acronyms

Question 1

AIS

Answer 1

Automated Indicator Sharing-
private and public sector cyber threat indicators and defensive measure sharing

Question 2

ALE

Answer 2

Annualized Loss Expectancy

Question 3

ARO

Answer 3

Annual Rate of Occurrence

Question 4

ALSR

Answer 4

Address Space Layout occurrence-
guards against buffer overflow by randomizing the location of executables in memory

Question 5

AUP

Answer 5

Acceptable User Policy-
document signed accepting practices and constraints for users to access corporate network

Question 6

BCP

Answer 6

Business Continuity Planning

Question 7

BGP

Answer 7

Border Gateway protocol-
protocol used by routers to exchange routing information

Question 8

BIA

Answer 8

Business Impact Analysis

Question 9

BPA

Answer 9

Business Partner Agreement

Question 10

BPDU

Answer 10

Bridge Protocol Data Unit-
data message transmitted across a local area network to detect loops in network topologies, contains info regarding ports,switches, port priority and addresses.

Question 11

CAR

Answer 11

Corrective Action Report-
official document issued when an element of a plan hasn’t been implemented properly

Question 12

CASB

Answer 12

Cloud Access Security Broker-
security policy enforcement point placed between cloud service consumers and cloud service providers

Question 13

CCMP

Answer 13

Counter Mode/Cipher Block Chaining-MAC Protocol-
encryption protocol designed for wireless products, implements IEEE 802.11

Question 14

CFB

Answer 14

Cipher Feedback-
mode of operation from a block cipher

Question 15

CHAP

Answer 15

Challenge Handshake authentication protocol-
originally used by PPP (point to point protocol) to validate users

Question 16

CIRT

Answer 16

Computer Incident Response Team

Question 17

CMS

Answer 17

Content Management System-
helps users create and manage content online without the need for technical knowledge

Question 18

COOP

Answer 18

Continuity of Operation Planning

Question 19

COPE

Answer 19

Corporate owned, personally enabled

Question 20

CP

Answer 20

Contingency Planning

Question 21

CRC

Answer 21

Cyclical Redundancy Check-
error detection code commonly used in digital networks and storage devices, checks for data corruption

Question 22

CRL

Answer 22

Certificate Revocation List

Question 23

CSP

Answer 23

Cloud Service Provider

Question 24

CSR

Answer 24

Certificate Signing request

Question 25

CSRF

Answer 25

Cross-site request forgery

Question 26

CSU

Answer 26

Channel Service Unit- hardware device that converts digital data frames from LAN to WLAN

Question 27

CTM

Answer 27

Counter Mode- counter values for cyphertext blocks

Question 28

CYOD

Answer 28

Choose Your Own device

Question 29

DAC

Answer 29

Discretionary access control- principle of restricting access to objects based on the identity of the subject

Question 30

DEP

Answer 30

Data execution prevention

Question 31

DKIM

Answer 31

Domain Keys Identified Mail- encrypted digital signature added to the header of a message

Question 32

DLL

Answer 32

Dynamic Link Library

Question 33

DLP

Answer 33

Data Loss Prevention

Question 34

DMARC

Answer 34

Domain Message Authentication Reporting and Conformance- asses email message for authenticity by using DKIM etc.

Question 35

DNAT

Answer 35

Destination Network Address Translation

Question 36

DRP

Answer 36

Disaster Recovery Plan

Question 37

DSA

Answer 37

Digital Signature Algorithm

Question 38

DSL

Answer 38

Digital Subscriber line- communication medium used to transfer internet communication through copper telecommunications lines

Question 39

EAP

Answer 39

Extensible authentication protocol- protocol for wireless networks that expands the authentication methods used by point-to-point (ppp) protocol

Question 40

ECB

Answer 40

Electronic Code Book- simple mode of operation with a block cipher mostly used with symmetric key encryption

