2.0

Question 1

MFD

Answer 1

Multifunction devices
A device, such as a printer, with multiple functions, such as printing and scanning.

Question 2

SoC

Answer 2

System on a Chip
The integration of complete system functions on a single chip in order to simplify construction of devices.

Question 3

RTOS

Answer 3

Real-Time Operating System
Are designed for devices where the processing must occur in real time and data cannot be queued or buffered for any significant length of time.

Question 4

IaaS

Answer 4

Allows an organization to outsource its equipment requirements, including the hardware and all support operations. The IaaS service provider owns the equipment, houses it in its data center, and performs all the required hardware maintenance.
Ex. Amazon Web Services (AWS), Microsoft Azure

Question 5

SaaS

Answer 5

Software as a Service
Any software or application provided to users over a network such as the Internet. Internet users access the SaaS applications with a web browser.
Ex. Gmail, Yahoo! Mail, Google Docs, One Drive etc.

Question 6

PaaS

Answer 6

Platform as a Service
provides customers with a preconfigured computing platform they can use as needed. It provides the customer with an easy-to-configure operating system, combined with appropriate applications and on-demand computing.
Ex. Salesforce, Github, Docker

Question 7

TOTP

Answer 7

Time-based One-Time Password
A password that is used once and is only valid during a specific time period.

Question 8

WAF

Answer 8

Web Application Firewall
A firewall that operates at the application level, specifically designed to protect web applications by examining requests at the application stack level.

Question 9

Public Cloud

Answer 9

A cloud service that is rendered over a system open for public use. Services are available from third-party companies, such as Amazon, Google, Microsoft, and Apple.

Question 10

Community Cloud

Answer 10

A cloud system is one where several organizations with a common interest share a cloud environment for the specific purposes of the shared endeavor.

Question 11

Private Cloud

Answer 11

A cloud system where it is essentially reserved resources used only by your organization if your organization is highly sensitive to sharing resources.

Question 12

Hybrid Cloud

Answer 12

Is a combination of two or more clouds. They can be private, public, community, or a combination of these.

Question 13

Federation

Answer 13

Defines policies, protocols, and practices to manage identities across systems and organizations. Federation’s ultimate goal is to allow users to seamlessly access data or systems across domains.
Ex. Provide network access to others, not just employees but partners, suppliers, customers, etc.

Question 14

DNS sinkhole

Answer 14

Domain Name System sinkhole
This is a technique used to redirect malicious or unwanted traffic to a specific IP address. It’s often used as a security measure to block access to malicious domains or to filter out unwanted content.

Question 15

Honeynet

Answer 15

A network designed to look like a corporate network but is made attractive to attackers. A honeynet is a collection of honeypots.

Question 16

Honeypot

Answer 16

It is a server that is designed to act like a real server on a corporate network, but rather than having real data, the honeypot possesses fake data.

Question 17

Screened subnet (formerly known as DMZ)

Answer 17

Demilitarized zone
A network segment that exists in a semi-protected zone between the Internet and the inner, secure trusted network.

Question 18

UPS

Answer 18

Uninterruptible power supply
Provides short-term power and can protect against power fluctuations.

Question 19

Blockchain

Answer 19

A distributed ledger with growing lists of records (blocks) that are securely linked together via cryptographic hashes.
Keeps track of transactions.

Question 20

Asymmetric encryption

Answer 20

Uses two keys (public and private) created as a matched pair.

Question 21

Symmetric encryption

Answer 21

Uses the same key to encrypt and decrypt data.

Question 22

Faraday cage

Answer 22

Room/ cage that prevents radio frequency (RF) signals or Electromagnetic interference (EMI) from entering into or emanating beyond a room.

Question 23

Obfuscation

Answer 23

Altering the format, structure, or presentation of data or code without changing its functionality, making it challenging for adversaries to interpret or exploit the information.

Question 24

Key stretching

Answer 24

Cryptographic technique used to enhance the security of passwords or cryptographic keys by increasing their complexity and resistance to brute-force attacks.

Question 25

Digital signature

Answer 25

An electronic, encrypted, stamp of authentication on digital information such as email messages, macros, or electronic documents. Used for non-repudiation and integrity.

Question 26

MSP/MSSP

Answer 26

Managed Service Provider/ Managed Service Provider

A third party that manages and maintains the security environment for companies.

MSP support
– Network connectivity management
– Backups and disaster recovery
– Growth management and planning

Question 27

Continuous monitoring

Answer 27

To describe the technologies and processes employed to enable rapid detection of compliance issues and security risks. Check for a particular event, and then react.

Question 28

Stored Procedure

Answer 28

Stored procedures are precompiled scripted methods of data access (SQL)

Question 29

Normalization

Answer 29

The process of creating the simplest form, of a string, before processing. To reduce and eliminate redundancy

Question 30

Attestation

Answer 30

Attestation can be done by a service that checks the credentials supplied, and if they are correct and match the required values, the service can attest that the entry is valid or correct.

