CompTIA Sec+ SY0-701 Acronyms V1

Question 1

AAA

Answer 1

Authentication, Authorization, and
Accounting

Definition: AAA is a framework for controlling access to computer resources. Authentication verifies the identity of users, authorization determines what actions users are allowed to perform, and accounting tracks user activity.

Scenario: In a corporate network, a user attempts to access a sensitive database. AAA processes verify the user’s credentials (authentication), checks if the user has permission to access the database (authorization), and logs the user’s activity (accounting).

Question 2

ACL

Answer 2

Access Control List

Definition: An ACL is a list of rules that defines permissions or restrictions for access to resources.

Scenario: A network administrator configures an ACL on a router to specify which IP addresses are allowed to access a particular server. The ACL denies access to unauthorized IP addresses while permitting access to authorized ones.

Question 3

AES

Answer 3

Advanced Encryption Standard

Definition: AES is a widely used encryption algorithm that secures sensitive data by transforming it into ciphertext.

Scenario: An organization encrypts its confidential files using AES before transmitting them over the internet. This ensures that even if the data is intercepted, it remains secure and unreadable without the decryption key.

Question 4

AES-256

Answer 4

Advanced Encryption Standards 256-bit

Definition: AES-256 is a specific implementation of the Advanced Encryption Standard with a key length of 256 bits, providing a high level of security.

Scenario: A government agency encrypts classified documents using AES-256 to protect them from unauthorized access. The longer key length enhances the security of the encryption, making it more difficult to decrypt without the correct key.

Question 5

AH

Answer 5

Authentication Header

Definition: AH is a protocol used in IPsec to provide data integrity and authentication for IP packets.

Scenario: A company establishes a VPN connection between two branch offices. AH is used to ensure that packets exchanged between the offices are not altered or tampered with during transit, providing data integrity and authentication.

Question 6

AI

Answer 6

Artificial Intelligence

Definition: AI refers to computer systems that can perform tasks that typically require human intelligence, such as learning, problem-solving, and decision-making.

Scenario: A cybersecurity firm employs AI-powered algorithms to analyze network traffic and detect abnormal patterns indicative of potential cyber threats. The AI system helps identify and respond to security incidents in real-time, enhancing the organization’s overall security posture.

Question 7

AIS

Answer 7

Automated Indicator Sharing

Definition: AIS is a system that facilitates the sharing of cybersecurity threat indicators and intelligence among organizations and government agencies.

Scenario: Multiple financial institutions participate in an AIS program to exchange information about recent cyber attacks and malware campaigns targeting the banking sector. By sharing threat indicators and tactics, these institutions can better defend against common adversaries.

Question 8

ALE

Answer 8

Annualized Loss Expectancy

Definition: ALE is a risk management metric that calculates the expected financial loss from a security incident over a one-year period.

Scenario: A company assesses the potential impact of a data breach and calculates the ALE based on factors such as the probability of occurrence, the estimated cost of recovery, and the value of the assets at risk. The ALE helps the company prioritize security investments and allocate resources effectively.

Question 9

AP

Answer 9

Access Point

Definition: An AP is a networking hardware device that allows wireless devices to connect to a wired network using Wi-Fi.

Scenario: A coffee shop installs multiple access points throughout its premises to provide customers with Wi-Fi access. Each access point serves as a gateway for users to connect their laptops, smartphones, and other devices to the internet wirelessly.

Question 10

API

Answer 10

Application Programming Interface

Definition: An API is a set of rules and protocols that allows different software applications to communicate and interact with each other.

Scenario: A social media platform provides an API that allows third-party developers to integrate features such as user authentication, posting updates, and retrieving user data into their own applications. Developers leverage the API to build new functionalities and enhance the user experience of their applications.

Question 11

APT

Answer 11

Advanced Persistent Threat

Definition: APT refers to a prolonged and targeted cyber attack in which an unauthorized user gains access to a network and remains undetected for an extended period. APT attackers often use sophisticated techniques to infiltrate systems and extract sensitive information.

