Acronyms Flashcards

Question

BASH

Answer 1

Bourne Again Shell

Answer 2

Basic Input Output Systems

Answer 3

Business Partnership Agreement

Answer 4

Bridge Protocol Data Unit - Primary protocol used by the Spanning tree protocol

Answer 5

Basic Service Set Identifier

Answer 6

Bring Your Own Device

Answer 7

Certificate Authority

Answer 8

Completely Automated Public Turning Test to Tell Computers and Humans Apart

Answer 9

Corrective Action Report

Answer 10

Cloud Access Security Broker

Answer 11

Cipher Block Chaining

Answer 12

Counter-Mode/CBC-MAC Protocol

Answer 13

Closed Circuit Television

Answer 14

Computer Emergency Response Team

Answer 15

Cipher Feedback

Answer 16

Challenge-Handshake Authentication Protocol - Used to provide authentication by using the user's password to encrypt a challenge string of random numbers - PAP and CHAP are mostly used with dial-up - MS-CHAP = Microsoft's versions

Answer 17

Chief Information Officer

Answer 18

Computer Incident Response Team

Answer 19

Center for Internet Security - Non profit organization focused on developing globally-recognized best practices for securing IT systems and data against cyber attacks

Answer 20

Content Management System

Answer 21

Common Name

Answer 22

Continuity of Operations Planning

Answer 23

Corporate-owned Personally Enabled

Answer 24

Contingency Planning

Answer 25

Cyclic Redundancy Check

Answer 26

Cloud Service Provider

Answer 27

Certificate Signing Request

Answer 28

Cross-Site Request Forgery

Answer 29

Channel Service Unit - hardware that concerts digital data frames from LAN into frames for WAN and vice versa - received and transmits signals to and from the WAN line and provided a barrier for electrical interference from either side of the unit - can echo loop back signals for testing purposes - connects the network provider side - CSU/DSU (Data service Unit). The DSU connects to your Data Terminal Equipment (often a router)

Answer 30

Counter-Mode

Answer 31

Chief Technology Officer

Answer 32

Common Vulnerabilities and Exposures

Answer 33

Common Vulnerability Scoring System

Answer 34

Choose Your Own Device

Answer 35

Discretionary Access Control

Answer 36

Database Administrator

Answer 37

Distributed Denial of Service

Answer 38

Data Execution Prevention

Answer 39

Distinguished Encoding Rules - most popular way to store X.509 file certificates - DER encoding certificates are supported by almost all applications - Ex: OpenSSL and keytool

Answer 40

Data Encryption Standard - Created by the NSA and IBM b/n 1972 -1977, used to be the most popular symmetric encryption algorithm in use - Part of FIPs - Used 64-bit block cypher (encrypted 64 bits of data at a time) - Used a 56-bit key, which is small so now it is easy to brute force. - No longer practically used today as a result

Answer 41

Dynamic Host Configuration Protocol - Network protocol that dynamically (automatically) assigns IP addresses to the computers or other devices on each LAN network - Can assign an IP address from within a given range - See also ARP and DNS - DHCP snooping = switch configured with a series of trusted interfaces that may have routers, switches and other DHCP servers on it, but it would have other interfaces that are not trusted, the switch is constantly monitoring the conversations

Answer 42

Diffie-Hellman Ephemeral

Answer 43

Domain Keys Identified Mail

Answer 44

Dynamic-link Library

Answer 45

Data Loss Prevention

Answer 46

Domain Message Authentication Reporting and Conformance

Answer 47

Destination Network Address Translation

Answer 48

Domain Name System - Maps the IP addresses into a human-readable name and vice versa - Ex: IP address 1234... = professormesser.com - See also ARP and DHCP

