Ack5 Flashcards

1
Q

OVAL

A

Open Vulnerability and Assessment Language

XML Schema for describing system security state & querying vulnerability reports

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

OWASP

A

Open Web Application Security Project

keep up to date with specific attack methods and new types of attacks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

P12

A

PKCS#12

type of certificate format used to transfer your private key and certificate from one Windows host computer to another

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

PKCS

A

(public key cryptography standards)
Series of standards defining the use of certificate authorities and digital certificates

Promote PKI use

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

P2P

A

Peer-to-Peer
A point-to-point topology is one where two nodes have a dedicated connection to one another. In a point-to- multipoint topology, a central node mediates links between remote nodes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

PaaS

A

Platform as a Service

computing method that uses the cloud to provide any platform-type services (aka Hardware + SW)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

PAC

A

Proxy Auto Configuration
A script that allows a client to configure proxy (access) settings without user intervention
i.e. Will the web request go to the destination or a server?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PAM

A

Privileged Access Management

Pluggable Authentication Modules (linux access)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

PAP

A

Password Authentication Protocol

unsophisticated authentication method, HTTP-cleartext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PBKDF2

A

Password-based Key Derivation Function 2

Key stretching algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PBX

A

Private Branch Exchange

interface between the VoIP network and external telephone and cellular networks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

PCAP

A

Packet Capture

file format for tcpdump & tcpreplay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

PCI DSS

A

Payment Card Industry

Data Security Standard

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

PDU

A

Power Distribution Unit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

PE

A

Portable Executable

file format for executables

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

PEAP

A

Protected Extensible Authentication Protocol

EAP implementation that uses a server-side certificate to create a secure tunnel for user authentication

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

PED

A

Portable Electronic Device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

PEM

A

Privacy Enhanced Mail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

PFS

A

Perfect Forward Secrecy
ensures if a key is compromised the compromise will only affect a single session, not let data from other session get recovered

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

PGP

A

Pretty Good Privacy

alt. to PKI

21
Q

PIV

A

Personal Identity Verification

Gov’t Smart Card resistant to tampering and provides quick electronic authentication of the card’s owner.

22
Q

PKCS

A

Public Key Cryptography Standards

standards defining the use of certificate authorities and digital certificates

23
Q

PKI

A

Public Key Infrastructure
Framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities

24
Q

PoC

A

Proof of Concept

25
POP
Post Office Protocol | mailbox protocol designed to store themessages delivered by SMTP on a server
26
POTS
Plain Old Telephone Service
27
PPP
Point-to-Point Protocol | provides encapsulation for IP traffic plus IP address assignment and authentication via the widely supported (CHAP)
28
PPTP (obsolete)
Point-to-Point Tunneling Protocol | Support VPN over PPP & TCP/IP, vulnerable to PW cracking
29
PSK
Pre-shared Key | Passphrase to generate the key that is used to encrypt communications. aka Group Authentication share the same secret
30
PTZ
Pan-Tilt-Zoom
31
PUP
Potentially Unwanted Program | Software that cannot definitively be classed as malicious, but may not have been chosen by or wanted by the user
32
QoS
Quality of Service
33
RA
Registration Authority | In PKI, an authority that accepts requests for digital certificates and authenticates the entities making those requests
34
RAD
Rapid Application Development
35
RADIUS
Remote Authentication Dial-in User Service | manage remote and wireless authentication infrastructures
36
RAS
Remote Access Server allows users to gain access to files and print services on the LAN from a remote location
37
RAT
Remote Access Trojan | Malware that creates a backdoor
38
RCS
Rich Communication Service | platform-independent advanced messaging app for video calling or large file attachments
39
RFC
Request for Comments when a new technology is accepted as a web standard, it is published as an RFC by the W3C
40
RFID
Radio Frequency Identifier
41
RIPEMD
RACE Integrity Primitives Evaluation Message Digest | cryptographic hash functions
42
RPO
Recovery Point Objective | amount of data loss that a system cansustain, measured in time
43
RSA
first successful algorithm for public key encryption | Asymmetric
44
RTBH
Remotely Triggered Black Hole | area of the network that cannot reach any other part of the network
45
RTO
Recovery Time Objective period following a disaster that an individual IT system may remain offline. This represents the amount of time it takes to identify that there is a problem and then perform recovery
46
RTOS
Real-Time Operating System | type of OS that prioritizes deterministic execution of operations to ensure consistent response for time-critical tasks
47
RTP
Real-time Transport Protocol | Opens a data stream for video and voice applications over UDP.
48
S/MIME
Secure/Multipurpose Internet Mail Extensions | An email encryption standard that adds digital signatures and public key cryptography
49
SaaS
Software as a Service | cloud the app/software needed