Abbreviations

Question 1

AES

Cryptography

Answer 1

Advanced Encryption Standard

Question 2

AH

Answer 2

Authentication Header

Question 3

Wireless Technology

ATIM

Answer 3

Announcement Traffic Indication Messages

Question 4

ALE

Answer 4

Annual Loss Expectancy

SLE times ARO

SLE times ARO

Question 5

APT

Answer 5

Advanced Persistant Threat

Question 6

ARO

GRC

Answer 6

Annual rate of Occurance

number of times a loss can occur within an year

Question 7

ARP

Answer 7

Address Resolution Protocol

Question 8

C2

Answer 8

Command to Control

Question 9

CASB

Answer 9

Cloud Access Security Broker

Question 10

CCM

Answer 10

Cloud Controls Matrix

CSA CCM - Cloud Security Aliance CCM - to assess the security posture of an organisation

Question 11

CCMP

Answer 11

Cipher Block Chaining Message Authentication Code Protocol

Counter Mode Cipher Block Chaining Message Authentication Code Protocol (Counter Mode CBC-MAC Protocol) or CCM mode Protocol (CCMP)

Question 12

CER

Answer 12

Cross Error Rate

used to determine the effectiveness of a control

Question 13

CHAP

Answer 13

Challenge Handshake Authentication Protocol

Question 14

CIS-RAM

Answer 14

Center for Internet Security - Risk Assessment Method

to evaluate the overall security posture

Question 15

CRL

issued by Certificate Authority(CA)

Answer 15

Certificate Revocation List

Question 16

CSF

Answer 16

Cybersecurity Framework

NIST CSF - security policy to assess and improve the ability to prevent, detect and respond to cybersecurity attacks

Question 17

CVE

Answer 17

Common Vulnerabilities and Exposures

Question 18

CVSS

Answer 18

Common Vulnerability Scoring System

Question 19

DDoS

Answer 19

Distributed Denial of Service

Question 20

DES

Answer 20

Data Encryption Standard

Question 21

DLP

Answer 21

Data Loss Prevention

Question 22

DNS

Answer 22

Domain Name System

Question 23

EAP

Answer 23

Extensible Authentication Protocol

802.1x - allows multiple authentication methods to permit users access LAN &WLAN

Question 24

EAP-AKA

Answer 24

EAP Authentication and Key Agreement

Question 25

EAP-EKE

Answer 25

EAP Encrypted Key Exchange

Question 26

EAP-FAST

Answer 26

EAP Flexible Authentication via Secure Tunneling

Cisco Proprietory - designed to replace LEAP

Question 27

EAP-GTC

Answer 27

EAP Generic Token Card

Question 28

EAP-IKEv2

Answer 28

EAP Internet Key Exchange v2

Question 29

EAP-NOOB

Answer 29

Nible out-of-band Authentication for EAP

Question 30

EAP-PSK

Answer 30

EAP Pre-Shared Key

Question 31

EAP-SIM

Answer 31

EAP Subscriber Identity Module

Question 32

EAP-TLS

Answer 32

EAP Transport Layer Security

Question 33

EAP-TTLS

Answer 33

EAP Tunneled Transport Layer Security

Question 34

ECDHE

Answer 34

Elliptic Curve Diffie-Hellman Ephemeral

Question 35

EF

Answer 35

Exposure Factor

This is the percentage of the asset value that would be lost as a result of a threat. This is used to calculate SLE. SLE = Asset Value X EF

Question 36

ESP

Answer 36

Encapsulation Security Payload

Question 37

FAR

Answer 37

False Acceptance Rate

Question 38

FRR

Answer 38

False Rejection Rate

Question 39

FTPES

Answer 39

Explicit FTP over SSL

Question 40

FTPS

Answer 40

FTP over SSL

Question 41

GDPR

Answer 41

General Data Protection Regulation

Regulation in EU

Question 42

GRC

Answer 42

Governance, risk and compliance

Question 43

HIPAA

Answer 43

Health Insurence Portability & Accountability Act

Question 44

HIPS

Answer 44

Host based Intrusion Prevention System

Question 45

HMAC

Answer 45

Hash-based message authentication code

Question 46

HOTP

Answer 46

HMAC-Based One-Time Password Algorithm

Question 47

HPKP

Answer 47

HTTP Public Key Pinning

an obsolete Internet security mechanism delivered via an HTTP header

Question 48

HSM

Answer 48

Hardware Security Module

Question 49

HVAC

Answer 49

Heating, Ventilation & Air Conditioning

Question 50

IA

Answer 50

Information Assurance

Question 51

IaaS

Answer 51

Infrastructure as a Service

Question 52

IAM

Answer 52

Identity & Access Management

Question 53

ICMP

Answer 53

Internet Control Message Protocol

Supporting protocol in the Internet protocol suite.

It is used by network devices, including routers, to send error messages and operational information

Question 54

ICV

Answer 54

Integrity Check Value

Question 55

IDS

Answer 55

Intrusion Detection System

Question 56

IPS

Answer 56

Intrusion Prevention System

Question 57

ISFW

Answer 57

Internal Segmentation Firewall

Question 58

LEAP

Answer 58

Lightweight EAP

Question 59

MDA

Answer 59

Message Digest Algorithm

Also known as md5

The MD5 hashing algorithm is a one-way cryptographic function that accepts a message of any length as input and returns as output a fixed-length digest value to be used for authenticating the original message.

Question 60

MitM

Answer 60

Man-in-the-Middle

Question 61

MoU

Done before any engagement.