Answer 49

Domain Name System Security Extension

Answer 50

Denial of Service

Answer 51

Data Protection Officer

Answer 52

Disaster Recovery Plan

Answer 53

Digital Signature Algorithm

Answer 54

Digital Subscriber Line

Answer 55

Extensible Authentication Protocol - A framework of protocols that allows for numerous methods of authentication including passwords, digital certificates and public key infrastructure - EAP-MD5 uses simple passwords for challenge-authentication - EAP-TLS uses digital certificates for mutual authentication - EAP-TTLS uses server-side digital certificate and a client-side password for mutual authentication - EAP-FAST provides flexible authentication via secure tunneling (FAST) by using a protected access credential instead of a certificate for mutual authentication - Protected EAP - supports mutal authentication by using server certificates and Active Director to authenticate a client's passcode

Answer 56

Electronic Code Book

Answer 57

Elliptic-curve Cryptography

Answer 58

Elliptic-curve Diffie-Hellman Ephemeral

Answer 59

Elliptic-curve Digital Signature Algorithm

Answer 60

Endpoint Detection and Response

Answer 61

Encrypted File System

Answer 62

Extended Instructions Pointer - tracks the address of the current instruction running in an application - holds the address to (points to) the first byte of the next instruction to be executed

Answer 63

End of Life

Answer 64

End of Service

Answer 65

Enterprise Resource Planning

Answer 66

Encapsulation Security Payload - member of IPSec - encrypts and authenticated packed if data between computers using a VPN - one of two layers of protection for IP sec (other is AH) - ESP + Ah can operate in two modes transport (less secure) and tunnel (more secure)

Answer 67

Extended Service Set Identifier

Answer 68

File-system Access Control List

Answer 69

Full Disk Encryption

Answer 70

File Integrity Monitoring

Answer 71

Field Programmable Gate Array - A processor that can be programmed to perform a specific function by a customer rather than at the time of manufacture - End customer can configure the programming logic to run a specific application instead of using ASIC (application-specific integrated circuit) - (IoT) - considered an anti-tamper mechanism

Answer 72

False Rejection Rate

Answer 73

File Transfer Protocol

Answer 74

File Transport Protocol Secure

Answer 75

Electronic Serial Number

Answer 76

Galois/Counter Mode

Answer 77

General Data Protection Regulation

Answer 78

GNU Privacy Guard

Answer 79

Group Policy Object

Answer 80

Global Positioning System

Answer 81

Graphics Processing Unit

Answer 82

Generic Routing Encapsulation

Answer 83

High Availability

Answer 84

Hard Disk Drive

Answer 85

Host-based Intrusion Detection System

Answer 86

Host-based Intrusion Prevention System

Answer 87

Hash-based Message Authentication Code

Answer 88

HMAC based One-time Password - A password is computed from a shared secret and is synchronized between the client and server - This was the original standard - Uses a counter, that increments with each new validation - It's still used but companies like Google use TOTP

Answer 89

Hardware Security Module - An appliance for generating and storing cryptographic keys that is less susceptible to tampering and insider threats than software based storage

Answer 90

Hardware Security Module as a Service

Answer 91

Hypertext Markup Language

Answer 92

Hyper Text Transfer Protocol

Answer 93

Hyper Text Transfer Protocol Secure

Answer 94

Heating, Ventilation, Air-conditioning

Answer 95

Infrastructure as a Service

Answer 96

Identity and Access Management

Answer 97

Internet Control Message Protocol

Answer 98

Industrial Control Systems - A network that manages embedded devices - Used for electrical power stations, water suppliers, health services, telecommunications, manufacturing and defense needs

Answer 99

International Data Encryption Algorithm

Answer 100

Intermediate Distribution Frame

Answer 101

Identity Provider - a trusted third-party service for validating user identity in a federated identity system

Answer 102

Intrusion Detection System

Answer 103

Institute of Electrical and Electronics Engineers

Answer 104

Internet Key Exchange

Answer 105

Instant Messaging

Answer 106

Internet Message Access Protocol v4

Answer 107

Indicators of Compromise - A specific activity that could indicate that someone is now inside your network - Ex: Increase traffic, could be normal or could indicate data exfiltration - Ex: files that should have constant hash values, are now different (hacker is modifying trusted documents)

