Acronyms + Description Flashcards

1
Q

3DES

A

Triple Digital Encryption Standard

Symmetric block cipher encrypts 64-bit blocks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A/A

A

Active/Active

A type of server load balancing where all the servers are active simultaneously. If one server fails, all others can pick up the load.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

AAA

A

Authentication, Authorization, Accounting

  1. Authentication has 2 components: Identification (Username or email address) and the authentication factor (Something you know, Something you have, Something you are, Somewhere you are or are not, Something you do)
  2. Authorization: the rights and privileges assigned to a user to be able to perform their job.
  3. Accounting or Auditing: Accounting is the process of recording system activities and resource access. Auditing is part of accounting where an administrator examines logs of what was recorded.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ABAC

A

Attribute-based Access Control:

Access control based on different attributes: group membership, OS being used, IP address, the presence of up-to-date patches and anti-malware, geographic location. Typically used in an SDN (Software Defined Network).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

ACE

A

Access Control Entry

Within an ACL, a record of subjects and the permissions they hold on the resource

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

ACI

A

Adjacent Channel Interference

If access points are physically close, then they should not share frequencies, otherwise they channels may interfere with each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

ACL

A

Access Control List:

A list of objects and what subjects can access them. For example; A user accesses a directory but only has read access to the documents inside.

Routers and firewalls both employ ACLs, either allowing or denying access to different parts of the network.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

ADS

A

Alternate Data Streams

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AEAD

A

Authenticated Encryption with Additional Data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

AES

A

Advanced Encryption Standard:

A symmetric block cipher. Three different block sizes; 128, 192, & 256 bit. Used in BitLocker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

AES256

A

Advanced Encryption Standards 256-bit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

AFF

A

Advanced Forensic Format

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

AH

A

Authentication Header:

An IPSec protocol that provides authentication as well as integrity & protection from replay attacks. Uses protocol # 51.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Authentication Header:

An IPSec protocol that provides authentication as well as integrity & protection from replay attacks. Uses protocol # 51.

A

Artificial Intelligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

AIS

A

Automated Indicator Sharing

Threat intelligence data feed operated by the DHS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ALE

A

Annual Loss Expectancy:

The amount of money an organization would lose over the course of a year. The formula is the SLE (Single Loss Expectancy) times the ARO (Annual Rate of Occurrence). SLE x ARO = ALE.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

ANN

A

Artificial Neural Network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

AP

A

Access Point:

Sometimes referred to as a WAP (Wireless Access Point). An AP is a bridge between wireless and wired networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A/P

A

Active/Passive

A type of server load balancer configuration where some of the servers are actively in use and others are on “standby” mode.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

API

A

Application Programming Interface

A software module or component that identifies inputs and outputs for an application

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

APT

A

Advanced Persistent Threat:

An attack that uses multiple attack vectors, attempt to remain hidden as to maintain a connection to compromised systems. You can normally tie this to nation-states (foreign countries)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

ARO

A

Annual Rate of Occurrence:

The number of times a year that a particular loss occurs. It is used to measure risk with ALE and SLE in a quantitative risk assessment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

ARP

A

Address Resolution Protocol:

Matches the MAC address to a known IP address. Easily spoofed, used in MITM (Man-in-the-Middle) attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

ASLR

A

Address Space Layout Randomization

(ASLR) is a memory-protection process for operating systems (OSes) that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

ASP

A

Active Server Page

Provides an application as a service over a network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

ATT&CK

A

Adversarial Tactics, Techniques,
and Common Knowledge

A knowledge base maintained by MITRE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

AUP

A

Acceptable Use Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

A-V

A

Anti-Virus

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

AV

A

Asset Value:

Asset Value is half of the formula for a one-time loss or SLE (Single Loss Expectancy). AV x EF (Exposure Factor) = SLE

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

AVT

A

Advanced Volatile Threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

BASH

A

Bourne Again Shell

Linux command line

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

BCP

A

Business Continuity Planning

Need to identify critical business systems, which systems need to be protected the most, and have resources available to help recover them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

