Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Sec+ SY0-701 > CompTIA Sec+ SY0-701 Acronyms V3 > Flashcards

CompTIA Sec+ SY0-701 Acronyms V3 Flashcards

1
Q

MTTR

A

Mean Time to Recover

Definition: MTTR is a metric used to measure the average time it takes to restore a system, service, or component to full functionality after a failure or disruption occurs.

Scenario: A cloud service provider tracks the MTTR for its data centers to assess the effectiveness of its incident response and recovery processes. MTTR values help the provider identify bottlenecks, streamline recovery workflows, and minimize service downtime to meet service level agreements (SLAs) and maintain customer satisfaction.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

MTU

A

Maximum Transmission Unit

Definition: MTU is the maximum size of a data packet or frame that can be transmitted over a network medium without fragmentation.

Scenario: A network administrator adjusts the MTU settings on routers and switches to optimize network performance and reduce packet overhead. By configuring appropriate MTU values based on network topology and link characteristics, the administrator ensures efficient data transmission, minimizes packet loss, and mitigates network congestion.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

NAC

A

Network Access Control

Definition: NAC is a security technology that enforces policy-based controls to regulate access to network resources and devices based on the identity, security posture, and compliance status of users and endpoints.

Scenario: An enterprise deploys NAC solutions to authenticate users and devices connecting to its corporate network, enforce security policies, and remediate non-compliant endpoints. NAC platforms integrate with identity management systems, endpoint security agents, and network infrastructure to dynamically assess and enforce access controls, reducing the risk of unauthorized access and data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

NAT

A

Network Address Translation

Definition: NAT is a technique used to modify network address information in IP packet headers as they pass through a router or firewall, enabling multiple devices within a private network to share a single public IP address for internet access.

Scenario: A home router performs NAT to allow multiple devices, such as smartphones, laptops, and smart TVs, to access the internet using a single public IP address assigned by the internet service provider (ISP). NAT translates private IP addresses used within the home network to the public IP address assigned by the ISP, enabling communication with external servers and services on the internet while preserving network security and privacy.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

NDA

A

Non-disclosure Agreement

Definition: NDA is a legal contract or agreement between parties that outlines confidential information shared during business transactions, partnerships, or employment relationships, imposing restrictions on disclosure, use, and protection of sensitive data.

Scenario: Two companies enter into an NDA before discussing proprietary technologies, trade secrets, or business strategies during merger negotiations or collaborative research projects. The NDA prohibits parties from disclosing confidential information to third parties or using it for unauthorized purposes, ensuring confidentiality, trust, and intellectual property protection throughout the business relationship.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

NFC

A

Near Field Communication

Definition: NFC is a short-range wireless communication technology that enables devices to establish peer-to-peer connections and exchange data by bringing them into close proximity (within a few centimeters) without requiring physical contact.

Scenario: A commuter uses an NFC-enabled smartphone to make contactless payments for public transportation fares by tapping the device on an NFC-enabled ticket reader. NFC technology facilitates secure and convenient transactions for mobile payments, ticketing, access control, and information sharing in various applications, including public transit, retail, and hospitality sectors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

NGFW

A

Next-generation Firewall

Definition: NGFW is an advanced network security appliance or software solution that integrates traditional firewall capabilities with additional security features such as intrusion prevention, application control, deep packet inspection, and threat intelligence.

Scenario: A large enterprise deploys NGFW appliances at network perimeter and internal segments to enforce security policies, block malicious traffic, and detect advanced threats targeting corporate assets and sensitive data. NGFWs provide granular visibility, control, and protection against evolving cyber threats and application-layer attacks, enhancing network security posture and compliance with industry regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

NIDS

A

Network-based Intrusion Detection System

Definition: NIDS is a security technology that monitors network traffic for signs of suspicious activity, unauthorized access attempts, and known attack patterns to detect and alert security personnel about potential security threats and vulnerabilities.

Scenario: A university deploys NIDS sensors at strategic points within its campus network to analyze incoming and outgoing traffic, identify anomalous behavior, and detect network-based attacks such as port scanning, denial-of-service (DoS), and malware propagation. NIDS alerts security analysts to investigate and mitigate security incidents, protecting sensitive research data, academic resources, and network infrastructure from cyber threats and intrusions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

NIPS

A

Network-based Intrusion Prevention System

Definition: NIPS is a security technology that goes beyond intrusion detection by actively blocking or mitigating malicious activities and network-based attacks in real-time, helping organizations proactively defend against cyber threats and prevent security breaches.

Scenario: A financial institution deploys NIPS appliances at critical network chokepoints to inspect inbound and outbound traffic, detect known and zero-day exploits, and enforce security policies to prevent unauthorized access, data exfiltration, and malware infections. NIPS solutions use signature-based detection, behavioral analysis, and threat intelligence feeds to identify and block suspicious traffic patterns and malicious payloads, reducing the risk of network compromises and data breaches.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

NIST

A

National Institute of Standards & Technology

Definition: NIST is a federal agency within the United States Department of Commerce responsible for developing and promoting standards, guidelines, and best practices to enhance cybersecurity, technology innovation, and industrial competitiveness.

Scenario: A software development company follows NIST cybersecurity frameworks and guidelines to secure its software products, protect customer data, and achieve compliance with industry standards and regulatory requirements. NIST publications provide valuable resources, reference materials, and risk management frameworks to help organizations assess cybersecurity risks, implement effective controls, and improve resilience against cyber threats and vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

NTFS

A

New Technology File System

Definition: NTFS is the default file system used by the Windows operating system to manage and organize files and directories stored on hard disk drives (HDDs), solid-state drives (SSDs), and other storage devices, offering advanced features such as file compression, encryption, and access control.

Scenario: A system administrator formats a new hard drive with the NTFS file system to store critical business data, system files, and user profiles on a Windows server. NTFS supports file-level security permissions, disk quotas, and journaling capabilities, providing robust data protection, fault tolerance, and storage efficiency for enterprise environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

NTLM

A

New Technology LAN Manager

Definition: NTLM is a proprietary authentication protocol developed by Microsoft for secure authentication and single sign-on (SSO) across Windows-based networks and systems.

Scenario: A user logs in to a Windows domain using NTLM authentication to access network resources, shared folders, and enterprise applications hosted on Microsoft servers. NTLM protocols authenticate users by hashing and encrypting credentials passed between client and server, verifying user identities and authorizing access to protected resources based on Active Directory permissions and group policies.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

NTP

A

Network Time Protocol

Definition: NTP is a networking protocol used to synchronize system clocks and maintain accurate timekeeping across computer systems, servers, and network devices within a distributed computing environment.