Answer 108

Internet of Things

Answer 109

Internet Protocol - IPv4 32-bit addressing scheme that provides over 4B possible unique addresses - commonly represented in dotted decimal format - 3 ways of transmitting data through networks: unicast, multicast (1 to few), broadcast (1 to many) - IPv6 128 bit that provides over 340 undecillion possible unique addresses (eventually this will over take IPv4 as IPv4 is currently running out.) - Commonly represented in comma separated hexadecimal - Unicast, multicast and anycast (to replace broadcast)

Answer 110

Intrusion Prevention System

Answer 111

Internet Protocol Security

Answer 112

Incident Response

Answer 113

Internet Relay Chat

Answer 114

Incident Response Plan

Answer 115

Interconnection Security Agreement - Document that regulates security-relevant aspects of an intended connection between an agency and an external system. - Supports / usually proceeded by a MOU / MOA

Answer 116

Internal Segmentation Firewall

Answer 117

International Organization for Standardization

Answer 118

Internet Service Provider

Answer 119

Information Systems Security Officer

Answer 120

IT Contingency Plan

Answer 121

Initialization Vector

Answer 122

Key Distribution Center

Answer 123

Key Encryption Key

Answer 124

Layer 2 Tunneling Protocol

Answer 125

Local Area Network

Answer 126

Lightweight Directory Access Protocol - A databased used to centralize information about clients and objects on the network - Port 389 Unecrypted - Port 636 encrypted - (Active Directory is Microsoft's version)

Answer 127

Lightweight Extensible Authentication Protocol - proprietary to Cisco based networks

Answer 128

Monitoring as a Service

Answer 129

Media Access Control - Address of a network card, the physical address (every adaptor has a different MAC address) - 46 bits long (6 bytes) - 1st section, is the OUI (manufacturer portion) 2nd section is the Serial Number - Switches interpret the MAC addresses - MAC flooding turns switch into a hub - One issue with MAC filtering, easy to circumvent, you just need a packet capturing device to see which MAC addresses are allowed to communicate and then simply spoof that address (MAC filtering attempts security through obscurity but is really not effective at all)

Answer 130

Mobile Application Management

Answer 131

Metropolitan Area Network

Answer 132

Master Boot Record

Answer 133

Message Digest 5

Answer 134

Main Distribution Frame

Answer 135

Mobile Device Management

Answer 136

Multifactor Authentication

Answer 137

Multifunction Device

Answer 138

Multifunction Printer

Answer 139

Machine Learning

Answer 140

Multimedia Message Service

Answer 141

Memorandum of Agreement

Answer 142

Memorandum of Understanding

Answer 143

Multiprotocol Label Switching

Answer 144

Measurement Systems Analysis - provides a way for a company to evaluate and assess the quality of the process used in their measurement systems. - ex six sigma - will assess the measurement itself and then be able to calculate any uncertainty that may be in place during the measurement process - Specifies generic terms to simplify negotiation of future contracts

Answer 145

Microsoft Challenge-Handshake

Answer 146

Managed Service Provider - Delivers services (like network, application, infrastructure and security) via ongoing and regular support and active administration on customers premise.

Answer 147

Managed Security Service Provider - Provides outsourced monitoring and management of security devices and systems. - Common services: managed firewall, IDS, VPN, vulnerability scanning and anti viral services. - use high availability security operation centers to provide 24/7 services designed to reduce the number of operational security personnel an enterprise needs

Answer 148

Mean Time Between Failures

Answer 149

Mean Time to Failure

Answer 150

Mean Time to Repair

Answer 151

Maximum Transmission Unit

Answer 152

Network Access Control - Method of controlling who or what gains access to a wired or wireless network - Most cases NAC uses a combination of 802.1x security and some form of posture assessment for a device attempting to log into the network - (a posture assessment considers the state of the requesting device (the device must meet a minimum set of standards before it is allowed access to the network. Ex: type of device, OS, patch level, presence of anti malware and is software up to date)