Question 41

ECC

Answer 41

Elliptic curve cryptography

Question 42

ECDHE

Answer 42

elliptic curve diffie-hellman ephemeral

Question 43

ECDSA

Answer 43

elliptic curve digital signature algorithm

Question 44

EFS

Answer 44

encrypted file system

Question 45

ERP

Answer 45

enterprise resource planning

Question 46

ESN

Answer 46

electronic serial number

Question 47

ESP

Answer 47

encapsulated security payload

Question 48

FACL

Answer 48

file system access control list

Question 49

FDE

Answer 49

full disk encryption

Question 50

FIM

Answer 50

File integrity manager

Question 51

FPGA

Answer 51

Field Programmable Gate array- semiconductor devices based around a matrix of configurable logic blocks connected via programmable interconnects

Question 52

FRR

Answer 52

False Rejection Rate

Question 53

GCM

Answer 53

Galois counter mode

Question 54

GPG

Answer 54

GNU privacy guard- replacement for PGP encryption software suite

Question 55

GPO

Answer 55

Group Policy Object

Question 56

GRE

Answer 56

Generic routing encapsulation- encapsulates packets in order to route various protocols IP. Creates a private-point-to-point connection like a VPN.

Question 57

HA

Answer 57

High Availability

Question 58

HMAC

Answer 58

Hashed Message Authentication Code

Question 59

HOTP

Answer 59

HMAC based One Time Password

Question 60

HSM

Answer 60

Hardware Security Module

Question 61

IaaS

Answer 61

Infrastructure as a Service

Question 62

IAM

Answer 62

Identity and Access Management

Question 63

ICS

Answer 63

Industrial Control Systems

Question 64

IDEA

Answer 64

International Data Encryption Algorithm

Question 65

IDF

Answer 65

Intermediate Distribution Frame

Question 66

IKE

Answer 66

Internet Key Exchange

Question 67

IMAP

Answer 67

Internet Message Access Protocol

Question 68

IOC

Answer 68

Indicator of Compromise

Question 69

IR

Answer 69

Incident Response

Question 70

IRP

Answer 70

Incident Response Plan

Question 71

KDC

Answer 71

Key Distribution Center- System for providing keys to the users in a network

Question 72

LDAP

Answer 72

Lightweight Directory Access Protocol

Question 73

LEAP

Answer 73

Lightweight Extensible Authentication Protocol

Question 74

MOA

Answer 74

Memorandum of Agreement- legal document describing a business partnership between two parties cooperating

Question 75

MOU

Answer 75

Memorandum of Understanding- nonbinding agreement that states each parties intentions

Question 76

MPLS

Answer 76

Multi-Protocol Label Switching- networking technology that routes traffic using the shortest path based on labels, rather than network addresses

Question 77

MSA

Answer 77

Master Service Agreement- contract outlining the scope of the relationship between two parties including terms and conditions, responsibilities etc.

Question 78

MSCHAP

Answer 78

Microsoft Challenge Handshake Authentication Protocol

Question 79

MTBF

Answer 79

Mean Time Between Failures

Question 80

MTTF

Answer 80

Mean Time To Failure

Question 81

MTTR

Answer 81

Mean Time to Recover

Question 82

MTU

Answer 82

Maximum transmission unit- measure representing the largest data packet that a network connected device will accept

Question 83

NAC

Answer 83

Network Access Control- system that can deny access to network for non-compliant devices, place them in quarantined area or give them restricted access

Question 84

NIDS

Answer 84

Network Based Intrusion Detection System

Question 85

NTFS

Answer 85

New Technology File system- provides virtual space to organize and store files. It also notes file positions in folders, creation dates, and provides encryption

Question 86

NTLM

Answer 86

New Technology Lan Manager- automated challenge response authentication protocol, form of SSD

Question 87

OCSP

Answer 87

Online Certificate Status Protocol- alternate to the certificate revocation list and is used to check whether a digital certificate is valid

Question 88

OSPF

Answer 88

Open Shortest Path First- routing protocol, gathers link state information from available routers and constructs a topology map of the network

Question 89

OVAL

Answer 89

Open Vulnerability Assessment Language- language used to encode system details. Community standard