Scenario: A network administrator configures NTP servers to provide accurate time synchronization for critical servers, routers, and switches deployed across an enterprise network. NTP clients periodically synchronize their system clocks with authoritative NTP servers, ensuring consistent time references, event logging, and authentication services for network operations, monitoring, and troubleshooting activities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

OAUTH

A

Open Authorization

Definition: OAuth is an open standard authorization protocol that allows users to grant third-party applications limited access to their resources without sharing their credentials directly, enabling secure and delegated access to protected data and services.

Scenario: A social media platform implements OAuth for user authentication and authorization, allowing third-party developers to build and integrate applications that access user profiles, photos, and social connections. OAuth enables users to authorize applications using access tokens and consent screens, maintaining control over their data privacy and security while enabling seamless integration with external services and APIs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

OCSP

A

Online Certificate Status Protocol

Definition: OCSP is an internet protocol used to check the revocation status of digital certificates in real-time by querying certificate authorities (CAs) or OCSP responders, enabling clients to verify the validity and trustworthiness of SSL/TLS certificates during secure communications.

Scenario: A web browser verifies the validity of an SSL certificate presented by a secure website by sending an OCSP request to the certificate issuer’s OCSP responder. The OCSP responder checks the certificate’s status (valid, revoked, or unknown) and sends a signed response back to the browser, allowing the client to make informed decisions about trusting the website’s digital certificate and establishing a secure connection over HTTPS.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

OID

A

Object Identifier

  • Definition: OID is a unique alphanumeric string used to identify objects, classes, attributes, and other entities in various information systems and network protocols, such as X.500 directories, SNMP (Simple Network Management Protocol), and digital certificates.
  • Scenario: A software developer assigns OIDs to custom objects and attributes in a directory service schema to uniquely identify and manage organizational resources, user accounts, and access controls. OIDs provide a hierarchical naming structure for globally-unique identifiers, facilitating interoperability and standardization across diverse IT environments and data models.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

OS

A

Operating System

  • Definition: An operating system (OS) is system software that manages computer hardware resources and provides essential services and interfaces for running applications, executing system processes, and coordinating user interactions.
  • Scenario: A user interacts with a desktop computer running a Windows operating system to browse the internet, edit documents, and play multimedia content. The OS provides an intuitive graphical user interface (GUI), device drivers, file management utilities, and system services to facilitate user productivity, software installation, and hardware compatibility on the computer platform.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

OSINT

A

Open-source Intelligence

  • Definition: OSINT refers to the collection, analysis, and dissemination of publicly available information from open sources such as social media platforms, websites, public records, and online forums to gather insights and intelligence about individuals, organizations, events, and threats.
  • Scenario: A cybersecurity analyst monitors social media channels, news websites, and online forums to gather OSINT about emerging cyber threats, hacker forums, and data breaches affecting the organization’s industry vertical. OSINT sources provide valuable context, threat indicators, and early warnings to help security teams assess risks, prioritize incident response, and strengthen defenses against cyber attacks.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

OSPF

A

Open Shortest Path First

  • Definition: OSPF is a routing protocol used to calculate the shortest path and exchange routing information between routers within an autonomous system (AS) based on link-state advertisements (LSAs) and Dijkstra’s shortest path algorithm.
  • Scenario: A network engineer configures OSPF on routers to dynamically discover network topologies, compute optimal routes, and exchange routing updates based on link-state changes and network traffic demands. OSPF routers build and maintain a synchronized view of the network topology, facilitating efficient packet forwarding, load balancing, and fault tolerance in large-scale enterprise networks and service provider environments.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

OT

A

Operational Technology

  • Definition: OT refers to hardware and software systems used to monitor, control, and automate physical processes, industrial machinery, and critical infrastructure components in sectors such as manufacturing, energy, transportation, and utilities.
  • Scenario: An energy company deploys OT systems to manage power generation, distribution, and grid operations, leveraging sensors, SCADA (Supervisory Control and Data Acquisition) systems, and programmable logic controllers (PLCs) to monitor equipment performance, optimize energy efficiency, and ensure grid stability. OT technologies bridge the gap between IT (Information Technology) and operational environments, enabling real-time monitoring, process optimization, and predictive maintenance in industrial settings.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

OTA

A

Over the Air

  • Definition: OTA refers to wireless communication methods used to deliver software updates, firmware patches, configuration changes, and media content to mobile devices, IoT (Internet of Things) devices, and embedded systems over cellular networks, Wi-Fi, or satellite links.
  • Scenario: A smartphone manufacturer releases an OTA software update to fix security vulnerabilities, improve device performance, and introduce new features to users’ smartphones without requiring physical connections or manual intervention. OTA updates are delivered seamlessly over the air, ensuring timely deployment, minimal disruption, and widespread adoption of software patches and enhancements across diverse device ecosystems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

OVAL

A

Open Vulnerability Assessment Language

  • Definition: OVAL is an XML-based language used to describe and exchange information about security vulnerabilities, software flaws, and configuration issues in IT systems, enabling automated vulnerability assessment, remediation, and compliance auditing across heterogeneous environments.
  • Scenario: A cybersecurity team uses OVAL-compliant tools and scanners to assess and prioritize vulnerabilities in network infrastructure, servers, and endpoints based on Common Vulnerabilities and Exposures (CVE) identifiers and OVAL definitions. OVAL assessments provide standardized vulnerability data, severity ratings, and remediation guidance to help organizations identify and mitigate security risks effectively.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

P12

A

PKCS #12

  • Definition: P12, also known as PKCS #12, is a file format used to store and transport cryptographic keys, digital certificates, and private key pairs securely, typically protected by password-based encryption algorithms.
  • Scenario: A user exports a PKCS #12 file from a web browser after generating a digital certificate and private key for secure email communication. The P12 file contains the user’s digital identity credentials, including the X.509 certificate and corresponding private key, encrypted with a passphrase to prevent unauthorized access and ensure confidentiality during storage and transmission.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

