P

Question 1

P12

Answer 1

Public Key Cryptography Standards #12

A keystore installed on a system that is the standardized and language-neutral way of storing encrypted private keys and certificates. it is the default language for Java 9 and above.

Question 2

P2P

Answer 2

Peer-to-Peer

A decentralized platform whereby two devices interact directly with each other, without intermediation by a server computer or server software.

Question 3

PaaS

Answer 3

Platform as a Service

A complete cloud environment that includes everything developers need to build, run, and manage applications—from servers and operating systems to all the networking, storage, middleware, tools, and more.

Question 4

PAC

Answer 4

Proxy Auto Configuration

A file that contains a set of rules in JavaScript for instructing the browser to redirect traffic as per the code. It determines whether web browser requests (HTTP, HTTPS, and FTP) go direct to the destination or are forwarded to a web proxy server.

Question 5

PAM
(2 acronyms)

Answer 5

Privileged Access Management

Pluggable Authentication Modules

Question 6

Privileged Access Management

Answer 6

A subset of IAM that deals with specific groups of users with the same profile type. This can refer to profiles of employees in HR teams, legal teams, or IT teams, where users need an elevated level of access to do their jobs effectively. PAM allows businesses to limit and control user’s actions and access to sensitive information.

It allows companies to go beyond passwords when securing sensitive data. It manages individual sessions and provides dynamic authentication for each session. There is a dynamic AP that is difficult for attackers to pinpoint even if they’re successfully authenticated via IAM.

It allows companies to dynamically provide and revoke privileged access in emergency situations based on user risk scores as a trust factor.

–

While IAM serves every user in a company, PAM is more focused on users who require greater levels of access to privileged information.

Question 7

Pluggable Authentication Modules

Answer 7

A framework that provides system administrators with the ability to incorporate multiple authentication mechanisms into an existing system through the use of pluggable modules.

Applications enabled to make use of PAM can be plugged-in to new technologies without modifying the existing applications. This flexibility allows administrators to do the following:

Select any authentication service on the system for an application

Use multiple authentication mechanisms for a given service

Add new authentication service modules without modifying existing applications

Use a previously entered password for authentication with multiple modules

Question 8

PAP

Answer 8

Password Authentication Protocol

An unencrypted and deprecated PPP authentication method that uses passwords to validate users. It uses a two-way handshake for the peers to identify each other.

After the link is established, an ID and password pair is repeatedly sent by the peer to the authenticator until authentication is acknowledged or the connection is terminated.

(Note: ID/password pair is NOT sent throughout the entire connection; only during the authentication phase. After this phase, authentication is no longer sent.)

This protocol is susceptible to replay attacks.

Question 9

PAT

Answer 9

Port Address Translation

A subset of NAT. Similar to NAT, each internal device shares a single public IP address.

However, it differentiates from NAT in that PAT has each device communicate with the internet via a unique port number.

When the internal client sends a request to the internet, PAT assigns it a unique port number and translates the private IP address into the network’s public IP address. The destination server on the internet receives the request and responds to the unique port number, allowing the computer to receive the response.

Question 10

PBKDF2

Answer 10

Password-Based Key Derivation Function 2

A key derivation function that uses a password hash to store passwords, but also deliberately slows down the computer during processing/authentication in order to slow down or prevent brute force attacks.

This process is slowed by adding a “work factor” or iteration count to the password hashing process. This refers to the number of times the hashing function is applied to the password, making cracking the password much more computationally costly.

When hashed, the password is concatenated with a salt and the iteration count, and then hashed using a cryptographic hash function such as SHA-256. The salt, the number of iterations, and the resulting hash value are then stored in a database.

Question 11

PBX

Answer 11

Private Branch Exchange

An internal telephone network allowing users to talk to each other.

Question 12

PCAP

Answer 12

Packet Capture

A network practice involving the interception of data packets travelling over a network. This process is known as packet sniffing.

Question 13

PCI DSS

Answer 13

Payment Card Industry Data Security Standard

An information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.

Security requirements to protect environments where payment account data is stored, processed, or transmitted.

Question 14

PDU

Answer 14

Power Distribution Unit

A device for controlling electrical power in a data center.

It has multiple power outlets that provides electrical protection and distributes power to IT equipment within a rack.

(Basically a huuuuuge surge-protector-looking thing.)

Question 15

PEAP

Answer 15

Protected Extensible Authentication Protocol

A TLS wrapper around EAP.

Question 16

PED

Answer 16

Personal Electronic Device

Consumer electronic devices, capable of communications, data processing and/or computing. Examples are laptop computers, tablets, e-readers, smartphones, MP3 players, drones and electronic toys.

Any piece of lightweight, electronically-powered equipment.

