P Flashcards

1
Q

P12

A

Public Key Cryptography Standards #12

A keystore installed on a system that is the standardized and language-neutral way of storing encrypted private keys and certificates. it is the default language for Java 9 and above.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

P2P

A

Peer-to-Peer

A decentralized platform whereby two devices interact directly with each other, without intermediation by a server computer or server software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

PaaS

A

Platform as a Service

A complete cloud environment that includes everything developers need to build, run, and manage applications—from servers and operating systems to all the networking, storage, middleware, tools, and more.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

PAC

A

Proxy Auto Configuration

A file that contains a set of rules in JavaScript for instructing the browser to redirect traffic as per the code. It determines whether web browser requests (HTTP, HTTPS, and FTP) go direct to the destination or are forwarded to a web proxy server.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

PAM
(2 acronyms)

A

Privileged Access Management

Pluggable Authentication Modules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Privileged Access Management

A

A subset of IAM that deals with specific groups of users with the same profile type. This can refer to profiles of employees in HR teams, legal teams, or IT teams, where users need an elevated level of access to do their jobs effectively. PAM allows businesses to limit and control user’s actions and access to sensitive information.

It allows companies to go beyond passwords when securing sensitive data. It manages individual sessions and provides dynamic authentication for each session. There is a dynamic AP that is difficult for attackers to pinpoint even if they’re successfully authenticated via IAM.

It allows companies to dynamically provide and revoke privileged access in emergency situations based on user risk scores as a trust factor.

While IAM serves every user in a company, PAM is more focused on users who require greater levels of access to privileged information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Pluggable Authentication Modules

A

A framework that provides system administrators with the ability to incorporate multiple authentication mechanisms into an existing system through the use of pluggable modules.

Applications enabled to make use of PAM can be plugged-in to new technologies without modifying the existing applications. This flexibility allows administrators to do the following:

Select any authentication service on the system for an application

Use multiple authentication mechanisms for a given service

Add new authentication service modules without modifying existing applications

Use a previously entered password for authentication with multiple modules

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

PAP

A

Password Authentication Protocol

An unencrypted and deprecated PPP authentication method that uses passwords to validate users. It uses a two-way handshake for the peers to identify each other.

After the link is established, an ID and password pair is repeatedly sent by the peer to the authenticator until authentication is acknowledged or the connection is terminated.

(Note: ID/password pair is NOT sent throughout the entire connection; only during the authentication phase. After this phase, authentication is no longer sent.)

This protocol is susceptible to replay attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

PAT

A

Port Address Translation

A subset of NAT. Similar to NAT, each internal device shares a single public IP address.

However, it differentiates from NAT in that PAT has each device communicate with the internet via a unique port number.

When the internal client sends a request to the internet, PAT assigns it a unique port number and translates the private IP address into the network’s public IP address. The destination server on the internet receives the request and responds to the unique port number, allowing the computer to receive the response.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

PBKDF2

A

Password-Based Key Derivation Function 2

A key derivation function that uses a password hash to store passwords, but also deliberately slows down the computer during processing/authentication in order to slow down or prevent brute force attacks.

This process is slowed by adding a “work factor” or iteration count to the password hashing process. This refers to the number of times the hashing function is applied to the password, making cracking the password much more computationally costly.

When hashed, the password is concatenated with a salt and the iteration count, and then hashed using a cryptographic hash function such as SHA-256. The salt, the number of iterations, and the resulting hash value are then stored in a database.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

PBX

A

Private Branch Exchange

An internal telephone network allowing users to talk to each other.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

PCAP

A

Packet Capture

A network practice involving the interception of data packets travelling over a network. This process is known as packet sniffing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

PCI DSS

A

Payment Card Industry Data Security Standard

An information security standard designed to reduce payment card fraud by increasing security controls around cardholder data.

Security requirements to protect environments where payment account data is stored, processed, or transmitted.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

PDU

A

Power Distribution Unit

A device for controlling electrical power in a data center.

It has multiple power outlets that provides electrical protection and distributes power to IT equipment within a rack.

(Basically a huuuuuge surge-protector-looking thing.)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

PEAP

A

Protected Extensible Authentication Protocol

A TLS wrapper around EAP.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

PED

A

Personal Electronic Device

Consumer electronic devices, capable of communications, data processing and/or computing. Examples are laptop computers, tablets, e-readers, smartphones, MP3 players, drones and electronic toys.

Any piece of lightweight, electronically-powered equipment.

AKA Portable Electronic Device

17
Q

PEM

A

Privacy Enhanced Mail

An email security standard to provide secure electronic mail communication over the internet.