Scenario: A nation-state-sponsored group launches an APT campaign targeting a government agency. The attackers use advanced malware and social engineering tactics to compromise employee credentials and gain access to classified information over several months without detection.

Question 12

ARO

Answer 12

Annualized Rate of Occurrence

Definition: ARO is a risk management metric that estimates the frequency with which a specific threat or event is expected to occur within a given timeframe, typically one year.

Scenario: A financial institution calculates the ARO for a potential data breach resulting from phishing attacks targeting its employees. Based on historical data and threat intelligence, the institution determines that the ARO for such incidents is approximately four times per year, allowing it to assess the likelihood and potential impact of future breaches.

Question 13

ARP

Answer 13

Address Resolution Protocol

Definition: ARP is a communication protocol used to map IP addresses to physical MAC addresses within a local area network (LAN).

Scenario: When a device on a LAN needs to communicate with another device, it sends an ARP request to obtain the MAC address corresponding to the destination IP address. The ARP protocol facilitates the resolution of IP addresses to MAC addresses, enabling devices to communicate effectively within the network.

Question 14

ASLR

Answer 14

Address Space Layout Randomization

Definition: ASLR is a security technique that randomizes the memory layout of software processes to mitigate the risk of memory-based attacks, such as buffer overflows and code injection.

Scenario: An operating system incorporates ASLR as a defense mechanism against exploit attempts by malicious actors. By randomizing the memory addresses of executable code and libraries, ASLR makes it difficult for attackers to predict the location of vulnerable functions and execute successful attacks.

Question 15

ATT&CK

Answer 15

Adversarial Tactics, Techniques, and
Common Knowledge

Definition: ATT&CK is a knowledge base maintained by MITRE that documents common tactics, techniques, and procedures (TTPs) used by cyber adversaries during various stages of the cyber kill chain.

Scenario: A cybersecurity analyst references the ATT&CK framework to analyze recent cyber attacks targeting organizations in the healthcare sector. By correlating observed TTPs with entries in the ATT&CK matrix, the analyst gains insights into the behavior and strategies of threat actors, informing defensive measures and incident response strategies.

Question 16

AUP

Answer 16

Acceptable Use Policy

Definition: AUP is a set of rules and guidelines established by an organization to define acceptable behaviors and practices regarding the use of its information technology resources.

Scenario: A company implements an AUP to govern the use of corporate email accounts and internet access by employees. The policy outlines prohibited activities, such as accessing inappropriate websites or sending unsolicited emails, and specifies disciplinary measures for violations.

Question 17

AV

Answer 17

Antivirus

Definition: AV refers to software designed to detect, prevent, and remove malicious software (malware) from computer systems.

Scenario: A user installs antivirus software on their personal computer to protect against viruses, worms, Trojans, and other forms of malware. The antivirus program scans files, emails, and web downloads for suspicious patterns and behavior, quarantining or deleting identified threats to safeguard the system.

Question 18

BASH

Answer 18

Bourne Again Shell

Definition: BASH is a command-line shell and scripting language commonly used in Unix-based operating systems, including Linux.

Scenario: A system administrator writes BASH scripts to automate routine tasks, such as file management, system monitoring, and software installation, on a Linux server. BASH provides powerful scripting capabilities, allowing administrators to streamline workflows and maintain system efficiency.

Question 19

BCP

Answer 19

Business Continuity Planning

Definition: BCP is a proactive process that organizations undertake to ensure the resilience of critical business functions and minimize the impact of disruptions or disasters.

Scenario: A financial services firm develops a comprehensive BCP framework to prepare for potential disruptions, such as natural disasters, cyber attacks, or infrastructure failures. The BCP includes risk assessments, continuity strategies, recovery plans, and regular testing to maintain operational resilience and protect against business interruptions.

Question 20

BGP

Answer 20

Border Gateway Protocol

Definition: BGP is a standardized exterior gateway protocol used to facilitate the exchange of routing information between autonomous systems (ASes) on the internet.

Scenario: Internet service providers (ISPs) use BGP to establish and maintain routing tables that guide the forwarding of data packets across the global internet infrastructure. BGP enables dynamic routing updates and route optimization, ensuring efficient and reliable data transmission between networks.

