Acronyms

Question 1

AES

Answer 1

Advanced Encryption Standard

Annual Loss Expectancy (ALE) quantifies the potential annual financial loss to an asset due to risks or threats. It is calculated using the formula:

[ \text{ALE} = \text{SLE} \times \text{ARO} ]

Where:

SLE (Single Loss Expectancy): The expected monetary loss every time a risk event occurs.
ARO (Annual Rate of Occurrence): The expected number of times a risk event will occur in a year.
Purpose:

The ALE is used by organizations to:

Assess the potential financial impact of different security threats.
Prioritize risk management efforts based on the potential financial impact.
Make informed decisions about where to allocate resources for risk mitigation.
Application:

In practice, calculating the ALE helps organizations decide whether a security control is cost-effective. If the cost of a control is less than the ALE, it might be justified; if it’s more, the control might not be considered cost-effective.

Understanding and applying these concepts is fundamental for professionals preparing for the CompTIA Security+ certification, as it demonstrates a practical approach to managing and mitigating security risks in an organization.

Question 2

3DES

Answer 2

Triple Data Encryption Standard

Question 3

AAA

Answer 3

Authentication, Authorization, and Accounting

Question 4

ABAC

Answer 4

Attribute-Based Access Control

Question 5

ACL

Answer 5

Access Control List

Question 6

AD

Answer 6

Active Directory

Question 7

AES

Answer 7

Advanced Encryption Standard

Question 8

AES256

Answer 8

Advanced Encryption Standard 256-bit

Question 9

AH

Answer 9

Authentication Header

Question 10

AI

Answer 10

Artificial Intelligence

Question 11

AIS

Answer 11

Automated Indicator Sharing

Question 12

ALE

Answer 12

Annualized Loss Expectancy -

Annual Loss Expectancy (ALE) quantifies the potential annual financial loss to an asset due to risks or threats. It is calculated using the formula:

[ \text{ALE} = \text{SLE} \times \text{ARO} ]

Where:

SLE (Single Loss Expectancy): The expected monetary loss every time a risk event occurs.
ARO (Annual Rate of Occurrence): The expected number of times a risk event will occur in a year.
Purpose:

The ALE is used by organizations to:

Assess the potential financial impact of different security threats.
Prioritize risk management efforts based on the potential financial impact.
Make informed decisions about where to allocate resources for risk mitigation.
Application:

In practice, calculating the ALE helps organizations decide whether a security control is cost-effective. If the cost of a control is less than the ALE, it might be justified; if it’s more, the control might not be considered cost-effective.

Understanding and applying these concepts is fundamental for professionals preparing for the CompTIA Security+ certification, as it demonstrates a practical approach to managing and mitigating security risks in an organization.