Question 31

HOTP

Answer 31

HMAC-based One-Time Password algorithm

Keyed-hash message authentication code (HMAC). The keys are based on a secret key and a counter. Use them once, and never again.

Question 32

HE

Answer 32

Homomorphic Encryption

A set of algorithms that allows operations to be conducted on encrypted data, without decrypting and reencrypting.

Question 33

ECC

Answer 33

Elliptic curve cryptography

An approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. As a public-key cryptosystem, it relies on an asymmetric algorithm.

Ex. of use is for mobile devices

Question 34

Key exchange

Answer 34

A cryptographic method used to share cryptographic keys between two entities.

Question 35

Ephemeral keys

Answer 35

Cryptographic keys that are used only once after generation.

Question 36

Diffie–Hellman key exchange

Answer 36

Cryptographic protocol used to securely exchange encryption keys over an insecure medium.

Question 37

Perfect forward secrecy

Answer 37

A feature of cryptographic systems that ensures that even if a long-term secret key is compromised, past communications remain secure. Generates random public keys for each session

Question 38

Steganography

Answer 38

hides data inside other data, it hides data in plain sight. The goal is to hide the data in such a way that no one suspects there is a hidden message.

Question 39

Stream Cipher

Answer 39

Encrypts data as a stream of bits or bytes rather than dividing it into blocks. It is done one at a time

Question 40

Block

Answer 40

A block cipher encrypts plaintext one block at a time.

Question 41

IP schema

Answer 41

An IP address plan or model

Question 42

IRM

Answer 42

Information Rights Document

To control how data is used. Restrict data access to unauthorized persons.

Question 43

Fake telemetry

Answer 43

When security teams/tools send false information back to an attacker spotted using offensive security tools, like port scanners

Question 44

Edge computing

Answer 44

The practice of storing and processing data close to the devices that generate and use the data. Which could be within a local area network (LAN) or on devices themselves.

Question 45

Fog Computing

Answer 45

Complements cloud computing by processing data from IoT devices. Often places gateway devices in the field to collect and correlate data centrally at the edge.

Question 46

Thin Client

Answer 46

A lightweight computer, with limited resources, whose primary purpose is to communicate with another machine

Question 47

Container

Answer 47

Services or applications within isolated containers or application cells.

Question 48

Microservices

Answer 48

They are small, independent code modules that perform specific functions, receive input (value), and produce output (value) through well-defined interfaces or APIs.

Question 49

Serverless Architecture

Answer 49

A cloud computing model where developers can build and run applications without managing the underlying infrastructure.

Question 50

Transfer gateway

Answer 50

A transit gateway is used to connect VPCs to an on-premises network.

Question 51

Resource policies

Answer 51

Assigning permissions to cloud resources

Question 52

Service Integration

Answer 52

Deploying multiple connection from multiple cloud services

Question 53

SDN

Answer 53

Software-Defined Networking
an approach to networking that separates the control plane from the data plane, allowing centralized control and programmability of network devices through software-based controllers.

Question 54

SDV

Answer 54

Software-Defined Visibility

Ensures that all traffic is viewable and can be analyzed.

Question 55

Virtual machine (VM)
sprawl avoidance

Answer 55

Refers to strategies and practices aimed at preventing the uncontrolled proliferation of virtual machines within an IT environment.

Question 56

VM escape protection

Answer 56

Refers to measures and techniques implemented to prevent unauthorized access or exploitation of vulnerabilities that could allow an attacker to escape from a virtual machine (VM) and gain access to the underlying hypervisor or host system.

Question 57

Snapshot

Answer 57

A snapshot is an image of the virtual machine (VM) at some point in time. It is standard practice to periodically take a snapshot of a virtual system so that you can return that system to a last known good state.

Question 58

Elasticity

Answer 58

The ability to increase or decrease available resources as the workload changes.

Question 59

Scalability

Answer 59

The ability to increase the workload in a given infrastructure.

Question 60

Provisioning

Answer 60

Deploying an application

Question 61

Deprovisioning

Answer 61

Dismantling and removing an application instance.

Question 62

VPC

Answer 62

Virtual Private Cloud
virtual device within a virtual network. Users or services can connect to the VPC endpoint and then access other resources via the virtual network instead of accessing the resources directly via the Internet.

Question 63

FRR

Answer 63

False rejection rate
Likelihood that an authorized user will be rejected

Question 64

FAR

Answer 64

False acceptance rate
Likelihood that an unauthorized user will be accepted

Question 65

CER

Answer 65

Crossover error rate
Defines the overall accuracy of a biometric system

Question 66

Pulping

Answer 66

An additional step taken after shredding paper. It reduces the shredded paper to mash or puree. Removes the ink.

Question 67

Pulverizing

Answer 67

physical process of destruction using excessive physical force to break an item into unusable pieces, such as with a sledge hammer (and safety goggles).