Question 21

BIA

Answer 21

Business Impact Analysis

Definition: BIA is a process used to identify and assess the potential impacts of disruptions to business operations, including financial losses, operational downtime, and reputational damage.

Scenario: A manufacturing company conducts a BIA to evaluate the consequences of equipment failures, supply chain disruptions, and natural disasters on its production capabilities. By analyzing critical business processes and dependencies, the company identifies mitigation strategies and recovery priorities to minimize the impact of disruptions on its operations.

Question 22

BIOS

Answer 22

Basic Input/Output System

Definition: BIOS is firmware embedded in computer hardware that initializes hardware components and provides basic input/output services during the boot process.

Scenario: When a user turns on a computer, the BIOS conducts a series of hardware tests and initializes system components, such as the CPU, memory, and storage devices. The BIOS then loads the operating system from the boot device, enabling the computer to start up and execute user applications.

Question 23

BPA

Answer 23

Business Partners Agreement

Definition: BPA is a contractual agreement between business partners that defines the terms, conditions, and expectations governing their collaborative relationship.

Scenario: Two companies enter into a BPA to formalize their partnership for joint product development and marketing initiatives. The agreement outlines each party’s responsibilities, intellectual property rights, revenue-sharing arrangements, and dispute resolution mechanisms, fostering transparency and mutual trust in the partnership.

Question 24

BPDU

Answer 24

Bridge Protocol Data Unit

Definition: BPDU is a data frame used in spanning tree protocol (STP) to exchange information between network switches and prevent network loops.

Scenario: In a switched network topology, network switches exchange BPDUs to elect a root bridge and calculate the most efficient spanning tree topology. BPDUs contain information about switch priorities, port costs, and topology changes, enabling switches to dynamically adapt to network topology changes and prevent broadcast storms.

Question 25

BYOD

Answer 25

Bring Your Own Device

Definition: BYOD refers to a policy that allows employees to use their personal mobile devices, such as smartphones, tablets, and laptops, to access corporate networks and resources.

Scenario: A company implements a BYOD policy to accommodate employee preferences for using personal devices for work-related tasks. Employees enroll their devices in the company’s mobile device management (MDM) system, which applies security policies, such as device encryption, remote wipe, and application whitelisting, to protect corporate data and enforce compliance with security standards.

Question 26

CA

Answer 26

Certificate Authority

Definition: CA is a trusted entity that issues digital certificates used to verify the identity of users, devices, and organizations in public key infrastructure (PKI) systems.

Scenario: A CA issues SSL/TLS certificates to website operators to authenticate their identities and encrypt data transmitted between web browsers and servers. The CA’s digital signature on the certificate ensures the integrity and authenticity of the website, providing users with confidence in the security of their online interactions.

Question 27

CAPTCHA

Answer 27

Completely Automated Public Turing Test to Tell Computers and Humans Apart

Definition: CAPTCHA is a challenge-response test designed to distinguish between human users and automated bots by requiring users to complete a task that is easy for humans but difficult for computers.

Scenario: When creating an online account or submitting a web form, users may encounter a CAPTCHA prompt asking them to identify distorted characters, select images containing specific objects, or solve simple puzzles. CAPTCHA helps prevent automated bots from abusing online services, such as spamming forums, creating fake accounts, or conducting credential stuffing attacks.

Question 28

CASB

Answer 28

Cloud Access Security Broker

Definition: CASB is a security tool or service that monitors and controls access to cloud applications and data hosted on cloud platforms, ensuring compliance with security policies and protecting against cloud-related threats.

Scenario: An organization deploys a CASB solution to enforce data loss prevention (DLP) policies, encryption standards, and access controls for cloud-based collaboration tools, such as Microsoft 365 and Google Workspace. The CASB provides visibility into user activities, detects unauthorized access attempts, and enables centralized management of cloud security policies across multiple SaaS applications.

Question 28

CAR

Answer 28

Corrective Action Report

Definition: CAR is a document that describes non-conformities, deficiencies, or deviations identified during quality audits, inspections, or incident investigations, along with proposed corrective actions to address them.

