Cyb 3800 Security Plus Vocab

Question 1

Blockchain

Answer 1

An advanced database that allows information sharing within a buisness

Question 2

Cipher

Answer 2

A method of secret writing using substituion or transition of letters acoring to a key

Question 3

CVSS Review

Answer 3

The Common Vulnerability Scoring System (CVSS) provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting its severity

Question 4

Discretionary Access Control (DAC)

Answer 4

The principal of restricting access to objects based off the identity of the subject.

Question 5

Enhanced open

Answer 5

Improved data. encryption on open wifi

Question 6

Footprinting

Answer 6

First step in penetration testing, scanning open ports and collecting information on the host.

Question 7

Hping

Answer 7

open source packet generator and analyzer

Question 8

ISO 27701

Answer 8

A framework for data privacy controls

Question 9

Mean Time Between Failures (MTBF)

Answer 9

A predicted elapsed time between failures.

Question 10

NIST

Answer 10

The National Insitute of Standards and Technology

Question 11

Pass-the-Hash Attack

Answer 11

An attacker captures a password hashthen passes through for authenification.

Question 12

Race Condition

Answer 12

condition of electronics, software, ect.

Question 13

SCADA

Answer 13

Supervisory Control and Data Accuisition

Question 14

SNMPV2c

Answer 14

Enhanced protocal packet types.

Question 15

Subject Alternate Name (SAN)

Answer 15

Lets you specify Additional host names

Question 16

Timeline

Answer 16

A graphic Representation of the passage of time.

Question 17

VM

Answer 17

Virtual Machine

Question 18

Annual Rate of Occurrence (ARO)

Answer 18

The Annual Rate of Occurrence (ARO) is a risk assessment concept used to estimate how often a specific risk event is expected to happen in a year.

Question 19

Bluetooth

Answer 19

Bluetooth is a wireless technology standard used for exchanging data between fixed and mobile devices over short distances using short-wavelength UHF radio waves in the ISM band from 2.402 GHz to 2.48 GHz.

Question 20

Correlation engine

Answer 20

A correlation engine is a sophisticated software tool or system component designed to analyze and correlate events and data from multiple sources in real-time or near-real-time.

Question 21

Data steward

Answer 21

A Data Steward is a role within organizations responsible for managing the company’s data assets to ensure they are accurately maintained, accessible, secure, and compliant with relevant standards and regulations.

Question 22

Domain Reputation

Answer 22

Domain reputation measures a domain’s trustworthiness, impacting email deliverability and search visibility. It’s influenced by email practices, security measures, and a history of abuse.

Question 23

Fail over solution

Answer 23

A failover solution is a backup operational mode in which the functions of a system automatically switch to a standby system when the primary system fails or is temporarily unavailable.

Question 24

Gamification

Answer 24

Gamification involves integrating game mechanics and dynamics into non-game environments, such as websites, learning platforms, and business processes, to motivate participation, engagement, and loyalty.

Question 25

Identity and Access Management

Answer 25

Identity and Access Management (IAM) is a framework of policies and technologies for ensuring that the right individuals have access to the appropriate resources and information within an organization.

Question 26

Kiting

Answer 26

Kiting is illegal and considered fraudulent because it misrepresents an individual’s or entity’s financial position and can lead to significant financial losses for banks or financial institutions involved.

Question 27

Memorandum of Agreement (MOA)

Answer 27

A Memorandum of Agreement (MOA) is a formal document outlining an agreed-upon plan between two or more parties.

Question 28

OAuth

Answer 28

OAuth (Open Authorization) is an open standard for access delegation commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords.

Question 29

Powershell Script

Answer 29

A PowerShell script is a file that contains a sequence of PowerShell commands, instructions, and expressions.

Question 30

Risky Login Policy

Answer 30

A Risky Login Policy refers to a set of rules and procedures implemented by an organization to identify, evaluate, and respond to login attempts that appear unusual or suspicious, indicating a potential security threat.

Question 31

SIEM

Answer 31

Security Information and Event Management (SIEM) is a technology that provides real-time analysis of security alerts generated by applications and network hardware.

Question 32

SRTP

Answer 32

Secure Real-time Transport Protocol (SRTP) is a security protocol that provides encryption, message authentication, and integrity for voice and video data being transmitted over a network.