It focuses on confidentiality via encryption, and integrity via message digests.

18
Q

PFS

A

Perfect Forward Secrecy

An encryption system that changes the keys used to encrypt and decrypt information frequently and automatically. This ongoing process ensures that even if the most recent key is hacked, a minimal amount of sensitive data is exposed.

It works by producing temporary private key exchanges between clients and servers. For every individual session initiated by a user, a unique session key is generated.

19
Q

PGP

A

Pretty Good Privacy

Proprietary software designed to encrypt emails, verify email integrity, and verify the sender of the email.

It combines both private- and public-key cryptography.

20
Q

PHI

A

Personal Health Information

Any information in the medical record or designated record set that can be used to identify an individual and that was created, used, or disclosed in the course of providing a health care service such as diagnosis or treatment.

21
Q

PII

A

Personally Identifiable Information

Any representation of information that permits the identity of an individual to whom the information applies to be reasonably inferred by either direct or indirect means.

Further, PII is defined as information:
(i) that directly identifies an individual (e.g., name, address, social security number or other identifying number or code, telephone number, email address, etc.) or
(ii) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. (These data elements may include a combination of gender, race, birth date, geographic indicator, and other descriptors).

Additionally, information permitting the physical or online contacting of a specific individual is the same as personally identifiable information.

22
Q

PIV

A

Personal Identity Verification

A method of multifactor authentication used in federal IT resources and facilities. You see it most often in the form of an ID card, but it can be more than that.

PIV credentials have certificates and key pairs, pin numbers, biometrics like fingerprints and pictures, and other unique identifiers. When these items are put together in a PIV credential, the credential provides the capability to implement multifactor authentication for networks, applications, and buildings.

23
Q

PKCS

A

Public Key Cryptography Standards

A set of protocols that structure the use of PKI in data exchange.

Standards developed to enable secure information exchange via a PKI. This includes protocols for digital signatures, certificates, enveloping, and key agreement.

It gives abstract syntax and algorithm details that can be adapted across different technologies.

24
Q

PKI

A

Public Key Infrastructure

The infrastructure that governs the issuance of digital certificates to protect sensitive data, provide unique digital identities for users, devices and applications and secure end-to-end communications. This includes all of the software, hardware, policies, and people required to do so.

25
Q

POP

A

Post Office Protocol

An unencrypted email application protocol that can be used to retrieve email from an email server for the client application. It provides end users the ability to fetch and receive email.

26
Q

POTS

A

Plain Old Telephone Service

The traditional, analog voice transmission phone system implemented over physical copper wires (twisted pair). Simply put, POTS is the basic telephone call service that individuals and businesses have been using since the 1880s.

While VoIP sends communication over the internet, POTS uses a traditional circuit-switched telephony.

POTS typically has better voice quality and reliability, whereas VoIP is more flexible and affordable.

27
Q

PPP

A

Point-to-Point Protocol

This protocol is outdated, but still in use by some companies.

A P2P protocol that directly connects two network devices at the data link layer. It has an optional encryption feature. It is typically used for internet connections and connecting remote networks via a Wide Area Network (WAN) link.

Typically used for dial-up connections.

It can provide loop detection, authentication, transmission encryption, and data compression.

28
Q

PPTP

A

Point-to-Point Tunneling Protocol

This protocol is deprecated.

The oldest and most common VPN protocol. It facilitates the private transfer of data from a remote client to a server by encapsulating packets at a TCP/IP level.

It is based on PPP. PPTP is basically PPP frames encapsulated into IP packets and then encrypted.

It has been superseded by more secure protocols because of its known vulnerabilities and weak encryption standards.

29
Q

PSK

A

Pre-Shared Key

A shared secret which was previously shared between the two parties using some secure channel before it needs to be used. It authenticates users on WLANs.

When a user logs into the network using the SSID (network name) and password, the PSK is derived from those two components plus some more information to create an even more complex encryption key used to protect data sent over the network.

The final output is called the PSK.

It plays an essential part in the encryption process that keeps network traffic secure.

30
Q

PTZ

A

Pan-Tilt-Zoom

A type of robotic camera that is built with mechanical parts that allow them to swivel left to right, tilt up and down, and zoom in and out of a scene. It uses AI functions to do this.

31
Q

PUP

A

Potentially Unwanted Program

These programs are unwanted, despite the fact that users consented to download them.

They are programs that are installed as a bundle when you install legitimate software. The most common form of PUP is adware.

Typically, PUPs serve as marketing tools and often modifies browser settings or displays unwanted advertisements. They may cause unwanted behavior on your device.