Scenario: Following a security breach, a cybersecurity incident response team conducts a post-incident review and generates a CAR detailing the root causes, vulnerabilities exploited, and lessons learned from the incident. The CAR includes recommendations for implementing security controls, improving incident response procedures, and mitigating future risks to prevent similar incidents from occurring.

Question 29

CCMP

Answer 29

Counter Mode/CBC-MAC Protocol

Definition: CCMP is an encryption protocol used in Wi-Fi networks that combines the Counter Mode (CCM) for data confidentiality and the Cipher Block Chaining Message Authentication Code (CBC-MAC) for data integrity and authentication.

Scenario: A wireless access point (AP) employs CCMP encryption to secure communications between Wi-Fi clients and the network infrastructure. CCMP encrypts data frames transmitted over the air and computes message authentication codes (MACs) to detect tampering or unauthorized modifications, ensuring the confidentiality and integrity of wireless transmissions.

Question 29

CBC

Answer 29

Cipher Block Chaining

Definition: CBC is a mode of operation for block ciphers that adds a feedback mechanism, where each ciphertext block depends on the previous block, to enhance encryption security and mitigate against certain cryptographic attacks.

Scenario: A software application encrypts sensitive data using the AES encryption algorithm in CBC mode before storing it in a database or transmitting it over a network. CBC ensures that identical plaintext blocks produce different ciphertext blocks, preventing attackers from exploiting patterns in the encrypted data to deduce information about the plaintext.

Question 30

CCTV

Answer 30

Closed-circuit Television

Definition: CCTV is a surveillance system comprising video cameras, monitors, and recording devices used to monitor and record activities in specific areas or premises.

Scenario: A retail store installs CCTV cameras throughout its premises to deter theft, monitor customer behavior, and enhance security. The cameras capture live video footage of entrances, aisles, and checkout counters, allowing security personnel to observe activities in real-time and review recorded footage for investigative purposes.

Question 31

CERT

Answer 31

Computer Emergency Response Team

Definition: CERT is an organization or group of experts responsible for coordinating responses to cybersecurity incidents, providing incident analysis, vulnerability assessments, and mitigation strategies to affected entities.

Scenario: A government-sponsored CERT receives reports of a widespread ransomware attack affecting critical infrastructure sectors, including energy, transportation, and healthcare. The CERT coordinates with public and private sector stakeholders to analyze the ransomware samples, develop decryption tools, and disseminate threat intelligence to help organizations recover from the attack and prevent future compromises.

Question 32

CFB

Answer 32

Cipher Feedback

Definition: CFB is a mode of operation for block ciphers that enables the encryption of plaintext data of arbitrary length, providing confidentiality and data integrity.

Scenario: A software application implements CFB mode to encrypt streaming data, such as real-time video feeds or network traffic, using the AES encryption algorithm. CFB allows the application to process data in smaller blocks and encrypt or decrypt each block independently, minimizing latency and ensuring secure transmission of sensitive information.

Question 33

CHAP

Answer 33

Challenge Handshake Authentication
Protocol

Definition: CHAP is a network authentication protocol used to establish a secure connection between a client and a server by verifying the identity of the client through a challenge-response mechanism.

Scenario: When a remote user attempts to establish a dial-up or VPN connection to a network server, the server initiates a CHAP authentication process by sending a challenge message to the client. The client responds with a hashed value derived from a shared secret and the challenge, which the server verifies to authenticate the client’s identity and grant access to network resources.

Question 34

CIA

Answer 34

Confidentiality, Integrity, Availability

Definition: CIA is a triad of principles that form the foundation of information security, emphasizing the protection of data assets against unauthorized access, unauthorized modification, and service disruptions.

Scenario: An organization implements security controls and measures to uphold the principles of CIA across its information systems and networks. Confidentiality mechanisms, such as encryption and access controls, safeguard sensitive data from unauthorized disclosure. Integrity checks, such as digital signatures and checksums, verify the accuracy and consistency of data. Availability strategies, such as redundancy and disaster recovery, ensure uninterrupted access to critical resources and services.

