Security+ SYO-501 - Acronyms Flashcards Preview

My Security+ SY0-501 Acronyms > Security+ SYO-501 - Acronyms > Flashcards

Flashcards in Security+ SYO-501 - Acronyms Deck (311)
Loading flashcards...
1

3DES

Triple Digital Encryption Standard

About the name: AES applies the DES cipher algorithm three times to each data block.
Type: Symmetric-key block cipher
Key sizes: 168, 112 or 56 bits (keying option 1, 2, 3 respectively)
Block sizes: 64 bits
Rounds: 48 DES-equivalent rounds
Structure: Feistel network
First published: 1998 (ANS X9.52)
Retired: 2018 (replaced by AES)

2

AAA

Authentication, Authorization, and Accounting

3

ABAC

Attribute-Based Access Control

* Defined by NIST 800-162
* A logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated with the subject, object, requested operations, and, in some cases, environment conditions against policy, rules, or relationships that describe the allowable operations for a given set of attributes.

4

ACL

Access Control List

5

AES

Advanced Encryption Standard

Original name: Rijndael
Type: Symmetric-key block cipher
Key sizes: 128, 192 or 256 bits
Block sizes: 128 bits
Rounds: 10, 12 or 14 (depending on key size)
Designers: Vincent Rijmen, Joan Daemen
Structure: Substitution–permutation network
First published: 1998 (NIST)

6

AES256

Advanced Encryption Standard 256-bit

7

AH

Authentication Header

IPsec is composed of two separate (mutually exclusive) protocols: Authentication Header (AH) and Encapsulating Security Payload (ESP). AH provides the authentication and integrity checking for data packets, and ESP provides encryption services.

8

ALE

Annualized Loss Expectancy

$$$ how much loss you could expect in a year.
ALE = SLE x ARO

9

AP

Access Point

An AP works at Layer 2 (the data link layer) of the OSI model, and it can operate as a bridge connecting a standard wired network to wireless devices or as a router passing data transmissions from one access point to another.

10

API

Application Programming Interface

11

APT

Advanced Persistent Threat

Often nation-states (e.g. China). Hackers with skill , resources and TIME

12

ARO

Annualized Rate of Occurrence

### the number of times an event is expected to occur each year
ALE = SLE x ARO

13

ARP

Address Resolution Protocol

Protocol used to map known IP addresses to unknown physical addresses.

14

ASLR

Address Space Layout Randomization

* Randomizes the location where system executables are loaded into memory.
* Therefore, it is a memory-protection process for operating systems (OSes) that guards against BUFFER-OVERLOW attacks

15

ASP

Application Service Provider

16

AUP

Acceptable Use Policy

defines what is and what is not acceptable activity, practice, or use for company equipment an resources

17

AV

Antivirus OR Asset Value (in $$)

18

BAC

Business Availability Center

19

BCP

Business Continuity Planning

Assess organizational risks and create policies, plans, and procedures to minimize impact.

20

BIA

Business Impact Analysis

The process of performing risk assessment on business tasks and processes rather than on assets. The purpose of BIA is to determine the risks to business processes and design protective and recovery solutions. The goal is to maintain business continuity, prevent and/or minimize downtime, and prepare for fast recovery and restoration in the event of a disaster.

21

BIOS

Basic Input/Output System

22

BPA

Business Partners Agreement

An agreement between partners in a business that outlines their responsibilities, obligations, and sharing of profits and losses.

23

BPDU

Bridge Protocol Data Unit

Frames that contain information about the Spanning tree protocol. A switch sends BPDUs using a unique MAC address from its origin port and a multicast address as destination MAC.

24

BYOD

Bring Your Own Device

25

RIP
BGP
OSPF

Routers usually communicate routing and other information using one of three standard protocols:
* RIP - Routing Information Protocol
* BGP - Border Gateway Protocol
* OSPF - Open Shortest Path First

26

CA

Certificate Authority

27

CAC

Common Access Card

28

CAN

Controller Area Network

29

CAPTCHA

Completely Automated Public Turing Test to Tell Computers and Humans Apart

30

CAR

Corrective Action Report