P2P

A

Peer to Peer

  • Definition: P2P is a decentralized network architecture that enables direct communication and resource sharing between individual nodes or endpoints without the need for centralized servers or intermediaries.
  • Scenario: Users exchange files, share media content, and collaborate on distributed projects using P2P file-sharing networks and applications such as BitTorrent, eDonkey, and decentralized blockchain networks. P2P architectures leverage peer-to-peer protocols and distributed algorithms to facilitate data transfer, content discovery, and content delivery across geographically dispersed nodes, promoting scalability, fault tolerance, and user autonomy in decentralized ecosystems.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
PaaS
Platform as a Service ## Footnote - Definition: PaaS is a cloud computing model that provides developers with on-demand access to platform-level resources, tools, and runtime environments for building, deploying, and managing applications without the complexity of infrastructure management. - Scenario: A software development team leverages a PaaS platform such as Microsoft Azure App Service or Google App Engine to develop, test, and deploy web applications, mobile apps, and APIs without provisioning or managing underlying servers, databases, and middleware components. PaaS offerings offer scalability, flexibility, and productivity gains by abstracting infrastructure complexities and automating application lifecycle management tasks in the cloud.
26
PAM (1)
Privileged Access Management ## Footnote - Definition: PAM is a cybersecurity discipline and set of technologies designed to control, monitor, and audit privileged user access to critical systems, sensitive data, and administrative resources, mitigating insider threats and enforcing least privilege principles. - Scenario: An IT administrator implements a PAM solution to manage and rotate privileged account credentials, enforce granular access controls, and record user activities during privileged sessions on servers, databases, and cloud environments. PAM solutions integrate with identity management systems, multi-factor authentication (MFA) tools, and security information and event management (SIEM) platforms to strengthen access controls, reduce security risks, and achieve compliance with regulatory requirements.
26
PAC
Proxy Auto Configuration ## Footnote - Definition: PAC is a configuration file or script used by web browsers and network clients to automatically select and configure proxy servers and network settings based on predefined rules, network conditions, and user preferences. - Scenario: An organization deploys a PAC file on its corporate network to route web traffic through proxy servers, filter content, and enforce security policies for internet access and browsing activities. PAC scripts use JavaScript functions and conditional logic to evaluate client requests and determine optimal proxy server selections, enhancing network performance, privacy, and compliance with acceptable use policies.
27
PAM (2)
Pluggable Authentication Modules ## Footnote - Definition: PAM is a modular authentication framework used in Unix-like operating systems to provide flexible authentication mechanisms, support multiple authentication methods, and enforce security policies for user login, password management, and session authentication. - Scenario: A Linux system administrator configures PAM modules to authenticate users, enforce password policies, and authorize system access based on user credentials, group memberships, and access control rules defined in the PAM configuration files. PAM modules support various authentication methods such as passwords, public keys, biometrics, and one-time passwords (OTP), enabling seamless integration with external authentication providers and identity management systems.
28
PAP
Password Authentication Protocol ## Footnote - Definition: PAP is an authentication protocol used in legacy network environments to transmit user credentials, such as usernames and passwords, in plaintext over network connections, posing security risks and vulnerabilities to interception and eavesdropping attacks. - Scenario: A remote user dials into a network access server (NAS) using a modem and authenticates via PAP to establish a dial-up connection to the corporate network. PAP protocols exchange user credentials in clear text format, making them susceptible to network sniffing, man-in-the-middle (MitM) attacks, and password interception, highlighting security weaknesses inherent in legacy authentication methods.
29
PAT
Port Address Translation ## Footnote - Definition: PAT is a type of network address translation (NAT) technique used to map multiple private IP addresses to a single public IP address by dynamically assigning unique port numbers to each outgoing network connection, enabling network address reuse and conserving public IPv4 address space. - Scenario: A home router implements PAT to allow multiple devices, such as smartphones, laptops, and smart TVs, to share a single public IP address assigned by the internet service provider (ISP) for internet access. PAT assigns unique port numbers to each internal device's network sessions, maintaining session state and enabling bidirectional communication with external servers and services across the internet.
30
PBKDF2
Password-based Key Derivation Function 2 ## Footnote - Definition: PBKDF2 is a key derivation function commonly used to derive cryptographic keys from passwords or passphrase-based inputs by applying multiple iterations of a pseudorandom function, such as HMAC-SHA1, SHA-256, or SHA-512. - Scenario: A cryptographic application uses PBKDF2 to derive encryption keys from user passwords before storing sensitive data or generating digital signatures to protect data confidentiality and integrity. PBKDF2 algorithms strengthen password-based security by introducing computational complexity, salt values, and iteration counts, making brute-force attacks and password cracking attempts more time-consuming and resource-intensive for attackers.
31
PBX
Private Branch Exchange ## Footnote - Definition: PBX is a private telephone system used within an organization or enterprise to manage internal and external voice communication by routing calls, handling extensions, and providing telephony features such as voicemail, call forwarding, and conference calling. - Scenario: A large corporation installs a PBX system to streamline internal communication among employees across different departments and office locations. The PBX allows users to make calls within the organization using extension numbers, access voicemail services, and transfer calls between departments, enhancing productivity and collaboration in the workplace.
32
PCAP
Packet Capture ## Footnote - Definition: PCAP is a file format used to store network packet capture data collected by network monitoring and analysis tools, allowing cybersecurity professionals to inspect, analyze, and troubleshoot network traffic for security threats, performance issues, and protocol errors. - Scenario: A network administrator uses Wireshark, a popular packet capture tool, to capture and analyze network traffic on a corporate network segment. Wireshark saves captured packets in PCAP format, enabling deep packet inspection, protocol analysis, and forensic investigation of network communication patterns, anomalies, and security incidents.
33
PCI DSS
Payment Card Industry Data Security Standard ## Footnote - Definition: PCI DSS is a set of security standards and compliance requirements established by the Payment Card Industry Security Standards Council (PCI SSC) to protect cardholder data, prevent payment card fraud, and ensure secure payment processing environments for merchants, service providers, and financial institutions. - Scenario: An online retailer implements PCI DSS controls and security measures to secure credit card transactions, safeguard cardholder data, and comply with industry regulations and contractual obligations. PCI DSS requirements include encryption, access controls, vulnerability management, and regular security assessments to mitigate risks and maintain trust in electronic payment systems.
33
PDU
Power Distribution Unit ## Footnote - Definition: PDU is a device used in data centers and server rooms to distribute electrical power from a primary power source to multiple computing devices, servers, networking equipment, and peripherals, providing power management, monitoring, and remote control capabilities. - Scenario: A data center operator installs intelligent PDUs to monitor power consumption, allocate electrical loads, and prevent power outages or equipment failures caused by overloads or voltage fluctuations. PDUs offer features such as outlet-level metering, remote power cycling, and environmental monitoring to optimize energy efficiency, improve reliability, and ensure uptime for critical IT infrastructure components.
34
PEAP