Question 35

CIO

Answer 35

Chief Information Officer

Definition: CIO is a senior executive responsible for overseeing an organization’s information technology strategy, governance, and operations in alignment with its business objectives.

Scenario: A CIO collaborates with other members of the executive team to develop and execute technology initiatives that drive innovation, enhance operational efficiency, and support business growth. The CIO evaluates emerging technologies, manages IT investments, and fosters a culture of digital transformation to maintain the organization’s competitive edge in the marketplace.

Question 36

CIRT

Answer 36

Computer Incident Response Team

Definition: CIRT is a dedicated team of cybersecurity professionals tasked with detecting, analyzing, and responding to security incidents and breaches within an organization.

Scenario: A large financial institution establishes a CIRT comprising incident responders, forensic analysts, and threat intelligence experts to monitor its networks and systems for signs of unauthorized access or malicious activity. The CIRT operates a 24/7 security operations center (SOC) to triage alerts, investigate incidents, and coordinate incident response efforts to minimize the impact of security breaches and restore normal operations.

Question 37

CMS

Answer 37

Content Management System

Definition: CMS is a software application or platform that enables users to create, manage, and publish digital content, such as web pages, documents, and multimedia files, without requiring specialized technical expertise.

Scenario: An online publishing company adopts a CMS to streamline content creation, editing, and publishing workflows for its team of writers, editors, and web developers. The CMS provides intuitive tools for content authoring, version control, and collaboration, allowing contributors to focus on creating engaging content while the platform handles the management of website structure and design.

Question 38

COOP

Answer 38

Continuity of Operation Planning

Definition: COOP is a proactive process that organizations undertake to ensure the uninterrupted delivery of critical services and functions during emergencies, disasters, or disruptions to normal operations.

Scenario: A government agency develops a COOP framework to maintain essential government functions and services in the event of a natural disaster, terrorist attack, or other emergency situations. The COOP plan includes risk assessments, business impact analyses, continuity strategies, and recovery procedures to mitigate the impact of disruptions and safeguard public safety and welfare.

Question 39

COPE

Answer 39

Corporate Owned, Personally Enabled

Definition: COPE is a mobile device management (MDM) strategy in which organizations provide employees with company-owned mobile devices that can be used for both work-related and personal tasks.

Scenario: A multinational corporation implements a COPE program to equip employees with smartphones and tablets configured with corporate-approved applications, security policies, and data encryption features. Employees have the flexibility to use the devices for personal communication and productivity while adhering to company policies and guidelines for data protection and device management.

Question 40

CP

Answer 40

Contingency Planning

Definition: CP is a proactive process that organizations undertake to prepare for and respond to unforeseen events, emergencies, or disruptions that could impact normal business operations.

Scenario: A healthcare provider develops a CP framework to address potential risks and vulnerabilities that could affect patient care, medical services, and facility operations. The CP plan includes provisions for emergency response, resource allocation, communication protocols, and recovery strategies to ensure continuity of healthcare services and minimize disruptions during crises or disasters.

Question 41

CRC

Answer 41

Cyclical Redundancy Check

Definition: CRC is an error detection technique used to verify the integrity of data transmitted over communication channels by generating and appending a checksum to the data stream.

Scenario: A computer network employs CRC checks to detect transmission errors and data corruption in packets transmitted between network devices, such as routers, switches, and network interface cards. CRC algorithms compute checksum values based on the transmitted data, which receiving devices use to validate the integrity of the received data and request retransmissions if errors are detected.

Question 42

CRL

Answer 42

Certificate Revocation List

Definition: CRL is a digital document maintained by a certificate authority (CA) that contains a list of revoked or compromised digital certificates, indicating that they should no longer be trusted for authentication or encryption purposes.

Scenario: Web browsers and other client applications periodically download CRLs from trusted CAs to validate the authenticity and validity of digital certificates presented by websites and online services. If a certificate in the CRL matches the one presented by a server during SSL/TLS handshake, the client terminates the connection to prevent potential security risks associated with compromised certificates.