Question 33

Tasting

Answer 33

Tasting, in the context of domain names, refers to the practice of registering a domain name to evaluate its potential for generating traffic and revenue, typically through advertising, without immediately committing to long-term registration.

Question 34

traceroute

Answer 34

Traceroute is valuable for troubleshooting network issues, such as delays or failures in data reaching its destination, by identifying where along the path the problem occurs.

Question 35

WinHex

Answer 35

WinHex is a versatile digital forensics tool, which serves as a hexadecimal editor for data recovery, low-level data processing, and IT security.

Question 36

blockchaining

Answer 36

An advanced database mechanism that allows transparent information sharing within a business network.

Question 37

compensating

Answer 37

Measures taken to address any weaknesses of existing controls or to compensate for the inability to meet specific security requirements due to various different constraints.

Question 38

Data custodian

Answer 38

A person who has technical control over an information asset dataset.

Question 39

DLP Systems

Answer 39

(Data Loss Prevention): A solution that detects and prevents data breaches.

Question 40

Eradication

Answer 40

The phase of effective incident response that entails removing the threat and restoring affected systems to their previous state, ideally while minimizing data loss.

Question 41

FTK Imager

Answer 41

(Forensic Toolkit): A data preview and imaging tool that creates copies of computer data without making changes to the original evidence.

Question 42

Hping

Answer 42

A TCP/IP packet assembler and analyzer that works on most operating systems such as Mac, Windows, Linus, and Solaris.

Question 43

IV Attacks

Answer 43

(Initialization vector): An attack on wireless networks that modifies the IV of an encrypted wireless packet during transmission.

Question 44

Mean Time to Failure (MTTF)

Answer 44

Te average time between non-repairable failures of a technology product.

Question 45

NIST CSF

Answer 45

(National Institute of Standards and Tecnology Cybersecurity Framework): A set of guidelines for mitigating organizational cybersecurity risks.

Question 46

PCI DSS

Answer 46

(Payment Card Industry Data Security Standard): An information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.

Question 47

RBAC

Answer 47

(Role-based Access Control): Restricts network access based on a person’s role within an organization.

Question 48

SCAP

Answer 48

(Security Content Automation Protocol): A method for using specific standards to enable automated vulnerability managemetns, measurement, and policy compliance evaluation.

Question 49

SNMPV3

Answer 49

(Simple Network Management Protocol Version 3): Collects and organizes information about the devices it manages on the network.

Question 50

Supplicant certificates

Answer 50

Provides authentication credentials to a secured network.

Question 51

TLS- Transport layer security

Answer 51

Encrypts data that is sent over a network to ensure security.

Question 52

VoIP

Answer 52

(Voice over internet Protocol): A form of communication that allows for phone calls to be made over a broadband internet connection instead of phone lines.

Question 53

Annual Loss Expectancy (ALE)

Answer 53

The anticipated monetary loss that an organization expects to incur within a year due to security incidents or risks.

Question 54

Bluesnarfing Attack

Answer 54

Unauthorized access and theft of data from a Bluetooth-enabled device, exploiting Bluetooth vulnerabilities to extract sensitive information without the user’s consent.

Question 55

Corrective-action report

Answer 55

Document detailing steps taken to address and resolve an identified problem or issue within an organization, including investigation, root cause analysis, and implementation of corrective measures.

Question 56

Data Protection Officer (DPO)

Answer 56

Individual responsible for ensuring compliance with data protection laws within an organization.

Question 57

Domain Hijacking

Answer 57

Unauthorized or illegal acquisition of control over a domain name, often achieved through unauthorized access to domain registrar accounts or manipulation of domain registration records.

Question 58

Expected Frequency (EF)

Answer 58

The anticipated rate or likelihood of occurrence for a specific event or incident within a given timeframe.

Question 59

Fuzzing

Answer 59

A software testing technique that involves inputting invalid, unexpected, or random data into a program to uncover bugs, vulnerabilities, or crashes.

Question 60

IAC

Answer 60

IAC or infrastructure as code, is when infrastructure configuration is managed using code and automation tools rather than manual processes.

Question 61

Key stretching

Answer 61

A cryptographic technique used to strengthen passwords or cryptographic keys by increasing their computational complexity.