Question 13

AP

Answer 13

Access Point

Question 14

API

Answer 14

Application Programming Interface

Question 15

APT

Answer 15

Advanced Persistent Threat

Question 16

ARO

Answer 16

Annualized Rate of Occurrence

Question 17

ARP

Answer 17

Address Resolution Protocol

Question 18

ASLR

Answer 18

Address Space Layout Randomization

Question 19

ASP

Answer 19

Active Server Pages

Question 20

ATT&CK

Answer 20

Adversarial Tactics, Techniques, & Common Knowledge

Question 21

AUP

Answer 21

Acceptable Use Policy

Question 22

AV

Answer 22

Antivirus

Question 23

BASH

Answer 23

Bourne Again Shell

Question 24

BCP

Answer 24

Business Continuity Planning

Question 25

BGP

Answer 25

Border Gateway Protocol

Question 26

BIA

Answer 26

Business Impact Analysis

Question 27

BIOS

Answer 27

Basic Input/Output System

Question 28

BPA

Answer 28

Business Partnership Agreement

Question 29

BPDU

Answer 29

Bridge Protocol Data Unit

Question 30

BSSID

Answer 30

Basic Service Set Identifier

Question 31

BYOD

Answer 31

Bring Your Own Device

Question 32

CA

Answer 32

Certificate Authority

Question 33

CAPTCHA

Answer 33

Completely Automated Public Turing Test to Tell Computers & Humans Apart

Question 34

CAR

Answer 34

Corrective Action Report

Question 35

CASB

Answer 35

Cloud Access Security Broker

Question 36

CBC

Answer 36

Cipher Block Chaining

Question 37

CBT

Answer 37

Computer-Based Training

Question 38

CCMP

Answer 38

Counter-Mode/CBC-MAC Protocol

Question 39

CCTV

Answer 39

Closed-Circuit Television

Question 40

CERT

Answer 40

Computer Emergency Response Team

Question 41

CFB

Answer 41

Cipher Feedback

Question 42

CHAP

Answer 42

Challenge-Handshake Authentication Protocol

Question 43

CIO

Answer 43

Chief Information Officer

Question 44

CIRT

Answer 44

Computer Incident Response Team

Question 45

CIS

Answer 45

Center for Internet Security

Question 46

CMS

Answer 46

Content Management System

Question 47

COOP

Answer 47

Continuity of Operation Planning

Question 48

COPE

Answer 48

Corporate Owned Personal Enabled

Question 49

CP

Answer 49

Contigency Planning

Question 50

CRC

Answer 50

Cyclical Redundancy Check

Question 51

CRL

Answer 51

Certificate Revocation List

Question 52

CSO

Answer 52

Chief Security Officer

Question 53

CSP

Answer 53

Cloud Service Provider

Question 54

CSR

Answer 54

Certificate Signing Request

Question 55

CSRF

Answer 55

Cross-Site Request Forgery

Question 56

CSU

Answer 56

Channel Service Unit

Question 57

CTM

Answer 57

Counter-Mode

Question 58

CTO

Answer 58

Chief Technology Officer

Question 59

CVE

Answer 59

Common Vulnerabilities and Exposures

Question 60

CVSS

Answer 60

Common Vulnerability Scoring System

Question 61

CYOD

Answer 61

Choose Your Own Device

Question 62

DAC

Answer 62

Discretionary Access Control

Question 63

DBA

Answer 63

Database Administrator

Question 64

DDoS

Answer 64

Distributive Denial of Service

Question 65

DEP

Answer 65

Data Execution Prevention

Question 66

DER

Answer 66

Distinguished Encoding Rule

Question 67

DES

Answer 67

Digital Encryption Standard

Question 68

DHCP

Answer 68

Dynamic Host Configuration Protocol

Question 69

DHE

Answer 69

Diffie-Hellman Ephemeral

Question 70

DKIM

Answer 70

Domain Keys Identified Mail

Question 71

DLL

Answer 71

Dynamic Link Library

Question 72

DLP

Answer 72

Data Loss Prevention

Question 73

DMARC

Answer 73

Domain Message Authentication Reporting and Conformance

Question 74

DMZ

Answer 74

Demilitarized Zone

Question 75

DNAT

Answer 75

Destination Network Address Transaction

Question 76

DNS

Answer 76

Domain Name Service (Server)