Question 43

CSO

Answer 43

Chief Security Officer

Definition: CSO is a senior executive responsible for overseeing an organization’s information security strategy, risk management, and compliance initiatives to protect against cybersecurity threats and data breaches.

Scenario: A CSO collaborates with executive leadership, board members, and department heads to develop and implement comprehensive security programs that align with business objectives and regulatory requirements. The CSO oversees security operations, incident response, and security awareness training to foster a culture of security awareness and resilience across the organization.

Question 44

CSP

Answer 44

Cloud Service Provider

Definition: CSP is a company or vendor that delivers cloud computing services, including infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS) to businesses and individuals over the internet.

Scenario: An enterprise migrates its IT infrastructure and applications to a public cloud platform provided by a CSP to reduce capital expenditures, increase scalability, and improve flexibility. The CSP hosts virtualized servers, databases, and applications in its data centers, allowing customers to access computing resources and services on-demand via internet connectivity.

Question 45

CSRF

Answer 45

Cross-site Request Forgery

Definition: CSRF is a type of malicious attack in which unauthorized commands or transactions are executed on behalf of an authenticated user without their knowledge or consent, typically through forged or manipulated HTTP requests.

Scenario: An attacker crafts a malicious website or email containing embedded links or scripts designed to exploit CSRF vulnerabilities in web applications. When an authenticated user visits the malicious site or clicks the malicious link, their browser sends unauthorized requests to the targeted web application, initiating actions such as fund transfers, account changes, or data deletion without the user’s awareness.

Question 45

CSR

Answer 45

Certificate Signing Request

Definition: CSR is a data file generated by an applicant requesting a digital certificate from a certificate authority (CA) to authenticate their identity and encrypt communications over secure channels.

Scenario: A web server administrator generates a CSR containing information about the server’s public key, domain name, and organization details to apply for an SSL/TLS certificate from a trusted CA. The CSR is submitted to the CA, which verifies the applicant’s identity and domain ownership before issuing the digital certificate for secure HTTPS connections.

Question 46

CSU

Answer 46

Channel Service Unit

Definition: CSU is a networking device installed at the customer premises to interface with digital telecommunications services, such as T1 or E1 lines, and ensure reliable transmission of data over the telecommunications network.

Scenario: An enterprise deploys CSUs at its branch offices and data centers to connect to wide area network (WAN) services provided by telecommunications carriers. The CSUs perform functions such as line coding, signal regeneration, and line monitoring to maintain signal quality and integrity over long-distance communication links.

Question 47

CTM

Answer 47

Counter Mode

Definition: CTM is a mode of operation for block ciphers that enables the encryption of plaintext data of arbitrary length by generating a stream of keystream blocks for Exclusive Or (XOR) with the plaintext.

Scenario: A software application implements CTM mode to encrypt data streams, such as voice or video communications, using the AES encryption algorithm. CTM mode enhances encryption efficiency and parallelism by generating keystream blocks independently of the plaintext, allowing for real-time encryption and decryption of streaming media content.

Question 48

CTO

Answer 48

Chief Technology Officer

Definition: CTO is a senior executive responsible for overseeing an organization’s technology strategy, innovation initiatives, and research and development efforts to drive business growth and competitive advantage.

Scenario: A CTO leads a team of technologists, engineers, and product managers in developing and implementing technology roadmaps, architecture standards, and product development plans that align with the company’s long-term objectives and market trends. The CTO evaluates emerging technologies, fosters strategic partnerships, and champions digital transformation initiatives to enhance operational efficiency and customer experience.

Question 49

CVE

Answer 49

Common Vulnerability Enumeration

Definition: CVE is a standardized system for uniquely identifying and tracking known vulnerabilities and exposures in software applications, operating systems, and hardware devices.

Scenario: Security researchers and vendors assign CVE identifiers to vulnerabilities discovered in software products and publish them in the National Vulnerability Database (NVD) for public awareness and remediation. Organizations use CVE identifiers to prioritize patch management, vulnerability assessments, and security audits to mitigate the risk of exploitation by cyber threats.

