Acronyms

Question 1

802.1x

Answer 1

A port-based authentication protocol. Wireless can use 802. lx. For example, WPA2
Enterprise mode uses an 802.lx server (implemented as a RADIUS server).

Question 2

3DES

Answer 2

Triple Digital Encryption Standard. A symmetric algorithm used to encrypt data and provide
confidentiality. It is a block cipher that encrypts data in 64-bit blocks

Question 3

AAA

Answer 3

Authentication, Authorization, and Accounting. AAA protocols are used in remote access
systems.

Question 4

ACL

Answer 4

Access control list. Routers and packet-filtering firewalls perform basic filtering using an
ACL to control traffic based on networks, subnets, IP addresses, ports, and some protocols.

Question 5

AES

Answer 5

Advanced Encryption Standard. A symmetric algorithm used to encrypt data and provide
confidentiality. AES is a block cipher and it encrypts data in 128-bit blocks.

Question 6

ALE

Answer 6

Annual ( or annualized) loss expectancy. The ALE identifies the expected annual loss and is
used to measure risk with ARO and SLE in a quantitative risk assessment.

Question 7

AP

Answer 7

Access point, short for wireless access point (WAP). APs provide access to a wired network to
wireless clients.

Question 8

APT

Answer 8

Advanced persistent threat. A group that has both the capability and intent to launch
sophisticated and targeted attacks.

Question 9

ARO

Answer 9

Annual ( or annualized) rate of occurrence. The ARO identifies how many times a loss is
expected to occur in a year and it is used to measure risk with ALE and SIB in a quantitative risk
assessment.

Question 10

ARP

Answer 10

Address Resolution Protocol. Resolves 1Pv4 addresses to MAC addresses. ARP poisoning
attacks can redirect traffic through an attacker’s system by sending false MAC address updates.

Question 11

AUP

Answer 11

Acceptable use policy. An AUP defines proper system usage. It will often describe the
purpose of computer systems and networks, how users can access them, and the responsibilities of
users when accessing the systems.

Question 12

BCP

Answer 12

Business continuity plan. A plan that helps an organization predict and plan for potential
outages of critical services or functions. It includes disaster recovery elements that provide the steps
used to return critical functions to operation after an outage.

Question 13

BIA

Answer 13

Business impact analysis. The BIA identifies systems and components that are essential to the
organization’s success. It identifies various scenarios that can impact these systems and components,
maximum downtime limits, and potential losses from an incident.

Question 14

BPA

Answer 14

Business partners agreement. A written agreement that details the relationship between
business partners, including their obligations toward the partnership.

Question 15

BYOD

Answer 15

Bring your own device. A policy allowing employees to connect personally owned devices,
such as tablets and smartphones, to a company network

Question 16

CA

Answer 16

Certificate Authority. An organization that manages, issues, and signs certificates and is part of
a PK.I.

Question 17

CAPTCHA

Answer 17

Completely Automated Public Turing Test to Tell Computers and Humans Apart.
Technique used to prevent automated tools from interacting with a web site.

Question 18

CCMP

Answer 18

Counter Mode with Cipher Block Chaining Message Authentication Code Protocol. An
encryption protocol based on AES and used with WPA2 for wireless security.

Question 19

CCTV

Answer 19

Closed-circuit television This is a detective control that provides video surveillance.
Video surveillance provides reliable proof of a person’s location and activity.

Question 20

CERT

Answer 20

Computer Emergency Response Team A group of experts who respond to security incidents.

Question 21

CHAP

Answer 21

Challenge Handshake Authentication Protocol. Authentication mechanism where a server
challenges a client.

Question 22

CIRT

Answer 22

Computer Incident Response Team A group of experts who respond to security incidents.

Question 23

COOP

Answer 23

Continuity of operations planning. Continuity of operations planning (COOP) sites provide
an alternate location for operations after a critical outage.

Question 24

CRL

Answer 24

Certification revocation list. A list of certificates that a CA has revoked.

Question 25

CSR

Answer 25

Certificate signing request. A method of requesting a certificate from a CA.

Question 26

CVE

Answer 26

Common Vulnerabilities and Exposures (CVE). A dictionary of publicly known security
vulnerabilities and exposures.