Question 62

memdump

Answer 62

The process of creating a snapshot or copy of a computer’s volatile memory (RAM) at a specific point in time.

Question 63

NXlog

Answer 63

A high-performance log management tool for collecting, processing, and forwarding log data from various sources to centralized log management systems or other destinations.

Question 64

Port Scanning

Answer 64

A technique used to identify open ports and services on a computer or network by sending packets to a range of port numbers and analyzing the responses.

Question 65

RFID

Answer 65

Radio Frequency Identification is a technology that uses electromagnetic fields to automatically identify and track tags attached to objects.

Question 66

Short Message Service

Answer 66

A text messaging service that allows users to send and receive short text messages, typically limited to 160 characters per message.

Question 67

SOX

Answer 67

The Sarbanes-Oxley Act, a U.S. federal law enacted in 2002 to improve corporate governance and financial reporting standards following accounting scandals.

Question 68

Tabletop

Answer 68

A user interface concept where digital content, such as documents, photos, or applications, is arranged and manipulated on a virtual tabletop-like surface, allowing users to interact with the content in a more tactile and intuitive manner.

Question 69

TPM

Answer 69

Trusted Platform Module is a dedicated hardware component that provides a secure cryptographic foundation for various security-related functions, such as encryption key generation and storage, secure boot, device authentication, and integrity measurement.

Question 70

WI-FI

Answer 70

Wireless technology that enables devices to connect to a local network and access the internet without the need for physical cables.

Question 71

Blackhole

Answer 71

A black hole refers to a place in the network where incoming or outgoing traffic is silently discarded without informing the source that the data did not reach its intended recipient.

Question 72

CHAP

Answer 72

CHAP is a challenge and response authentication method that PPP servers use to verify the identity of a remote user.

Question 73

CVE Review

Answer 73

This system provides a method for publicly sharing information on cybersecurity vulnerabilities.

Question 74

Disassociation Attack

Answer 74

A type of DoS attach on a wireless network.

Question 75

End of Service Life (EOSL)

Answer 75

Used to indicate the ending of services and updates for server, storage, and network equipment.

Question 76

Fog Computing

Answer 76

Technology that extends cloud computing and services to the edge of an enterprises network.

Question 77

HOTP

Answer 77

HMAC-based One-time password.

Question 78

ISO

Answer 78

International standard for information security

Question 79

Mantrap

Answer 79

Small room with an entry door on one wall and an exit door on the opposite wall.

Question 80

Nikto

Answer 80

Command-line vulnerability scanner that scans web servers for dangerous files.

Question 81

PAP

Answer 81

PPP authentication method that uses passwords to validate users.

Question 82

Quantum computing

Answer 82

Uses specialized technology to solve complex problems that classical computers can’t solve.

Question 83

Sandboxing

Answer 83

Security mechanism for separating running programs.

Question 84

Sn1per

Answer 84

Tool used during a penetration test to scan for vulnerabilities.

Question 85

Stratum 1 time server

Answer 85

Acts as a primary network time standard.

Question 86

theHarvester

Answer 86

Command-line tool in Linux that finds email accounts, subdomain names, virtual hosts, open ports, and employee names.

Question 87

VDI

Answer 87

Virtual Desktop Interface

Question 88

administrative

Answer 88

System administrators (sysadmins) are IT professionals who make sure an organization’s computer systems are functioning and meet the needs of the organization. Sysadmins support, troubleshoot, and maintain computer servers and networks. Element which contains the computer administrative tools is called control panel.

Question 89

Birthday Attack

Answer 89

an attack that occurs when someone exploits the mathematics behind the birthday problem in probability theory to launch a cryptographic attack.

Question 90

Certificate Authority (CA)

Answer 90

certification authority (CA) is an entity that stores, signs, and issues digital certificates.

Question 91

Cuckoo

Answer 91

Cuckoo is an open source automated malware analysis system.

Question 92

DHCP

Answer 92

The Dynamic Host Configuration Protocol is a network management protocol used on Internet Protocol networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client?server architecture.

Question 93

End of Life (EOL)

Answer 93

An end-of-life product is a product at the end of the product lifecycle which prevents users from receiving updates,

Question 94

Firewall

Answer 94

A firewall is a network security device that monitors incoming and outgoing network traffic and decides whether to allow or block specific traffic based on a defined set of security rules.