Protected Extensible Authentication Protocol ## Footnote - Definition: PEAP is an authentication protocol used in wireless networks and VPN (Virtual Private Network) connections to establish secure and encrypted authentication sessions between clients and authentication servers, protecting user credentials from eavesdropping and unauthorized access. - Scenario: A corporate network deploys PEAP for secure Wi-Fi authentication, allowing employees to connect their laptops and mobile devices to the corporate network securely from remote locations or within office premises. PEAP protocols use mutual authentication and Transport Layer Security (TLS) encryption to establish trusted connections and validate user identities before granting network access.
35
PED
Personal Electronic Device ## Footnote - Definition: PED refers to any portable electronic device designed for personal use, such as smartphones, tablets, laptops, wearable devices, and digital cameras, capable of performing computing, communication, entertainment, and productivity tasks. - Scenario: A traveler carries a variety of PEDs, including a smartphone, e-reader, and noise-canceling headphones, to stay connected, entertained, and productive during long flights or train journeys. PEDs offer versatile functionality, mobile applications, and internet connectivity, enabling users to access information, communicate with others, and enjoy multimedia content while on the go.
36
PEM
Privacy Enhanced Mail ## Footnote - Definition: PEM is a cryptographic standard used to secure email communication by encrypting email messages, digital signatures, and key management operations, ensuring confidentiality, integrity, and authenticity of email content and attachments. - Scenario: An organization implements PEM encryption and digital signatures to protect sensitive email correspondence containing confidential business information, financial records, or legal documents from unauthorized access, interception, and tampering by malicious actors. PEM-compliant email clients and servers use public-key cryptography algorithms to secure email transmissions and verify sender identities, enhancing email privacy and security in transit and at rest.
37
PFS
Perfect Forward Secrecy ## Footnote - Definition: PFS is a cryptographic property that ensures session keys used for secure communication are ephemeral and not derived from long-term secret keys, preventing compromise of past encrypted sessions if a current session key is compromised. - Scenario: A secure messaging application implements PFS to protect user conversations and data privacy by generating unique session keys for each communication session and discarding them after use. PFS mechanisms such as Diffie-Hellman key exchange enable parties to establish secure connections and exchange encrypted messages without relying on persistent encryption keys, minimizing the risk of retroactive decryption and data exposure.
38
PGP
Pretty Good Privacy ## Footnote - Definition: PGP is a cryptographic software suite used for email encryption, digital signatures, and data security, allowing users to protect sensitive information, verify message authenticity, and maintain confidentiality in electronic communications. - Scenario: A privacy-conscious individual uses PGP encryption to secure email messages containing personal information, financial data, or confidential documents before sending them to trusted recipients. PGP integrates with email clients and software applications to encrypt message content and attachments using public-key cryptography, ensuring end-to-end privacy and integrity of electronic communications.
38
PHI
Personal Health Information ## Footnote - Definition: PHI is any individually identifiable health information or medical data related to an individual's physical or mental health condition, treatment history, healthcare services, or payment details, protected under health privacy laws and regulations such as the Health Insurance Portability and Accountability Act (HIPAA) in the United States. - Scenario: Healthcare providers and insurance companies collect and store PHI in electronic health records (EHRs) and medical databases to manage patient care, treatment plans, and billing information while ensuring compliance with privacy and security standards. PHI includes patient names, addresses, birthdates, medical diagnoses, laboratory results, and prescription medications, subject to strict confidentiality and data protection requirements to safeguard patient privacy and prevent unauthorized access or disclosure.
39
PII
Personally Identifiable Information ## Footnote - Definition: PII refers to any data elements or identifiers that can be used to distinguish or trace an individual's identity, either alone or in combination with other information, such as name, social security number, driver's license number, passport number, biometric data, and financial account details. - Scenario: Online retailers collect PII from customers during account registration, checkout processes, and payment transactions to process orders, fulfill shipping, and provide customer support services. PII protection measures include encryption, access controls, data anonymization, and secure transmission protocols to prevent identity theft, fraud, and unauthorized use of personal information by cybercriminals or unauthorized third parties.
40
PIV
Personal Identity Verification ## Footnote - Definition: PIV is a standard for identity verification and authentication issued by federal agencies and government organizations to employees and contractors, enabling secure access to physical facilities, computer systems, and digital resources using smart cards or biometric credentials. - Scenario: Government employees use PIV cards to authenticate their identities and gain access to secure government buildings, computer networks, and classified information systems. PIV authentication combines smart card technology, digital certificates, and biometric verification methods such as fingerprint scanning or iris recognition to establish trusted identities and enforce access controls based on role-based permissions and security policies.
41
PKCS
Public Key Cryptography Standards ## Footnote - Definition: PKCS is a set of standards and specifications developed by RSA Laboratories for cryptographic algorithms, key management protocols, and certificate formats used in public-key cryptography applications, digital signatures, and encryption schemes. - Scenario: A software developer implements PKCS #11 libraries and APIs to integrate cryptographic operations such as key generation, encryption, and digital signature verification into secure applications and cryptographic services. PKCS standards define interoperable protocols and data formats for key exchange, digital certificates, cryptographic tokens, and secure messaging, enabling seamless integration and interoperability across diverse cryptographic platforms and software environments.
42
PKI
Public Key Infrastructure ## Footnote - Definition: PKI is a framework of policies, protocols, and cryptographic services used to manage digital certificates, public and private keys, and secure communication channels in a networked environment, facilitating authentication, encryption, and data integrity protection. - Scenario: A financial institution deploys a PKI infrastructure to issue digital certificates, authenticate online customers, and secure electronic transactions conducted over internet banking platforms and mobile applications. PKI components include certificate authorities (CAs), registration authorities (RAs), certificate revocation lists (CRLs), and trust anchors, enabling secure communication, digital signatures, and end-to-end encryption for sensitive financial data and transactions.
43
POP
Post Office Protocol ## Footnote - Definition: POP is an email retrieval protocol used by email clients to access and download email messages from a mail server to a local computer or mobile device, allowing users to read, manage, and store emails offline. - Scenario: A user configures an email client such as Microsoft Outlook or Mozilla Thunderbird to retrieve emails from a POP3 mail server hosted by their internet service provider (ISP). POP clients connect to the mail server, authenticate user credentials, and retrieve emails stored in the user's mailbox, deleting messages from the server after download or leaving copies based on client settings and preferences.
44
POTS
Plain Old Telephone Service ## Footnote - Definition: POTS refers to traditional analog telephone service used for voice communication over copper wire networks, providing basic telephony features such as voice calls, caller ID, call waiting, and voicemail. - Scenario: A residential subscriber subscribes to POTS service from a local telecommunications provider to make and receive landline telephone calls from home without relying on internet-based VoIP (Voice over Internet Protocol) or mobile phone services. POTS lines offer reliable voice communication, emergency calling capabilities, and compatibility with legacy telecommunication equipment and devices, ensuring connectivity during power outages or network disruptions.