Question 90

PAC

Answer 90

Proxy Auto Configuration- text file that instructs a browser to forward traffic to proxy server

Question 91

PAM

Answer 91

Privileged access Management

Question 92

PAP

Answer 92

Password Authentication Protocol

Question 93

PAT

Answer 93

Port Address Translation- type of NAT that maps a networks private internal IP to a single public IP

Question 94

PBKDF2

Answer 94

Password-based key derivation function

Question 95

PBX

Answer 95

private branch exchange

Question 96

PCAP

Answer 96

packet capture

Question 97

PCIDSS

Answer 97

Payment Card Industry Data Security Standard

Question 98

PDU

Answer 98

Power Distribution Unit- manage and distribute electricity

Question 99

PEAP

Answer 99

Protected Extensible Authentication Protocol- security protocol used to protect wireless networks

Question 100

PEM

Answer 100

Privacy Enhanced mail

Question 101

PFS

Answer 101

Perfect Forward Secrecy

Question 102

PIV

Answer 102

Personal Identity Verification

Question 103

PKCS

Answer 103

Public Key Cryptography Standards

Question 104

PKI

Answer 104

Public Key Infrastructure

Question 105

POP

Answer 105

Post Office Protocol

Question 106

PPP

Answer 106

Point-to-point Protocol- a data link layer communication protocol between two routers directly without any host or any other networking

Question 107

PPTP

Answer 107

Point-to-Point Tunneling Protocol- secure transfer, creates VPN

Question 108

PSK

Answer 108

Preshared key

Question 109

PUP

Answer 109

Potentially Unwanted Program

Question 110

RA

Answer 110

Recovery Agent

Question 111

RA

Answer 111

Registration Authority

Question 112

RACE

Answer 112

Research and Development in Advanced Communication technologies in eruope

Question 113

RAD

Answer 113

Rapid Application Development

Question 114

RADIUS

Answer 114

Remote Authentication Dial-in User Service

Question 115

RAS

Answer 115

Remote Access Server

Question 116

RAT

Answer 116

Remote Access Trojan

Question 117

RBAC

Answer 117

Role Based Access Control/Rule Based Access Control

Question 118

RC4

Answer 118

Rivest Cipher Version 4

Question 119

RDP

Answer 119

Remote Desktop Protocol

Question 120

ROI

Answer 120

Return on Investment

Question 121

RPO

Answer 121

Recovery Point Objective

Question 122

RTBH

Answer 122

Remotely Triggered Black Hole- blocks undesirable data traffic at the edge of a network (based on src or dst ip addr)

Question 123

RTO

Answer 123

Recovery Time Objective- maximum amount of time acceptable for restoring a network or application and regaining access to data

Question 124

RTOS

Answer 124

Real Time Operating System- for critical systems, designed so that a scheduler in the os can meet specific deadlines for different tasks

Question 125

RTP

Answer 125

Real-Time Transport Protocol- designed for transmitting audio or video data that is optimized for consistent delivery of live data

Question 126

S/MIME

Answer 126

Secure/Multipurpose internet mail extensions- encrypts emails, digitally signs your emails

Question 127

SAE

Answer 127

Simultaneous Authentication of Equals- Key exchange protocol, establishes a shared secret. Primarily used for securing the key exchange process in WIFI networks

Question 128

SAML

Answer 128

Security Assertions Markup Language- Standardized way to tell external applications and devices that user is who they say they are. Makes SSO possible

Question 129

SAN

Answer 129

Storage Area Network

Question 130

SCADA

Answer 130

Supervisory Control And Data Acquisition- systems used for controlling, monitoring industrial devices

Question 131

SCAP

Answer 131

Security Control Automation Protocol- method for using specific standards to enable automated vulnerability management policy compliance evaluation etc

Question 132

SCEP

Answer 132

Simple Certificate Enrollment Protocol- Protocol used to make digital certificate issuance at large organizations easier