BGP

A

Border Gateway Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

BeEF

A

Browser Exploitation Frameworks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

BIA

A

Business Impact Analysis

Identify resources that are critical to an organization’s ability to sustain operations against threats to those resources. It also assesses the possibility that each threat will occur and the impact those occurrences will have on the organization.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

BIOS

A

Basic Input/Output System

The firmware sends instructions to the hardware so the system can boot.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

BPA

A

Business Partnership Agreement

The agreement between two entities, what is expected with respect to finances, services, and security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

BPDU

A

Bridge Protocol Data Unit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

BSSID

A

Basic Service Set Identifier

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

BYOD

A

Bring Your Own Device

The model where the organization allows a user to use their personal device for business needs also covers allowing the end-user to use the company’s Internet with their personal electronic devices.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

C2

A

Command & Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

CA

A

Certificate Authority:

Sometimes referred to as PKI (Public Key Infrastructure). Issues and signs certificates, and maintains the public / private key pair.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

CAC

A

Common Access Card

Considered a smart card or digital certificate. Typically issued to military personnel and contractors that need access to DoD (Department of Defense) systems and facilities. This falls under the “Something you have” authentication factor.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

CAPTCHA

A

Completely Automated Public Turing
Test to Tell Computers and Humans
Apart

An image of text characters or audio of some speech that
is difficult for a computer to interpret

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

CAR

A

Corrective Action Report

A report to document actions taken to correct an event, incident, or outage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

CASB

A

Cloud Access Security Broker

Enterprise management software
designed to mediate access to cloud services by users across all types of devices

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

CBC

A

Cipher Block Chaining

A mode of operation for DES, which uses an IV (Initialization Vector) for the first plaintext block and then combines with the next plaintext block using XOR (Exclusive OR). There is a delay using this process. With this method, no plain-text block produces the same ciphertext.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

CBT

A

Computer-based Training

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

CCI

A

Co-Channel Interference

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

CCMP

A

Cipher Block Chaining Message
Authentication Code Protocol

Strongest wireless encryption, replaces TKIP, used with AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

CCTV

A

Closed-circuit Television

Detective Control, Deterrent Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

CE

A

Cryptographic Erase

A method of sanitizing a self-encrypting drive by erasing the media encryption key

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

CER

A

Cross-over Error Rate

A metric for biometric technologies are rated. The CER is the point where the FRR (False Rejection Rate) and FAR (False Acceptance Rate) meet. The lowest possible CER is most desirable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

CERT

A

Computer Emergency Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

CFB

A

Cipher Feedback

This AES mode of operation is the streaming cipher version of CBC. It uses an IV and chaining. The IV is first encrypted and then the result is XORed with the previous plain-text block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

CHAP

A

Challenge Handshake Authentication Protocol

An encrypted authentication protocol normally used for remote access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

CI

A

Continuous Integration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

CIA

A

Confidentiality, Integrity, Availability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

CIO

A

Chief Information Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

CIRT

A

Computer Incident Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

CIS

A

CIS

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

CISO

A

Chief Information Security Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

CMS

A

Content Management System

SaaS (Software as a Service)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

CN

A

Common Name

An X500 (LDAP) attribute
expressing a host or user name, also used as the subject identifier for a digital certificate
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

COBO

A

Corporate Owned, Business Only

Enterprise mobile device provisioning model where the device is the property of the organization and personal use is prohibited.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

COOP

A

Continuity of Operations Plan

Designing operations and systems to be as little affected by an incident and to have resources to recover from them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

COPE

A

Corporate Owned, Personally Enabled

Company owns and supplies the device. The employee may use the device for web browsing, personal email, and personal social media sites.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

CP

A

Contingency Planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

CRC

A

Cyclical Redundancy Check

Error-detecting code used to detect errors in the packet during transmission.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
70
Q

