before being encrypted (the first block uses an initialization vector, aka IV) - CBC requires that blocks be processed in order, so you can’t parallelize encryption which means it runs slower than some of the other modes (ie: ECB) - Think of CBC as building a chain from left to right - CBC does have vulnerabilities, including POODLE and Goldendoodle

Answer 34

CBC (Cipher Block Chaining)

Question 35

- An online, self-paced, and interactive training system - Students can set their own goals and learn at their own pace

Answer 35

CBT (Computer-based Training)

Question 36

Encryption protocol designed for Wireless LAN products

Answer 36

CCMP (Counter-Mode/CBC-Mac Protocol)

Question 37

- Camera monitoring system, especially one that transmits back to a centralized location with a limited number of monitors - Could be monitored by security personnel or simply set to record

Answer 37

CCTV (Closed Circuit Television)

Question 38

- Expert group that handles computer security incidents - Could also be called CSIRT, which is short for Computer Security Incident Response Team

Answer 38

CERT (Computer Emergency Response Team)

Question 39

- When a mode of operation uses the ciphertext from the previous block in the chain -

Answer 39

CFB (Cipher Feedback)

Question 40

- Authenticates a user or network host to an authenticating entity - Provides protection against replay attacks - Requires that both the client and server know the plaintext of the secret, but it's never sent over the network

Answer 40

CHAP (Challenge Handshake Authentication Protocol)

Question 41

- Company executive responsible for implementing and managing IT - Mostly considered to be IT generalists - Useful way to think about it: CIO aims to improve processes within and for the company

Answer 41

CIO (Chief Information Officer)

Question 42

- CTO is different from CIO, and typically focuses on development, engineering, and research & development departments - Useful way to think about it: CTO uses technology to improve or create products and services for customers

Answer 42

CTO (Chief Technology Officer)

Question 43

- Executives that specialize in security - Much more focused of a responsibility than CIO

Answer 43

CSO (Chief Security Officer)

Question 44

a security solution that enforces policy on devices that access networks to increase network visibility and reduce risk

Answer 44

NAC (network access control)

Question 45

Non-profit organization that helps put together, validate, and promote best practices to help people, businesses, and governments protect themselves against cyber threats

Answer 45

CIS (Center for Internet Security)

Question 46

Blank is computer software used to manage the creation and modification of digital content. Blank is typically used for enterprise content management and web content management. An example is WordPress

Answer 46

CMS (Content Management System)

Question 47

- Effort for agencies to make sure they can continue operations during a wide range of emergencies - Requires planning for various types of events such as natural or human-caused disasters

Answer 47

COOP (Continuity of Operation Planning)

Question 48

Organization provides its employees with mobile computing devices

Answer 48

COPE (Corporate Owned Personal Enabled)

Question 49

Used to restore systems and information in the event that systems become compromised

Answer 49

CP (Contingency Planning)

Question 50

Used to detect accidental changes in digital networks and storage devices

Answer 50

CRC (Cyclical Redundancy Check)