Terms A

Question 1

Absolute file path

Answer 1

The full file path, which starts from the root

Question 2

Access controls

Answer 2

Security controls that manage access, authorization, and
accountability of information

Question 3

Active packet sniffing

Answer 3

A type of attack where data packets are manipulated in transit

Question 4

Address Resolution Protocol (ARP)

Answer 4

A network protocol used to determine the MAC
address of the next router or device on the path

Question 5

Advanced persistent threat (APT)

Answer 5

An instance when a threat actor maintains
unauthorized access to a system for an extended period of time

Question 6

Adversarial artificial intelligence (AI):

Answer 6

A technique that manipulates artificial
intelligence (AI) and machine learning (ML) technology to conduct attacks more
efficiently

Question 7

Adware

Answer 7

A type of legitimate software that is sometimes used to display digital
advertisements in applications

Question 8

Algorithm

Answer 8

A set of rules used to solve a problem

Question 9

Analysis

Answer 9

The investigation and validation of alerts

Question 10

Angler phishing

Answer 10

A technique where attackers impersonate customer service
representatives on social media

Question 11

Anomaly-based analysis

Answer 11

A detection method that identifies abnormal behavior

Question 12

Antivirus software

Answer 12

A software program used to prevent, detect, and eliminate
malware and viruses

Question 13

Application

Answer 13

A program that performs a specific task

Question 14

Application programming interface (API) token

Answer 14

A small block of encrypted code
that contains information about a user

Question 15

Argument (Linux)

Answer 15

Specific information needed by a command

Question 16

Argument (Python)

Answer 16

The data brought into a function when it is called

Question 17

Array

Answer 17

A data type that stores data in a comma-separated ordered list

Question 18

Assess

Answer 18

The fifth step of the NIST RMF that means to determine if established controls
are implemented correctly

Question 19

Asset

Answer 19

An item perceived as having value to an organization

Question 20

Asset classification

Answer 20

The practice of labeling assets based on sensitivity and
importance to an organization

Question 21

Asset inventory

Answer 21

A catalog of assets that need to be protected

Question 22

Asset management

Answer 22

The process of tracking assets and the risks that affect them

Question 23

Asymmetric encryption

Answer 23

The use of a public and private key pair for encryption and
decryption of data

Question 24

Attack surface

Answer 24

All the potential vulnerabilities that a threat actor could exploit

Question 25

Attack tree

Answer 25

A diagram that maps threats to assets

Question 26

Attack vectors

Answer 26

The pathways attackers use to penetrate security defenses

Question 27

Authentication

Answer 27

The process of verifying who someone is

Question 28

Authorization

Answer 28

The concept of granting access to specific resources in a system

Question 29

Authorize

Answer 29

The sixth step of the NIST RMF that refers to being accountable for the security and privacy risks that might exist in an organization

Question 30

Automation

Answer 30

The use of technology to reduce human and manual effort to perform common and repetitive tasks

Question 31

Availability

Answer 31

The idea that data is accessible to those who are authorized to access it