Answer 153

Network-attached Storage = A storage appliance that is placed on the network. - Specially designed to store data more efficiently than standard data methods - (Note a SAN often includes many NAS. A SAN = storage area network, which is a an actual network of devices that have the sole purpose of storing data efficiently)

Answer 154

Network Address Translation - Process of changing an IP address while it transits across a router - NAT can help hide network IPs

Answer 155

Non-disclosure Agreement

Answer 156

Near-field Communication

Answer 157

Network Function Virtualization

Answer 158

Next-generation Firewall

Answer 159

Next-generation Secure Web Gateway

Answer 160

Network Interface Card

Answer 161

Network-based Intrusion Detection System

Answer 162

Network-based Intrusion Prevention System

Answer 163

National Institute of Standards & Technology - CSF = NIST's voluntary framework outlining best practices for computer security

Answer 164

Network Operations Center

Answer 165

New Technology File System

Answer 166

New Technology LAN Manager

Answer 167

Network Time Protocol - Protocol used to synchronize computer clock times in a network. - One of the oldest parts of the TCP/IP protocol suite - ensures the reliability of the Kerberos authentication process

Answer 168

Online Certificate Status Protocol - allows the browser to check for certificate revocation

Answer 169

Object Identifier

Answer 170

Operating System

Answer 171

Open Systems Interconnection

Answer 172

Open-source Intelligence

Answer 173

Open-source Intelligence

Answer 174

Operational Technology - A communications network designed to implement an industrial control system rather than data networking - Industrial Systems prioritize availability and integrity over confidentiality - (ICS, SCADA vulnerabilities)

Answer 175

Over-The-Air

Answer 176

On-The-Go - technology enables establishing direct communication links between two USB devices (ex: mobile phone to usb port)

Answer 177

Open Vulnerability and Assessment Language

Answer 178

Open Web Application Security Project

Answer 179

Peer-to-Peer

Answer 180

Platform as a Service

Answer 181

Proxy Auto Configuration

Answer 182

Privileged Access Management

Answer 183

Pluggable Authentication Modules

Answer 184

Password Authentication Protocol - Used to provide authentication but is not considered secure since it transmits login credentials in the clear

Answer 185

Port Address Translation - Router keeps track of requests from internal hosts by assigning them random high number ports for each request

Answer 186

Password-based Key Derivation Function 2

Answer 187

Private Branch Exchange

Answer 188

Packet Capture

Answer 189

Payment Card Industry Data Security Standard

Answer 190

Power Distribution Unit

Answer 191

Portable Executable

Answer 192

Protected Extensible Authentication Protocol

Answer 193

Protected Extensible Authentication Protocol

Answer 194

Privacy Enhanced Mail

Answer 195

Perfect Forward Secrecy

Answer 196

Pretty Good Privacy

Answer 197

Personal Health Information

Answer 198

Personally Identifiable Information

Answer 199

Personal Identification Number

Answer 200

Personal Identity Verification

Answer 201

Public Key Cryptography Standards

Answer 202

Public Key Infrastructure

Answer 203

Proof of Concept

Answer 204

Post Office Protocol

Answer 205

Plain Old Telephone Service

Answer 206

Point-to-Point Protocol

Answer 207

Point-to-Point Tunneling Protocol

Answer 208

Pre-shared Key

Answer 209

Pan-Tilt-Zoom

Answer 210

Potentially Unwanted Program

Answer 211

Quality Assurance

Answer 212

Quality of Service

Answer 213

Registration Authority

Answer 214

Rapid Application Development

Answer 215

Remote Authentication Dial-in User Service - Provides centralized administration of dial-up, VPN, and wireless authentication services for 802.1x and the Extensible Authentication Protocol (EAP) - Operates at the application layer - Authentication = Port 1812 or 1645 - Authorization = Port 1813 or 1646 - Standard ports vs proprietary