Question 95

HIPS

Answer 95

an approach to security that relies on third-party software tools to identify and prevent malicious activities

Question 96

Internet Security and Acceleration (ISA)

Answer 96

server is an Internet connectivity solution that provides network address translation

Question 97

Mandatory Access Control (MAC)

Answer 97

a security strategy that restricts the ability individual resource owners have to grant or deny access to resource objects in a file system.

Question 98

NFC

Answer 98

a set of short-range wireless technologies, typically requiring a distance of 4 cm or less to initiate a connection

Question 99

OSSEC

Answer 99

s a free, open-source host-based intrusion detection system. It performs log analysis, integrity checking, Windows registry monitoring, rootkit detection, time-based alerting, and active response

Question 100

Python Script

Answer 100

A script is a Python file that’s intended to be run directly. When you run it, it should do something.

Question 101

Salt Hashing

Answer 101

random data fed as an additional input to a one-way function that hashes data, a password or passphrase

Question 102

Skimming

Answer 102

is a fast and interactive way to quickly obtain payment card data and personal information from ATMs and checkout scanners.

Question 103

STPM

Answer 103

sophware trusted platform module

Question 104

technical

Answer 104

focuses on using technology to not only provide help in the case of cyber attacks, but also to defend against and prevent these attacks from occurring in the first place.

Question 105

User Account Control (UAC)

Answer 105

s a Windows security feature designed to protect the operating system from unauthorized changes

Question 106

Arp

Answer 106

Address Resulution Protocol Coverts IP address into MAC address

Question 107

Bollard

Answer 107

Bollards refer to defensive tools and methods which protect digital networks from cyber threats, akin to their role of safeguarding physical premises.

Question 108

CRL

Answer 108

Certificate Revocation List (CRL). A list of revoked public key certificates created and digitally signed by a certification authority. These are digitally signed ?blacklists? of revoked certificates.

Question 109

Dd

Answer 109

A data dump refers to the process of extracting and copying a large amount of data from one system or database to another, typically for backup, analysis, or migration purposes.

Question 110

Downgrade Attack

Answer 110

A downgrade attack, also called a bidding-down attack, or version rollback attack, is a form of cryptographic attack on a computer system or communications protocol that makes it abandon a high-quality mode of operation (e.g. an encrypted connection) in favor of an older, lower-quality mode of operation.

Question 111

False acceptance rate

Answer 111

False Accept Rate (FAR) is a statistical measure used to determine the probability of a biometric security system allowing unauthorized user access.

Question 112

Gateway

Answer 112

A Security Gateway, also called a Data Guard or Information Exchange Gateway, is a device that controls, validates, and filters the information exchange that takes place between different security domains.

Question 113

Identity Provider

Answer 113

An identity provider (IdP) is a service that stores and verifies user identity. IdPs are typically cloud-hosted services, and they often work with single sign-on (SSO) providers to authenticate users.

Question 114

MAC Cloning

Answer 114

MAC Cloning is the act of changing or impersonating the MAC address of a network interface card to match the MAC address of an authorized device on the network.

Question 115

Memorandum of Understanding (MOU)

Answer 115

A memorandum of understanding (MOU) is a formal agreement that outlines plans for a common line of action between two or more parties.

Question 116

OCSP

Answer 116

The Online Certificate Status Protocol (OCSP) is an alternative to the certificate revocation list (CRL) and is used to check whether a digital certificate is valid or if it has been revoked.

Question 117

preventative

Answer 117

Prevention focuses on taking proactive steps to minimize or eliminate potential vulnerabilities before they can be exploited by malicious actors.

Question 118

Role-based Access Control (RBAC)

Answer 118

Role-based access control (RBAC), also known as role-based security, is a mechanism that restricts system access. It involves setting permissions and privileges to enable access to authorized users.

Question 119

SIEM

Answer 119

Security information and event management, SIEM for short, is a solution that helps organizations detect, analyze, and respond to security threats before they harm business operations.

Question 120

SRTP

Answer 120

STRP stands for Secure Real-time Transport Protocol. An extension of Real-time Transport Protocol (RTP) that features enhanced security measures. The protocol provides encryption, confidentiality, message authentication, and replay protection to your transmitted audio and video traffic.

