A(s)

Question 1

802.11

Answer 1

Wireless Networking Standard

Question 2

Integrity axiom

Answer 2

Biba property which states “no write up”

Question 3

Security Property

Answer 3

Bell-LaPadula which states “no write down”

Question 4

“Bad” blocks/clusters/sectors

Answer 4

Good disk blocks marked as bad

Question 5

4GL

Answer 5

Fourth-generation programming language, designed to increase programmer’s efficiency by automating the creation of computer programming code

Question 6

802.11-1997

Answer 6

The original mode of 802.11 operated at 2 mbps using the 2.4 GHz frequency

Question 7

802.11a

Answer 7

802.11 mode that operates at 54 mbps using the 5 GHz frequency

Question 8

802.11b

Answer 8

802.11 mode that operates at 11 mbps using the 2.4 GHz frequency

Question 9

802.11g

Answer 9

802.11 mode that operates at 54 mbps using the 2.4 GHz frequency

Question 10

802.11i

Answer 10

The first 802.11 wireless security standard that provides reasonable security

Question 11

802.11n

Answer 11

802.11 mode that uses both 2.4 and 5 GHz frequencies and allows speeds of 144 mbps and beyond

Question 12

802.11X

Answer 12

Port-based Network Access Control, layer 2 authentication

Question 13

ABM

Answer 13

Asynchronous Balanced Mode, HDLC combined mode where nodes may act as primary or secondary, initiating transmissions without receiving permission

Question 14

Abstraction

Answer 14

Hides unnecessary details from the user

Question 15

Acceptance Testing

Answer 15

Testing to ensure the software meets the customer’s operational requirements

Question 16

Access aggregation

Answer 16

The collective entitlements granted by multiple systems to one user. Can lead to authorization creep

Question 17

ACL

Answer 17

Access Control List

Question 18

Access Control Matrix

Answer 18

Table defining what access permissions exist between specific subjects and objects

Question 19

Account Lockout

Answer 19

Disabled an account after a set number of failed logins, sometimes during a specific time period

Question 20

Accountability

Answer 20

Holds individuals accountable for their actions

Question 21

Accountability Principle

Answer 21

OECD privacy Guideline Principle which states individuals should have the right to challenge the content of any personal data being held, and have a process for updating their personal data if found to be inaccurate or incomplete

Question 22

Accreditation

Answer 22

The Data owner’s acceptance of the risk represented by a system

Question 23

ACK

Answer 23

TCP flag , acknowledge received data

Question 24

Act honorably, honestly, justly,responsibly, and legally

Answer 24

Second canon of the (ISC)2 Code of Ethnics

Question 25

Active RFID

Answer 25

Powered RFID tags that can operate via larger distances

Question 26

Active-active cluster

Answer 26

Involves multiple systems all of which are online and actively processing traffic or data

Question 27

Active-passive cluster

Answer 27

Involves devices or systems that are already in place, configured, powered on and ready to begin processing network traffic should a failure occur on the primary system

Question 28

ActiveX Controls

Answer 28

The functional equivalent of Java applets. They use digital certificates instead of a sandbox to provide security

Question 29

Ad box mode

Answer 29

802.11 peer-to-peer mode with no central AP

Question 30

Address space Layout Randomization (ASLR)

Answer 30

Seeks to decrease the likelihood of successful exploitation by making memory addresses employed by the system less predictable

Question 31

Administrative Controls

Answer 31

Implemented by creating and following organizational policy, procedure, or regulation. Also called directive Controls

Question 32

Administrative law

Answer 32

Law enacted by government agencies, aka regulatory law

Question 33

ADSL

Answer 33

Asymmetric Digital Subscriber Line, DSL featuring faster download speeds than upload

Question 34

Advance and protect the profession

Answer 34

Fourth canon of the (ISC)2 code of ethics

Question 35

Advanced Encryption Standard (AES)

Answer 35

A block cipher using 128 bit, 192 bit, or 256 bit keys to encrypt 128-bit blocks of data

Question 36

Agents of law enforcement

Answer 36

Private citizens carrying out actions on behalf of law enforcement

Question 37

Aggregation

Answer 37

Mathematical attack where a user is able to use lower-level access to learn restricted information

Question 38

Agile software development

Answer 38

Flexible software development model that evolved as a reaction to rigid software development models such as waterfall model

Question 39

AH

Answer 39

Authentication Header, IPSec protocol that provides authentication and integrity for each packet of network data

Question 40

ALE

Answer 40

Annualized Loss Expectancy, the cost of loss due to a risk over a year

Question 41

All pair testing

Answer 41

Or pairwise testing , form of combinatorial software testing that tests unique pairs of inputs

Question 42

Allocated space

Answer 42

Portions of a disk partition that are marked as actively containing data

Question 43

ALU

Answer 43

Arithmetic Logic Unit, CPU component that performs mathematical calculations

Question 44

Analog

Answer 44

Communication that sends a continuous wave of information

Question 45

ANN

Answer 45

Artificial Neural Networks, simulate neural networks found in humans and animals

Question 46

ARO

Answer 46

Annual Rate of occurrence, the number of losses suffered per year

Question 47

Antivirus software

Answer 47

Software is designed to prevent and detect malware infections

Question 48

API

Answer 48

Application programming Interface, allows an application to communicate with an another application, or an operating system, database, network , etc. For example, google maps API allows an application to integrate 3rd-party content, such as restaurants overlaid on a google map

Question 49

Applet

Answer 49

Small pieces of mobile code that are embedded in other software such as web browsers

Question 50

Application layer (OSI)

Answer 50

Layer 7 of the OSI model, where the user interfaces with the computer application

Question 51

Application layer (TCP/IP)

Answer 51

TCP/IP model layer that combines layer 5 through 7 of the OSI model

Question 52

Application-layer proxy

Answer 52

Proxy firewall that operates up to Layer 7

Question 53

ARCNET

Answer 53

Attached Resource Computer Network, a legacy LAN technology that uses tokens

Question 54

ARM

Answer 54

Asynchronous Response Mode, HDLC mode where secondary nodes may initiate communication with the primary

Question 55

ARPAnet

Answer 55

The predecessor of the internet

Question 56

Artificial Intelligence

Answer 56

The science of programming electronic computers to think more intelligently, Sometimes mimicking the ability of mammal brains

Question 57

Assembly language

Answer 57

Low-level computer programming language with instructions that are short mnemonics, such as “ADD”, “SUB”(subtract) and “JMP”(jump), that match to machine language instructions

Question 58

Asset

Answer 58

A resource that is valuable to an organization and must be protected

Question 59

AV

Answer 59

Asset Value, the value of a protected asset

Question 60

Asymmetric Encryption

Answer 60

Encryption that uses two keys: if you encrypt with one you may decrypt with the other

Question 61

Asynchronous Dynamic Token

Answer 61

Authentication token that is not synchronized with a central server; includes challenge-response tokens

Question 62

ATA Secure Erase

Answer 62

Hardware-level secure erase command available on Solid State Drives (SSDs) that erases all blocks and also generates a new encryption key

Question 63

ATM

Answer 63

Asynchronous Transfer Mode , a WAN technology that uses fixed length cells

Question 64

Attribute

Answer 64

A column in a rational database table

Question 65

Authentication

Answer 65

Proof of an identity claim

Question 66

Authorization

Answer 66

Actions an individual can perform on a system

Question 67

Authorization creep

Answer 67

Occurs when employees not only maintain old access rights but also gain new ones as they move from one division to another within an organization

Question 68

Availability

Answer 68

Assured information is available when needed

Question 69

Awareness

Answer 69

Security control designed to change user behavior