CRL

A

Certificate Revocation List

A list of certificates that were revoked before they were configured to expire

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
71
Q

CSA

A

Cloud Security Alliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
72
Q

CSF

A

Cybersecurity Framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
73
Q

CSIRT

A

Computer Security Incident Response Team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
74
Q

CSO

A

Chief Security Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
75
Q

CSP - 1

A

Cloud Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
76
Q

CSP - 2

A

Content Security Policy

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
77
Q

CSP - 3

A

Cryptographic Service Provider

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
78
Q

CSR

A

Certificate Signing Request

When a subject wants a certificate, it completes a CSR and submits it to a CA (Certificate Authority)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
79
Q

CSRF

A

Cross-Site Request Forgery

The attacker passes an HTTP request to the victim’s browser in an attempt to gain the user’s password and username. The output of the attack could include keywords such as “Buy” or “Purchase” or “Pay To”

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
80
Q

CSU

A

Channel Service Unit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
81
Q

CTF

A

Capture The Flag

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
82
Q

CTI

A

Cyber Threat Intelligence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
83
Q

CTM

A

Counter-Mode

The fastest of the modes. An encryption mode that uses a constantly changing IV also functions similarly to a stream cipher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
84
Q

CTO

A

Chief Technology Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
85
Q

CVE

A

Common Vulnerabilities and Exposures

This is a place to find out what platforms have vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
86
Q

CVSS

A

Common Vulnerability Scoring System

This scoring system lets you know the criticality / impact to the system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
87
Q

CVV

A

Card Verification Value

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
88
Q

CYOD

A

Choose Your Own Device

A mobile deployment model where the company gives the employees a list of approved mobile devices they can use on the corporate network. This helps keep the devices with more current models.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
89
Q

DAC

A

Discretionary Access Control

Access control is set by the data owner, or possibly the administrator. The permissions can be applied to a group or an individual.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
90
Q

DBA

A

Database Administrator

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
91
Q

DBMS

A

Database Management Systems

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
92
Q

dd

A

Data Duplicator

Linux command that makes a bit-by-bit copy of an input file, typically used for disk imaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
93
Q

DDoS

A

Distributed Denial of Service

Many devices attacking a single device. The devices can be PCs’ laptops, DVRs, Webcams, etc. This type of attack is carried out via a botnet, and the devices are known as drones or zombies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
94
Q

DEP

A

Data Execution Prevention

A feature that prevents malicious code from executing in memory. This feature is programmed into Windows, AMD CPU’s, & Intel CPU’s. If you were looking at a log output, you might see one of the columns as “DEP”. In the column, if it says “Yes”, good chance the malware did not execute from that area. If it says no, that might be where the attack originated.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
95
Q

DER

A

Distinguished Encoding Rules

Is used to create a binary representation of the information on the certificate. The DER-encoded binary file can be represented as ASCII characters using Base64 Privacy-enhanced Electronic Mail (PEM) encoding. File extensions .cer and .crt contain either binary DER or ASCII PEM data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
96
Q

DES

A

Digital Encryption Standard

Symmetric block cipher that encrypts in blocks of 64 bits and uses a 56-bit key. This method is deprecated and the easiest upgrade is 3DES (Triple DES). Considered weak encryption and has been deprecated

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
97
Q

DevOps

A

Development and Operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
98
Q

DevSecOps

A

Development, Security, and Operations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
99
Q

DGA

A

Domain Generation Algorithm

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
100
Q

D-H

A

Diffie-Hellman

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
101
Q

DHCP

A

Dynamic Host Configuration Protocol

A protocol that provides an automated process of assigning IP addresses. Can also issue optional parameters such as DNS address, DNS suffix, Default Gateway, and subnet mask. Uses Ports 67 & 68 UDP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
102
Q

DHE

A

Diffie-Hellman Ephemeral

A protocol for the secure exchange of encryption keys. The Ephemeral provides PFS (Perfect Forward Secrecy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
103
Q

