C

Question 1

CA

Answer 1

Certificate Authority

A company, device, or organization that issues digital certificates to verify the identity of people, companies, websites, and email addresses

Question 2

CAPTCHA

Answer 2

Completely Automated Public Turing Test to Tell Computers and Humans Apart

A type of challenge-response authentication that helps differentiate between real users and automated users

Question 3

CAR

Answer 3

Corrective Action Report

A document that details the steps taken to address and fix security gaps or non-conformities

Question 4

CASB

Answer 4

Cloud Access Security Broker

A security policy enforcement point between cloud service providers and enterprise users. It implements zero-trust access control and policy enforcement for cloud environments.

Question 5

CBC

Answer 5

Cipher Block Chaining

A mode of operation for a block cipher that XORs the previous encrypted block of ciphertext to the next block of plaintext to be encrypted. The first encrypted block is an initialization vector that contains random data.

Question 6

CCMP

Answer 6

Counter Mode/CBC-MAC Protocol

An encryption protocol based on AES and uses the Counter Mode with CBC-MAC (CCM) mode of operation.

Question 7

CCTV

Answer 7

Closed-Circuit Television

A TV system in which signals are not publicly distributed, but are monitored, primarily for surveillance and security purposes.

Question 8

CERT/CIRT

Answer 8

Computer Emergency Response Team
Computer Incident Response Team

A group of IT professionals who prepare for, respond to, and recover from cybersecurity incidents

Question 9

CFB

Answer 9

Cipher Feedback

An AES mode of operation. Unlike CBC, which directly encrypts plaintext blocks, this mode encrypts the previously encrypted plaintext block, then adds this to the next plaintext block. This means that the same algorithm used to encrypt the data can be used to decrypt it.

Question 10

CHAP

Answer 10

Challenge Handshake Authentication Protocol

A secure authentication method that uses a challenge-response mechanism to verify a client’s identity to a server during an initial connection. It periodically re-authenticates the user during an online session.

Question 11

CIA

Answer 11

Confidentiality, Integrity, Availability

A cybersecurity framework that uses three principles to evaluate an organization’s security.

Question 12

CIO

Answer 12

Chief Information Officer

The individual responsible for establishing, implementing, and ensuring compliance with cybersecurity policies. They are responsible for the effectiveness of cyber protections.

Question 13

CMS

Answer 13

Content Management System

Software suites that allow users to create, manage, and publish digital content on the web. They allow site admins to easily manage the design, functionality, and operation of websites with minimal technical expertise. They store data, process transactions, and provide access to employees.

Question 14

COOP

Answer 14

Continuity of Operation Planning

A predetermined set of instructions or procedures that describe how an organization’s mission critical functions will be sustained during and after a disaster event.

Question 15

COPE

Answer 15

Corporate-Owned, Personally-Enabled

A policy that allows employees to use corporate-owned devices for both work and personal activities.

Question 16

CP

Answer 16

Contingency Plan

A course of action that helps an organization respond to a significant event or situation that may or may not happen in the future.

The same as a BCP.

Question 17

CRC

Answer 17

Cyclical Redundancy Check

A mathematical technique that detects errors in transmitted data in cybersecurity. A type of checksum algorithm.

Question 18

CRL

Answer 18

Certificate Revocation List

A list of digital certificates that have been revoked by a CA before their expiration date.

Question 19

CSO

Answer 19

Chief Security Officer

The individual responsible for managing an organization’s security, including (but not limited to) cybersecurity.

Question 20

CSP

Answer 20

Cloud Service Provider

A company that offers cloud computing services, such as storage, databases, and infrastructure.

Question 21

CSR

Answer 21

Certificate Signing Request

An encrypted message that contains information about an organization or person seeking a digital certificate

Question 22

CSRF

Answer 22

Cross-Site Request Forgery

A cyberattack that tricks a user into performing actions they don’t intend to on a trusted website.

Exploits the trust a web application has in an authenticated user.

Question 23

CSU

Answer 23

Channel Service Unit

A digital interface device that connects end user data communications equipment to digital access lines. It converts a digital data frame from the LAN into a frame appropriate to a WAN and vice versa.

Question 24

CTM

Answer 24

Counter Mode

An AES mode of operation that uses a counter function to generate a nonce value for each block’s encryption. That nonce number (the counter) gets encrypted and then XORed with the plaintext to generate ciphertext.

Question 25

CTO

Answer 25

Chief Technology Officer

The individual responsible for managing the physical and personnel technology infrastructure including technology deployment, network and system management, integration testing, and developing technical operations personnel. They are also responsible for the development of products and services.

Question 26

CVE

Answer 26

Common Vulnerability and Exposures

A standardized list of known security threats and vulnerabilities that helps security professionals share info about cyber threats. Created by MITRE.

Question 27

CVSS

Answer 27

Common Vulnerability Scoring System

A free, open industry standard that assesses the severity of security vulnerabilities in computer systems.

Question 28

CYOD

Answer 28

Choose Your Own Device

A hardware management model that allows employees to choose from a company-approved list of devices for work.