Security+ Acronyms I - Review

Question 1

3DES?

Answer 1

Triple Digital Encryption Standard

• Deprecated and considered insecure.
• Replaced by AES
• Symmetric
• Applies the DES Cipher Algorithm 3 times to each Data Block.

Question 2

AAA?

Answer 2

Authentication, Authorization, Accounting

• Often used to describe RADIUS, or some other form of Networking Protocl that provides Authentication, Authorization, Accounting.

Question 3

ABAC?

Answer 3

Attribute-based Access Control

• Database and Identity service used to provide Identity Management

Question 4

ACL?

Answer 4

Access Control List

• Set of rules that allow/permit or deny any traffic flow through Routers.
• Looks at the packet to determine whether it should be allowed or denied.
• Works at Layer 3 to provide Security by filtering and controlling the flow of traffic from one Router to another.

Question 5

AES?

Answer 5

Advanced Encryption Standard

• Industry-standard for Data Security
• 128-bit, 192-bit, or 256-bit implementations (Strongest).

Question 6

AES256?

Answer 6

Advanced Encrption Standard 256-bit

• This is the 256-bit implementation of AES.
• 256 references the bit size of the Keys.

Question 7

AH?

Answer 7

Authentication Header

• Used to Authenticate origins of Packets of Data transmitted.
• These Headers don’t hide any Data from attackers, but they do provide proof that the Data Packets are from a trusted source and that the data hasn’t been tampered with.
• Helps protect against Replay Attacks.

Question 8

AI?

Answer 8

Artificial Intelligence

• For the Exam, be aware of what’s called Data Poisoning (or Tainted Training) and adversarial AI.

Question 9

AIS?

Answer 9

Automated Indicator Sharing

• DHS and CISA Free Program
• Enables organizations to share and receive machine-readable Cyber Threat Indicators (CTI) and Defensive Measures (DM) in Real-Time
• Useful to monitor and defend Networks against known threats.

Question 10

ALE?

Answer 10

Annualized Loss Expectancy

• IE: Can expect X number of devices to fail per year.

Question 11

AP?

Answer 11

Access Point

• Networking Hardware device that provides WIFI access, typically then connected via wire to the Router, or directly integrated in the Router itself.

Question 12

API?

Answer 12

Application Programming Interface

• APIs are used to allow applicationst o talk to one another.
• For Example: An application can query an API to retrieve data and then display that data or process it in some way.

Question 13

APT?

Answer 13

Advanced Persistent Threat

• Stealthy Threat Actor (usually Nation-State or State-Sponsored Groups) that gains unauthorized access to a system and remains undetected for a period of time.

Question 14

ARO?

Answer 14

Annualized Rate of Occurrence

• The calculated probability that a Risk will occur in a given year.

Question 15

ASLR?

Answer 15

Address Space Layout Randomization

• Prevent exploitation of memory corruption vulnerabilities.

Question 16

ASP?

Answer 16

Active Server Page

• Microsoft Server-Side scripting language and engine to create dynamic Web Pages.
• Superseded by ASP.NET in 2002.

Question 17

ATT&CK?

Answer 17

Adversarial Tactics, Techniques & Common Knowledge

• Knowledge base Framework of adversary tactics and techniques based on real-world observations.
• Helpful to build effective threat models and defenses against real threats.

Question 18

AUP?

Answer 18

Acceptable Use Policy

• Terms that users must accept in order to use a Network, System, Website, etc…

Question 19

AV?

Answer 19

Antivirus

• Antivirus Software
• Typically uses Signature-based detection
• Not effective against Zero-Day or Polymorphic Malware.

Question 20

BASH?

Answer 20

Bourne Again Shell

• Powerful UNIX Shell and command language.
• Used to issue commands that get executed, which can also be turned into Shell scripts.
• Often used for Automation.

Question 21

BCP?