DKIM

A

Domain Keys Identified Mail

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
104
Q

DLL

A

Dynamic Link Library

Is a binary package used to implement functionality, such as cryptography or establishing a network connection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
105
Q

DLP

A

Data Loss Prevention

A hardware or software solution that prevents a certain type of information from being exfiltrated from a device or network. Data like PII (Personally Identifiable Information), credit card numbers, Social Security numbers, data that is sensitive using keywords. USB blocking is a form of DLP. Preventing this type of information from being printed is another protection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
106
Q

DMARC

A

Domain Message Authentication Reporting and Conformance

Prevents phishing and spear phishing attacks against an organization’s email server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
107
Q

DMZ

A

Demilitarized Zone

This is where you place your public-facing web servers. DMZ’s are configured as one of the connections or legs on a firewall. Now referred to as a screened subnet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
108
Q

DN

A

Distinguished Name

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
109
Q

DNAT

A

Destination Network Address Translation

Also called “Port Forwarding”, the router accepts requests from the Internet for an application, and then sends the request to a designated host and port within the DMZ.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
110
Q

DNS

A

Domain Name Service (Server)

A service that maps / resolves host names to an IP address. Use Port 53 UDP for DNS queries, uses Port 53 TCP for Zone Transfers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
111
Q

DNSSEC

A

Domain Name System Security Extensions

A security protocol
that provides authentication of DNS data and upholds DNS data integrity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
112
Q

DOM

A

Document Object Model

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
113
Q

DoS

A

Denial of Service

Is an attack that is one to one. Anything that can keep a device or user from accessing a service or information is a denial of service. One user flooding other user’s accounts with email attachments until the email box is full, cut the network cable or power are just a few examples.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
114
Q

DPO

A

Data Privacy Officer

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
115
Q

DPP

A

Device Provisioning Protocol

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
116
Q

DRDoS

A

Distributed Reflection Denial of Service

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
117
Q

DRP

A

Disaster Recovery Plan

A step by step procedure to restore the organization to full functionality. This can be a failed web server, firewall, or some other critical component. The cause can be weather-related, man-made either intentional or accidental. Some items needed:

  1. Inventory list of hardware and software
  2. Contact info for DRP team members
  3. Contact info for employees, suppliers, vendors, customers
  4. Alternate site
  5. Backups
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
118
Q

DSA

A

Digital Signature Algorithm

Public key encryption used for digital signatures. This is an asymmetric encryption method

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
119
Q

DSL

A

Digital Subscriber Line

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
120
Q

DV

A

Domain Validation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
121
Q

EAP

A

Extensible Authentication Protocol

EAP allows different authentication methods, most of using a digital certificate on the server and/or the client

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
122
Q

EAP-FAST

A

EAP with Flexible Authentication via Secure Tunneling

Does not require certificates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
123
Q

EAP-TLS

A

Extensible Authentication Protocol-Transport Layer Security

Requires certificates on the clients and server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
124
Q

EAP-TTLS

A

EAP-Tunneled TLS

Requires certificates on the server only

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
125
Q

EAPoL

A

EAP over LAN

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
126
Q

ECB

A

Electronic Code Book

Not recommended for use, uses the same key for every packet, break one key, you have the entire message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
127
Q

ECC

A

Elliptic Curve Cryptography

Asymmetric encryption, used with wireless and mobile devices due to both have less processing power. ECC 128 is stronger than RSA 1024.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
128
Q

ECDHE

A

Elliptic Curve Diffie-Hellman Ephemeral

A secure method of exchanging shared keys using PFS (Perfect Forward Secrecy)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
129
Q

ECDSA

A

Elliptic Curve Digital Signature Algorithm

Uses ElGamal with an elliptical curve to implement a digital signature.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
130
Q

EDR

A

Endpoint Detection and Response

A software agent that collects system data and logs for analysis by a monitoring system to provide early detection of threats

131
Q

EF

A

Exposure Factor

132
Q

EFS

A

Encrypted File System

An NTFS public key encryption. On a Windows system, you have the ability to encrypt a single file or folder based on the user’s credentials.

