CompTIA CySA+ CS0-003 Deck 5

Question 1

Shibboleth

Answer 1

An identity federation method that provides single sign-on capabilities and enables websites to make informed authorization decisions for access to protected online resources.

Question 2

Trust Model

Answer 2

In PKI, a description of how users and different CAs exchange information and certificates.

Question 3

(CASB)

Answer 3

Cloud Access Security Broker

Question 4

(CASB) Cloud Access Security Broker

Answer 4

Enterprise management software designed to mediate access to cloud services by users across all types of devices.

Question 5

Forward proxy

Answer 5

A server that mediates the communications between a client and another server. It can filter and often modify communications as well as provide caching services to improve performance.

Question 6

Reverse proxy

Answer 6

A type of proxy server that protects servers from direct contact with client requests.

Question 7

(DLP)

Answer 7

Data loss prevention

Question 8

(DLP) Data loss prevention

Answer 8

A software solution that detects and prevents sensitive information from being stored on unauthorized systems or transmitted over unauthorized networks.

Question 9

(PII)

Answer 9

Personally Identifiable Information

Question 10

(PII) Personally Identifiable Information

Answer 10

Data that can be used to identify or contact an individual (or, in the case of identity theft, to impersonate them).

Question 11

(PHI)

Answer 11

Protected Health Information

Question 12

(PHI) Protected Health Information

Answer 12

Data that can be used to identify an individual and includes information about past, present, or future health, as well as related payments and data used in the operation of a healthcare business.

Question 13

(PIFI)

Answer 13

Personal Identifiable Financial Information

Question 14

(PIFI) Personal Identifiable Financial Information

Answer 14

Personal information about a consumer provided to a financial institution that can include account number, credit/debit card number, name, social security number and other information.

Question 15

(CHD)

Answer 15

Cardholder data

Question 16

Cardholder data (CHD)

Answer 16

Any type of personally identifiable information (PII) associated with a person who has a payment card, such as a credit or debit card.

Question 17

(IP) Intellectual Property

Answer 17

Data that is of commercial value and can be granted rights of ownership, such as copyrights, patents, and trademarks.

Question 18

(PKI)

Answer 18

Public key infrastructure

Question 19

(PKI) Public key infrastructure

Answer 19

Framework of certificate authorities, digital certificates, software, services, and other cryptographic components deployed for the purpose of validating subject identities.

Question 20

(SSL)

Answer 20

Secure Socket Layer

Question 21

(SSL) Secure Socket Layer

Answer 21

The original, obsolete version of the security protocol now developed as TLS.

Question 22

What is the acronym for the three-digit security code typically located on the signature strip of a credit card?

Answer 22

CVV

Question 23

(SIEM)

Answer 23

Security Information and Event Management

Question 24

(SIEM) Security Information and Event Management

Answer 24

A solution that provides real-time or near-real-time analysis of security alerts generated by network hardware and applications.

Question 25

(SOAR)

Answer 25

Security Orchestration, Automation, and Response

Question 26

(SOAR) Security Orchestration, Automation, and Response

Answer 26

A class of security tools that facilitates incident response, threat hunting, and security configuration by orchestrating automated runbooks and delivering data enrichment.

Question 27

________ _______ combines and analyzes data from disparate sources to gain a greater understanding of it.

Answer 27

Data Enrichment

Question 28

Single Pane of Glass

Answer 28

A comprehensive, unified user interface that provides a comprehensive view of an IT environment and allows administrators to manage all connected components from one place. This type of interface simplifies the management of complex IT infrastructures.

Question 29

(API)

Answer 29

Application Programming Interface

Question 30

(API) Application Programming Interface

Answer 30

Methods exposed by a script or program that allow other scripts or programs to use it. For example, an API enables software developers to access functions of the TCP/IP network stack under a particular operating system.

Question 31

Webhooks

Answer 31

Automated messages sent from applications to other applications containing information about an event, such as the time it occurred, the data associated with it, and any other relevant information.

Question 32

Plugins

Answer 32

Additions that help tailor the software product to more closely match the infrastructure being managed from one organization to another.