Question 77

DNSSEC

Answer 77

Domain Name System Security Extensions

Question 78

DoS

Answer 78

Denial of Service

Question 79

DPO

Answer 79

Data Privacy Officer

Question 80

DRP

Answer 80

Disaster Recovery Plan

Question 81

DSA

Answer 81

Digital Signature Algorithm

Question 82

DSL

Answer 82

Digital Subscriber Line

Question 83

EAP

Answer 83

Extensible Authentication Protocol

Question 84

ECB

Answer 84

Electronic Code Book

Question 85

ECC

Answer 85

Elliptic Curve Cryptography

Question 86

ECDHE

Answer 86

Elliptic Curve Diffie-Hellman Ephemeral

Question 87

ECDSA

Answer 87

Elliptic Curve Digital Signature Algorithm

Question 88

EDR

Answer 88

Endpoint Detection and Response

Question 89

EFS

Answer 89

Encrypted File System

Question 90

EOL

Answer 90

End of Life

Question 91

EOS

Answer 91

End of Service

Question 92

ERP

Answer 92

Enterprise Resource Planning

Question 93

ESN

Answer 93

Electronic Serial Number

Question 94

ESP

Answer 94

Encapsulated Security Payload

Question 95

FACL

Answer 95

File System Access Control List

Question 96

FAAS

Answer 96

Function As a Service

Question 97

FDE

Answer 97

Full Disk Encryption

Question 98

FPGA

Answer 98

Field Programmable Gate Array

Question 99

FRR

Answer 99

False Rejection Rate

Question 100

FTP

Answer 100

File Transfer Protocol

Question 101

FTPS

Answer 101

Secured File Transfer Protocol

Question 102

GCM

Answer 102

Galois Counter Mode

Question 103

GDPR

Answer 103

General Data Protection Regulation

Question 104

GPG

Answer 104

Gnu Privacy Guard

Question 105

GPO

Answer 105

Group Policy Object

Question 106

GPS

Answer 106

Global Positioning System

Question 107

GPU

Answer 107

Graphics Processing Unit

Question 108

GRE

Answer 108

Generic Routing Encapsulation

Question 109

HA

Answer 109

High Availability

Question 110

HDD

Answer 110

Hard Disk Drive

Question 111

HIDS

Answer 111

Host-Based Intrusion Detection System

Question 112

HIPS

Answer 112

Host-Based Intrusion Prevention System

Question 113

HMAC

Answer 113

Hashed Message Authentication Code

Question 114

HOTP

Answer 114

HMAC based One Time Password

Question 115

HSM

Answer 115

Hardware Security Module

Question 116

HTML

Answer 116

HyperText Markup Language

Question 117

HTTP

Answer 117

Hypertext Transfer Protocol

Question 118

HTTPS

Answer 118

Hypertext Transfer Protocol over SSL/TLS

Question 119

HVAC

Answer 119

Heating, Ventilation, Air Conditioning

Question 120

IaaS

Answer 120

Infrastructure as a Service

Question 121

ICMP

Answer 121

Internet Control Message Protocol

Question 122

ICS

Answer 122

Industrial Control Systems

Question 123

IDEA

Answer 123

International Data Encryption Algorithm

Question 124

IDF

Answer 124

Intermediate Distribution Frame

Question 125

IdP

Answer 125

Identity Provider

Question 126

IDS

Answer 126

Intrusion Detection System

Question 127

IEEE

Answer 127

Institute of Electrical and Electronics Engineers

Question 128

IKE

Answer 128

Internet Key Exchange

Question 129

IM

Answer 129

Instant Messaging

Question 130

IMAP4

Answer 130

Internet Message Access Protocol v4

Question 131

IoC

Answer 131

Indicators of Compromise

Question 132

IoT

Answer 132

Internet of Things

Question 133

IP

Answer 133

Internet Protocol

Question 134

IPSec

Answer 134

Internet Protocol Security

Question 135

IR

Answer 135

Incident Response

Question 136

IRC

Answer 136

Internet Relay Chat

Question 137

IRP

Answer 137

Incident Response Plan

Question 138

ISO

Answer 138

International Organization for Standardization

Question 139

ISP

Answer 139

Internet Service Provider

Question 140

ISSO

Answer 140

Information Systems Security Officer

Question 141

ITCP

Answer 141

IT Contingency Plan

Question 142

IV

Answer 142

Initialization Vector

Question 143

KDC

Answer 143

Key Distribution Center

Question 144

KEK

Answer 144

