CompTIA Security+ SY0-701 Exam Acronyms 4 Flashcards
Which of the following solutions would be best suited for a company that needs comprehensive IT services but lacks qualified IT personnel?
MSA
MaaS
MSP
MSSP
** Answer: MSP **
MSP stands for Managed Service Provider, which is a third-party company that manages an organization’s IT infrastructure. MSPs can help organizations improve their cybersecurity by remotely managing their IT systems, networks, and security protocols.
They cover network infrastructure, systems, applications, and various security requirements, providing continuous monitoring, management, support, and maintenance. MSP vendors can provide remote and on-site resources.
Which of the terms listed below refers to a third-party vendor offering IT security management services?
MSP
MaaS
MSA
MSSP
** Answer: MSSP **
MSSP stands for Managed Security Service Provider. MSSPs are third parties that offer cybersecurity services to organizations. They can help protect systems, devices, and applications from cyberthreats.
– Monitoring: MSSPs monitor systems and security devices.
– Threat detection: MSSPs scan systems for threats and respond to them.
– Vulnerability scanning: MSSPs scan systems for vulnerabilities.
– System management: MSSPs can manage system upgrades, changes, and modifications.
Which of the following acronyms refers to the broad category of hardware and software systems used for monitoring and controlling physical devices, processes, and industrial operations?
ICS
OT ( Missed)
SCADA
EDR
** Answer: OT **
Operational technology (OT) refers to hardware and software systems that execute monitoring and/or control over industrial equipment and processes.
Operational technology (OT) security is a set of practices and technologies that protect industrial control systems from cybersecurity threats. OT systems are used to monitor and control industrial processes, devices, and infrastructure.
Which of the answers listed below refers to a basic method for establishing a dedicated point-to-point link between two networked devices?
PPTP
IGMP
PPP
MPLS
** Answer: PPP **
PPP (Point-to-Point Protocol) is a basic method for establishing a dedicated point-to-point link between two networked devices.
Explanation: PPP allows two computers to directly communicate with each other over a serial connection, creating a private and dedicated network between them.
Which of the following defines the maximum acceptable amount of data loss measured by a specific point in time before a disaster or outage?
RPO
MTBF
RTO
MTTR
** Answer: RPO **
Recovery Point Objective (RPO) is a measurement of the maximum amount of data loss an organization can tolerate after a disruptive event. It’s a key component of a disaster recovery plan and is often used in conjunction with Recovery Time Objective (RTO).
RTO (Recovery Time Objective) measures how much downtime you can withstand before your business sustains significant damages.
Which of the terms listed below refers to a framework for managing access to digital resources?
PAM
SSO
IAM
MFA
** Answer: IAM **
Identity and Access Management (IAM) is a cybersecurity framework that controls who can access an organization’s digital resources. IAM helps to improve security, compliance, and user experience.
Which of the following answers refer to SCAP? (Select 3 answers)
a. A type of security system designed to collect logs and events from various sources
b. Designed to provide a centralized user interface for accessing collected data
c. A collection of standards developed by NIST
d. Provides a common language for communicating security information
e. Allows different security tools to share data and work together more effectively
f. Enables real-time threat detection, incident response, and compliance monitoring
** Answer: b, c, d, e **
Security Content Automation Protocol (SCAP) is a framework of open standards that help organizations manage vulnerabilities, measure security, and comply with policies. SCAP automates processes like vulnerability analysis, configuration verification, and report generation.
**How SCAP works **
– SCAP uses standards to communicate information about software flaws and security configurations
– SCAP includes specifications like XCCDF and OVAL, which describe checklists and vulnerabilities
– The OpenSCAP scanner tool evaluates system items against the rules and generates a report
– The report is returned to the organization for monitoring and analysis
Benefits of SCAP
– SCAP helps organizations improve their cybersecurity posture
– SCAP reduces the risk of data breaches and other cyber attacks
– SCAP helps organizations comply with policies, laws, and regulations
– SCAP reduces the risk of human error
– SCAP streamlines security processes
A Windows feature used for centrally managing and enforcing policies and settings for users and computers in a network is referred to as:
SAE
NTLM
GPO
SSO
** Answer: GPO **
A security Group Policy Object (GPO) is a virtual collection of settings that define security permissions for a group of users or computers. GPOs are a key tool for system administrators to manage security and consistency across a network.
