Domain 4

Question 1

API

Answer 1

Application Programming Interface. Set of routines, standards protocols, & tools for building software applications to access web-based software applications/web tools

Question 2

Bit

Answer 2

most essential representation of data (zero or one) at Layer 1 of the Open Systems Interconnection (OSI) model

Question 3

Broadcast

Answer 3

transmission is a one-to-many (one-to-everyone) form of sending internet traffic

Question 4

Byte

Answer 4

unit of digital information that most commonly consists of eight bits

Question 5

Cloud Computing

Answer 5

model for enabling ubiquitous, convenient, on-demand network access to a shared pool of computing resources (networks, servers, etc)

Question 6

Community Cloud

Answer 6

system which cloud infrastructure is for exclusive use for specific group of consumers with shared concerns. Owned/Managed/Operated by 1+ organizations, third party, or combination on/off premises

Question 7

De-encapsulation

Answer 7

opposite process of encapsulation, bundles of data are unpacked/revealed

Question 8

DoS

Answer 8

Denial-of-Service. Prevention of authorized access to resources or delaying of time-critical operations

Question 9

DNS

Answer 9

Domain Name Service. Service, physical server, & network protocol

Question 10

Encapsulation

Answer 10

bundling together data & methods. Taking any set of data & packaging it/hiding it in another data structure

Question 11

Encryption

Answer 11

process & act of converting the message from its plaintext to ciphertext. “Enciphering”

Question 12

File Transfer Protocol

Answer 12

internet protocol/program used to transfer files between hosts

Question 13

Fragment Attack

Answer 13

attacker fragments traffic in a way where the system is unable to put packets back together

Question 14

Hardware

Answer 14

physical parts of computer & related devices

Question 15

Hybrid Cloud

Answer 15

combination of public cloud storage & private where critical data is in private & other data is public

Question 16

IaaS

Answer 16

Infrastructure as a Service. Provider of core computing, storage, & network hardware/software as foundation for organizations can build/deploy applications. Popular in data centers, purchased as outsourced service billed on usage

Question 17

ICMP

Answer 17

Internet Control Message Protocol. IP network protocol standardized by IETF (Internet Engineering Task Force) through RFC 792 to determine if a particular service/host is available

Question 18

IPv4

Answer 18

Internet Protocol. Standard for transmission of data from source to destinations in packet-switched communications networks & interconnected systems

Question 19

Man-in-the-Middle

Answer 19

attack where threat positions itself between user & system to intercept/alter data traveling between

Question 20

Microsegmentation

Answer 20

part of zero-trust strategy that breaks LANs into small, localized zones using firewalls or similar technology. Places firewall at every connection point (ideal)

Question 21

Oversized Packets Attack

Answer 21

purposely sending network packet larger than expected/can be handled, causing receiving system to fail unexpectedly

Question 22

Packet

Answer 22

Representation of data at Layer 3 of the Open Systems Interconnection (OSI) model

Question 23

Payload

Answer 23

primary action of malicious code attack

Question 24

PCI DSS

Answer 24

Payment Card Industry Data Security Standard. IS Standard administered by PCI SSC (council) that applies to merchants/service providers who process card transactions

Question 25

PaaS

Answer 25

Platform as a Service. Web-authoring/application development middleware environment that allows applications to be built in cloud before they’re deployed as SaaS assets

Question 26

Private Cloud

Answer 26

cloud computing environment in which all hardware & software resources are dedicated exclusively to a single customer

Question 27

Protocols

Answer 27

set of rules (formats & procedure) to implement & control some type of association (communication) between systems

Question 28

Public Cloud

Answer 28

on-demand computing service/infrastructure managed by third-party provider & shared with multiple organization using the public internet

Question 29

SMTP

Answer 29

Simple Mail Transport Protocol. Standard communication protocol for sending/receiving email between senders & receivers

Question 30

Software

Answer 30

computer programs & associated data that may be dynamically written/modified during execution

Question 31

SaaS

Answer 31

Software as a Service. Customer uses cloud provider’s applications running within a cloud infrastructure. Customer/Consumer doesn’t manage/control underlying cloud infrastructure

Question 32

Spoofing

Answer 32

Faking the sending address of a transmission to gain illegal entry into secure system

Question 33

TCP/IP Model

Answer 33

Transport Control Protocol/Internet Protocol. Internetworking protocol model created by the IETF which specifies four layers of functionality.
Link Layers (physical communication)
Internet Layer (network-to-network communication)
Transport Layer (basic channel for connections/connectionless exchange of data between hosts)
Application Layer (where other protocols/user applications programs access network services)

Question 34

VLAN

Answer 34

Virtual Local Area Network. Workstations, servers, & network devices appear to be on the same LAN (Local Area Network) despite actual geographical distribution

Question 35

VPN

Answer 35

Virtual Private Network. Built on top of existing network that can provide a secure communications mechanism for transmission between networks

Question 36

WLAN

Answer 36

Wireless Local Area Network. Group of computers & devices that are located in the same vicinity, forming a network based on radio transmissions rather than wired

Wi-Fi network is type of WLAN

Question 37

Zenmap

Answer 37

graphical user interface (GUI) for Nmap Security Scanner, an open-source application that scans network to determine everything that is connected to it

Question 38

Zero Trust

Answer 38

removing the design belief that the network has any trusted space. Security is managed at each possible level, representing the most granular asset. Micro-segmentation of workloads is a tool of the model