Question 27

DAC

Answer 27

Discretionary access control. An access control model where all objects have owners and
owners can modify permissions for the objects (files and folders).

Question 28

DDOS

Answer 28

Distributed denial-of-service. An attack on a system launched from multiple sources
intended to make a computer’s resources or services unavailable to users.

Question 29

DEP

Answer 29

Data Execution Prevention A security feature in some operating systems. It helps prevent an
application or service from executing code from a nonexecutable memory region

Question 30

DES

Answer 30

Digital Encryption Standard. An older symmetric encryption standard used to provide
confidentiality. DES is a block cipher and it encrypts data in 64-bit blocks.

Question 31

DHCP

Answer 31

Dynamic Host Configuration Protocol. A service used to dynamically assign TCP/IP
configuration information to clients.

Question 32

DHE

Answer 32

Diffie-Hellman Ephemeral. An alternative to traditional Diffie-Hellman. Instead of using
static keys that stay the same over a long period, DHE uses ephemeral keys, which change for each
new session. Sometimes listed as EDH.

Question 33

DLP

Answer 33

Data loss prevention A network-based DLP system can examine and analyze network traffic.

Question 34

DMZ

Answer 34

Demilitarized zone. A buffer zone between the Internet and an internal network It allows
access to services while segmenting access to the internal network

Question 35

DNS

Answer 35

Domain Name System Used to resolve host names to IP addresses.

Question 36

DNSSEC

Answer 36

Domain Name System Security Extensions. A suite of specifications used to protect the
integrity of DNS records and prevent DNS poisoning attacks.

Question 37

DoS

Answer 37

Denial-of-service. An attack from a single source that attempts to disrupt the services
provided by the attacked system Compare to DDoS.

Question 38

DRP

Answer 38

Disaster recovery plan. A document designed to help a company respond to disasters, such as
hurricanes, floods, and fires.

Question 39

EAP

Answer 39

Extensible Authentication Protocol. An authentication framework that provides general
guidance for authentication methods.

Question 40

EAP-TLS

Answer 40

Extensible Authentication Protocol-Transport Layer Security. An extension of EAP sometimes used with 802.lx.

Question 41

EAP-TTLS

Answer 41

Extensible Authentication Protocol-Tunneled Transport Layer Security. An extension of
EAP sometimes used with 802. lx.

Question 42

ECC

Answer 42

Elliptic curve cryptography. An asymmetric encryption algorithm commonly used with
smaller wireless devices.

Question 43

ECDHE

Answer 43

Elliptic Curve Diffie-Hellman Ephemeral. A version of Diffie-Hellman that uses ECC to generate encryption keys. Ephemeral keys are recreated for each session

Question 44

ESP

Answer 44

Encapsulating Security Protocol. IPsec includes both AH and ESP. AH provides authentication
and integrity using HMAC.

Question 45

FACL

Answer 45

File System Access Control List. An ACL used for file systems.

Question 46

FDE

Answer 46

Full Disk Encryption Method to encrypt an entire disk

Question 47

FTP

Answer 47

File Transfer Protocol. Used to upload and download files to an FTP server.

Question 48

FTPS

Answer 48

File Transfer Protocol Secure. An extension of FTP that uses SSL to encrypt FTP traffic.

Question 49

GPO

Answer 49

Group Policy Object. Group Policy is used within Microsoft Windows to manage users and
computers.

Question 50

GPS

Answer 50

Global Positioning System GPS tracking can help locate lost mobile devices. Remote wipe,
or remote sanitize, erases all data on lost devices.

Question 51

GUI

Answer 51

Graphical user interface. Users interact with the graphical elements instead of typing in
commands from a text interface.

Question 52

HDD

Answer 52

Hard disk drive. A disk drive that has one or more platters and a spindle.

Question 53

HIDS

Answer 53

Host-based intrusion detection system An IDS used to monitor an individual server or
workstation.

Question 54

HIPS

Answer 54

Host-based intrusion prevention system An extension of a host-based IDS.

Question 55

HMAC

Answer 55

Hash-based Message Authentication Code. A hashing algorithm used to verify integrity and
authenticity of a message with the use of shared secret.