Question 121

Tcpdump

Answer 121

tcpdump is a packet analyzer that is launched from the command line. It can be used to analyze network traffic by intercepting and displaying packets that are being created or received by the computer it’s running on. It runs on Linux and most UNIX-type operating systems.

Question 122

Tshark

Answer 122

TShark is a network protocol analyzer. It lets you capture packet data from a live network, or read packets from a previously saved capture file, either printing a decoded form of those packets to the standard output or writing the packets to a file.

Question 123

Phishing

Answer 123

Phishing is a type of online fraud that involves tricking people into providing sensitive information, such as passwords or credit card numbers, by masquerading as a trustworthy source.

Question 124

Bluejacking

Answer 124

using an exploit in Bluetooth to steal information from someone else’s phone/mobile device.

Question 125

Containment

Answer 125

a stage in the incident response lifecycle. In this stage, the goal is to limit the scope and reach of the event. One approach in containment is to isolate infected systems.

Question 126

Data owner

Answer 126

has the ultimate responsibility for maintaining the confidentiality, integrity, and availability of the information asset

Question 127

DNS Poisoning

Answer 127

an attack compromises the process by which the client’s query bane servers to locate IP address for FQDN (Fully Qualified Domain Name)

Question 128

ESP- Encapsulation security payloader

Answer 128

provides confidentiality and/or authentication and integrity

Question 129

Full-scale

Answer 129

exercises are action-based sessions that reflect real situations. These exercises are held onsite and use real equipment and real personnel as much as possible

Question 130

HPKP

Answer 130

a method of trusting digital certificates to bypass the CA hierarchy and chain of trust and minimize MitM attacks

Question 131

Kerberos

Answer 131

a strong authentication protocol, which utilizes service tickets, symmetric encryption, and mutual authentication

Question 132

Measured boots

Answer 132

uses the trusted platform module (TPM) at each stage in the boot process to check hashes of key system state data, which then uses an attestation process to verify if the system has not been tampered with

Question 133

Nmap

Answer 133

a commonly used open-source IP scanner for Windows, macOS, and Linux. It can scan for open ports and their associated services

Question 134

PII

Answer 134

personal information that can identify an individual

Question 135

Recovery Point Objective (RPO)

Answer 135

identifies a point in time that data loss is acceptable. In the event of a system failure, the company may lose some data

Question 136

Session affinity

Answer 136

used in load balancing scenarios. Also known as source IP and is a layer 4 approach to handling user sessions

Question 137

SNMPV4

Answer 137

designed with greater flexibility than previous versions

Question 138

Surface Level Agreement (SLA)

Answer 138

a contractual agreement setting out detailed terms (including support metrics) for future provided services

Question 139

Tokenization

Answer 139

a database de-identification method where all or part of data in a field is substituted with a randomly generated token

Question 140

Vulnerability Scanners

Answer 140

gathers security readings from various systems, including client computers, to ensure they are secure

Question 141

Address Resolution Protocol (ARP) Poisoning

Answer 141

Man in the middle attack that allows attackers to intercept communication between network devices. (Also called ARP Spoofing)

Question 142

AH- authentication header

Answer 142

A protocol and part of the IPsec suite, authenticates the origin of IP packets and guarantees the integrity of the data.

Question 143

Attribute-Based Access Control (ABAC)

Answer 143

A method of access control where access rights are granted to users based on attributes such as user roles, resource attributes, and environmental conditions.

Question 144

Broadcast storm

Answer 144

A situation in a network where excessive broadcast messages overload the network, causing performance degradation or even network collapse.

Question 145

CSA CCM

Answer 145

The Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM) is a cybersecurity framework providing fundamental security principles to guide cloud vendors and customers in securing cloud environments.

Question 146

detective

Answer 146

In cybersecurity, this refers to measures or technologies employed to identify and investigate security breaches or suspicious activities after they have occurred.

Question 147

eDiscovery

Answer 147

The process of identifying, collecting, and producing electronically stored information (ESI) relevant to legal proceedings or investigations.

Question 148

Fingerprinting

Answer 148

A technique used to identify devices, applications, or users by analyzing unique characteristics or patterns associated with them.

Question 149

GLBA

Answer 149

The Gramm-Leach-Bliley Act (GLBA) is a U.S. federal law that requires financial institutions to protect the privacy and security of consumers’ personal financial information.

