A

Question 1

AAA

Answer 1

Authentication, Authorization, and Accounting

A security framework that controls access to computer resources, enforces policies, and audits usage

Question 2

ACL

Answer 2

Access Control List

A set of rules that can be used to control access to digital environments and network traffic in computer security

Question 3

AES

Answer 3

Advanced Encryption Standard

A symmetric block cipher chosen by the US govt to protect classified information. One of the most robust encryption methods.

Question 4

AES-256

Answer 4

Advanced Encryption Standard 256-bit

A symmetric block cipher used to protect sensitive information. One of the most robust encryption methods. The key size is 256 bits.

Question 5

AH

Answer 5

Authentication Header

An HTTP header that verifies the identity and permissions of the requester. It carries authentication credentials or access tokens to authorize and validate requests. This proves the sender’s identity.

This header also contains a checksum that can verify the message’s integrity.

Question 6

AI

Answer 6

Artificial Intelligence

The simulation of human intelligence processes by machines

Question 7

AIS

Answer 7

Automated Indicator Sharing

A free service that allows the real-time exchange of cyber threat indicators (CTIs) and defensive measures (DMs)

Question 8

ALE

Answer 8

Annualized Loss Expectancy

A quantitative metric used to estimate the impact of potential cybersecurity threats/vulnerabilities over a year

Question 9

AP

Answer 9

Access Point

A device that logically connects wireless client devices to one another and provides access to a distribution system, usually an organization’s enterprise wired network

Question 10

API

Answer 10

Application Programming Interface

A mechanism that enables software components to communicate with each other using a set of definitions and protocols

Question 11

APT

Answer 11

Advanced Persistent Threat

An attack campaign in which an intruder or team of intruders establishes an illicit, long-term presence on a network in order to mine highly sensitive data

Question 12

ARO

Answer 12

Annualized Rate of Occurrence

The likelihood of a risk/threat occurring in a given year

Question 13

ARP

Answer 13

Address Resolution Protocol

A network protocol that maps IP addresses to MAC addresses

Question 14

ATT&CK

Answer 14

Adversarial Tactics, Techniques, and Common Knowledge

A curated knowledge base and model for cyber adversary behavior. Used for threat modeling and security defense.

Question 15

AUP

Answer 15

Acceptable Use Policy

A document that outlines guidelines for how an organization’s resources should be used.

Question 16

AV

Answer 16

Antivirus

A type of security software that detects, quarantines, or blocks malware from running on devices.