133
Q

EIGRP

A

Enhanced Interior Gateway Routing Protocol

134
Q

EKU

A

Extended Key Usage

135
Q

EMI

A

Electromagnetic Interference

136
Q

EMM

A

Enterprise Mobility Management

137
Q

EOL

A

End of Life

When systems or applications are no longer supported by the manufacturer or developer.

138
Q

EOS

A

End of Service

139
Q

EOSL

A

End of Service Life

140
Q

EPP

A

Endpoint Protection Platform

141
Q

ERM

A

Enterprise Risk Management

142
Q

ERP

A

Enterprise Resource Planning

143
Q

ESI

A

Electronically Stored Information

144
Q

ESN

A

Electronic Serial Number

145
Q

ESP

A

Encapsulated Security Payload

An IPSec protocol that does the same as for AH (Authentication Header), but also encrypts/encapsulates the entire payload/packet. Uses protocol # 50.

146
Q

EV

A

Extended Validation

Certificate to prevent phishing attacks

147
Q

FACL

A

File System Access Control List

The file access control lists (FACLs) or simply ACLs are the list of additional user/groups and their permission to the file, on a Unix or Linux system.

148
Q

FAR

A

False Acceptance Rate

A Type II error. The ratio of when a biometric system authenticates an unauthorized user as an authorized user.

149
Q

FC

A

Fiber Channel

High speed network
communications protocol used to implement SANs

150
Q

FDE

A

Full Disk Encryption

This means that the entire contents of the drive (or volume), including system files and folders, are encrypted. Two methods are BitLocker and PGP Whole Disk Encryption. This is a software-based or an operating system encryption method. These methods are more CPU intensive processes.

151
Q

FER

A

Failure to Enroll Rate

152
Q

FIDO

A

Fast Identity Online

153
Q

FIM

A

File Integrity Monitoring

154
Q

FPGA

A

Field Programmable Gate Array

155
Q

FIPS

A

Federal Information Processing Standards

156
Q

FRR

A

False Rejection Rate

Type I error. The ratio in which a biometric system rejects an authorized user.

157
Q

FTK

A

Forensic Toolkit

158
Q

FTP

A

File Transfer Protocol

Uploads and downloads large files to and from an FTP server. FTP transmits data in plaintext. FTP active mode uses TCP port 21 for control and TCP port 20 for data transfer. FTP passive mode (PASV) also uses TCP port 21 for control signals, but it uses a random TCP port for data.

If the user can connect to the FTP but not upload or download, disable PASV (passive mode)

159
Q

FTPES

A

Explicit FTP over TLS

The client has the choice of using encryption or not for the file transfer

160
Q

FTPS

A

Secure File Transfer Protocol / FTP over SSL

Ports 989 & 990 TCP,

transfer in plain text or encrypted via “Explicit” mode, forced to use encryption is “Implicit” mode

161
Q

GCM

A

Galois Counter Mode

Provides confidentiality and authenticity of the data. This mode is used for authenticated encryption. GCM mode uses an IV (Initialization Vector) and that the IV is a nonce (number used once).

162
Q

GCMP

A

AES Galois Counter Mode Protocol

163
Q

GDPR

A

General Data Protection Regulation

Provisions and requirements
protecting the personal data of European Union (EU) citizens

164
Q

GPG

A

Gnu Privacy Guard

GPG is a free implementation of PGP (Pretty Good Privacy). GPG allows the user to encrypt and digitally sign your emails or data.

165
Q

GPO

A

Group Policy Object

Group Policy Object is a component of Group Policy (in Microsoft Active Directory) that can be used in Microsoft operating systems to control user accounts and user activity.