Answer 21

Business Continuity Plan

• Plan used to create processes and systems of both prevention and recovery to deal with threats that a company faces.
• This plan outlines how a business can continue delivering products and services if crap hits the fan.

Question 22

BIA?

Answer 22

Business Impact Analysis

• Used to predict the consequences a business would face if there were to be a disruption.

Question 23

BGP?

Answer 23

Border Gateway Protocol

• The “Postal Service” of the Internet.
• BGP finds the best Route for Data to travel to reach its destination.

Question 24

BIOS?

Answer 24

Basic Input/Output System

• Firmware that performs hardware initialization when systems are booting up, and to provide runtime services for the OS and programs.
• First software to run when you power on a Computer System.

Question 25

BPA?

Answer 25

Business Partnership Agreement - Defines a contract between two or more parties as to how a business should run.

Question 26

BPDU?

Answer 26

Bridge Protocol Data Unit - Frames that have Spanning Tree Protocol information. - Switches send BPDUs with a unique source MAC Address to multicast address with a destination MAC.

Question 27

BYOD?

Answer 27

Bring Your Own Device - When employees use personal devices to connect to their organization's Networks and access work-related Systems.

Question 28

CA?

Answer 28

Certificate Authority - An organization that validates the identities of entities through Cryptographic Keys by issuing digital certificates. - If you check the padlock on a Website (next to the domain name), you'll see that it says "Connection is Secure" and then you can click on the "Certificate is Valid". -- You'll then see info about the Certificate, Issued To, Issued By, as well as a Valid Date Range. -- If you click the "Certification Path" Tab, you'll see the details about the Issuer, AKA the Certificate Authority.

Question 29

CAC?

Answer 29

Common Access Card - Smart Card for Active-Duty/Civilian Contractor Personnel

Question 30

CAPTCHA?

Answer 30

Complete Automated Public Turing Test to Tell Computers and Humans Apart - These are the "problems" you have to solve from time to time to make sure that you are NOT a Robot. - Typically used for forms (signup, login, purchase, search, etc...) to defend against Bots.

Question 31

CAR?

Answer 31

Corrective Action Report - Lists defects that need to be rectified.

Question 32

CASB?

Answer 32

Cloud Access Security Broker - Acts as an intermediary between the cloud and on-prem. - Monitors all activity. - Enforces Security policies.

Question 33

CBC?

Answer 33

Cipher Block Chaining - CBC is a mode of operation for Block CIphers. - Think of a CBC as building a chain from left to right. - CBC does have vulnerabilities, including POODLE and Goldendoodle.

Question 34

CBT?

Answer 34

Computer-based Training - An online, self-paced, and interactive training system. Studends can set their own goals and learn at their own pace.

Question 35

CCMP?

Answer 35

Counter-Mode/CBC-Mac Protocol - Encryption protocol designed for Wireless LAN products.

Question 36

CCTV?

Answer 36

Closed-Circuit Television - Camera monitoring system, especially one that transmits back to a centralized location with a limited number of monitors. - Could be monitored by Security personnel or simply set to record.

Question 37

CERT?

Answer 37

Computer Emergency Response Team - Expert group that handles computer Security incidents. - Could also be called CSIRT, which is short for COmputer Security Incident Response Team.

Question 38

CIRT?

Answer 38

Computer Incident Response Team - Expert group that handles computer Security incidents. - Could also be called CSIRT, which is short for COmputer Security Incident Response Team.

Question 39

CFB?

Answer 39

Cipher Feedback - When a mode of operation uses the Ciphertext from the previous block in the chain. - IE: Look up Cipher Feedback Mode (CFB)

Question 40

CHAP?

Answer 40

Challenge Handshake Authentication Protocol - Authenticates a user or Network host to an authenticating entity. - Provides protection against Replay Attacks. - Requires that both the client and server know the Plaintext of the Secret, but it's never sent over the Network.

Question 41

CIO?