Key Encryption Key

Question 145

L2TP

Answer 145

Layer 2 Tunneling Protocol

Question 146

LAN

Answer 146

Local Area Network

Question 147

LDAP

Answer 147

Lightweight Directory Access Protocol

Question 148

LEAP

Answer 148

Lightweight Extensible Authentication Protocol

Question 149

MaaS

Answer 149

Monitoring as a Service

Question 150

MAC

Answer 150

Mandatory Access Control

Question 151

MAC

Answer 151

Media Access Control

Question 152

MAC

Answer 152

Message Authentication Code

Question 153

MAM

Answer 153

Mobile Application Management

Question 154

MAN

Answer 154

Metropolitan Area Network

Question 155

MBR

Answer 155

Master Boot Record

Question 156

MD5

Answer 156

Message Digest 5

Question 157

MDF

Answer 157

Main Distribution Frame

Question 158

MDM

Answer 158

Mobile Device Management

Question 159

MFA

Answer 159

Multifactor Authentication

Question 160

MFD

Answer 160

Multi-Function Device

Question 161

MFP

Answer 161

Multi-Function Printer

Question 162

MITM

Answer 162

Man in the Middle

Question 163

ML

Answer 163

Machine Learning

Question 164

MMS

Answer 164

Multimedia Message Service

Question 165

MOA

Answer 165

Memorandum of Agreement

Question 166

MOU

Answer 166

Memorandum of Understanding

Question 167

MPLS

Answer 167

Multi-Protocol Label Switching

Question 168

MSA

Answer 168

Measurement Systems Analysis

Question 169

MSCHAP

Answer 169

Microsoft Challenge Handshake Authentication Protocol

Question 170

MSP

Answer 170

Managed Service Provider

Question 171

MSSP

Answer 171

Managed Security Service Provider

Question 172

MTBF

Answer 172

Mean Time Between Failures

Question 173

MTTF

Answer 173

Mean Time to Failure

Question 174

MTTR

Answer 174

Mean Time to Recover

Question 175

MTU

Answer 175

Maximum Transmission Unit

Question 176

NAC

Answer 176

Network Access Control

Question 177

NAS

Answer 177

Network Attached Storage

Question 178

NAT

Answer 178

Network Address Translation

Question 179

NDA

Answer 179

Non-Disclosure Agreement

Question 180

NFC

Answer 180

Near Field Communication

Question 181

NFV

Answer 181

Network Functions Virtualization

Question 182

NIC

Answer 182

Network Interface Card

Question 183

NIDS

Answer 183

Network Based Intrusion Detection System

Question 184

NIPS

Answer 184

Network Based Intrusion Prevention System

Question 185

NIST

Answer 185

National Institute of Standards & Technology

Question 186

NTFS

Answer 186

New Technology File System

Question 187

NTLM

Answer 187

New Technology LAN Manager

Question 188

NTP

Answer 188

Network Time Protocol

Question 189

OAUTH

Answer 189

Open Authorization

Question 190

OCSP

Answer 190

Online Certificate Status Protocol

Question 191

OID

Answer 191

Object Identifier

Question 192

OS

Answer 192

Operating System

Question 193

OSI

Answer 193

Open Systems Interconnection

Question 194

OSINT

Answer 194

Open Source Intelligence

Question 195

OSPF

Answer 195

Open Shortest Path First

Question 196

OT

Answer 196

Operational Technology

Question 197

OTA

Answer 197

Over The Air

Question 198

OTG

Answer 198

On The Go

Question 199

OVAL

Answer 199

Open Vulnerability Assessment Language

Question 200

OWASP

Answer 200

Open Web Application Security Project

Question 201

P12

Answer 201

PKCS #12

Question 202

P2P

Answer 202

Peer to Peer

Question 203

P2P

Question 204

PAC

Answer 204

Proxy Auto Configuration

Question 205

PAM

Answer 205

Privileged Access Management

Question 206

PAM

Answer 206

Pluggable Authentication Modules

Question 207

PAP

Answer 207

Password Authentication Protocol

Question 208

PAT

Answer 208

Port Address Translation

Question 209

PBKDF2

Answer 209

Password Based Key Derivation Function 2

Question 210

PBX

Answer 210

Private Branch Exchange

Question 211

PCAP

Answer 211

Packet Capture

Question 212

PCI DSS

Answer 212

Payment Card Industry Data Security Standard