Answer 216

Redundant Array of Inexpensive Disks

Answer 217

Random Access Memory

Answer 218

Remote Access Server

Answer 219

Remote Access Server

Answer 220

Rivest Cipher version 4 - A legacy symmetric encryption algorithm - Rivest Cipher 4 (Ron Rivest) - Part of the original WEP standard (no longer in use in today's wireless) - Also part of the SSL Standard (But when TLS replaced SSL, RC4 was also replaced) - One problem: Biased output - Uncommon today

Answer 221

Rich Communication Services - a technology designated as a successor to SMS and MMS

Answer 222

Request for Comments

Answer 223

Radio Frequency Identification

Answer 224

RACE Integrity Primitives | Evaluation Message Digest

Answer 225

Return on Investment

Answer 226

Recovery Point Objective - maximum tolerable point in time to which systems and data must be recovered after an outage

Answer 227

Rivest, Shamir, & Adleman

Answer 228

Remotely Triggered Black Hole

Answer 229

Recovery Time Objective - Maximum tolerable period of time required for restoring business functions after a failure or disaster

Answer 230

Real-time Operating System

Answer 231

Real-time Transport Protocol

Answer 232

Secure/Multipurpose Internet Mail Extensions

Answer 233

Software as a Service

Answer 234

Simultaneous Authentication of Equals

Answer 235

Security Assertions Markup Language

Answer 236

Supervisory Control and Data Acquisition - A type of industrial control system that manages large-scale, multiple-site devices and equipment spread over geographical region - Typically run as software on ordinary computers to gather data from and manage plant devices and equipment with embedded PLCs (Programmable Logic Controller - a type of computer designed for deployment in an industrial / outdoor setting that can automate and monitor mechanical systems)

Answer 237

Security Content Automation Protocol

Answer 238

Simple Certificate Enrollment Protocol

Answer 239

Software Development Kit

Answer 240

Software Development Life Cycle

Answer 241

Software Development Life-cycle Methodology

Answer 242

Software-defined Networking

Answer 243

Service Delivery Platform

Answer 244

Software-defined Visibility

Answer 245

Self-Encrypting Drives - Can provide whole disk encryption - The controller can automatically encrypt data that is written to it on the disk drive

Answer 246

Structured Exception Handling - Provides control over what the application should do when faced with a runtime or syntax error

Answer 247

SSH File Transfer Protocol

Answer 248

Secure Hashing Algorithm

Answer 249

Security Information and Event Management

Answer 250

Subscriber Identity Module

Answer 251

Session Initiation Protocol - Protocol used for managing real-time sessions that include voice, video, application sharing or IM services

Answer 252

Service-level Agreement - Agreement between a service provider and users defining the nature, availabilty, quality and scope of the service to be provided - Specifies performance requirements for a vendor (and penalties)

Answer 253

Single Loss Expectancy - Describes how much money we will lose if a single event occurs - ARO X SLE = ALE

Answer 254

Server Message Block

Answer 255

Secure/Multipurpose Internet Mail Extensions

Answer 256

Short Message Service

Answer 257

Simple Mail Transfer Protocol

Answer 258

Simple Mail Transfer Protocol Secure

Answer 259

Simple Network Management Protocol

Answer 260

Simple Object Access Protocol

Answer 261

Security Orchestration, Automation, Response

Answer 262

System on Chip - A processor that integrates the platform functionality of multiple logical controllers onto a single chip - They are power efficient and used with embedded systems (IoT)

Answer 263

Security Operations Center

Answer 264

Sender Policy Framework

Answer 265

Spam over Instant Messaging

Answer 266

Structured Query Language

Answer 267

SQL Injection

Answer 268

Secure Real-time Transport Protocol

Answer 269

Solid State Drive

Answer 270

Secure Shell

Answer 271

Service Set Identifier

Answer 272

Secure Sockets Layer

Answer 273

Single Sign-on - A default user profile for each user is created and linked with all of the resources needed - Compromised SSO credentials are a big security breach

Answer 274

Structured Threat Information eXpression - Standardized format for threats - Includes motivations, abilities, capabilities and response information - Part of AIS

