SY0-701 : Objective 3.0

Question 1

RPO

Answer 1

Recovery Point Objective (RPO)
- represents the maximum acceptable amount of data loss measured in time
- if an organization has a RPO of 4 hours, it means the business can tolerate a data loss of up to 4 hours

Question 2

RTO

Answer 2

Recovery Time Objective (RTO)
- represents the maximum acceptable length of time the can elapse before the lack of a business function severely impacts the organization

Question 3

MTBF

Answer 3

Mean Time Between Failure (MTBF)
- the average time between repairable failures of a technology product

Question 4

SCADA

Answer 4

Supervisory Control and Data Acquisition (SCADA)
- a computerized system that monitors and controls industrial processes

Question 5

ICS

Answer 5

Industrial Control System (ICS)
- involves the strategies and practices to safeguard the critical infrastructure and operational technology (OT) systems employed in several industries, such as manufacturing, energy, and transportation

Question 6

IoT

Answer 6

Internet of Things (IoT)

Question 7

FDE

Answer 7

Full Disk Encryption (FDE)

Question 8

SDN

Answer 8

Software-defined Networking (SDN)
- an architecture that abstracts different, distinguishable layers of a network to make networks agile and flexible

Question 9

IaC

Answer 9

Infrastructure as Code (IaC)
- modern approach to IT infrastructure management that involves the automating the provisioning and management of computing resources through machine readable definition files or scripts
- process that automates the provisioning and management of cloud resources

Question 10

RTOS

Answer 10

Real-time Operating System (RTOS)
- a software system that manages tasks in real-time systems that have strict timing constraints

Question 11

PDU

Answer 11

Power Distribution Unit (PDU)
- device that manages the power supply for computer networks, data centers, and other industrial environments

Question 12

PPTP

Answer 12

Point-to-Point Tunneling Protocol (PPTP)
- a network protocol that enables the secure transfer of data from a remote client to a private enterprise server by creating a virtual private network (VPN) across TCP/IP-based data networks

Question 13

IPSec

Answer 13

Internet Protocol Security (IPSec)
- protocol suite used to secure IP communications by authenticating and encrypting each IP packet in data stream

Question 14

UPS

Answer 14

Uninterruptable Power Supply (UPS)

Question 15

EAP

Answer 15

Extensible Authentication Protocol (EAP)
- an authentication framework that allows for the use of different authentication methods for secure network access technologies
- provides common functions and negotiation of authentication protocols and is used in wireless networks and point-to-point connections

Question 16

PEAP

Answer 16

Protected Extensible Authentication Protocol (PEAP)
- provides a method to transport securely authentication data, including legacy password-based protocols, via 802.11 Wi-Fi networks

Question 17

EAP-TTLS

Answer 17

Extensible Authentication Protocol-Tunnel Transport Layer Security (EAP-TTLS)
- authentication protocol that extends TLS support across multiple platforms

Question 18

LEAP

Answer 18

Lightweight Extensible Authentication Protocol (LEAP)
- a proprietary wireless LAN authentication method developed by Cisco Systems

Question 19

PSK

Answer 19

Pre-shared Key (PSK)
- a string of characters used for authentication and encryption in wireless networks and Virtual Private Networks (VPNs)

Question 20

IKE

Answer 20

Internet Key Exchange (IKE)
- a secure key management protocol that is used to set up a secure, authenticated communications channel between two devices

Question 21

ICMP

Answer 21

Internet Control Message Protocol (ICMP)
- a protocol that devices within a network use to communicate problems with data transmission

Question 22

AH

Answer 22

Authentication Header (AH)
- A deprecated IPsec security protocol that provides integrity protection (but not confidentiality) for packet headers and data

Question 23

UTM

Answer 23

Unified Threat Management (UTM)
- an information security term that refers to a single security solution, and usually a single security appliance, that provides multiple security functions at a single point on the network

Question 24

CHAP

Answer 24

Challenge Handshake Authentication Protocol (CHAP)
- a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user

Question 25

PPP

Answer 25

Point-to-Point Protocol (PPP) - a data link layer (layer 2) communication protocol between two routers directly without any host or any other networking in between

Question 26

SPF

Answer 26

Sender Policy Framework (SPF) - email authentication method designed to prevent forging sender addresses during email delivery

Question 27

DKIM

Answer 27

Domain Key Identified Mail (DKIM) - allows the receiver to check if the email was actually sent by the domain it claims to be sent from and if the content was tampered with during transit

