Ack6

Question 1

SAML

Answer 1

Security Assertions Markup Language

An XML-based data format used to exchange authentication information between a client and a service

Question 2

SCADA

Answer 2

Supervisory Control and Data Acquisition

A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographically large areas

Question 3

SCAP

Answer 3

Security Content Automation Protocol

A NIST framework that outlines various accepted practices for automating vulnerability scanning

Question 4

SCEP

Answer 4

Simple Certificate Enrollment Protocol

widely used to make digital certificate issuance at large organizations easier, more secure, and scalable. Using this protocol, SCEP servers issue a one-time password (OTP) to the user transmitted out-of-band (OOB)

Question 5

SDK

Answer 5

Software Development Kit

Question 6

SDLC

SDLM

Answer 6

Software Development Life Cycle

Software Development Life-Cycle Methodology

Question 7

SDN

Answer 7

Software-defined Networking

APIs and compatible hardware/virtual appliances allowing for programmable network appliances and systems

Question 8

SDP

Answer 8

Service Delivery Platform

i.e Netflix

Question 9

SDV

Answer 9

Software-Defined Visibility

Incident Response

Question 10

SED

Answer 10

Self-Encrypting Drives

Data-at-rest is stored securely

Question 11

SEH

Answer 11

Structured Exception Handling

Script for what the app should do

Question 12

SFTP

Answer 12

SSH File Transfer Protocol

Question 13

SHA

Answer 13

Secure Hashing Algorithm

Question 14

S-HTTP or HTTPS

Answer 14

Secure Hypertext Transfer Protocol

Question 15

SIEM

Answer 15

Security Information & Event Management

Question 16

SIM

Answer 16

Subscriber Identity Module
A small chip card that identifies the user and phone number of a mobile device, via an International Mobile Subscriber Identity (ISMI)

Question 17

SIP

Answer 17

Session Initiation Protocol

Id endpoints & setup VoIP calls

Question 18

SLA

Answer 18

Service-level Agreement

Question 19

SLE

Answer 19

Single Loss Expectancy

Question 20

SMB

Answer 20

Server Message Block

Windows File Sharing

Question 21

S/MIME

Answer 21

Secure/Multipurpose Internet Mail Extentions

Question 22

SMS

Answer 22

Short Message Service

Question 23

SMTP

Answer 23

Simple Mail Transfer Protocol
how mail is sent from one system to another…secured with TLS
Port 25, 587, 465 (deprecated)

Question 24

SMTPS

Answer 24

Simple Mail Transfer Protocol Secure

aka implicit TLS

Question 25

SNMP

Answer 25

Simple Networking Management Protocol

Question 26

SOAP

Answer 26

Simple Object Access Protocol

XML format messaging
built-in error handling, tightly specified protocol

Question 27

SOAR

Answer 27

Security, Orchestration, Automation, Response

Question 28

SoC

Answer 28

System on Chip

Question 29

SOC

Answer 29

Security Operations Center

Question 30

SPF

Answer 30

Sender Policy Framework

Email Authenticator to detect forged emails

Question 31

SPIM

Answer 31

Spam over Internet Messaging

Question 32

SQL

Answer 32

Structured Query Language

Question 33

SQLi

Answer 33

SQL Injection

Question 34

SRTP

Answer 34

Secure Real-time Transport Protocol

Used to send encrypted VoIP data

Question 35

SSD

Answer 35

Solid State Drive

quicker, more reliable than HDDs

Question 36

SSID

Answer 36

Service Set Identifier
A character string that identifies a particular wireless LAN (WLAN)
LAN needs NAT which lets computer’s with a private IP connect to the public internet

Question 37

SSL

Answer 37

Secure Sockets Layer

Question 38

SSO

Answer 38

Single Sign-on

Question 39

STIX

Answer 39

Structured Threat Information eXpression

Question 40

STP

UTP

Answer 40

Shielded Twisted Pair (wire used in LAN)
Unshielded Twisted Pair (this is so dumb)