166
Q

GPS

A

Global Positioning System

GPS is a way of determining a device’s position (its latitude and longitude) based on information received from GPS satellites. The device must have line-of-sight to the GPS satellites. GPS provides another means of locating the device.

167
Q

GPU

A

Graphics Processing Unit

168
Q

GRE

A

Generic Routing Encapsulation

GRE is a tunneling protocol that encapsulates over an IP network. GRE uses protocol number 47. Used with PPTP and IPSec.

169
Q

HA

A

High Availability

The key premise is that systems are resilient and redundant. HA is the percentage of uptime a system is able to maintain over a period of a year. For example, 99% would equal being down 3.65 per year of 14 minutes per day. The five 9’s, 99.999%, would equal being down 5.25 minutes per year or .86 seconds per day.

170
Q

HDD

A

Hard Disk Drive

171
Q

HIDS

A

Host-Based Intrusion Detection System

172
Q

HIPS

A

Host-Based Intrusion Prevention System

173
Q

HMAC

A

Hashed Message Authentication Code

Hashing method provides integrity and authenticity of the message. Most often used with IPSec.

174
Q

HOTP

A

HMAC based One Time Password

Provides PFS (Perfect Forward Secrecy), the password uses an incrementing counter, the password is valid until used.

175
Q

HSM

A

Hardware Security Module

Provides root of trust, stores cryptographic keys, can also work as an SSL accelerator

176
Q

HSMaaS

A

Hardware Security Module as a Service

177
Q

HTML

A

Hypertext Markup Language

178
Q

HTTP

A

Hypertext Transfer Protocol

Port 80 TCP, plaintext

179
Q

HTTPS

A

Hypertext Transfer Protocol Secure

Port 443 TCP, requires certificates and TLS

180
Q

HVAC

A

Heating, Ventilation, Air Conditioning

Provides availability, important in data centers

181
Q

IaaS

A

Infrastructure as a Service

This type of service you have the most control.

182
Q

IaC

A

Infrastructure as Code

A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration

183
Q

IAM

A

Identity and Access Management

184
Q

ICMP

A

Internet Control Message Protocol

Suite containing ping, tracert, and pathping

185
Q

ICS

A

Industrial Control Systems

186
Q

IDEA

A

International Data Encryption Algorithm

Symmetric block cipher, uses XOR

187
Q

IDF

A

Intermediate Distribution Frame

188
Q

IdP

A

Identity Provider

SAML uses an Identity Provider for the authentication assertion.

189
Q

IDS

A

Intrusion Detection System

Out-of-band. If anomaly, heuristic, or behavioral-based, need to establish a baseline first. Detects attacks and sends an alert.

190
Q

IKE

A

Internet Key Exchange

191
Q

IM

A

Instant Messaging

192
Q

IMAP4

A

Internet Message Access Protocol v4

Uses Port 143 TCP, retrieves email

193
Q

IMAPS

A

Secure IMAP

Port 993

194
Q

IoC

A

Indicators of Compromise

195
Q

IoT

A

Internet of Things

IoT includes any connecting to the Internet that is not a PC, tablet, or laptop.

196
Q

IP - 1

A

Intellectual Property

197
Q

IP -2

A

Internet Protocol

198
Q

IPAM

A

IP Address Management

Software consolidating management of multiple DHCP and DNS services to provide oversight into IP address
allocation across an enterprise network

199
Q

IPFIX

A

IP Flow Information Export

200
Q

IPS

A

Intrusion Prevention System

IPS are in-band, either Signature-based or Anomaly-based.

201
Q

IPSec

A

Internet Protocol Security

IPSec is used to secure data-in-transit. Works at Layer 3 of the OSI, and has two modes: transport and tunneling. In Transport mode, only the data is encrypted, not the header. in Tunnel mode, the packet and header are encrypted.