Answer 41

Chief Information Officer - Company executive responsible for implementing and managing IT. - Mostly considered to be IT generalists. - Useful way to think about it, CIO aims to improve processes within and for the company.

Question 42

CTO?

Answer 42

Chief Technology Officer - CTO is different from CIO, and typically focuses on development, engineering, and research and development departments. - Useful way to think about it, CTO uses technology to improve and create products and service for customers.

Question 43

CSO?

Answer 43

Chief Security Officer - Executives that specialize in Security - Much more focused of a responsibility than CIO.

Question 44

CIS?

Answer 44

Center for Internet Security - Non-profit organization that helps put together, validate, and promote best practices to help people, businesses, and governments protect themselves against Cyber threats.

Question 45

CMS?

Answer 45

Content Management System - IE: WordPress

Question 46

COOP?

Answer 46

Continuity of Operation Planning - Effort for agencies to make sure they continue operations during a wide range of emergencies. - Requires planning for various types of events such as natural or human-caused disasters.

Question 47

COPE?

Answer 47

Corporate Owned Personal Enabled - Organization provides its employees with Mobile Computing Devices.

Question 48

CP?

Answer 48

Contingency Planning - Used to restore systems and information in the event that systems become compromised.

Question 49

CRC?

Answer 49

Cyclical Redundancy Check - Used to detect accidental changes in digital Networks and storage devices.

Question 50

CRL?

Answer 50

Certificate Revocation List - List of Digital Certificates that have been revoked by the issuing Certificate Authority (CA).

Question 51

CSP?

Answer 51

Cloud Service Provider - IE: AWS, GCP, Azure

Question 52

CSR?

Answer 52

Certificate Signing Request - Contains information that the Certificate Authority (CA) will use to create your Certificate. - Contains the Public Key for which the Certificate should be issued, and other identifying information.

Question 53

CSRF?

Answer 53

Cross-Site Request Forgery - Unauthorized actions are performed on behalf of a legitimate user.

Question 54

CSU?

Answer 54

Channel Service Unit - Device used for Digital Links to transfer data.

Question 55

CTM?

Answer 55

Counter-Mode - Converts a Block CIpher into a Stream Cipher - COmbines an IV with a counter and uses the result to encrypt each plaintext block.

Question 56

CVE?

Answer 56

Common Vulnerabilities and Exposures - List of publicaly disclosed computer security flaws. - These security flaws get assigned a CVE ID number which people can use to reference them.

Question 57

CVSS?

Answer 57

Common Vulnerability Scoring System - Public framework used to rate the severity of security vulnerabilities. - IE: If you find a vulnerability as a bug bounty or in your own organization's systems, and you report that vulnerability, assigning a CVSS number to it will help decision makers understand the severity and impact so they can properly assign priority.

Question 58

CYOD?

Answer 58

Choose Your Own Device - Employees can choose a Company-Assigned device from a limited number of Company Specified options.

Question 59

DAC?

Answer 59

Discretionary Access Control - Restrict access based on the identity of subjects and/or groups that they belong to.

Question 60

DBA?

Answer 60

Database Administrator - Personnel responsible for maintaining databases and the data they contain.

Question 61

DDoS?

Answer 61

Distributed Denial of Service - Attack that aims to take a service offline by flooding it with an overwhelming amount of requests from multiple different locations/devices. - Using a Zombie-Net/Botnet

Question 62

DoS?

Answer 62

Denial of Service - Attack which are only sending requests from one location/device to take down a system/service.

Question 63

DEP?

Answer 63

Data Execution Prevention - Microsoft Security feature. - Monitors and Protects pages or regions of Memory. - Prevents data regions from executing (potentially malicious) code.

Question 64

DER?

Answer 64

Distinguished Encoding Rules

Question 65

DES?

Answer 65

Digital Encryption Standard - Weak Encryption algorithm.

Question 66

DHCP?