AKA Portable Electronic Device

Question 17

PEM

Answer 17

Privacy Enhanced Mail

An email security standard to provide secure electronic mail communication over the internet.

It focuses on confidentiality via encryption, and integrity via message digests.

Question 18

PFS

Answer 18

Perfect Forward Secrecy

An encryption system that changes the keys used to encrypt and decrypt information frequently and automatically. This ongoing process ensures that even if the most recent key is hacked, a minimal amount of sensitive data is exposed.

It works by producing temporary private key exchanges between clients and servers. For every individual session initiated by a user, a unique session key is generated.

Question 19

PGP

Answer 19

Pretty Good Privacy

Proprietary software designed to encrypt emails, verify email integrity, and verify the sender of the email.

It combines both private- and public-key cryptography.

Question 20

PHI

Answer 20

Personal Health Information

Any information in the medical record or designated record set that can be used to identify an individual and that was created, used, or disclosed in the course of providing a health care service such as diagnosis or treatment.

Question 21

PII

Answer 21

Personally Identifiable Information

Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.

Further, PII is defined as information:
(i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or
(ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. (These data elements may include a combination of gender, race, birth date, geographic indicator, and other descriptors).

Additionally, information permitting the physical or online contacting of a specific individual is the same as personally identifiable information.

Question 22

PIV

Answer 22

Personal Identity Verification

A method of multifactor authentication used in federal IT resources and facilities. You see it most often in the form of an ID card, but it can be more than that.

PIV credentials have certificates and key pairs, pin numbers, biometrics like fingerprints and pictures, and other unique identifiers. When these items are put together in a PIV credential, the credential provides the capability to implement multifactor authentication for networks, applications, and buildings.

Question 23

PKCS

Answer 23

Public Key Cryptography Standards

A set of protocols that structure the use of PKI in data exchange.

Standards developed to enable secure information exchange via a PKI. This includes protocols for digital signatures, certificates, enveloping, and key agreement.

It gives abstract syntax and algorithm details that can be adapted across different technologies.

Question 24

PKI

Answer 24

Public Key Infrastructure

The infrastructure that governs the issuance of digital certificates to protect sensitive data, provide unique digital identities for users, devices and applications and secure end-to-end communications. This includes all of the software, hardware, policies, and people required to do so.

Question 25

POP

Answer 25

Post Office Protocol

An unencrypted email application protocol that can be used to retrieve email from an email server for the client application. It provides end users the ability to fetch and receive email.

Question 26

POTS

Answer 26

Plain Old Telephone Service

The traditional, analog voice transmission phone system implemented over physical copper wires (twisted pair). Simply put, POTS is the basic telephone call service that individuals and businesses have been using since the 1880s.

While VoIP sends communication over the internet, POTS uses a traditional circuit-switched telephony.

POTS typically has better voice quality and reliability, whereas VoIP is more flexible and affordable.

Question 27

PPP

Answer 27

Point-to-Point Protocol

This protocol is outdated, but still in use by some companies.

A P2P protocol that directly connects two network devices at the data link layer. It has an optional encryption feature. It is typically used for internet connections and connecting remote networks via a Wide Area Network (WAN) link.

Typically used for dial-up connections.

It can provide loop detection, authentication, transmission encryption, and data compression.

Question 28

PPTP

Answer 28

Point-to-Point Tunneling Protocol

This protocol is deprecated.

The oldest and most common VPN protocol. It facilitates the private transfer of data from a remote client to a server by encapsulating packets at a TCP/IP level.

It is based on PPP. PPTP is basically PPP frames encapsulated into IP packets and then encrypted.

It has been superseded by more secure protocols because of its known vulnerabilities and weak encryption standards.

Question 29

PSK

Answer 29

Pre-Shared Key

A shared secret which was previously shared between the two parties using some secure channel before it needs to be used. It authenticates users on WLANs.

When a user logs into the network using the SSID (network name) and password, the PSK is derived from those two components plus some more information to create an even more complex encryption key used to protect data sent over the network.

The final output is called the PSK.

It plays an essential part in the encryption process that keeps network traffic secure.

Question 30

PTZ

Answer 30

Pan-Tilt-Zoom

A type of robotic camera that is built with mechanical parts that allow them to swivel left to right, tilt up and down, and zoom in and out of a scene. It uses AI functions to do this.

Question 31

PUP

Answer 31

Potentially Unwanted Program

These programs are unwanted, despite the fact that users consented to download them.

They are programs that are installed as a bundle when you install legitimate software. The most common form of PUP is adware.

Typically, PUPs serve as marketing tools and often modifies browser settings or displays unwanted advertisements. They may cause unwanted behavior on your device.