Question 150

Information Systems Security Manager (ISSM)

Answer 150

A person responsible for managing the security of an organization’s information systems, including implementing security policies, procedures, and controls.

Question 151

Macros Script

Answer 151

Small programs or scripts typically used to automate tasks within applications like Microsoft Office. However, they can also pose security risks if they contain malicious code.

Question 152

Nessus

Answer 152

A popular vulnerability scanner used to identify security vulnerabilities in computer systems and networks.

Question 153

OpenID

Answer 153

An open standard and decentralized authentication protocol that allows users to be authenticated by co-operating sites using a third-party service.

Question 154

Privacy Threshold Assessment (PTA)

Answer 154

An assessment conducted to determine whether a system or project meets the privacy requirements and whether a full Privacy Impact Assessment (PIA) is necessary.

Question 155

Saas

Answer 155

Software as a Service (SaaS) is a software distribution model where applications are hosted by a third-party provider and made available to customers over the internet.

Question 156

Single Loss Expectancy (SLE)

Answer 156

A risk management metric that represents the expected financial loss from a single security incident.

Question 157

State Actors

Answer 157

Government-sponsored entities or individuals engaged in cyber activities such as espionage, sabotage, or cyber warfare.

Question 158

Tcpreplay

Answer 158

A tool used for replaying network traffic stored in pcap files back onto the network.

Question 159

Unified communication

Answer 159

Integration of various communication tools and channels (such as voice, video, instant messaging, and email) into a single platform for improved collaboration and productivity.

Question 160

wireshark

Answer 160

A widely-used network protocol analyzer for capturing and analyzing network traffic in real-time.

Question 161

Bluesnarfing

Answer 161

The unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs.

Question 162

corrective

Answer 162

This control enters the picture after an incident has happened. They exist to minimize damage, facilitate recovery, and repair weaknesses so a similar attack doesn’t happen again.

Question 163

Data processor

Answer 163

A data processor is a natural person, agency, public authority, or any other body that holds personal data on behalf of a controller.

Question 164

Dnsenum

Answer 164

Dnsenum is a multithreaded perl script to enumerate DNS information of a domain and to discover non-contiguous ip blocks. The main purpose of Dnsenum is to gather as much information as possible about a domain.

Question 165

Evil Twin Attack

Answer 165

An evil twin attack takes place when an attacker sets up a fake Wi-Fi access point hoping that users will connect to it instead of a legitimate one. When users connect to this access point, all the data they share with the network passes through a server controlled by the attacker.

Question 166

Functional

Answer 166

Controls classified by function include preventative, detective, and corrective.

Question 167

Iaas

Answer 167

Infrastructure as a Service, is a cloud computing model that provides on-demand access to computing resources such as servers, storage, networking, and virtualization.

Question 168

Kerberos

Answer 168

Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Kerberos support is built in to all major computer operating systems, including Microsoft Windows, Apple macOS, FreeBSD and Linux.

Question 169

Memdump

Answer 169

A Kali Linux program which dumps system memory to the standard output stream, skipping over holes in memory maps. By default, the program dumps the contents of physical memory.

Question 170

Non-Disclosure Agreement (NDA)

Answer 170

Legally enforceable agreements between parties that are used to ensure that certain information will remain confidential. Once an individual signs an NDA, they cannot discuss any information protected by the agreement with any non-authorized party.

Question 171

Plaintext

Answer 171

Plaintext is what encryption algorithms, or ciphers, transform an encrypted message into. It is any readable data ? including binary files ? in a form that can be seen or utilized without the need for a decryption key or decryption device.

Question 172

Recovery Time Objective (RTO)

Answer 172

The recovery time objective (RTO) is the maximum tolerable length of time that a computer, system, network or application can be down after a failure or disaster occurs.

Question 173

Shadow IT

Answer 173

Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. It can encompass cloud services, software, and hardware.

Question 174

SOAR

Answer 174

Security orchestration, automation, and response. SOAR seeks to alleviate the strain on IT teams by incorporating automated responses to a variety of events. A SOAR system can also be programmed to custom-fit an organization’s needs.

Question 175

System administrator

Answer 175

This role responsible for setting up and maintaining a system or specific components of a system.

