Acronyms

Question 1

AICPA

Answer 1

American Institute of Certified Public Accountants

Question 2

COBIT

Answer 2

Control Objectives for Information and Related Technologies

A control framework for governance best practices in an organization

Question 3

ISO

Answer 3

International Organization for Standardization

Question 4

SOC

Answer 4

System and Organization Controls

Question 5

SSAE

Answer 5

Statement on Standards for Attestation Engagements

Question 6

CVE

Answer 6

Common Vulnerabilities and Exposures

A naming system for describing security vulnerabilities

A Component of SCAP

Question 7

CVSS

Answer 7

Common Vulnerability Scoring System

Standardized scoring system for describing vulnerabilities

A Component of SCAP

Question 8

CCE

Answer 8

Common Configuration Enumeration

Naming system for system configuration issues

A Component of SCAP

Question 9

CPE

Answer 9

Common Platform Enumeration

A naming system for operating systems, applications, and devices

A component of SCAP

Question 10

SCAP

Answer 10

Security Content Automation Protocol

Components include CVE, CVSS, CCE, CPE, XCCDF, OVAL

Question 11

CISSP

Answer 11

Certified Information Systems Security Professional

Question 12

ISMS

Answer 12

Information Security Management System

Question 13

XCCDF

Answer 13

Extensible Configuration Checklist Format

Provides a language for specifying security checklists

Question 14

OVAL

Answer 14

Open Vulnerability and Assessment Language

Provides a language for describing security testing procedures

Question 15

port 20/21

Answer 15

FTP

Question 16

Port 22

Answer 16

ssh

Question 17

Port 23

Answer 17

telnet

Question 18

port 25

Answer 18

SMTP

Question 19

port 53

Answer 19

DNS

Question 20

port 80

Answer 20

http

Question 21

port 110

Answer 21

pop3

Question 22

port 123

Answer 22

ntp

Question 23

port 135, 137-139, 445

Answer 23

Windows file sharing

Question 24

port 443

Answer 24

https

Question 25

port 515

Answer 25

let

Question 26

port 1433

Answer 26

microsoft sql server

Question 27

port 1521

Answer 27

oracle

Question 28

port 1723

Answer 28

pptp

Question 29

port 1720

Answer 29

h.323

Question 30

port 3389

Answer 30

RDP

Question 31

port 9100

Answer 31

HP JetDirect printing

Question 32

PCI

Answer 32

Payment Card Industry

Question 33

OWASP

Answer 33

Open Web Application Security Project

Question 34

SDLC

Answer 34

Software Development Lifecycle

Question 35

SIEM

Answer 35

Security Information and Event Management

Question 36

IAM

Answer 36

Identity and Access Management

Question 37

IDS

Answer 37

Intrusion Detection System

Question 38

IPS

Answer 38

Intrusion Prevention System

Question 39

HIDS

Answer 39

Host Based Intrusion Detection System

Question 40

NIDS

Answer 40

Network Based Intrusion Detection System

Question 41

MTTR

Answer 41

Mean Time to Repair

A measure of Availability

Question 42

MTBF

Answer 42

Mean Time Between Failures

A measurement of availability and reliability

Question 43

MTTF

Answer 43

Mean Time to Failure

Measurement of Reliability for non-repairable systems

Question 44

CMMS

Answer 44

Computerized Maintenance Management System

Question 45

CORBA

Answer 45

Common Object Reference Based Architecture

An open vendor-neutral object network object broker framework

Question 46

COOP

Answer 46

Continuity Of Operations Plan

Question 47

XCCDF

Answer 47

Extensive Configuration Checklist Description Format

Provides a language for specifying security checklists

A component of SCAP

Question 48

OVAL

Answer 48

Open Vulnerability and Assessment Language

A language for describing security testing procedures

A Component of SCAP