Answer 66

Dynamic Host Configuration Protocol - Used to automatically assign IP Addresses to devices on a Network. - Doesn't include Security features by default, which means that attackers can leverage it to launch attacks. - x2 Examples of DHCP Attacks include: 1. DHCP Starvation which causes a DoS 2. DHCP Spoofing which leads to On-Path Attacks - To prevent DHCP Attacks - Authenticated DHCP: Replaces the normal DHCP messages with Authenticated messages. - Port Security: limits the number of MAC addresses that can be seen through a particular Switch interface.

Question 67

DHE?

Answer 67

Diffie-Hellman Ephemeral - Way of securely exchanging Cryptographic Keys over public channels.

Question 68

DKIM?

Answer 68

Domain Keys Identified Mail - Email authenitication technique - applies signatures by the mail server of the sender's domain. - Used to detect email spoofing. - Allows the receiver to make sure that an email was sent by the authorized owner of the domain via digital signatures.

Question 69

DLL?

Answer 69

Dynamic Link Library

Question 70

DLP?

Answer 70

Data Loss Prevention

Question 71

DMARC?

Answer 71

Domain Message Authentication Reporting and Conformance - Authenticates email with Sender Policy Framework (SPF) and Domain Keys Identified Mail (DKIM) - Used to prevent phishing and spoofing.

Question 72

DMZ?

Answer 72

Demilitarized Zone - Or Screened Subnet - Designed to expose externally-facing services to the Internet without unnecessarily exposing resources in internal Networks. - You may have resources that have to be exposed to the Internet, but rather than open up the internal LAN, we can create a separate Network specifically for those resources and then add Firewalls in between the Networks.

Question 73

DNAT?

Answer 73

Destination Network Address Translation

Question 74

DNS?

Answer 74

Domain Name Service (Server) - TCP/UDP - PORT 53 - Used to resolve hostnames to IP addresses and IP addresses to hostnames.

Question 75

DNSSEC?

Answer 75

Domain Name Service Security Extensions - Provides Cryptographic authentication of data, authenticated denial of existence, and data integrity.

Question 76

DPO?

Answer 76

Data Privacy Officer

Question 77

DRP?

Answer 77

Disaster Recovery Plan

Question 78

DSA?

Answer 78

Digital Signature Algorithm

Question 79

DSL?

Answer 79

Digital Subscriber Line

Question 80

EAP?

Answer 80

Extensible Authentication Protocol - Authentication Framework used in LANs

Question 81

ECB?

Answer 81

Electronic Code Book - DOesn't hide data patterns well, so it wouldn't work to Encrypt images for example.

Question 82

ECC?

Answer 82

Elliptic Curve Cryptography - Good for mobile devices because it can use smaller keys.

Question 83

ECDHE?

Answer 83

Elliptic Curve Diffie-Hellman Ephemeral - Key Exchange mechanism based on elliptic curves but with Diffie-Hellman over public channels. - Cloudflare uses this for example.

Question 84

ESDSA?

Answer 84

Elliptic Curve Digital Signature Algorithm - Digital Signature algorithm based on elliptic curve Cryptography (ECC) - Uses Digital Signatures

Question 85

EDR?

Answer 85

Endpoint Detection and Response

Question 86

EFS?

Answer 86

Encrypted File System

Question 87

EOL?

Answer 87

End of Life - Data set where manufacturers will no longer create the product.

Question 88

EOS?

Answer 88

End of Service - Original manufacturer no longer offers updates, support, or service.

Question 89

ERP?

Answer 89

Enterprise Resource Planning - Software used by orgs to manage day-to-day business activities.

Question 90

ESN?

Answer 90

Electronic Serial Number

Question 91

ESP?

Answer 91

Encapsulated Security Payload - Member of IPsec set of protocols. - Encrypts and authenticates packets of data between computers using VPNs

Question 92

FACL?

Answer 92

File System Access Control List

Question 93

FCIP?