Question 56

HOTP

Answer 56

-HMAC-based One-Time Password (HOTP). An open standard used for creating one-time
passwords, similar to those used in tokens or key fobs.

Question 57

HSM

Answer 57

Hardware security module. A removable or external device that can generate, store, and
manage RSA keys used in asymmetric encryption.

Question 58

HTML

Answer 58

Hypertext Markup Language. Language used to create web pages.

Question 59

HTTP

Answer 59

Hypertext Transfer Protocol. Used for web traffic on the Internet and in intranets. HTTP uses
TCP port 80.

Question 60

HTTPS

Answer 60

Hypertext Transfer Protocol Secure. Encrypts HTTP traffic with SSL or TLS using TCP port 443

Question 61

HVAC

Answer 61

Heating, ventilation, and air conditioning. HVAC systems increase availability by regulating
airflow within data centers and server rooms.

Question 62

IaaS

Answer 62

Infrastructure as a Service. A cloud computing technology that allows an organization to rent
access to hardware.

Question 63

ICMP

Answer 63

Internet Control Message Protocol. Used for diagnostics such as ping. Many DoS attacks use
ICMP.

Question 64

IDS

Answer 64

Intrusion detection system A detective control used to detect attacks after they occur.

Question 65

IIS

Answer 65

Internet Information Services. A Microsoft Windows web server.

Question 66

IP

Answer 66

Internet Protocol. Used for addressing. See IPv4 and IPv6.

Question 67

IPS

Answer 67

Intrusion prevention system A preventive control that will stop an attack in progress.

Question 68

IPsec

Answer 68

Internet Protocol security. Used to encrypt data in transit and can operate in both Tunnel mode
and Transport mode.

Question 69

IR

Answer 69

Incident response. Process of responding to a security incident.

Question 70

ISA

Answer 70

Interconnection Security Agreement. Specifies technical and security requirements for
connections between two or more entities.

Question 71

IV

Answer 71

Initialization vector. An IV provides randomization of encryption keys to help ensure that keys
are not reused.

Question 72

KDC

Answer 72

Key Distribution Center. Also known as TGT server. Part of the Kerberos protocol used for
network authentication.

Question 73

L2TP

Answer 73

Layer 2 Tunneling Protocol. Tunneling protocol used with VPNs.

Question 74

LDAP

Answer 74

Lightweight Directory Access Protocol. Language used to communicate with directories
such as Microsoft Active Directory.

Question 75

MAC

Answer 75

Mandatory access control. Access control model that uses sensitivity labels assigned to
objects (files and folders) and subjects (users).

Question 76

MAC

Answer 76

Media access control. A 48-bit address used to identify network interface cards.

Question 77

MAC

Answer 77

Message authentication code. Method used to provide integrity for messages.

Question 78

MD5

Answer 78

Message Digest 5. A hashing function used to provide integrity.

Question 79

MITM

Answer 79

Man in the middle. A MITM attack is a form of active interception allowing an attacker to
intercept traffic and insert malicious code sent to other clients.

Question 80

MOU

Answer 80

Memorandum of understanding. Defines responsibilities of each party, but it is not as strict as
an SLA or an ISA.

Question 81

MS-CHAP

Answer 81

Microsoft Challenge Handshake Authentication Protocol. Microsoft implementation of
CHAP. MS-CHAPv2 provides mutual authentication.

Question 82

MTTR

Answer 82

Mean time to recover. Identifies the average (the arithmetic mean) time it takes to restore a
failed system

Question 83

NAC

Answer 83

Network access control. Inspects clients for health and can restrict network access to
unhealthy clients to a remediation network.

Question 84

NetBIOS

Answer 84

Network Basic Input/Output System (NetBIOS) is a name resolution service for NetBIOS
names on internal networks.

Question 85

NIDS

Answer 85

Network-based intrusion detection system A NIDS is installed on network devices, such as
routers or firewalls and monitors network traffic.

Question 86

NIPS

Answer 86

Network-based intrusion prevention system An IPS that monitors the network.

Question 87

NIST

Answer 87

National Institute of Standards and Technology. NIST is a part of the U.S. Department of
Commerce, and it includes an Information Technology Laboratory (ITL).