Day 4 Reversed

Question 1

CVSS

Answer 1

Common Vulnerability Scoring System

An empirical scheme for rating vulnerability severity based upon specific aspects of the vulnerability, environment, and nature of threats.

Question 2

CYOD

Answer 2

Choose Your Own Device

In this mode of control and acquisition, an employee chooses a device from a company provided list. Ownership may be personal or organization.

Question 3

DAC

Answer 3

Discretionary Access Control

The creator has all control over an asset and access to it. The default form of access for Windows.

Question 4

Data Custodian

Answer 4

Facilitates Use

Exemplified by data center personnel who manage and maintain systems.

Question 5

Data Owner

Answer 5

Responsible For Use

Determines logical controls, authorizes use and defines required security.

Question 6

DBA

Answer 6

Database Administrator

This role is filled by personnel capable of managing automated and large information repositories.

Question 7

DDoS

Answer 7

Distributed Denial of Service

This attack methodology involves a multitude of remotely controlled devices focusing upon a single target.

Question 8

DEP

Answer 8

Data Execution Prevention

And operating system memory management technique that prevents user data from overlapping into computer instructions.

Question 9

DER

Answer 9

Distinguished Encoding Rules

A commonly used method of encoding the data that makes up the certificate using ASN.1

Question 10

DES

Answer 10

Digital Encryption Standard

The first US government standard for symmetric encryption. It has a 56 bit key.

Question 11

DHCP

Answer 11

Dynamic Host Configuration Protocol

This is an extension of BOOTP and is used to dynamically allocate IPs.

Question 12

DHE

Answer 12

Diffie-Hellman Ephemeral

This is a key exchange algorithm that enhances confidentiality by discarding the session keys after use.

Question 13

DA

Answer 13

Dictionary Attack

Performs hashing or encryption on an array of predetermined candidate phrases, and compares it to the secret.

Question 14

Differential BU

Answer 14

Differential Backup

It moves files to alternative media that have the archive bit set, and then it does not clear it.

Question 15

DKIM

Answer 15

Domain Keys Identified Mail

A messaging security standard designed to facilitate non-repudiation between sender and receiver.

Question 16

DLL

Answer 16

Dynamic Link Library

These files are not directly executed, but are called up by an application when certain additional functions or libraries are needed.

Question 17

DLP

Answer 17

Data Loss Prevention

Strategies and applications that prevent data theft or illicit access.

Question 18

DMARC

Answer 18

Domain Message Authentication Reporting and Conformance

This is an email security standard designed to allow domains to protect themselves from unauthorized use and spoofing.

Question 19

DNAT

Answer 19

Destination Network Address Translation

The initial destination of a packet as it enters a NAT system to be redirected to another destination.

Question 20

DMZ

Answer 20

Demilitarized Zone

The perimeter area where the outside world may access certain services.

Question 21

DNS

Answer 21

Domain Name Service

An application that handles symbolic name to address mappings, as well as the reverse.

Question 22

DNSSEC

Answer 22

Domain Name System Security Extensions

An array of tools devised by the IETF to secure DNS transactions.

Question 23

DoS

Answer 23

Denial of Service

A one on one attack that causes access or utility to cease.

Question 24

DPO

Answer 24

Data Protection Officer

A senior officer responsible for an organization’s data protection strategies and compliance.

Question 25

DRP

Answer 25

Disaster Recovery Plan

The immediate plans for recovery of operations or services in the event of a catastrophic incident.