Question 50

CVSS

Answer 50

Common Vulnerability Scoring System

Definition: CVSS is a standardized framework for assessing the severity and impact of security vulnerabilities based on a set of metrics, such as exploitability, impact, and complexity, to prioritize remediation efforts and risk mitigation strategies.

Scenario: Security analysts and incident responders use CVSS scores to evaluate the potential impact and exploitability of vulnerabilities discovered during security assessments or penetration testing exercises. The CVSS scoring system provides a quantitative measure of risk, allowing organizations to allocate resources effectively and address high-priority vulnerabilities that pose the greatest threat to their infrastructure and data assets.

Question 51

CYOD

Answer 51

Choose Your Own Device

Definition: CYOD is a mobile device management (MDM) policy that allows employees to select a company-approved device from a predefined list of options for work-related activities.

Scenario: A company implements a CYOD program to provide employees with flexibility and choice in selecting mobile devices that meet their productivity and workflow requirements while ensuring compatibility with corporate security policies and software applications. Employees choose from a curated selection of smartphones, tablets, and laptops approved by the IT department, allowing them to personalize their work experience while maintaining data security and device management standards.

Question 52

DAC

Answer 52

Discretionary Access Control

Definition: DAC is a security model that allows individual users to control access permissions to resources based on their discretion.

Scenario: In a DAC system, a file owner can decide which users or groups have permissions to read, write, or execute the file. For example, in a Unix-based system, a file owner may use the chmod command to set permissions for the file based on user, group, and others.

Question 53

DBA

Answer 53

Database Administrator

Definition: A DBA is an IT professional responsible for managing, maintaining, and securing databases within an organization.

Scenario: A DBA is responsible for tasks such as database design, performance tuning, backup and recovery, user access management, and ensuring data integrity and security. They work closely with developers, system administrators, and business stakeholders to optimize database performance and meet business requirements.

Question 54

DDoS

Answer 54

Distributed Denial of Service

Definition: DDoS is a type of cyber attack in which multiple compromised computers, often part of a botnet, flood a target system or network with a large volume of malicious traffic, rendering it inaccessible to legitimate users.

Scenario: A hacker launches a DDoS attack against an e-commerce website during a major sales event, flooding the website’s servers with a massive volume of HTTP requests. As a result, the website becomes overwhelmed, slows down, or crashes, causing disruption to online transactions and customer experience.

Question 55

DEP

Answer 55

Data Execution Prevention

Definition: DEP is a security feature implemented in modern operating systems to prevent the execution of malicious code in memory areas designated as non-executable.

Scenario: An operating system with DEP enabled marks certain memory regions as non-executable, preventing attackers from exploiting buffer overflow vulnerabilities to inject and execute arbitrary code. DEP helps mitigate the risk of code injection attacks and enhances the overall security of the system.

Question 56

DES

Answer 56

Digital Encryption Standard

Definition: DES is a symmetric-key encryption algorithm used to encrypt and decrypt electronic data. It was widely used in the past but is now considered insecure due to its small key size.

Scenario: In the 1970s and 1980s, DES was widely used to secure sensitive data in electronic communications, financial transactions, and government applications. However, due to advances in cryptanalysis and computing power, DES was replaced by more secure encryption algorithms such as AES.

Question 57

DHCP

Answer 57

Dynamic Host Configuration Protocol

Definition: DHCP is a network protocol that automatically assigns IP addresses and other network configuration parameters to devices connected to a network.

Scenario: When a device connects to a network, it sends a DHCP request to a DHCP server, which dynamically assigns an available IP address, subnet mask, default gateway, and DNS server address to the device. DHCP simplifies network administration by automating the process of IP address allocation and configuration.

Question 58

DHE

Answer 58

Diffie-Hellman Ephemeral

Definition: DHE is a variant of the Diffie-Hellman key exchange algorithm that generates ephemeral (temporary) key pairs for each session, providing forward secrecy.

Scenario: In a TLS handshake, a web server and client use DHE to securely negotiate a shared secret key for encrypting data transmitted over the network. The ephemeral key pairs are discarded after the session ends, ensuring that even if a long-term private key is compromised, past communications remain secure.