45
PPTP
Point-to-Point Tunneling Protocol ## Footnote - Definition: PPTP is a VPN protocol used to create encrypted virtual private network (VPN) tunnels between remote clients and VPN servers over insecure or public networks, providing secure access to corporate networks, intranet resources, and internet services. - Scenario: A remote worker establishes a VPN connection to the corporate network using PPTP VPN client software installed on their laptop or mobile device, encrypting data traffic and tunneling it through the internet to the company's VPN gateway or firewall. PPTP VPN tunnels authenticate users, encrypt network traffic, and encapsulate data packets using Point-to-Point Protocol (PPP) and Generic Routing Encapsulation (GRE) protocols, enabling secure remote access and data privacy for telecommuters, travelers, and mobile workers.
45
PPP
Point-to-Point Protocol ## Footnote - Definition: PPP is a data link layer protocol used to establish and manage point-to-point network connections over serial links, telephone lines, and dedicated circuits, enabling data encapsulation, error detection, and authentication between network devices. - Scenario: An internet service provider (ISP) uses PPP to establish dial-up connections and broadband links with residential customers, delivering internet access over telephone lines or fiber-optic cables using PPPoE (Point-to-Point Protocol over Ethernet) or PPPoA (Point-to-Point Protocol over ATM) encapsulation methods. PPP protocols negotiate connection parameters, authenticate users, and manage session states during data transmission, ensuring reliable and secure communication between client modems and ISP gateways.
46
PSK
Pre-shared Key ## Footnote - Definition: PSK is a symmetric cryptographic key shared in advance between communicating parties to establish secure communication channels, authenticate endpoints, and encrypt data transmissions using block ciphers or stream ciphers. - Scenario: A home wireless network uses WPA2-PSK encryption with a pre-shared key to protect Wi-Fi access and prevent unauthorized users from connecting to the network or eavesdropping on data traffic. PSK authentication requires users to enter a passphrase or security key to authenticate and associate their devices with the wireless access point, ensuring confidentiality and integrity of wireless communications within the local network environment.
47
PTZ
Pan-tilt-zoom ## Footnote - Definition: PTZ refers to camera control functionalities that enable remote manipulation of pan, tilt, and zoom movements in surveillance cameras and video surveillance systems, allowing operators to adjust camera angles, view different areas, and track moving objects or individuals in real time. - Scenario: A security guard uses a PTZ surveillance camera to monitor a large parking lot and retail store entrance, remotely controlling the camera's movements and zoom levels to follow suspicious activities, observe crowd dynamics, and deter potential theft or vandalism incidents. PTZ cameras offer flexibility, situational awareness, and responsive surveillance capabilities for security personnel to maintain vigilance and ensure safety in public spaces and commercial environments.
48
PUP
Potentially Unwanted Program ## Footnote - Definition: PUP is a term used to describe software applications or programs that exhibit behaviors or characteristics that may be considered undesirable, intrusive, or harmful to users' computing experiences or privacy, such as adware, spyware, browser toolbars, and unwanted system utilities. - Scenario: A user inadvertently installs a PUP bundled with freeware or shareware downloaded from the internet, resulting in unwanted browser modifications, pop-up advertisements, or system performance issues. PUPs may collect user data, display unwanted ads, change browser settings, or install additional software components without users' consent, prompting users to uninstall or remove potentially unwanted programs from their computers to restore normal functionality and protect against unwanted behaviors or security risks.
48
RA (1)
Recovery Agent ## Footnote - Definition: RA refers to a cryptographic entity or key used for data recovery or decryption purposes, typically associated with encrypted files, digital certificates, or secure communication channels, allowing authorized parties to access encrypted data in case of key loss or data recovery needs. - Scenario: A corporate IT department designates a recovery agent for BitLocker encrypted drives to assist users in recovering lost encryption keys or accessing encrypted data in emergency situations. Recovery agents hold special cryptographic keys or certificates that enable them to decrypt protected data and recover access to critical information while maintaining data confidentiality and security.
49
RA (2)
Registration Authority ## Footnote - Definition: RA is a trusted entity responsible for verifying user identities, issuing digital certificates, and managing certificate enrollment processes in a public key infrastructure (PKI) environment, ensuring proper authentication and authorization for digital transactions and secure communications. - Scenario: A certificate authority (CA) establishes an RA to handle certificate requests, validate subscriber information, and approve certificate issuance requests from individuals, organizations, and service providers seeking to obtain digital certificates for secure email, website authentication, or document signing purposes. RAs verify applicant identities, validate certificate requests, and enforce PKI policies and procedures to maintain the integrity and reliability of digital certificates and trust relationships within the PKI ecosystem.
49
RACE
Research and Development in Advanced Communications Technologies in Europe ## Footnote - Definition: RACE was a European research initiative launched in the 1980s to promote collaborative research and development in telecommunications, networking, and digital technologies, aiming to advance Europe's competitiveness and innovation in the global telecommunications market. - Scenario: European telecommunications companies, research institutions, and government agencies participate in RACE-funded projects to develop cutting-edge technologies and standards for broadband networks, digital services, and mobile communications, fostering technological advancements, industry partnerships, and economic growth across Europe. RACE initiatives contribute to the evolution of digital infrastructure, internet protocols, and telecommunications standards, driving innovation and digital transformation in diverse sectors such as healthcare, transportation, and education.
50
RAD
Rapid Application Development ## Footnote - Definition: RAD is a software development methodology focused on iterative prototyping, rapid prototyping, and accelerated delivery of software applications using incremental development cycles, collaborative design approaches, and reusable software components. - Scenario: A software development team adopts RAD methodologies to build and deploy web applications, mobile apps, and enterprise software solutions with short development cycles, quick feedback loops, and continuous integration and delivery (CI/CD) pipelines. RAD frameworks such as Agile, Scrum, and DevOps emphasize collaboration, flexibility, and customer feedback to accelerate time-to-market, adapt to changing requirements, and deliver high-quality software products that meet user needs and business objectives.
51
RADIUS
Remote Authentication Dial-in User Service ## Footnote - Definition: RADIUS is a networking protocol and authentication framework used to centralize user authentication, authorization, and accounting (AAA) for remote access services, such as dial-up, VPN (Virtual Private Network), and wireless network connections, enabling secure and scalable network access control. - Scenario: A network administrator deploys a RADIUS server to authenticate and authorize user access to the corporate network, VPN gateways, and wireless access points using username/password credentials or digital certificates. RADIUS clients, such as network access servers (NAS) and VPN concentrators, communicate with the RADIUS server to validate user credentials, enforce access policies, and log authentication events for auditing and compliance purposes, enhancing network security and user management capabilities in distributed environments.
52
RAID