Answer 93

Fiber Channel Internet Protocol - TCP/UDP - PORT 3225 - Used to encapsulate Fiber Channel frames within TCP/IP Packets - Usually used for Storage Area Networks (SAN) as well.

Question 94

FDE?

Answer 94

Full Disk Encryption

Question 95

FPGA?

Answer 95

Field Programmable Gate Array - Integrated circuit designed to be configured by a customer or designer after manufacturing.

Question 96

FRR?

Answer 96

False Rejection Rate - Liklihood that a biometric Security system will incorrectly reject an acess attempt by an Authorized user.

Question 97

FTP?

Answer 97

File Transfer Protocol - TCP - PORT 21 - Used to transfer files from Host to Host - UNSECURED

Question 98

FTPS?

Answer 98

Secured File Transfer Protocol - TCP - PORT/s 989/990 - Used to transfer files from Host to Host over an Encrypted connection.

Question 99

GCM?

Answer 99

Galois Counter Mode - High speeds with low cost and low latency. - Provides authenticated encryption.

Question 100

GDPR?

Answer 100

General Data Protection Regulation

Question 101

GPG?

Answer 101

Gnu Privacy Guard

Question 102

GPO?

Answer 102

Group Policy Object - Contains two nodes: A user configuration and a computer configuration. - Collection of Group Policy settings.

Question 103

GPS?

Answer 103

Global Positioning System

Question 104

GPU?

Answer 104

Graphics Processing Unit

Question 105

GRE?

Answer 105

Generic Routing Encapsulation - Tunneling Protocol

Question 106

HA?

Answer 106

High Availability

Question 107

HDD?

Answer 107

Hard Disk Drive

Question 108

HIDS?

Answer 108

Host-based Intrusion Detection System - Detects and Alerts upon detecting an intrusion in a Host as well as Network Packets in Network Interfaces - similar to NIDS (Network-based Intrusion Detection System) - Detects and Alerts, can't take action on it.

Question 109

HIPS?

Answer 109

Host-based Intrusion Protection System - Like HIDS, but it CAN take Action towards mitigating a detected threat.

Question 110

HMAC?

Answer 110

Hashed Message Authentication Code - Combines a shared secret Key with hashing. - Can be used to verify data integrity and authenticity of a message.

Question 111

HOTP?

Answer 111

HMAC One Time Password - One-Time Password algorithm based on Hash-based Message authentication codes. - Event-based OTP (One-Time Password) - Yubikey is an example of an OTP generator that uses HOTP - Not time based (Has a longer window before expiration.)

Question 112

HSM?

Answer 112

Hardware Security Module - Physical device that safeguards and manages digital keys (IE: Private CA Keys) - Performs encryption/decryption functions for Digital Signatures.

Question 113

HTML?

Answer 113

HyperText Markup Language

Question 114

HTTP?

Answer 114

HyperText Transfer Protocol - TCP - PORT 80 - Used to transmit web page data to a Client for UNSECURE web browsing.

Question 115

HTTPS?

Answer 115

HyperText Transfer Protocol Secure - over SSL/TLS - TCP - PORT 443 - Used to transmit web page data to client over an SSL/TLS Encrypted connection.

Question 116

HVAC?

Answer 116

Heating, Ventilation, Air Conditioning

Question 117

IaaS?

Answer 117

Infrastructure as a Service - Hardware ONLY - No specific purposes other than offloading responsibility and resources to the Cloud.

Question 118

ICMP?

Answer 118

Internet Control Message Protocol - Used by Network devices such as Routers to send error messages or other operational information indicating success/failure when communicating with another IP Address.

Question 119

ICS?

Answer 119

Industrial Control System - General term to describe control systems associated with industrial proceses.

Question 120

IDEA?

Answer 120

International Data Encryption Algorithm - Symmetric-Key block CIpher

Question 121

IDF?

Answer 121

Intermedia Distribution Frame - Cable Rack in a central office that cross connects and manages IT or telecom cabling between a Main Distribution Frame (MDF) and remote workstation devices. - Used for WAN and LAN environments for example.