Question 68

Degaussing

Answer 68

Destroying files on magnetic storage devices (that is, magnetic tape and hard drives) is to destroy the data magnetically, using a strong magnetic field to degauss the media.

Question 69

Access control vestibules

Answer 69

Sometimes call mantraps allow only a single person to pass at a time.

Question 70

Protected cable distribution

Answer 70

A physically secure cabled network. Protect your cables and fibers

Question 71

Air Gap

Answer 71

A physical security control that ensures that a computer or network is physically isolated from another computer or network.

Question 72

Geographic dispersal

Answer 72

Use multiple data centers in different locations so that personnel can easily retrieve the backups when disaster happens in the current data center.

Question 73

Multipath

Answer 73

It uses a separate data transfer path to and from the storage hardware.

Question 74

Configuration Management

Answer 74

Ensures that systems are configured, in other words, configurations are known and documented.

Question 75

Change management

Answer 75

Identify and document changes to reduce outages or weekend security from unauthorized changes.

Question 76

Standard Naming Conventions

Answer 76

Are used to make identifying device type easier.

Question 77

Asset management

Answer 77

Maintain an up-to-date asset register to ease the process of tracking and maintaining assets.

Question 78

Baseline Configuration

Answer 78

Ensuring that systems are deployed with a common baseline or starting point

Question 79

DRM

Answer 79

Digital Rights Management

Allow content owners to enforce restrictions on their content that is used by others.

Question 80

Data Sovereignty

Answer 80

Digital data that is subject to laws and regulations of the country it was created and cannot be moved to another region

Question 81

IaC

Answer 81

Infrastructure as code

is a management of infrastructure described in code

Question 82

Integrity Measurement

Answer 82

Measuring and identification of changes to a system to ensures that the application performs as it should do and conforms to data industry standards and regulations.

Question 83

Memory management

Answer 83

Code should be written to minimize memory consumption and return memory to the system when no longer needed.

Question 84

Software Diversity

Answer 84

Creation of software that’s different on each user endpoint/device

Question 85

OWASP

Answer 85

An organization that provides the most up to date of web application concerns/ attacks.

Question 86

Static codes

Answer 86

a static set of numbers and letters to provide for authentication. A password or passphrase is an example of an alphanumeric static code.

Question 87

NIC

Answer 87

Network Interface Card
Dual network cards, paired together to give maximum throughput.
Should one adapter fail, the other can ensure the server or client maintains network connectivity.

Question 89

PDUs

Answer 89

Managed Power Distribution Units

A device that provides multiple power outlets (for power cable plugs). A managed PDU includes network connectivity for remote connection and management of the power outlets.

Question 90

SAN

Answer 90

Storage Area Network

A hardware device that contains a large number of fast disks, such as Solid-State Drives (SSDs), usually isolated from the LAN on its own network

Question 91

NAS

Answer 91

Network-attached storage
Connect to a shared storage device across the network

Question 92

HA

Answer 92

High Availability

The ability to keep services up and running for long periods of time.

Question 93

FPGA

Answer 93

Field-Programmable Gate Array
an array of programmable logic blocks, designed to be configured by customer or designer after manufacturing.

Question 94

SCADA/ICS

Answer 94

Supervisory control and data acquisition
/industrial control system

Are systems used for controlling and monitoring industrial processes.

Question 95

Narrow Band

Answer 95

Refers to radio communications that carry signals in a narrowband of frequencies Used in a variety of scenarios requiring short range, wireless communication

Question 96

Baseband Radio

Answer 96

Used for audio signals over a radio frequency transmitted over a single channel uses a single frequency for communication, and is digital

Question 97

Zigbee

Answer 97

A short-range wireless PAN (Personal Area Network) technology developed to support automation, machine-to-machine communication, remote control and monitoring of IoT devices.

Question 98

Industrial camouflage

Answer 98

For company facilities housing important resources and operations, designing the building to prevent recognition.

Question 99

Proximity reader

Answer 99

It is commonly used to gain access to doors, or door locks.

Question 100

Air gap

Answer 100

Create “air gaps” between some systems that are used internally to separate confidential systems from standard systems.

Question 101

Quantum

Answer 101

Harnessing the principles of quantum mechanics to improve security.

Question 102

Counter

Answer 102

Uses an incrementing counter instead of a seed. Errors do not propagate.

Question 103

Post-quantum cryptography

Answer 103

Breaks our existing encryption mechanisms

Question 104

Stream ciphers

Answer 104

Encryption is done one bit or byte at a time
is a method of encrypting text in which a cryptographic key and algorithm are applied to a block of data

Question 105

Block ciphers

Answer 105

Is a method of encrypting text in which a cryptographic key and algorithm are applied to a block of data

Question 106

Entropy

Answer 106

a measure of the randomness or diversity of a data-generating function. Data with full entropy is completely random with no meaningful patterns.