Question 28

DMARC

Answer 28

Domain-based Message Authentication Reporting & Conformance (DMARC) - an email authentication, policy, and reporting protocol, helps to prevent email spoofing and phishing

Question 29

S/MIME

Answer 29

Secure/Multipurpose Internet Mail Extensions (S/MIME) - an email encryption and signing industry standard widely used by corporations to enhance email security

Question 30

NGFW

Answer 30

Next-generation Firewall (NGFW) - are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall

Question 31

SASE

Answer 31

Secure Access Service Edge (SASE) - an architecture that delivers converged network and security as a service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access

Question 32

SD-WAN

Answer 32

Software-defined Wide Area Network (SD-WAN) - virtual WAN architecture that allows enterprises to leverage any combination of transport services — including MPLS, LTE and broadband internet services — to securely connect users to applications

Question 33

COOP

Answer 33

Continuity of Operation Planning (COOP) - A predetermined set of instructions or procedures that describe how an organization's mission essential functions will be sustained within 12 hours and for up to 30 days as a result of a disaster event before returning to normal operations

Question 34

PCI DSS

Answer 34

Payment Card Industry Data Security Standard (PCI DSS)

Question 35

GDPR

Answer 35

General Data Protection Regulation (GDPR)

Question 36

ESP

Answer 36

Encapsulated Security Payload (ESP) - which is a protocol that encrypts and authenticates data packets between devices, part of the IPSec suite of protocols

Question 37

HVAC

Answer 37

Heating, Ventilation Air Conditioning (HVAC)

Question 38

MPLS

Answer 38

Multi-protocol Label Switching (MPLS) - a networking technology that routes traffic using the shortest path based on “labels,” rather than network addresses, to handle forwarding over private wide area networks, but it doesn't have encryption by default

Question 39

HA

Answer 39

High Availability (HA)

Question 40

Role BAC

Answer 40

Role-based Access Control (Role BAC) - a cybersecurity method that limits access to systems and networks based on a user's role within an organization

Question 41

DAC

Answer 41

Discretionary Access Control (DAC) - a cybersecurity model that gives the owner of a resource control over who can access it

Question 42

MAC

Answer 42

Mandatory Access Control (MAC) - a cybersecurity model that restricts access to system resources based on a user's authorization level and the sensitivity of the information

Question 43

Rule BAC

Answer 43

Rule-based Access Control (Rule BAC) - a system that uses pre-defined rules to determine if a user has access to network resources.

Question 44

NAT

Answer 44

Network Address Translation (NAT) - a routing technique that allows private IP networks to connect to the internet by translating private IP addresses to public IP addresses

Question 45

L2TP

Answer 45

Layer 2 Tunneling Protocol (L2TP) - an extension of the Point-to-Point Tunneling Protocol (PPTP) used by internet service providers (ISPs) to enable virtual private networks (VPNs)

Question 46

RAS

Answer 46

Remote Access Server (RAS) - a system that allows users to connect to a network remotely, as if they were physically present

Question 47

TACACS+

Answer 47

Terminal Access Controller Access Control System (TACACS+) - a network security protocol designed to offer centralized authentication, authorization, and accounting services for remote access servers

Question 48

PAP

Answer 48

Password Authentication Protocol (PAP) - a point-to-point protocol (PPP) authentication method that uses passwords to validate users

Question 49

PFS

Answer 49

Perfect Forward Security (PFS) - also called forward secrecy (FS), refers to an encryption system that changes the keys used to encrypt and decrypt information frequently and automatically

Question 50

IRP

Answer 50

Incident Response Plan (IRP) - a written document, formally approved by the senior leadership team, that helps your organization before, during, and after a confirmed or suspected security incident.

Question 51

NTP

Answer 51

Network Time Protocol (NTP) - an internet protocol used to synchronize with computer clock time sources in a network

Question 52

MTTF

Answer 52

Mean Time to Failure (MTTF)

Question 53

MTTR

Answer 53

Mean Time To Repair (MTTR) - represents the average time required to repair a failed component or system

Question 54

SMTP

Answer 54

Simple Mail Transfer Protocol (SMTP)

Question 55

SMTPS

Answer 55

Simple Mail Transfer Protocol Secure (SMTPS)

Question 56

IaaS

Answer 56

Infrastructure as a Service (IaaS)