Redundant Array of Inexpensive Disks ## Footnote - Definition: RAID is a storage technology and data protection scheme that combines multiple disk drives into a single logical unit to improve data reliability, fault tolerance, and performance through disk striping, mirroring, or parity-based redundancy techniques. - Scenario: A small business deploys a RAID-5 array with four hard disk drives (HDDs) to store critical business data, financial records, and customer information on a file server or network-attached storage (NAS) device. RAID configurations distribute data across multiple disks, provide fault tolerance against drive failures, and enable data recovery and rebuilding operations in case of disk errors or hardware malfunctions, ensuring business continuity and data integrity in mission-critical storage environments.
53
RAS
Remote Access Server ## Footnote - Definition: RAS is a network server or gateway that provides remote users with secure access to internal network resources, services, and applications over dial-up, broadband, or virtual private network (VPN) connections, enabling telecommuting, mobile workforce, and remote collaboration. - Scenario: A multinational corporation deploys RAS appliances or VPN concentrators at branch offices and data centers to enable secure remote access for employees, contractors, and business partners working from home or traveling on business trips. RAS solutions authenticate user credentials, encrypt data traffic, and establish secure tunnels between remote clients and corporate networks, ensuring privacy, confidentiality, and compliance with security policies and regulatory requirements.
54
RAT
Remote Access Trojan ## Footnote - Definition: RAT is a type of malware or malicious software that allows remote attackers to gain unauthorized access and control over compromised computer systems, steal sensitive information, and perform malicious activities without users' knowledge or consent. - Scenario: A cybercriminal distributes a RAT payload disguised as a legitimate software application or email attachment to unsuspecting users, infecting their computers and establishing remote backdoors for command-and-control operations, data exfiltration, or ransomware attacks. RAT malware variants such as Poison Ivy, DarkComet, and njRAT exploit software vulnerabilities, social engineering tactics, and phishing techniques to infiltrate target systems and evade detection by antivirus programs, posing significant security risks to individuals and organizations worldwide.
55
RBAC (1)
Role-based Access Control ## Footnote - Definition: RBAC is an access control model and security mechanism used to regulate user permissions, privileges, and resource access based on predefined roles, responsibilities, and job functions within an organization, enforcing the principle of least privilege and minimizing security risks. - Scenario: A financial institution implements RBAC policies and access controls to manage user access to sensitive banking systems, customer databases, and financial applications based on employees' job roles, departments, and hierarchical levels. RBAC systems assign users to specific roles or groups, define role-based permissions, and enforce access restrictions to restrict unauthorized activities, reduce insider threats, and enforce compliance with data privacy regulations and industry standards.
56
RBAC (2)
Rule-based Access Control ## Footnote - Definition: RBAC is an access control model and security mechanism used to regulate user permissions, privileges, and resource access based on predefined rules, conditions, and access control lists (ACLs) associated with individual users, objects, or system entities. - Scenario: A cloud service provider implements RBAC rule sets and access policies to manage user access permissions, resource allocations, and network configurations in multi-tenant environments, ensuring isolation, segregation, and compliance with regulatory requirements. RBAC rules define access control matrices, authorization constraints, and enforcement policies for cloud infrastructure, virtual machines, and software-defined networks (SDNs), enabling fine-grained control over user activities, data flows, and resource utilization in dynamic computing environments.
57
RC4
Rivest Cipher version 4 ## Footnote - Definition: RC4 is a symmetric stream cipher algorithm developed by Ron Rivest of RSA Security for encrypting and decrypting data streams, securing wireless communication, and protecting internet protocols such as SSL/TLS, WEP, and WPA against eavesdropping and cryptographic attacks. - Scenario: A web server administrator configures SSL/TLS encryption with RC4 cipher suites to secure HTTPS connections and protect sensitive data transmitted between web browsers and web applications over the internet. RC4 encryption algorithms use variable-length keys to generate pseudorandom keystreams, which XOR with plaintext data to produce ciphertext, providing confidentiality and data integrity for secure communication channels in client-server architectures.
58
RFID
Radio Frequency Identifier ## Footnote - Definition: RFID is a wireless technology used for automatic identification and tracking of objects, assets, and products using radio frequency signals, RFID tags, and reader devices, enabling inventory management, supply chain logistics, and asset tracking applications. - Scenario: A retail store deploys RFID tags and readers to track inventory levels, monitor product movements, and automate checkout processes, improving operational efficiency, reducing stockouts, and enhancing customer shopping experiences. RFID systems consist of passive or active tags attached to merchandise, shelves, or packaging, which emit radio signals when activated by RFID readers or antennas, enabling real-time visibility and inventory control in retail stores, warehouses, and distribution centers.
58
RDP
Remote Desktop Protocol ## Footnote - Definition: RDP is a proprietary protocol developed by Microsoft for remote desktop access and remote administration of Windows-based computers, allowing users to connect to remote desktop sessions, access desktop environments, and run applications remotely over network connections. - Scenario: A system administrator uses the Remote Desktop Protocol (RDP) to remotely access and manage servers, workstations, and virtual machines in an enterprise network infrastructure, troubleshooting issues, installing software updates, and performing system maintenance tasks from a centralized management console or administrative workstation. RDP sessions encrypt data transmissions, authenticate user credentials, and support multi-user remote desktop environments, enabling efficient remote support and IT operations management across distributed computing environments.
59
ROI
Return on Investment ## Footnote - Definition: ROI is a financial metric used to evaluate the profitability and efficiency of investments, projects, or business initiatives by comparing the net return or benefits generated against the initial investment cost, expressed as a percentage or ratio. - Scenario: A business owner calculates the return on investment (ROI) for a marketing campaign, capital expenditure, or technology upgrade project to assess its financial viability, revenue potential, and long-term business impact. ROI analysis considers factors such as investment costs, revenue gains, cost savings, and intangible benefits over a defined time period, helping stakeholders make informed decisions, prioritize investments, and allocate resources effectively to maximize returns and achieve strategic objectives.
59
RIPEMD
RACE Integrity Primitives Evaluation Message Digest ## Footnote - Definition: RIPEMD is a family of cryptographic hash functions developed by Hans Dobbertin, Antoon Bosselaers, and Bart Preneel as part of the RACE project in the European Union for evaluating integrity primitives and cryptographic algorithms for digital signatures, data integrity verification, and message authentication. - Scenario: A software developer integrates RIPEMD hash functions into cryptographic libraries, digital signature algorithms, and data integrity validation mechanisms to compute and verify message digests, checksums, and hash values for secure communication, document signing, and file verification purposes. RIPEMD algorithms support different hash lengths and security levels, providing collision resistance and data integrity protection against manipulation, tampering, and unauthorized modifications in distributed computing environments.
60
RPO
Recovery Point Objective ## Footnote - Definition: RPO is a disaster recovery metric that defines the maximum acceptable data loss or time interval between data backups or replication checkpoints in a business continuity plan, specifying the recovery point in time to restore systems, applications, and data after a disruptive event. - Scenario: A financial institution establishes an RPO of four hours for critical banking systems and transactional databases to ensure timely data recovery and minimize financial losses in the event of a catastrophic failure, natural disaster, or cyberattack. RPO objectives dictate backup frequency, data replication schedules, and disaster recovery strategies, aligning with business requirements, regulatory compliance mandates, and service-level agreements (SLAs) to maintain data integrity and operational resilience in high-availability environments.
