Day 1 Reversed

Question 1

3DES

Answer 1

Triple Digital Encryption Standard

Performs encryption in 3 rounds of the same algorithm

Question 2

802.1x

Answer 2

Switch Authentication

Standard for controlling access to intranet infrastructure devices.

Question 3

AAA

Answer 3

Authentication, Authorization, and Accounting

The principle of verifying identity, capability and use.

Question 4

ABAC

Answer 4

Attribute-based Access Control

Granting access based upon the characteristic of the subject, such as clearance level.

Question 5

ACL

Answer 5

Access Control List

Restricting entry, based upon a listing of controls or permissions.

Question 6

AES

Answer 6

Advanced Encryption Standard

Rijndael was approved by the US government and given this title.

Question 7

AES256

Answer 7

Advanced Encryption Standards 256bit

The 256 bit version of this algorithm is its highest level and is deemed uncrackable by brute force methods.

Question 8

AH

Answer 8

Authentication Header

This header transmits in clear text but authenticates and integrity checks each packet.

Question 9

AI

Answer 9

Artificial Intelligence

The simulation of human intelligence and thinking in a machine, including adaptive learning and problem-solving.

Question 10

AIS

Answer 10

Automatic Indicator Sharing

Automated sharing of threat information between organizations to enhance detection and response.

Question 11

ALE

Answer 11

Annualized Loss Expectancy

The single loss expectancy times the annualized rate of occurrence.

Question 12

ALG

Answer 12

Application Layer Gateway

This is a type of firewall able to inspect headers and payload in the upper protocol layers.

Question 13

AP

Answer 13

Access Point

Infrastructure connection point for most wireless networks.

Question 14

API

Answer 14

Application Programming Interface

These are development tools used by programmers that have prebuilt functions with desired utility.

Question 15

APT

Answer 15

Advanced Persistent Threat

Applications with advanced targeting, zero days and exfiltration techniques that are aimed at particular organizations or industries.

Question 16

ARO

Answer 16

Annualized Rate of Occurrence

Most risk assessments track threats and attacks on an annualized basis.

Question 17

ARP

Answer 17

Address Resolution Protocol

Given the IP address, this protocol will locate the MAC address.

Question 18

ASLR

Answer 18

Address Space Layout Randomization

This randomizes the location of an application in memory making it harder for attackers to successfully perform the buffer overflow.

Question 19

ASP

Answer 19

Application Service Provider

An organization provides access to its custom developed software, such as accounting or customer management.

Question 20

ATT&CK

Answer 20

Adversarial Tactics, Techniques, and Common Knowledge

A database of adversarial tactics and techniques that might be used to compromise systems organizations to enhance threat management.

Question 21

Asymmetric Key

Answer 21

Public Key

The use of complementary values to disguise and then reveal information.

Question 22

AUP

Answer 22

Acceptable Use Policy

This policy is legally required, if HR wants to fire someone for misuse.

Question 23

AV

Answer 23

Antivirus

Designed to identify malware, primarily based upon known patterns.

Question 24

AV
(Not Antivirus)

Answer 24

Asset Value

This can be the replacement cost or income derived from something.

Question 25

AXFR

Answer 25

Zone Transfer

The synchronization of name resolution information between a primary and secondary DNS server.

Question 26

BASH

Answer 26

Bourne Again Shell

A UNIX and Linux command interface and language.

Question 27

BIA

Answer 27

Business Impact Analysis

This is the prerequisite for disaster recovery and continuity planning to identify potential losses.

Assessing the criticality of business activities and assets in order to determine the appropriate protection and recovery options.