Key Cybersecurity Acronyms and Concepts

Question 1

What does SIEM stand for?

Answer 1

Security Information and Event Management

Question 2

What does SOAR stand for?

Answer 2

Security Orchestration, Automation, and Response

Question 3

What does IDS/IPS stand for?

Answer 3

Intrusion Detection System / Intrusion Prevention System

Question 4

What does EDR stand for?

Answer 4

Endpoint Detection and Response

Question 5

What does IOC and IOA stand for?

Answer 5

Indicator of Compromise and Indicator of Attack

Question 6

What does APT stand for?

Answer 6

Advanced Persistent Threat

Question 7

What does MITRE ATT&CK stand for?

Answer 7

MITRE Adversarial Tactics, Techniques, and Common Knowledge

Question 8

What does CVSS stand for?

Answer 8

Common Vulnerability Scoring System

Question 9

What does CVE stand for?

Answer 9

Common Vulnerabilities and Exposures

Question 10

What does TTP stand for?

Answer 10

Tactics, Techniques, and Procedures

Question 11

What does NIST CSF stand for?

Answer 11

National Institute of Standards and Technology Cybersecurity Framework

Question 12

What does RBAC stand for?

Answer 12

Role-Based Access Control

Question 13

What does BIA stand for?

Answer 13

Business Impact Analysis

Question 14

What does PKI stand for?

Answer 14

Public Key Infrastructure

Question 15

What does TLS/SSL stand for?

Answer 15

Transport Layer Security / Secure Sockets Layer

Question 16

What does OSINT stand for?

Answer 16

Open-Source Intelligence

Question 17

What does NAC stand for?

Answer 17

Network Access Control

Question 18

What does OWASP stand for?

Answer 18

Open Web Application Security Project

Question 19

What does GDPR stand for?

Answer 19

General Data Protection Regulation

Question 20

What does SAST and DAST stand for?

Answer 20

Static Application Security Testing and Dynamic Application Security Testing

Question 21

What does RTO and RPO stand for?

Answer 21

Recovery Time Objective and Recovery Point Objective

Question 22

What does SLA stand for?

Answer 22

Service Level Agreement

Question 23

What does DLP stand for?

Answer 23

Data Loss Prevention

Question 24

What does XDR stand for?

Answer 24

Extended Detection and Response

Question 25

What does DNS stand for?

Answer 25

Domain Name System

Question 26

What does SIEM EDR stand for?

Answer 26

Security Information and Event Management Endpoint Detection and Response

Question 27

What is threat intelligence?

Answer 27

Information about existing or emerging threats used to improve defensive strategies.

Question 28

Define “lateral movement.”

Answer 28

The process by which attackers navigate through a network after initial compromise to gain further access.

Question 29

What is a vulnerability?

Answer 29

A weakness in a system, application, or network that can be exploited by a threat actor.

Question 30

Define “incident response.”

Answer 30

The process of identifying, managing, and mitigating security incidents.

Question 31

What is defense-in-depth?

Answer 31

A security strategy that uses multiple layers of defenses to protect assets.

Question 32

Define “zero-trust architecture.”

Answer 32

A security model that assumes no user or device should be trusted by default, even inside the network.

Question 33

What is a playbook?

Answer 33

A documented set of procedures for responding to specific security incidents.

Question 34

What is phishing?

Answer 34

A social engineering attack in which attackers trick individuals into providing sensitive information.

Question 35

Define “penetration testing.”

Answer 35

Simulated cyberattacks designed to identify vulnerabilities in systems or networks.

Question 36

What is encryption?

Answer 36

The process of converting data into a coded format to prevent unauthorized access.

Question 37

Define “social engineering.”

Answer 37

Psychological manipulation of individuals to gain access to sensitive information.

Question 38

What is a SIEM system used for?

Answer 38

Aggregating and analyzing security data to detect and respond to threats.

Question 39

What is malware?

Answer 39

Malicious software designed to disrupt, damage, or gain unauthorized access to systems.

Question 40

What is port scanning?

Answer 40

A technique used to identify open ports and services on a network.

Question 41

What is the principle of least privilege?

Answer 41

Providing users and systems only the access they need to perform their job.

Question 42

Define “multi-factor authentication (MFA).”

Answer 42

A security mechanism requiring multiple forms of verification to gain access.

Question 43

What is DNS spoofing?

