Acronyms

Question 1

MTD

Answer 1

Maximum tolerable downtime

Question 2

RPO

Answer 2

Recovery point objective

We have to recover to at least this point

The maximum allowed amount of data loss, measured in time

How often backups are performed. More frequent backups = smaller RPO

Question 3

MTTR

Answer 3

Mean time to repair

How long a repair takes

Question 4

MTBF

Answer 4

Mean time between failure

Average time between failures of a device

Question 5

MFD

Answer 5

Multifunction device
All in one printers

Question 6

PKI

Answer 6

Public key infrastructure

Processes and procedures for maintaining digital certificates

Question 7

MTTF

Answer 7

Mean time to failure

Expected life of a NON REPAIRABLE system

Question 8

RTO

Answer 8

Recovery time objectives

We have to be up in this amount of time

Question 9

EAP TTLS

Answer 9

Extensible authentication protocol - Tunneled transport layer security

Allows the use of multiple authentication protocols

Question 10

CASB

Answer 10

Cloud access security broker

Used to apply security to cloud

Question 11

SED

Answer 11

Self encrypting drive

Question 12

VDI

Answer 12

Virtual desktop infrastructure

Question 13

CA

Answer 13

Certificate authority

Question 14

X.509

Answer 14

Defines the structure of a certificate

Question 15

HSM

Answer 15

Hardware security module

Cryptographic hardware that stores keys and certificates

Question 16

SLE

Answer 16

Single loss expectancy

Loss from a single event

Question 17

ALE

Answer 17

Annual loss expectancy

Loss over a year

Question 18

ARO

Answer 18

Annualized rate of occurrence

Number of times in a year something will happen

Question 19

NTP

Answer 19

Network time protocol

Question 20

FDE

Answer 20

Full disk encryption

Question 21

PICERL

Answer 21

Prepare
Identify
Contain
Eradicate
Recover
Lessons learned

Question 22

CMS

Answer 22

Content management system

Used to make changes to a website for dummies

Question 23

SIAM

Answer 23

Service integration and management

Combines different services into one management plane
Makes working with different cloud providers easier

Question 24

OTA

Answer 24

Over the air

Question 25

OCSP

Answer 25

online certificate status protocol

Question 26

CSR

Answer 26

Certificate signing request

Question 27

AIS

Answer 27

Automated Indicator Sharing
Sharing information between businesses

Question 28

HIPS

Answer 28

Host based IPS

Question 29

ECC

Answer 29

Elliptic Curve Cryptography

Short keys for mobile devices

Question 30

PGP

Answer 30

Pretty Good Privacy
Cryptography

Question 31

RA

Answer 31

Registration Authority
(Request Authority)
Verify the certificate requester

Question 32

CRL

Answer 32

Certificate Revocation List

Question 33

HA

Answer 33

High Availability

Question 34

ECB

Answer 34

Electronic Codebook
Block cipher, each block has the same key
Too simple (bad)

Question 35

HMAC

Answer 35

Hash-based Message Authentication Code

Hash for AH in IPsec

Question 36

SAML

Answer 36

Security Assertion Markup Language

Used to exchange authentication and authorization data between parties

Used for federation

Question 37

RP

Answer 37

Relying Parties

Provide services for members of a federation

Question 38

IdP

Answer 38

Identify Provider

Question 39

TTPs

Answer 39

Tactics Techniques and Procedures that bad guys use

Question 40

FISMA

Answer 40

Federal Information Security Management Act

Government and people who work with them need to comply with their security standards

Question 41

COPPA

Answer 41

Children’s Online Privacy Protection Act

Question 42

PIV

Answer 42

Personal Identity Verification

Question 43

COOP

Answer 43

Continuity Of Operations Plan

Question 44

VPC

Answer 44

Virtual private cloud
Private network inside of a cloud

Question 45

CIS

Answer 45

Center for Internet Security

Cybersecurity best practices

Question 46

ISA

Answer 46

Interconnection Security Agreement

A secure connection between two companies

Question 47

WORM

Answer 47

Write once read many

Can’t modify logs

Question 48

PFX

Answer 48

Personal Information Exhange

Certificate file with a password
.pfx file
.p12 for many certificates

Question 49

OVAL

Answer 49

Open Vulnerability and Assessment Language

Is a standard format for sharing vulnerability information between tools

Like a jpg for vulnerability information

Question 50

SAN

Answer 50

Subject alternative name

Allows a certificate to support many different domain names

Question 51

CVSS

Answer 51

Common Vulnerability Scoring System

Question 52

RFC

Answer 52

Request For Comments

Documents that govern how the internet works

Question 53

SDV

Answer 53

Software Defined Visibility

Dashboard for monitoring network

Question 54

SDK

Answer 54

Software Development Kit

Question 55

OWASP

Answer 55

Opens Web App Security Project

Question 56

PDU

Answer 56

Power Distribution Unit

Question 57

SWG

Answer 57

Secure Web Gateway

Cloud gateway

Question 58

MOU

Answer 58

Memorandum Of Understanding

A gentleman’s agreement

Question 59

BPA

Answer 59

Business Partnership Agreement

Business contract

Question 60

MSA

Answer 60

Measurement System Analysis

Don’t make decisions on bad data!

Question 61

DRP

Answer 61

Disaster Recovery Plan