Day 1

Question 1

Performs encryption in 3 rounds of the same algorithm

Answer 1

3DES

Triple Digital Encryption Standard

Question 2

Standard for controlling access to intranet infrastructure devices.

Answer 2

802.1x

Switch authentication

Question 3

The principle of verifying identity, capability and use.

Answer 3

AAA

Authentication
Authorization, and
Accounting

Question 4

Granting access based upon the characteristic of the subject, such as clearance level.

Answer 4

ABAC

Attribute-based Access Control

Question 5

Restricting entry, based upon a listing of controls or permissions.

Answer 5

ACL

Access Control List

Question 6

Rijndael was approved by the US government and given this title.

Answer 6

AES

Advanced Encryption Standard

Question 7

The 256 bit version of this algorithm is its highest level and is deemed uncrackable by brute force methods.

Answer 7

AES256

Advanced Encryption Standards 256bit

Question 8

This header transmits in clear text but authenticates and integrity checks each packet.

Answer 8

AH

Authentication Header

Question 9

The simulation of human intelligence and thinking in a machine, including adaptive learning and problem-solving.

Answer 9

AI

Artificial Intelligence

Question 10

Automated sharing of threat information between organizations to enhance detection and response.

Answer 10

AIS

Automatic Indicator Sharing

Question 11

The single loss expectancy times the annualized rate of occurrence.

Answer 11

ALE

Annualized Loss Expectancy

Question 12

This is a type of firewall able to inspect headers and payload in the upper protocol layers.

Answer 12

ALG

Application Layer Gateway

Question 13

Infrastructure connection point for most wireless
networks.

Answer 13

AP

Access Point

Question 14

These are development tools used by programmers that have prebuilt functions with desired utility.

Answer 14

API

Application Programming Interface

Question 15

Applications with advanced targeting, zero days and exfiltration techniques that are aimed at particular organizations or industries.

Answer 15

APT

Advanced Persistent Threat

Question 16

Most risk assessments track threats and attacks on an annualized basis.

Answer 16

ARO

Annualized Rate of Occurrence

Question 17

Given the IP address, this protocol will locate the MAC address.

Answer 17

ARP

Address Resolution Protocol

Question 18

This randomizes the location of an application in memory making it harder for attackers to successfully perform the buffer overflow.

Answer 18

ASLR

Address Space Layout Randomization

Question 19

An organization provides access to its custom developed software, such as accounting or customer management.

Answer 19

ASP

Application Service Provider

Question 20

A database of adversarial tactics and techniques that might be used to compromise systems organizations to enhance threat management.

Answer 20

ATT&CK

Adversarial Tactics,
Techniques, and
Common Knowledge

Question 21

The use of complementary values to disguise and then reveal information.

Answer 21

Asymmetric key

Public key

Question 22

This policy is legally required, if HR wants to fire someone for misuse.

Answer 22

AUP

Acceptable Use Policy

Question 23

Designed to identify malware, primarily based upon known patterns.

Answer 23

AV

Antivirus

Question 24

This can be the replacement cost or income derived from something.

Answer 24

AV

Asset Value

Question 25

The synchronization of name resolution information between a primary and secondary DNS server.

Answer 25

AXFR

Zone transfer

Question 26

A UNIX and Linux command interface and language.

Answer 26

BASH

Bourne again shell

Question 27

This is the prerequisite for disaster recovery and continuity planning to identify potential losses.

Assessing the criticality of business activities and assets in order to determine the appropriate protection and recovery options.

Answer 27

BIA

Business Impact Analysis