Answer 61

Memorandum of Understanding

used during the priliminary discussions stage between two merging/parterning businesses

Question 62

MTBF

Answer 62

Mean Time Between Failures

provides a measure of a system’s average reliability and is measured in hours. This is used to measure for repairable assets

Question 63

MTTF

Answer 63

Mean Time To Failure

used to measure the non-repairable assets

Question 64

MTTR

Answer 64

Mean Time To Recover

is the average time it takes to restore a system after an outage.

Question 65

NFC

Answer 65

Near Field Communication

NFC doesn’t provide encryption, so eavesdropping and MitM attacks are possible.

Question 66

NGFW

Answer 66

Next Generation Firewall

Question 67

NIST

Answer 67

National Institute of Standards & Technology

Question 68

OCSP

It is an Internet Protocol (IP) that certificate authorities (CAs) use to determine the status of secure sockets layer/transport layer security (SSL/TLS) certificates

Answer 68

Online Certificate Status Protocol

Question 69

OIDC

an authenticaiton protocol

Answer 69

Open ID Connect

is an authentication protocol, providing authenticaiton for federated applications

Question 70

OSINT

Answer 70

Open Source Intelligence

Question 71

PaaS

Answer 71

Platform as a Service

Question 72

PAP

It is a basic authenticaiton mechanism.

Answer 72

Password Authentication Protocol

an unsophisticated authentication method used as the basic authentication mechanism in HTTP. It relies on clear-text password exchange.

Question 73

PAT

in layer 3

Answer 73

Port Address Translation

Similar to NAT

Question 74

PCI-DSS

GRC

Answer 74

Payment Card Industry Data Security Standard

Question 75

PEAP

Answer 75

Protected EAP

Question 76

PFS

Cryptography

Answer 76

Perfect Forward Secrecy

Question 77

PII

GRC

Answer 77

Personally Identifiable Information

Question 78

POP3

Answer 78

PostOffice Protocol V3

Question 79

PPP

Answer 79

Point-to-Point Protocol

Question 80

PUP

Answer 80

Potentially Unwanted Program

Question 81

QoS

Answer 81

Quality of Service

802.1p

Question 82

RADIUS

Answer 82

Remote Authentication Dial Up

used primarily for network access control

Question 83

RASP

Security mechanism

Answer 83

Runtime Application Self Protection

Question 84

RBAC

Technical Control

Answer 84

Role Based Access Control

Question 85

RCE

Answer 85

Remote Code Execution

Question 86

RoR

Answer 86

Rate of Return

Question 87

RPO

Answer 87

Recovery Point Objective

identifies a point in time that data loss is acceptable. In the event of a system failure, the company may lose some data, but the RPO is the last seven days.

Question 88

RRset

Answer 88

Resource Records set

Question 89

RSA

Cryptography

Answer 89

Rivest, Shamir, Adleman

Widely used, but it’s no more secure

Question 90

RTO

GRC

Answer 90

Recovery Time Objective

identifies the maximum time it takes to recover a system in the event of an outage. for example Eight hours to restore represent the RTO.

Question 91

RTP

Answer 91

Real-time Transport Protocol

Question 92

S/MIME

Answer 92

Secure Multipart Internet Message Extensions

to sign & encrypt mail messages using an email certificate

Question 93

SaaS

Answer 93

Software as a Service

Question 94

SECaas

Answer 94

Security as a Service

Question 95

SED

Cryptography

Answer 95

Self Encrypting Drive

Question 96

SFTP

Answer 96

Secure Shell FTP

Question 97

In Cryptography

SHA

Answer 97

Secure Hash Algorithm

SHA & salt are part of key stretching process

Question 98

SIP

Answer 98

Session Initiation Protocol

Question 99

SLE

GRC

Answer 99

Single Loss Expectancy

cost of any single item loss. SLE = AV X EF

Question 100

SOAR

Answer 100

Security Orchestration, Automation & Response

Question 101

SoC

Answer 101

System on a Chip

Question 102

SOC

Answer 102

Security Operations Center

Question 103

SRTP

Answer 103

Secure RTP

Used for Video and VOIP calls

Question 104

SSO

Answer 104

Single Sign-On

Question 105

SSRF

Answer 105

Server Side Request Forgery

Question 106

SWG

Answer 106

Secure Web Gateway

Question 107

TACACS+

Answer 107

Terminal Access Controller Access-Control System Plus

specifically designed for network administration of routers. TACACS+ performs authentication, authorization, and accounting functions better than RADIUS

Question 108

TEAP

Answer 108

Tunnel Extensible Authentication Protocol

Question 109

TLS

Answer 109

Transport Layer Security

Question 110

TOTP

Answer 110

Time based One Time Password Algorithm

Question 111

TPM

Answer 111

Trusted Platform Module

Question 112

TTP

Answer 112

Tactics, Techniques & Procedures

Question 113

UBA

Answer 113

User Behaviour Analytics

Question 114

UTM

Answer 114

Unified Threat Management

Question 115

WAP

Answer 115

Wireless Application Protocol

Question 116

WAS

Answer 116

Web Application Security

Question 117

XSS

Answer 117

Cross-Site Scripting

Question 118

ZTNA

Answer 118

Zero Trust Network Access

Question 119

PMK

Cryptography

Answer 119

Pairwise Master Key

Question 120

BSS

Answer 120

Basic Service Set

Question 121

IBSS

Answer 121

Independent BSS