Acronyms

Question 1

SSO

Answer 1

Single sign on

Question 2

CHAP

Answer 2

Think handshake

Question 3

AUP

Answer 3

Acceptable use policy (that thing you sign before using software that no one reads)

Question 4

ACL

Answer 4

Access control list. Every time you log into something, the system checks its ACL to see if you’re “on the list”

Question 5

ARP

Answer 5

Address Resolution Protocol (how you get your MAC address)

Question 6

AES

Answer 6

Symmetric encryption that replaced DES.

Question 7

DES

Answer 7

OUTDATED symmetric encryption method

Question 8

ALE

Answer 8

Annual loss expectancy. SLE * ARO

Question 9

ARO

Answer 9

Annual rate of occurrence. The number of times a risk will occur within ONE YEAR.

Question 10

ABAC

Answer 10

Attribute-based access control. The “preferred” access control model for information sharing among diverse orgs.

Question 11

AH

Answer 11

Authentication Header. Part of IPsec.

Question 12

AAA

Answer 12

Authentication, authorization, and accounting

Question 13

CIA (triad)

Answer 13

Confidentiality, integrity, and availability

Question 14

BCP

Answer 14

Business continuity plan. How are you gonna continue to work DURING a disaster/workflow interruption. Not to be confused with a DRP.

Question 15

BIA

Answer 15

Business impact analysis. The process of determining the impacts of business interruptions.

Question 16

BPA

Answer 16

Business partner agreement. Just think contract.

Question 17

CA

Answer 17

Certificate authority. The person that issues, distributes, and maintains digital certificates.

Question 18

CRL

Answer 18

Certificate revocation list. A list generated by a CA that includes revoked/expired certs.

Question 19

CSR

Answer 19

Certificate signing request; your request for a digital certificate