Question 122

IdP?

Answer 122

Identity Provider - Service that stores and manages digital identities - Provides authentication services to apps within a federation or distributed Network. - User Authentication as a Service/User Adoption as a Service (UAaaS)

Question 123

IDS?

Answer 123

Intrusion Detection System - Detects and Alerts - Does not Prevent or Fix

Question 124

IEEE?

Answer 124

Institute of Electrical and Electronics Engineers

Question 125

IKE?

Answer 125

Internet Key Exchange - UDP Port 500 - Protocol used to set up a Security Association (SA) in the IPsec Protocol suite.

Question 126

IM?

Answer 126

Instant Messaging

Question 127

IMAP4?

Answer 127

Internet Message Access Protocol v4 - API that enables email programs to access the Mail Server. - Example: Outlook can be configured to retrieve email via IMAP4 or POP3. IMAP4 SSL/TLS - Internet Message Access Protocol v4 Secure - TCP - PORT 993

Question 128

IoC?

Answer 128

Indicators of Compromise - Forensic data found in systems via log entries or files that identify potentially malicious activity on a System or Network.

Question 129

IoT?

Answer 129

Internet of Things

Question 130

IP?

Answer 130

Internet Protocol

Question 131

IPsec?

Answer 131

Internet Protocol Security - In the Internet Layer of the TCP/IP stack. - Secure Network Protocol suite that authenticates and encrypts the packets of data to provide encrypted communication. - Used in VPNs - Can be used to protect data flows between two Hosts (Host-to-Host), two Networks (Network-to-Network) or between a Security gateway and host (Network-to-Host). - Protects against Replay Attacks

Question 132

IR?

Answer 132

Incident Response

Question 133

IRC?

Answer 133

Internet Relay Chat

Question 134

IRP?

Answer 134

Incident Response Plan - Preparation - Detection & Analysis - Containment, Eradication, and Recovery - Post-Incident Activity

Question 135

ISO?

Answer 135

International Organization for Standardization - Organization that develops and published International Standards

Question 136

ISP?

Answer 136

Internet Service Provider

Question 137

ISSO?

Answer 137

Information Systems Security Officer

Question 138

ITCP?

Answer 138

Information Technology Contingency Plan - Plans, Policies, Procedures, and technical measures that enable the recovery of IT Operations after unexpected incidents.

Question 139

IV?

Answer 139

Initialization Vector - Used in cryptography is an input to a cryptographic primitive. - Used to provide the initial state.

Question 140

KDC?

Answer 140

Key Distribution Center - Used to reduce risks in exchanging keyes. - A user requests to use a service. The KDC will use cryptographic techniques to authenticate requesting users as themselves, and it will check whether a user has the right to access the service requested. - If the user has the right, the KDC can issue a ticket permitting access.

Question 141

KEK?

Answer 141

Key Encrypting Key - A Key that Encrypts another Key for transmission or storage.

Question 142

L2TP?

Answer 142

Layer 2 Tunneling Protocol - UDP - PORT 1701 - Used to support VPNs or as part of the delivery of services by ISPs. - Uses encryption only for its own control messages, not for content itself. - Uses IPsec for data encryption over Layer 3

Question 143

LAN?

Answer 143

Local Area Network

Question 144

LDAP?

Answer 144

Lightweight Directory Access Protocol - TCP/UDP - PORT 389 - Unencrypted - Open and vendor-neutral application protocol for managing and interacting with directory servers. - Often used for authentication and storing information about users, groups, and applications. - Can be susceptible to LDAP injections. LDAP SSL/TLS - Lightweight Directory Access Protocol Secure - TCP/UDP - PORT 636

Question 145

LEAP?

Answer 145

Lightweight Extensible Authentication Protocol - Wireless LAN authentication method. - Dynamic WEP keys and mutual authentication (Between a Wireless Client and a RADIUS Server)