Question 133

SD-WAN

Answer 133

Software Defined Wide Area Network

Question 134

SDLC

Answer 134

Software Development Life Cycle

Question 135

SDLM

Answer 135

Software Development Lifecycle methodology

Question 136

SDN

Answer 136

Software Defined Networking

Question 137

SED

Answer 137

Self Encrypting Drives

Question 138

SEM

Answer 138

structured exception handler

Question 139

SLA

Answer 139

Service-Level agreement- outlines a commitment between a service provider and a client

Question 140

SLE

Answer 140

Single Loss Expectancy- monetary value expected from the occurrence of a risk on an asset

Question 141

SNMP

Answer 141

Simple Network Management Protocol

Question 142

SOAP

Answer 142

Simple Object Access Protocol- intermediate language for applications that have different programming languages. Lightweight protocol used to create web APIS

Question 143

SOAR

Answer 143

Security Orchestration Automation Response- stack of software that collect data about cyber threats and respond to security events with little or no human assistance

Question 144

SOW

Answer 144

Statement of Work- document that outlines the scope, timeline and cost of a project between two parties

Question 145

SPF

Answer 145

Sender Policy Framework- email authentication method that helps to identify the email servers that are allowed to send email to a given domain

Question 146

SRTP

Answer 146

Secure Real Time Protocol

Question 147

STIX

Answer 147

Structured Threat Information Exchange- XML programming language used for conveying data about cyber threats in a way that can be easily understood

Question 148

SWG

Answer 148

Secure Web Gateway- URL filtering, filters web and internet traffic on application layer

Question 149

TACAS+

Answer 149

Terminal Access Control Access Control System- improved version of TACAS protocol, used for authentication, authorization and accounting

Question 150

TAXII

Answer 150

Trusted Automated Exchange of Indicator information- format through which threat intelligence data is transmitted, supports transferring STIX

Question 151

TGT

Answer 151

Ticket Granting Ticket- user authentication software used to request access tokens from the Ticket Granting Service (TGS) for specific resources

Question 152

TKIP

Answer 152

Temporary key integrity protocol- used in wireless to provide more secure encryption

Question 153

TOC

Answer 153

Time of Check

Question 154

TOTP

Answer 154

Time Based One Time Password

Question 155

TOU

Answer 155

Time of Use

Question 156

TTP

Answer 156

Tactics, Techniques and Proceedures

Question 157

TSIG

Answer 157

Transaction Signature- primarily used to enable DNS to authenticate updates to a DNS database

Question 158

UAT

Answer 158

User Acceptance Testing- final stage of software development lifecycle before the software goes live

Question 159

UEM

Answer 159

Unified End Point Management- approach to control and securing desktops, laptops, smartphones and tablets in a connected, cohesive manner from a single console

Question 160

UPS

Answer 160

Uninterruptible Power Supply

Question 161

UTM

Answer 161

Unified Threat Management

Question 162

UTP

Answer 162

Unshielded Twisted Pair- type of copper cable widely used for networking

Question 163

VDI

Answer 163

Virtual Desktop Infrastructure

Question 164

VLSM

Answer 164

Variable Length Subnet Masking

Question 165

VPC

Answer 165

Virtual Private Cloud

Question 166

VTC

Answer 166

Video Teleconferencing

Question 167

WAF

Answer 167

Web Application Firewall

Question 168

WAP

Answer 168

Wireless Access Point

Question 169

WEP

Answer 169

Wired Equivalent Privacy

Question 170

WIDS

Answer 170

Wireless Intrusion Detection System

Question 171

WIPS

Answer 171

Wireless Intrusion Prevention System

Question 172

WO

Answer 172

Work Order- document that provides all the information about a maintenance task and outlines a process for completing that task

Question 173

WPA

Answer 173

Wifi Protected Access

Question 174

WPS

Answer 174

Wifi Protected Setup

Question 175

WTLS

Answer 175

Wireless TLS

Question 176

XDR

Answer 176

Extended Detection and Response- unified security incident platform that uses AI and automation

Question 177

XSRF

Answer 177

Cross-site request forgery

Question 178

XSS

Answer 178

Cross-site Scripting