202
Q

IR

A

Incident Response

203
Q

IRC

A

Internet Relay Chat

204
Q

IRP

A

Incident Response Plan

Specific procedures that must be performed if a certain type of event is detected or reported

205
Q

ISA

A

Interconnection Security Agreement

206
Q

ISAC

A

Information Sharing and Analysis
Center

Not-for-profit group set up to share sector-specific threat intelligence and security best practices amongst its members

207
Q

ISE

A

Instant Secure Erase

208
Q

ISFW

A

Internal Segmentation Firewall

209
Q

ISP - 3

A

Incident Service Provider

210
Q

ISSO

A

Information Systems Security Officer

211
Q

ITCP

A

IT Contingency Plan

212
Q

ITIL

A

Information Technology Infrastructure Library

213
Q

IV

A

Initialization Vector

214
Q

KDC

A

Key Distribution Center

215
Q

KEK

A

Key Encryption Key

Encrypts the MEK (Media Encryption Key), which is generated from the user’s password.

216
Q

L2TP

A

Layer 2 Tunneling Protocol

Port 1701 UDP, uses IPSec

217
Q

LAMP

A

Linux, Apache, MySQL, PHP / Perl / Python

218
Q

LAN

A

Local Area Network

219
Q

LDAP

A

Lightweight Directory Access Protocol

Port 389 TCP, plaintext

220
Q

LDAPS

A

Secure Lightweight Directory Access Protocol

Port 636 TCP, requires PKI/CA, uses TLS

221
Q

LEAP

A

Lightweight Extensible Authentication Protocol

Does not require certificates, deprecated & replaced with EAP-FAST

222
Q

MaaS

A

Monitoring as a Service

223
Q

MAC - 1

A

Mandatory Access Control

Resources (objects) and users
(subjects) are allocated a clearance level (or label), or a “need to know” basis

224
Q

MAC - 2

A

Media Access Control

225
Q

MAC - 3

A

Message Authentication Code

Proving the integrity and authenticity of a message by combining its hash with a
shared secret

226
Q

MAM

A

MAM

227
Q

MAN

A

Metropolitan Area Network

228
Q

MBR

A

Master Boot Record

229
Q

MD5

A

Message Digest 5

Hashing algorithm, 128 bit, fastest, provides an integrity check. Not recommended, prone to collisions.

230
Q

MDF

A

Main Distribution Frame

231
Q

MDM

A

Mobile Device Management

The process and supporting technologies for tracking, controlling, and securing the
organization’s mobile infrastructure

232
Q

MEF

A

Mission Essential Function

233
Q

MFA

A

Multifactor Authentication

Two or more factors from the following:

  1. Something you know
  2. Something you have
  3. Something you are
  4. Something you do
  5. Somewhere you are or are not
234
Q

MFD

A

Multifunction Device

235
Q

MFP

A

Multifunction Printer

236
Q

MitB

A

Man-in-the-Browser

237
Q

MiTM

A

Man in the Middle

238
Q

ML

A

Machine Learning

239
Q

MMS

A

Multimedia Message Service

240
Q

MOA

A

Memorandum of Agreement

241
Q

MOU

A

Memorandum of Understanding

242
Q

MPLS

A

Multiprotocol Label Switching

243
Q

MSA

A

Measurement Systems Analysis

244
Q

MS-CHAP

A

Microsoft Challenge-Handshake

Authentication Protocol

245
Q

MSP

A

Managed Service Provider

246
Q

MSSP

A

Managed Security Service Provider

247
Q

MTBF

A

Mean Time Between Failures

The system can be repaired, the reliability of the system, need a redundant/fail-over system while the system is being repaired

248
Q

MTD

A

Maximum Tolerable Downtime

249
Q

MTTF

A

Mean Time to Failure

Life expectancy of a system, cannot be repaired

250
Q

MTTR

A

Mean Time to Repair

The actual time it took to bring a system back online

251
Q

MTU

A

Maximum Transmission Unit

252
Q

NAC

A

Network Access Control

253
Q

NAS

A

Network-attached Storage

254
Q

NAT

A

Network Address Translation

Many internal IP addresses mapped to one external IP address.