Question 213

PDU

Answer 213

Power Distribution Unit

Question 214

PEAP

Answer 214

Protected Extensible Authentication Protocol

Question 215

PED

Answer 215

Personal Electronic Device

Question 216

PEM

Answer 216

Privacy Enhanced Mail

Question 217

PFS

Answer 217

Perfect Forward Secrecy

Question 218

PFX

Answer 218

Personal Information Exchange

Question 219

PGP

Answer 219

Pretty Good Privacy

Question 220

PHI

Answer 220

Personal Health Information

Question 221

PII

Answer 221

Personally Identifiable Information

Question 222

PIV

Answer 222

Personal Identity Verification

Question 223

PKCS

Answer 223

Public Key Cryptography Standards

Question 224

PKI

Answer 224

Public Key Infrastructure

Question 225

POP

Answer 225

Post Office Protocol

Question 226

POTS

Answer 226

Plain Old Telephone Service

Question 227

PPP

Answer 227

Point-to-Point Protocol

Question 228

PPTP

Answer 228

Point-to-Point Tunneling Protoco

Question 229

PSK

Answer 229

Pre-Shared Key

Question 230

PTZ

Answer 230

Pan-Tilt-Zoom

Question 231

QA

Answer 231

Quality Assurance

Question 232

QoS

Answer 232

Quality of Service

Question 233

PUP

Answer 233

Potentially Unwanted Program

Question 234

RA

Answer 234

Recovery Agent

Question 235

RA

Answer 235

Registration Authority

Question 236

RACE

Answer 236

Research and Development in Advanced Communications Technologies in Europe

Question 237

RAD

Answer 237

Rapid Application Development

Question 238

RADIUS

Answer 238

Remote Authentication Dial-in User Server

Question 239

RAID

Answer 239

Redundant Array of Inexpensive Disks

Question 240

RAM

Answer 240

Random Access Memory

Question 241

RAS

Answer 241

Remote Access Server

Question 242

RAT

Answer 242

Remote Access Trojan

Question 243

RC4

Answer 243

Rivest Cipher version 4

Question 244

RCS

Answer 244

Rich Communication Services

Question 245

RFC

Answer 245

Request for Comments

Question 246

RFID

Answer 246

Radio Frequency Identifier

Question 247

RIPEMD

Answer 247

RACE Integrity Primitives Evaluation Message Digest

Question 248

ROI

Answer 248

Return on Investment

Question 249

RPO

Answer 249

Recovery Point Objective

Question 250

RSA

Answer 250

Rivest, Shamir, & Adleman

Question 251

RTBH

Answer 251

Remote Triggered Black Hole

Question 252

RTO

Answer 252

Recovery Time Objective

Question 253

RTOS

Answer 253

Real-Time Operating System

Question 254

RTP

Answer 254

Real-Time Transport Protocol

Question 255

S/MIME

Answer 255

Secure/Multipurpose Internet Mail Extensions

Question 256

SaaS

Answer 256

Software as a Service

Question 257

SAE

Answer 257

Simultaneous Authentication of Equals

Question 258

SAML

Answer 258

Security Assertions Markup Language

Question 259

SAN

Answer 259

Storage Area Network

Question 260

SAN

Answer 260

Subject Alternative Name

Question 261

SCADA

Answer 261

System Control and Data Acquisition

Question 262

SCAP

Answer 262

Security Content Automation Protocol

Question 263

SCEP

Answer 263

Simple Certificate Enrollment Protocol

Question 264

SDK

Answer 264

Software Development Kit

Question 265

SDLC

Answer 265

Software Development Life Cycle

Question 266

SDLM

Answer 266

Software Development Life-cycle Methodology

Question 267

SDN

Answer 267

Software Defined Networking

Question 268

SDV

Answer 268

Software Defined Visibility

Question 269

SED

Answer 269

Self-Encrypting Drives

Question 270

SEH

Answer 270

Structured Exception Handler

Question 271

SFTP

Answer 271

Secured File Transfer Protocol

Question 272

SHA

Answer 272

Secure Hashing Algorithm

Question 273

SHTTP

Answer 273

Secure Hypertext Transfer Protocol

Question 274

SIEM

Answer 274

Security Information and Event Management

Question 275

SIM

Answer 275

Subscriber Identity Module

Question 276

SIP

Answer 276

Session Initiation Protocol

Question 277

SLA

Answer 277

Service Level Agreement