Spanning Tree Protocol A switching protocol that prevents network loops by dynamically disabling links as needed

Question 41

SWG

Answer 41

Secure Web Gateway

Filter malware

Question 42

TACACS+

Answer 42

Terminal Access Controller Access Control System

AAA, TCP, Encrypts Header & Payload

Question 43

TAXII

Answer 43

Trusted Automated eXchange of Indicator Information

Question 44

TCP/IP

Answer 44

Transmission Control Protocol/Internet Protocol

Question 45

TGT

Answer 45

Ticket Granting Ticket

Question 46

TKIP

Answer 46

Temporal Key Integrity Protocol
used in first WPA over flawed WEP
replaced by ccmp

Question 47

TLS

Answer 47

Transport Layer Security

Question 48

TOTP

Answer 48

Time-based One Time Password

improvement on HOTP

Question 49

TPM

Answer 49

Trusted Platform Module

A specification for hardware-based storage of digital certificates, keys, hashed passwords, and other user and platform identification information. transit gateway In cloud computing, a virtual router deployed to facilitate connections between VPC subnets and VPN gateways

Question 50

TSIG

Answer 50

Transaction Signature

Question 51

TTP

Answer 51

Tactics, Techniques, & Procedures

Question 52

UAT

Answer 52

User Acceptance Testing

Question 53

UAV

Answer 53

Unmanned Aerial Vehicle

Question 54

UDP

Answer 54

User Datagram Protocol

Question 55

UEBA

Answer 55

User & Entity Behavior Analytics

Automated Id suspicious behavior

Question 56

UEFI

Answer 56

Unified Extensible Firmware Interface

Enforce boot integrity checks, configured with digital certificates, no TPM needed, uses measured boot to validate boot report

Question 57

UEM

Answer 57

Unified Endpoint Management

Enterprise software for controlling device settings, apps, and corporate data storage on all types of fixed, mobile, and IoT computing devices

Question 58

UPS

Answer 58

Uninterruptable Power Supply

Question 59

URI

URL

Answer 59

Uniform Resource Identifier

Universal Resource Locator

Question 60

USB

USB OTG

Answer 60

Universal Serial Bus

USB On-The-Go

Question 61

UTM

Answer 61

Unified Threat Management

Downside: single point of failure, latency issues

Question 62

VBA

Answer 62

Visual Basic

Programming languages used to implement macros and scripting in Office document automation

Question 63

VDE

VDI

Answer 63

Virtual Desktop Environment

Virtual Desktop Infrastructure

Question 64

VLAN

Answer 64

Virtual Local Area Network

A logically separate network, created by using switching technology. Even though hosts on two VLANs may be physically connected to the same cabling, local traffic is isolated to each VLAN so they must use a router to communicate

Question 65

VLSM

Answer 65

Variable-length subnet masking

Question 66

VPC

Answer 66

Virtual Private Cloud

Question 67

VTC

Answer 67

Video teleconferencing

Question 68

WAF

Answer 68

Web Application Firewall

protect from DoS & code injection attacks

Question 69

WAP

Answer 69

Wireless Access Point

Question 70

WEP

Answer 70

Wired Equivalent Privacy

outdated for encrypting data over a wireless connection, WPA stronger, WEP is 40-104 bit

Question 71

WIDS

WIPS

Answer 71

Wireless Intrusion Detection System

Wireless Intrusion Prevention System

Question 72

WORM

Answer 72

Write Once Read Many

Question 73

WPA

WPS

Answer 73

Wifi Protect Access
auth & encrypt
Wifi Protected Setup
feature of WPA, enroll with 8-digit pin

Question 74

WTLS

Answer 74

Wireless TLS

Question 75

XSS

Answer 75

Cross-site Scripting
Needs no user interaction
Allows an attacker to execute arbitrary JavaScript within the browser of a victim user.
XSRF, an attacker to induces a victim-user to perform actions that they do not intend to…
XSRF needs an authenticated session, trick a user to click a link or access a page