61
RSA
Rivest, Shamir, & Adleman ## Footnote - Definition: RSA is a public-key cryptography algorithm named after its inventors Ron Rivest, Adi Shamir, and Leonard Adleman, used for secure data encryption, digital signatures, and key exchange in electronic communications, e-commerce transactions, and secure messaging protocols. - Scenario: An e-commerce website encrypts sensitive customer data, credit card information, and online transactions using RSA public-key cryptography to protect data privacy, prevent identity theft, and secure electronic payments during online shopping sessions. RSA algorithms use mathematical principles of number theory and modular arithmetic to generate key pairs, encrypt plaintext data, and digitally sign messages, enabling secure communication channels and trust relationships between users, servers, and online merchants in internet-based transactions.
62
RTBH
Remotely Triggered Black Hole ## Footnote - Definition: RTBH is a network security technique and traffic filtering mechanism used by internet service providers (ISPs) and network operators to mitigate distributed denial-of-service (DDoS) attacks, route hijacking incidents, and malicious traffic by diverting suspicious packets or traffic flows to black hole routing destinations for traffic scrubbing or isolation. - Scenario: A network operator deploys RTBH filtering policies and Border Gateway Protocol (BGP) route announcements to identify and redirect anomalous traffic patterns, volumetric attacks, or botnet traffic to black hole destinations or sinkhole addresses, preventing denial-of-service (DoS) attacks, network congestion, and service disruptions for legitimate users and critical infrastructure. RTBH configurations leverage BGP communities, route tagging, and access control lists (ACLs) to automate traffic redirection, detect attack signatures, and block malicious traffic at the network edge, enhancing network security and resilience against cyber threats and network-based attacks.
63
RTO
Recovery Time Objective ## Footnote - Definition: RTO is a disaster recovery metric that defines the maximum allowable downtime or time interval required to restore IT systems, services, and business operations to normal functioning levels following a disruptive event, outage, or disaster scenario. - Scenario: A cloud service provider establishes an RTO of two hours for mission-critical applications, databases, and infrastructure services hosted in a redundant, geographically distributed data center environment to minimize service interruptions, data loss, and customer impact during planned maintenance or unexpected incidents. RTO objectives drive disaster recovery planning, failover configurations, and service-level agreements (SLAs), ensuring rapid response, resource allocation, and system recovery procedures to meet business continuity goals and service commitments in dynamic computing environments.
64
RTOS
Real-time Operating System ## Footnote - Definition: RTOS is an operating system designed for real-time computing environments, embedded systems, and time-critical applications, providing deterministic task scheduling, low-latency response times, and predictable system behavior for tasks requiring precise timing and control. - Scenario: An automotive manufacturer integrates an RTOS into embedded control systems, vehicle electronics, and driver-assistance systems to manage real-time data processing, sensor inputs, and safety-critical functions such as anti-lock braking, traction control, and collision avoidance. RTOS platforms support priority-based scheduling, interrupt handling, and preemptive multitasking to meet timing constraints, enforce deadlines, and maintain system stability and reliability in safety-critical applications across automotive, aerospace, and industrial automation industries.
65
RTP
Real-time Transport Protocol ## Footnote - Definition: RTP is a network protocol used for real-time transmission of multimedia data, audio streams, and video streams over IP-based networks, providing end-to-end delivery, synchronization, and quality-of-service (QoS) mechanisms for interactive communication and streaming media applications. - Scenario: A video conferencing application uses RTP to transport audio and video streams between participants, synchronize multimedia data packets, and adapt to network conditions such as packet loss, jitter, and latency to deliver seamless, high-quality video calls and collaborative meetings over internet connections. RTP packets encapsulate media payloads, timestamp information, and sequence numbers, enabling real-time communication, media synchronization, and adaptive streaming algorithms in VoIP (Voice over IP) and multimedia streaming applications.
65
S/MIME
Secure/Multipurpose Internet Mail Extensions ## Footnote - Definition: S/MIME is a security protocol used to add encryption and digital signature capabilities to email messages, ensuring confidentiality, integrity, and authenticity of email communication over the internet. - Scenario: A corporate email system integrates S/MIME support to enable secure email communication between employees, clients, and business partners, encrypting sensitive messages and attachments with digital certificates, private keys, and cryptographic algorithms such as RSA and AES. S/MIME-compliant email clients and servers exchange signed and encrypted messages using MIME (Multipurpose Internet Mail Extensions) standards and PKCS (Public-Key Cryptography Standards) protocols, protecting against eavesdropping, tampering, and spoofing attacks in transit.
66
SaaS
Software as a Service ## Footnote - Definition: SaaS is a cloud computing model where software applications are hosted, managed, and delivered as on-demand services over the internet, allowing users to access and use software functionality without installing or maintaining local software instances. - Scenario: A small business subscribes to a SaaS-based customer relationship management (CRM) platform to manage sales leads, customer contacts, and marketing campaigns through a web browser interface, eliminating the need for costly software licenses, hardware infrastructure, and IT support resources. SaaS providers host and maintain software applications in scalable data centers, providing automatic updates, data backups, and service level agreements (SLAs) to customers on a subscription basis, enabling cost-effective access to enterprise-grade software solutions and collaborative tools for businesses of all sizes.
67
SAE
Simultaneous Authentication of Equals ## Footnote - Definition: SAE is a secure key exchange protocol used in Wi-Fi Protected Access 3 (WPA3) and Wi-Fi 6 (802.11ax) wireless networks to establish encrypted connections and authenticate wireless clients and access points without relying on pre-shared keys or passwords. - Scenario: A wireless router implements SAE handshake protocols to authenticate client devices, negotiate cryptographic keys, and establish secure Wi-Fi connections using mutual authentication and key derivation techniques. SAE protocols protect against passive eavesdropping, brute-force attacks, and dictionary attacks by generating ephemeral keys and enforcing forward secrecy and cryptographic strength requirements, ensuring robust security and privacy for wireless communications in home networks, public hotspots, and enterprise Wi-Fi deployments.
68
SAML
Security Assertions Markup Language ## Footnote - Definition: SAML is an XML-based standard used for exchanging authentication and authorization data between identity providers (IdPs) and service providers (SPs) in single sign-on (SSO) and federated identity management systems, enabling seamless user authentication and access control across multiple web applications and domains. - Scenario: An enterprise deploys a SAML-based identity federation system to enable SSO access to cloud-based services, web applications, and internal resources using centralized identity providers such as Active Directory (AD) or identity management platforms. SAML assertions and security tokens authenticate users, transmit identity attributes, and enforce access policies across distributed environments, enabling secure access to shared resources, web portals, and business applications without the need for separate login credentials or authentication mechanisms.
69
SAN (1)
Storage Area Network ## Footnote - Definition: SAN is a high-speed network architecture used to interconnect storage devices, servers, and data storage arrays over dedicated fiber channel or Ethernet networks, providing scalable, centralized storage resources and block-level data access for enterprise applications and virtualized environments. - Scenario: A large enterprise deploys a SAN infrastructure to consolidate storage resources, support virtual server environments, and facilitate data replication, backup, and disaster recovery operations across geographically dispersed data centers. SAN fabrics use Fibre Channel switches, storage controllers, and RAID arrays to pool storage capacity, optimize storage utilization, and deliver high-performance storage services for mission-critical workloads, database systems, and business continuity solutions, ensuring data availability and resilience in dynamic IT environments.