What GPOs can do
– Enforce password policies
– Restrict access to certain features
– Manage software updates
– Control the appearance of the desktop
– Prevent users from accessing certain information
– Prevent tasks that might jeopardize critical systems or data
Which of the answers listed below refers to a protocol used for automating the issuance and management of certificates within a PKI environment?
PKCS
SCEP
CSR
OCSP
** Answer: SCEP **
Simple Certificate Enrollment Protocol (SCEP) is an open-source protocol that helps devices get digital certificates. It’s used to make the process of issuing certificates more secure, scalable, and easier.
Simple Certificate Enrollment Protocol (SCEP) simplifies large-scale certificate enrollment but has limitations in secure identity verification. Without strong security checks, attackers can misuse SCEP challenge passwords to obtain certificates
Which of the following answers refers to the characteristic features of RSA? (Select 3 answers)
a. Asymmetric encryption algorithm
b. A public key is used for encryption and a private key is used for decryption
c. Suitable for bulk data encryption
d. Used for secure communications, digital signatures, and key exchange
e. Symmetric encryption algorithm
f. A single key used for both encryption and decryption
** Answer: a, b, d **
RSA (Rivest-Shamir-Adleman) is a public-key encryption algorithm that uses a private and public key pair to protect data. RSA is used in many security applications, including digital signatures, digital certificates, and secure communication.
– RSA uses a private key and a public key that are mathematically linked.
– The public key is accessible to anyone, but the private key is known only by the key pair creator.
– RSA uses the factorization of two prime numbers to encrypt data.
– RSA is considered a staple of asymmetric encryption.
Which of the answers listed below describe the characteristics of a non-persistent VDI? (Select 2 answers)
a. At the end of a session, user desktop reverts to its original state.
b. Each user runs their copy of the virtual desktop
c. At the end of a session, user data and personal settings are saved
d. Virtual desktop is shared among multiple users
** Answer: b, d **
A non-persistent VDI is an environment where many users share virtual desktops. In contrast to persistent VDI, non-persistent VDI resets virtual desktops after each session. With non-persistent desktops, user settings, and data aren’t saved after logout. The desktops return to their original state for the next session.
Which of the following answers refers to an obsolete protocol used for secure data transfer over the web?
SMTPS
SRTP
SHTTP
S/MIME
** Answer: SHTTP **
Secure Hypertext Transfer Protocol (S-HTTP) is an older security protocol that allows users to exchange files securely over the internet. It was developed in 1994 by Eric Rescorla and Allan M. Schiffman. S-HTTP has since been largely replaced by HTTPS.
In a persistent VDI: (Select 2 answers)
a. Each user runs their own copy of the virtual desktop
b. At the end of a session, user desktop reverts to its original state
c. Virtual desktop is shared among multiple users
d. At the end of a session, user data and personal settings are saved
** Answer: a, d **
A “persistent VDI” in security refers to a virtual desktop infrastructure (VDI) where a user’s personalized settings, files, and customizations are saved and accessible across multiple login sessions, essentially giving them a dedicated virtual desktop that retains their data even after they log off, unlike a non-persistent VDI which resets to a standard state each time a user logs in; this provides greater user convenience but can also introduce more security concerns due to the potential for sensitive data to remain on the desktop if not properly managed.
An authentication mechanism that generates one-time passwords based on a counter value and a secret key is known as:
OAuth
HOTP
RADIUS
TOTP
** Answer: HOTP **
HOTP (Hash-based Message Authentication Code) is a one-time password (OTP) that uses a counter to generate unique passwords. HOTP is a type of multi-factor authentication (MFA) that can help prevent hackers from accessing sensitive information.
Which of the acronyms listed below refers to a documented process for addressing identified issues and preventing their repetition?
DRP
COOP
QA
CAR
** Answer: DRP **
DRP can refer to both Disaster Recovery Plan and Digital Risk Protection, which are both important for cybersecurity and business continuity.
**Digital Risk Protection (DRP) **
– A strategic use of tools and services to monitor, assess, and mitigate risk across an organization’s digital footprint
– Helps protect sensitive data, such as financial and personally identifiable information
– Helps identify spoofing plans and secure digital assets
– Can detect, analyze, and take down fraudulent content across the web, social media, and app stores
Which of the following answers refers to a software tool designed to simplify the process of creating and maintaining online content?
VDI
SaaS
CMS
SDK
** Answer: CMS **
CMS stands for Content Management System, and CMS security is the protection of a CMS from cyberattacks. CMSs are software platforms that allow users to build and manage websites. They store large amounts of sensitive data, including customer information, financial data, and intellectual property.