Answer 43

A type of attack where fake DNS responses are sent to redirect users to malicious sites.

Question 44

Define “spear phishing.”

Answer 44

A targeted phishing attack aimed at specific individuals or organizations.

Question 45

What is a honeypot?

Answer 45

A decoy system or resource set up to attract and study attackers.

Question 46

Define “cyber kill chain.”

Answer 46

A framework describing the stages of a cyberattack, from reconnaissance to exploitation.

Question 47

What is a vulnerability scan?

Answer 47

An automated process that identifies vulnerabilities in systems or networks.

Question 48

Define “exfiltration.”

Answer 48

The unauthorized transfer of data from a system or network.

Question 49

What is endpoint detection and response (EDR)?

Answer 49

A solution for monitoring and protecting endpoints (e.g., laptops, servers) against cyber threats.

Question 50

What is risk assessment?

Answer 50

The process of identifying, evaluating, and prioritizing risks to organizational assets.

Question 51

What is a SIEM correlation rule?

Answer 51

A set of conditions that define suspicious or malicious activity in logs and events.

Question 52

What is the MITRE ATT&CK framework?

Answer 52

A matrix that categorizes adversarial behaviors into Tactics, Techniques, and Procedures (TTPs).

Question 53

What is the OWASP Top 10?

Answer 53

A list of the most critical security risks to web applications.

Question 54

What is the NIST CSF?

Answer 54

A cybersecurity framework from the National Institute of Standards and Technology used for risk management.

Question 55

What is ISO 27001?

Answer 55

An international standard for Information Security Management Systems (ISMS).

Question 56

What are log aggregation tools used for?

Answer 56

Collecting and analyzing logs to identify patterns, threats, or anomalies.

Question 57

What is Nessus?

Answer 57

A vulnerability scanning tool used to identify weaknesses in systems.

Question 58

What is Splunk?

Answer 58

A tool for log aggregation and analysis used in SIEM implementations.

Question 59

What is OpenVAS?

Answer 59

An open-source tool for performing vulnerability assessments.

Question 60

What is the CIS Controls framework?

Answer 60

A prioritized set of cybersecurity best practices created by the Center for Internet Security.

Question 61

What is COBIT?

Answer 61

A framework for governance and management of enterprise IT.

Question 62

What is PCI DSS?

Answer 62

The Payment Card Industry Data Security Standard, which protects payment card information.

Question 63

What is the Cyber Kill Chain?

Answer 63

A model developed by Lockheed Martin to describe the stages of a cyberattack.

Question 64

What is Wireshark?

Answer 64

A network protocol analyzer used for packet capture and analysis.

Question 65

What is Netcat?

Answer 65

A networking tool for reading and writing data across network connections.

Question 66

What is Burp Suite?

Answer 66

A web vulnerability scanner and penetration testing tool.

Question 67

What is Metasploit?

Answer 67

A penetration testing framework for exploiting vulnerabilities.

Question 68

What is the ELK Stack?

Answer 68

A log management suite composed of Elasticsearch, Logstash, and Kibana.

Question 69

What is Graylog?

Answer 69

An open-source log management and analysis tool.

Question 70

What is Kali Linux?

Answer 70

A Linux distribution used for penetration testing and security auditing.

Question 71

What is Responder?

Answer 71

A tool used for performing man-in-the-middle attacks on Windows authentication protocols.

Question 72

What is the Cloud Security Alliance (CSA)?

Answer 72

An organization that promotes best practices for secure cloud computing.

Question 73

What is Cyber Threat Intelligence (CTI)?

Answer 73

Information used to understand and mitigate security threats.

Question 74

What is the Common Vulnerability Scoring System (CVSS)?

Answer 74

A framework for assigning severity scores to vulnerabilities.

Question 75

What is Snort?

Answer 75

An open-source intrusion detection and prevention system.

Question 76

What is Zeek (formerly Bro)?

Answer 76

A network analysis framework focused on security monitoring.

Question 77

What is the SCAP framework?

Answer 77

The Security Content Automation Protocol, used for automating security assessments.

Question 78

What is OSSEC?

Answer 78

An open-source host-based intrusion detection system (HIDS).

Question 79

What is Cuckoo Sandbox?

Answer 79

A tool for analyzing malware by running it in a controlled environment.

Question 80

What is Nessus Agent?

Answer 80

A lightweight endpoint agent designed to run on individual systems for vulnerability scanning.