255
Q

NDA

A

Non-disclosure Agreement

256
Q

NFC

A

NFC

257
Q

NFV

A

Network Function Virtualization

258
Q

NGFW

A

Next-generation Firewall

259
Q

NG-SWG

A

Next-generation Secure Web Gateway

260
Q

NIC

A

Network Interface Card

261
Q

NIDS

A

Network-based Intrusion Detection System

NIDS can also perform rogue system detection.

262
Q

NIPS

A

Network-based Intrusion Prevention System

263
Q

NIST

A

National Institute of Standards and Technology

264
Q

NOC

A

Network Operations Center

265
Q

NOS

A

Network Operating System

266
Q

NTFS

A

NTFS

267
Q

NTLM

A

New Technology LAN Manager

268
Q

NTP

A

Network Time Protocol

269
Q

OAUTH

A

Open Authorization

270
Q

OCSP

A

Online Certificate Status Protocol

271
Q

OID

A

Object Identifier

272
Q

OIDC

A

Open ID Connect

273
Q

OS

A

Operating System

274
Q

OSI

A

Open Systems Interconnection

275
Q

OSINT

A

Open Source Intelligence

276
Q

OSPF

A

Open Shortest Path First

277
Q

OT

A

Operational Technology

278
Q

OTA

A

OTG

279
Q

OVAL

A

Open Vulnerability Assessment Language

280
Q

OWASP

A

Open Web Application Security Project

281
Q

P12

A

PKCS #12

282
Q

P2P

A

Peer to Peer

283
Q

PaaS

A

Platform as a Service

284
Q

PAC

A

Proxy Auto Configuration

285
Q

PAM - 1

A

Privileged Access Management

286
Q

PAM -2

A

Pluggable Authentication Module

287
Q

PAP

A

Password Authentication Protocol

288
Q

PAT

A

Port Address Translation

289
Q

PBKDF2

A

Password Based Key Derivation Function 2

290
Q

PBX

A

Private Branch Exchange

291
Q

PCAP

A

Packet Capture

292
Q

PCI DSS

A

Payment Card Industry Data Security Standard

293
Q

PDU

A

Power Distribution Unit

294
Q

PEAP

A

Protected Extensible Authentication Protocol

295
Q

PED

A

Personal Electronic Device

296
Q

PEM

A

Privacy-enhanced Electronic Mail

297
Q

PFS

A

Perfect Forward Secrecy

298
Q

PFX

A

Personal Information Exchange

299
Q

PGP

A

Pretty Good Privacy

Asymmetric encryption for email

300
Q

PHI

A

Personal Health Information

301
Q

PII

A

Personally Identifiable Information

302
Q

PIN

A

Personal Identification Number

303
Q

PIV

A

Personal Identity Verification

304
Q

PKCS

A

Public Key Cryptography Standards

305
Q

PKI

A

Public Key Infrastructure

306
Q

PLC

A

Programmable Logic Controller

307
Q

PNAC

A

Port-based Network Access Control

308
Q

POP

A

Post Office Protocol

309
Q

POP3S

A

Secure POP

Port 995

310
Q

PoS

A

Point-of-Sale

311
Q

POTS

A

Plain Old Telephone Service

312
Q

PPP

A

Point-to-Point Protocol

313
Q

PPTP

A

Point-to-Point Tunneling Protocol

314
Q

PSK

A

Pre-Shared Key

Password or passphrase

315
Q

PtH

A

Pass the Hash

316
Q

PTZ

A

Pan-Tilt-Zoom

317
Q

PUP

A

Potentially Unwanted Program

318
Q

QA

A

Quality Assurance

319
Q

QoS

A

Quality of Servce

320
Q

RA - 1

A

Recovery Agent

321
Q

RA - 2

A

Registration Authority

322
Q

RACE

A

Research and Development in Advanced

Communications Technologies in Europe

323
Q

RAD

A

Rapid Application Development