Question 278

SLE

Answer 278

Single Loss Expectancy

Question 279

S/MIME

Answer 279

Secure/Multipurpose Internet Mail Exchanger

Question 280

SMS

Answer 280

Short Message Service

Question 281

SMTP

Answer 281

Simple Mail Transfer Protoco

Question 282

SMTPS

Answer 282

Simple Mail Transfer Protocol Secure

Question 283

SNMP

Answer 283

Simple Network Management Protocol

Question 284

SOAP

Answer 284

Simple Object Access Protoco

Question 285

SOAR

Answer 285

Security Orchestration, Automation, Response

Question 286

SoC

Answer 286

System on Chip

Question 287

SOC

Answer 287

Security Operations Center

Question 288

SPF

Answer 288

Sender Policy Framework

Question 289

SPIM

Answer 289

Spam over Internet Messaging

Question 290

SQL

Answer 290

Structured Query Language

Question 291

SQLi

Answer 291

SQL Injection

Question 292

SRTP

Answer 292

Secure Real-Time Protocol

Question 293

SSD

Answer 293

Solid State Drive

Question 294

SSH

Answer 294

Secure Shell

Question 295

SSL

Answer 295

Secure Sockets Layer

Question 296

SSO

Answer 296

Single Sign On

Question 297

STIX

Answer 297

Structured Threat Information eXchange

Question 298

STP

Answer 298

Shielded Twisted Pair

Question 299

SWG

Answer 299

Secure Web Gateway

Question 300

TACACS+

Answer 300

Terminal Access Controller Access Control System

Question 301

TAXII

Answer 301

Trusted Automated eXchange of Indicator Information

Question 302

TCP/IP

Answer 302

Transmission Control Protocol/Internet Protocol

Question 303

TGT

Answer 303

Ticket Granting Ticket

Question 304

TKIP

Answer 304

Temporal Key Integrity Protocol

Question 305

TLS

Answer 305

Transport Layer Security

Question 306

TOTP

Answer 306

Time-based One Time Password

Question 307

TPM

Answer 307

Trusted Platform Module

Question 308

TSIG

Answer 308

Transaction Signature

Question 309

TTP

Answer 309

Tactics, Techniques, and Procedures

Question 310

UAT

Answer 310

User Acceptance Testing

Question 311

UAV

Answer 311

Unmanned Aerial Vehicle

Question 312

UDP

Answer 312

User Datagram Protocol

Question 313

UEFI

Answer 313

Unified Extensible Firmware Interface

Question 314

UEM

Answer 314

Unified Endpoint Management

Question 315

UPS

Answer 315

Uninterruptable Power Supply

Question 316

URI

Answer 316

Uniform Resource Identifier

Question 317

URL

Answer 317

Universal Resource Locator

Question 318

USB

Answer 318

Universal Serial Bus

Question 319

USB OTG

Answer 319

USB On The Go

Question 320

UTM

Answer 320

Unified Threat Management

Question 321

UTP

Answer 321

Unshielded Twisted Pair

Question 322

VBA

Answer 322

Visual Basic

Question 323

VDE

Answer 323

Virtual Desktop Environment

Question 324

VDI

Answer 324

Virtual Desktop Infrastructure

Question 325

VLAN

Answer 325

Virtual Local Area Network

Question 326

VLSM

Answer 326

Variable Length Subnet Masking

Question 327

VM

Answer 327

Virtual Machine

Question 328

VoIP

Answer 328

Voice over IP

Question 329

VPC

Answer 329

Virtual Private Cloud

Question 330

VPN

Answer 330

Virtual Private Network

Question 331

VTC

Answer 331

Video Teleconferencing

Question 332

WAF

Answer 332

Web Application Firewall

Question 333

WAP

Answer 333

Wireless Access Point

Question 334

WEP

Answer 334

Wired Equivalent Privacy

Question 335

WIDS

Answer 335

Wireless Intrusion Detection System

Question 336

WIPS

Answer 336

Wireless Intrusion Prevention System

Question 337

WORM

Answer 337

Write Once Read Many

Question 338

WPA

Answer 338

Wi-Fi Protected Access

Question 339

WPS

Answer 339

WiFi Protected Setup

Question 340

WTLS

Answer 340

Wireless TLS

Question 341

XaaS

Answer 341

Anything as a Service

Question 342

XML

Answer 342

Extensible Markup Language

Question 343

XOR

Answer 343

Exclusive Or

Question 344

XSRF

Answer 344

Cross-Site Request Forgery

Question 345

XSS

Answer 345

Cross-Site Scripting