Answer 275

Shielded Twisted Pair

Answer 276

Secure Web Gateway

Answer 277

Terminal Access Controller Access Control System - Cisco's proprietary version of RADIUS - Port 49 (TCP) - Encrypts the entire payload of the access-request packet - Primarily used for device administration - Separates authentication and authorization - part of 802.1x (along with RADIUS)

Answer 278

Trusted Automated eXchange of Intelligence Information - The trusted transportation to securely exchange STIX information

Answer 279

Transmission Control Protocol/Internet Protocol

Answer 280

Ticket Granting Ticket

Answer 281

Temporal Key Integrity Protocol

Answer 282

Transport Layer Security - Cryptographic protocol to encrypt online communications. - Uses certificates and asymmetrical cryptography to authenticate hosts and exchange security keys - Better option than SSL which functions similarly

Answer 283

Time-based One Time Password - A password is computed from a shared secret and current time

Answer 284

Trusted Platform Module - A specification for hardware based storage of digital certificates, keys, hashed passwords, and other user and platform identification information - A TPM can be managed in Windows via the tpm.msc console or group policy

Answer 285

Transaction Signature

Answer 286

Tactics, Techniques, and Procedures

Answer 287

User Acceptance Testing

Answer 288

User Datagram Protocol

Answer 289

User and Entity Behavior Analytics

Answer 290

Unified Extensible Firmware Interface - A type of system firmware providing support for a 64-bit CPU operation at boot, full GUI and mouse operation at boot and better boot security

Answer 291

Unified Endpoint Management

Answer 292

Uninterruptible Power Supply

Answer 293

Uniform Resource Identifier

Answer 294

Universal Resource Locator

Answer 295

Universal Serial Bus

Answer 296

USB On-The-Go

Answer 297

Unified Threat Management

Answer 298

Unshielded Twisted Pair

Answer 299

Visual Basic for Applications

Answer 300

Virtual Desktop Environment

Answer 301

Virtual Desktop Infrastructure

Answer 302

Virtual Local Area Network

Answer 303

Variable-length Subnet Masking

Answer 304

Virtual Machine

Answer 305

Voice over IP

Answer 306

Virtual Private Cloud

Answer 307

Virtual Private Network - Allows end users to create a tunnel over an untrusted network and connect remotely and securely back into the enterprise network - Client to Site VPN or Remote Access VPN - VPN Concentrator = Specialized hardware device that allows for hundreds of simultaneous VPN connections for remote workers

Answer 308

Video Teleconferencing

Answer 309

Web Application Firewall

Answer 310

Wireless Access Point - It's a bridge - Switch configuration that's taking traffic from the wireless network and switching it on to the Ethernet network - Very similar to a switch as a layer 2 device on a network - Some let you control the power to the WAP (which controls its range) - Different than the wireless router at home

Answer 311

Wired Equivalent Privacy

Answer 312

Wireless Intrusion Detection System

Answer 313

Wireless Intrusion Prevention System

Answer 314

Write Once Read Many

Answer 315

WiFi Protected Access

Answer 316

WiFi Protected Setup

Answer 317

Anything as a Service

Answer 318

Extensible Markup Language - Markup language similar to HTML, but without predefined tags to use - Instead you define your own tags for your needs - powerful way to store data in a format that can be stored, searched, and shared - Stores and transfers data (Whereas HTML displays data and describes the structure of a webpage), standard language which can define other computer languages

Answer 319

Exclusive OR - Compares two input bits and generates one output bit - if bits are the same, result = 0, if bits are different result = 1 - A way to make data less readable, it's a cipher

Answer 320

Cross-site Request Forgery - aka one click attack or session-riding - Takes advantage of the trust that a web browswer and web site have with each other

Answer 321

Cross-site Scripting - Occurs when an attacker embeds malicious scripting commands on a trusted website - Stored / Persistent = attempts to get data provided by the attacker to be saved on the webserver (so that anyone who visits will be infected) - Reflected = Attempts to have a non-persistent effective, it's activated by a victim clicking on a link - DOM - based = AAtemptse to xeloit the vvictim'sweb browswer