For many developers, a website’s content management system (CMS) is of particular concern in terms of security. There are many ways the CMS can cause weaknesses. Code Injection involves the insertion (or injection) of extra code into a website, often with unwanted results.
Which block cipher mode combines CTM for encryption with an authentication mechanism to ensure both data confidentiality and integrity?
CBC
GCM
ECB
CFB
** Answer: GCM **
Galois/Counter Mode (GCM) is a cryptographic mode of operation that encrypts and authenticates data. It’s used in many encryption algorithms, including AES (Advanced Encryption Standard).
**Where GCM is used **
– GCM is used in the IEEE 802.1AE (MACsec) Ethernet security.
– It’s used in WPA3-Enterprise Wifi security protocol.
– It’s used in SSH, TLS 1.2 and TLS 1.3.
– It’s used in the SoftEther VPN server and client, as well as OpenVPN.
Benefits of GCM
– GCM is efficient for high-speed packet networks.
– It can accept IVs of arbitrary length.
– It can act as a stand-alone message authentication code (MAC).
– It can be used as an incremental MAC.
The term “FPGA” refers to a reconfigurable integrated circuit that can be programmed and customized to perform various digital functions and tasks.
True
False
** Answer: FPGA **
Field Programmable Gate Arrays (FPGAs) are a powerful solution to help organizations navigate the cyber threat landscape and foster a safer future, today. In this blog post, we’ll explore five key ways FPGAs enable cyber resilience by protecting systems and data from sophisticated attacks
Which of the answers listed below refer to SIEM? (Select 3 answers)
a. Allows different security tools to share data and work together more effectively
b. Designed to provide a centralized user interface for accessing collected data
c. A collection of standards developed by NIST
d. Enables real-time threat detection, incident response, and compliance monitoring
e. A type of security system designed to collect logs and events from various sources
f. Provides a common language for communicating security information
** Answer: b, d, f **
SIEM stands for security information and event management. It’s a security management system that monitors, analyzes, and responds to IT events. SIEM tools help detect threats and incidents, and can automate responses.
SIEM (security information and event management) systems are integral to a security operations center (SOC). They provide the necessary tools and capabilities for comprehensive security monitoring, threat detection and analysis, incident response, and compliance management, all critical components of SOC operations.
Which of the following answers refers to a trusted third-party service for validating user identity in a federated identity system?
RA
IdP
CA
Kerberos
** Answer: IdP **
An Identity Provider (IdP) is a system that stores, manages, and creates digital identities. IdPs are a key component of enterprise IT infrastructure and are essential for modern digital security.
** Benefits of IdPs **
– Improved user experience: Users can access services without having to repeatedly log in.
– Simplified user management: It’s easier to add or remove users and manage permissions.
– Strong access control: IdPs help organizations ensure that only authorized users can access services.
** Why IdPs are important **
– IdPs help organizations scale up the number of users without increasing IT overhead.
– IdPs help organizations reduce the risk of security breaches.
Which of the answers listed below refers to a deprecated TLS-based method for securing SMTP?
IDPS
STARTTLS
DKIM
SMTPS
** Answer: SMTPS **
SMTPS (Simple Mail Transfer Protocol Secure) is a security extension of SMTP that protects email communication. SMTPS uses Transport Layer Security (TLS) to encrypt and authenticate emails, and prevent data tampering.
SMTP security best practices
– Enforce password policies that require strong passwords that include a combination of upper and lower-case letters, numbers, and symbols
– Implement password expiration policies to help ensure that passwords are regularly changed
– Scan SMTP traffic for vulnerabilities
Which of the following enables running macros in Microsoft Office applications?
DOM
API
DLL
VBA
** Answer: VBA **
Visual Basic for Applications (VBA) can be used for both security threats and security defense. Attackers can use VBA to create malicious macros in Microsoft Office documents, but VBA can also be used to monitor network activity and detect suspicious behavior.
Which of the answers listed below refers to a language used to structure and describe data in a format that is both human- and machine-readable?
HTML
XML
JSON
XHTML
** Answer: XML **
In SNMP, each node in a MIB is uniquely identified by a(n):
OID
IP
OUI
MAC
** Answer: OID **
Management Information Base, also known as MIB, is a hierarchical database that contains configuration and other vital management information of SNMP devices in the form of data objects. An SNMP management system uses these database files to interpret the messages sent by the managed devices.