Question 176

TOTP

Answer 176

Time-based One-Time Passwords is a common form of two-factor authentication (2FA). Unique numeric passwords are generated with a standardized algorithm that uses the current time as an input.

Question 177

Walkthrough

Answer 177

A detailed set of instructions on how to do something.

Question 178

Airgapping

Answer 178

A network security measure employed on one or more computers to ensure that a secure computer network is physically isolated from unsecurred networks

Question 179

Term

Answer 179

Definition

Question 180

After-action Report

Answer 180

a detailed analysis performed following a cyber security incident that provides insights into how the event was handled

Question 181

Asymmetric algorithms

Answer 181

one key is used to encipher the data, and a different but corresponding key is used to decipher the data

Question 182

BPDV guard

Answer 182

a security feature found in multiple networking devices.

Question 183

Cryptographic hash

Answer 183

a mathematical function used in cryptography.

Question 184

Deauthentication Attack

Answer 184

type of denial-of-service attack that targets communication between a user and a Wi-Fi wireless access point.

Question 185

ECDHE

Answer 185

Elliptic-curve Diffie?Hellman (ECDH)

Question 186

FDE- Full disk encryption

Answer 186

is a security method for protecting sensitive data at the hardware level by encrypting all data on a disk drive.

Question 187

GDPR

Answer 187

The General Data Protection Regulation is a European Union regulation on information privacy in the European Union and the European Economic Area

Question 188

IDS

Answer 188

An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations.

Question 189

MAC Flooding

Answer 189

In computer networking, a media access control attack or MAC flooding is a technique employed to compromise the security of network switches

Question 190

metaploit

Answer 190

The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development.

Question 191

On-Path Attack

Answer 191

place themselves between two devices (often a web browser and a web server) and intercept or modify communications between the two.

Question 192

Privacy Impact Assessment (PIA)

Answer 192

A privacy impact assessment (PIA) is a systematic assessment of a project that identifies potential privacy impacts and recommendations to manage, minimise or eliminate them.

Question 193

Runbook

Answer 193

A runbook is a comprehensive, step-by-step guide that outlines the tasks and their dependencies that are required to manage and operate technology infrastructure, applications, and services in a data center or cloud environment.

Question 194

SIEM

Answer 194

Security information and event management

Question 195

SSAE

Answer 195

Statement on Standards for Attestation Engagements

Question 196

tcpdump

Answer 196

It can be used to analyze network traffic by intercepting and displaying packets that are being created or received by the computer it’s running on.

Question 197

Typosquatting

Answer 197

Typosquatting is a form of cybercrime that involves hackers registering domains with deliberately misspelled names of well-known websites.

Question 198

Wireshark

Answer 198

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education.

Question 199

Bash Script

Answer 199

A sequence of commands written in a file that can be executed in the Linux shell.

Question 200

Business Partners Agreement (BPA)

Answer 200

A legally binding document that outlines roles and responsibilities between business partners.

Question 201

CSR

Answer 201

A business model that promotes social and environmental accountability.

Question 202

deterrent

Answer 202

Something that discourages or prevents certain actions.

Question 203

eDiscovery

Answer 203

The process of identifying, collecting, and preserving electronic information for legal purposes.

Question 204

Firewall

Answer 204

A security system that controls network traffic and protects against unauthorized access.

Question 205

Hardening a server

Answer 205

Strengthening a server?s security by configuring it to minimize vulnerabilities.

Question 206

Intelligence Fusion

Answer 206

Combining and analyzing data from various sources to create actionable intelligence.

Question 207

managerial

Answer 207

Related to management or administrative tasks.

Question 208

Nexpose

Answer 208

A vulnerability management tool used to identify security risks in networks.

Question 209

Operational Technology Attack

Answer 209

Targeting industrial control systems or infrastructure.

Question 210

PSK

Answer 210

A shared secret used for authentication in secure communication.

Question 211

SAE

Answer 211

A key exchange protocol used in wireless networks.

Question 212

Sinkhole

Answer 212

Redirecting network traffic to a controlled server for analysis or security purposes.

Question 213

Steganography

Answer 213

Concealing information within other files or data.

Question 214

tcpreplay

Answer 214

A tool for replaying network traffic from packet capture files.

Question 215

URL Redirection

Answer 215

An open-source security tool for finding vulnerabilities in web applications.