Question 59

DKIM

Answer 59

DomainKeys Identified Mail

Definition: DKIM is an email authentication method that uses cryptographic signatures to verify the authenticity and integrity of email messages, helping to combat spam and phishing attacks.

Scenario: A domain owner implements DKIM by generating a private-public key pair and publishing the public key in the domain’s DNS records. When sending an email, the sender’s email server signs the message header and body with the private key. Upon receiving the email, the recipient’s email server retrieves the public key from DNS and verifies the DKIM signature to ensure the message has not been tampered with during transit.

Question 60

DLL

Answer 60

Dynamic Link Library

Definition: DLL is a file format used in Windows operating systems to store code and data that can be shared and reused by multiple programs simultaneously.

Scenario: Software developers create DLL files containing functions, resources, and shared code libraries that can be dynamically linked to executable programs at runtime. DLLs help reduce code duplication, improve software modularity, and facilitate code reuse across multiple applications.

Question 61

DLP

Answer 61

Data Loss Prevention

Definition: DLP is a set of tools, policies, and procedures designed to prevent the unauthorized disclosure or leakage of sensitive data from an organization.

Scenario: An organization deploys DLP solutions to monitor, classify, and protect sensitive data across endpoints, networks, and cloud services. DLP technologies use content inspection, encryption, access controls, and user behavior analysis to detect and mitigate data exfiltration risks posed by insider threats, accidental disclosures, and targeted cyber attacks.

Question 62

DMARC

Answer 62

Domain Message Authentication Reporting
and Conformance

Definition: DMARC is an email authentication protocol that enables domain owners to specify policies for email senders and receivers to verify the authenticity and legitimacy of email messages.

Scenario: A domain owner implements DMARC policies to instruct email receivers how to handle messages that fail authentication checks, such as SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) verifications. DMARC helps reduce email spoofing, phishing, and domain impersonation attacks by enforcing email authentication standards and providing reporting mechanisms for monitoring email traffic.

Question 63

DNAT

Answer 63

Destination Network Address Translation

Definition: DNAT is a network address translation technique that modifies the destination IP address of inbound packets in a network firewall or router to redirect traffic to a different destination address.

Scenario: A network administrator configures DNAT rules on a firewall to redirect incoming requests from external clients to internal servers located in a private network. DNAT allows organizations to host public-facing services, such as web servers, email servers, and application gateways, behind a firewall while maintaining network security and protecting internal resources.

Question 64

DNS

Answer 64

Domain Name System

Definition: DNS is a distributed hierarchical system that translates human-readable domain names into numerical IP addresses used to identify networked devices and services on the internet.

Scenario: When a user enters a domain name (e.g., www.example.com) into a web browser, the browser queries a DNS resolver to resolve the domain name to its corresponding IP address. The DNS resolver recursively queries DNS servers to retrieve the IP address mapping and establish a connection to the desired web server, enabling users to access websites and internet services using domain names.

Question 65

DoS

Answer 65

Denial of Service

Definition: DoS is a cyber attack in which a malicious actor disrupts or impairs the availability of services or resources by overwhelming a target system, network, or application with a high volume of traffic or requests.

Scenario: An attacker launches a DoS attack against a web server by sending a flood of HTTP requests or exploiting vulnerabilities to consume system resources, exhaust network bandwidth, or crash the server. The DoS attack prevents legitimate users from accessing the website or online services, causing downtime, financial losses, and reputational damage to the organization.

Question 66

DPO

Answer 66

Data Privacy Officer

Definition: DPO is an individual designated by an organization to oversee compliance with data protection regulations, such as the General Data Protection Regulation (GDPR), and ensure the lawful processing and protection of personal data.

Scenario: A multinational corporation appoints a DPO to serve as a central point of contact for data protection authorities, data subjects, and internal stakeholders regarding privacy matters. The DPO advises on data protection policies, conducts privacy impact assessments, monitors data processing activities, and responds to data breach incidents to uphold the organization’s commitment to data privacy and regulatory compliance.