70
SASE
Secure Access Service Edge ## Footnote - Definition: SASE is a network security architecture and cloud service model that integrates secure access controls, networking functionalities, and threat protection capabilities into a unified, cloud-native platform delivered as a service, enabling secure access to applications and data from any location or device. - Scenario: A global enterprise adopts a SASE framework to transform its network infrastructure and security posture, migrating from traditional perimeter-based architectures to cloud-delivered security services that combine secure web gateways (SWG), cloud access security brokers (CASB), software-defined WAN (SD-WAN), and zero-trust network access (ZTNA) capabilities. SASE platforms provide seamless, scalable connectivity, identity-based access controls, and threat prevention mechanisms, enforcing consistent security policies and compliance standards across distributed workloads, remote users, and cloud environments.
70
SAN (2)
Subject Alternative Name ## Footnote - Definition: SAN is an extension in X.509 digital certificates used to specify additional hostnames, IP addresses, or domain names that are associated with a single SSL/TLS certificate, allowing secure communication with multiple web servers, virtual hosts, or network services using a single certificate. - Scenario: A web hosting provider issues a multi-domain SSL certificate with SAN extensions to secure HTTPS connections for multiple websites, subdomains, and online applications hosted on shared web servers or cloud-based platforms. SAN certificates include primary domain names and additional subject alternative names (SANs) such as www.example.com, mail.example.com, and secure.example.net, enabling secure access to diverse web services and online resources while simplifying certificate management and renewal processes for administrators and website owners.
70
SCADA
Supervisory Control and Data Acquisition ## Footnote - Definition: SCADA is a control system architecture used in industrial automation and process control environments to monitor, manage, and control industrial processes, manufacturing operations, and critical infrastructure components through centralized supervisory software and human-machine interface (HMI) devices. - Scenario: An energy utility company deploys a SCADA system to monitor and control power generation, distribution, and transmission facilities, collecting real-time data from sensors, actuators, and remote terminal units (RTUs) deployed across power plants, substations, and electrical grids. SCADA software provides operators with visualization tools, alarm notifications, and historical data analysis features to optimize system performance, respond to operational events, and ensure reliability, safety, and regulatory compliance in complex industrial environments.
71
SCAP
Security Content Automation Protocol ## Footnote - Definition: SCAP is a standardized protocol and framework developed by the National Institute of Standards and Technology (NIST) for automating vulnerability management, security configuration assessment, and compliance auditing tasks across heterogeneous IT environments using common data formats and security checklists. - Scenario: A government agency implements SCAP-compliant security tools and vulnerability scanners to assess and remediate security vulnerabilities, misconfigurations, and compliance gaps in desktops, servers, and network devices across its information technology infrastructure. SCAP scanners leverage standardized vulnerability definitions, Common Vulnerability Enumeration (CVE) identifiers, and Extensible Configuration Checklist Description Format (XCCDF) rules to automate vulnerability assessment, prioritize remediation efforts, and ensure continuous compliance with security policies and regulatory mandates.
72
SCEP
Simple Certificate Enrollment Protocol ## Footnote - Definition: SCEP is a certificate enrollment protocol used by network devices, mobile devices, and enterprise systems to request, issue, and manage digital certificates for secure communication, authentication, and encryption purposes within public key infrastructures (PKIs). - Scenario: A mobile device management (MDM) solution integrates SCEP functionality to automate certificate enrollment and provisioning processes for smartphones, tablets, and IoT (Internet of Things) devices deployed across enterprise networks. SCEP clients generate certificate signing requests (CSRs), submit enrollment requests to certificate authorities (CAs), and receive digital certificates for secure email, Wi-Fi authentication, VPN access, and device authentication, streamlining certificate lifecycle management and enhancing security controls in BYOD (Bring Your Own Device) environments.
73
SD-WAN
Software-defined Wide Area Network ## Footnote - Definition: SD-WAN is a networking technology that virtualizes wide area network (WAN) connections, optimizes network traffic, and improves application performance by dynamically routing data traffic based on application policies, network conditions, and performance metrics. - Scenario: A distributed enterprise deploys SD-WAN appliances or virtual appliances to replace traditional MPLS (Multiprotocol Label Switching) circuits with cost-effective broadband connections, cellular networks, and cloud-based services for branch offices, remote sites, and cloud applications. SD-WAN solutions use centralized controllers, software-defined overlays, and application-aware routing algorithms to prioritize critical applications, segment network traffic, and secure data transmissions over encrypted tunnels, enhancing network agility, scalability, and reliability in hybrid and multi-cloud environments.
74
SDK
Software Development Kit ## Footnote - Definition: SDK is a set of software development tools, libraries, and documentation resources provided by software vendors, platform developers, or hardware manufacturers to assist developers in building applications, integrating APIs, and extending functionality for specific platforms, operating systems, or programming languages. - Scenario: A mobile app developer uses a software development kit (SDK) provided by a social media platform to integrate social sharing features, user authentication, and analytics tracking into a mobile application for iOS and Android devices. SDKs offer programming interfaces, code samples, and development frameworks for accessing platform services, interacting with APIs, and implementing common features such as user authentication, push notifications, and in-app purchases, streamlining app development and accelerating time-to-market for software products and digital experiences.
75
SDLC
Software Development Lifecycle ## Footnote - Definition: SDLC is a structured methodology and process framework used by software development teams to plan, design, develop, test, deploy, and maintain software applications, ensuring quality, reliability, and adherence to project requirements throughout the software development lifecycle. - Scenario: A software development team follows an agile SDLC methodology to iteratively deliver software features, gather user feedback, and respond to changing requirements in collaborative development environments. SDLC phases include requirements analysis, system design, coding, testing, deployment, and maintenance, with agile methodologies such as Scrum, Kanban, and Extreme Programming (XP) emphasizing continuous integration, automated testing, and incremental delivery practices to optimize development workflows, foster teamwork, and deliver value-driven software solutions.
76
SDLM
Software Development Lifecycle Methodology ## Footnote - Definition: SDLM is a comprehensive approach to software development that encompasses processes, techniques, and best practices for managing software projects, mitigating risks, and delivering high-quality software products that meet customer expectations and business objectives. - Scenario: A software engineering organization adopts a customized SDLM framework based on industry standards such as ISO/IEC 12207 and CMMI (Capability Maturity Model Integration) to define project milestones, allocate resources, and monitor progress throughout the software development lifecycle. SDLM methodologies integrate software engineering principles, project management techniques, and quality assurance processes to ensure transparency, traceability, and collaboration across cross-functional teams, enabling systematic planning, execution, and evaluation of software projects from inception to retirement stages.

CompTIA Sec+ SY0-701 (22 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions