Professor Messer Practice Exams

Question 1

SPF

Answer 1

Sender Policy Framework: An email authentication method designed to detect forging sender addresses during the delivery of the email.

Question 2

NAC

Answer 2

Network Access Control: A way to limit network access to only authorized users.

Question 3

DMARC

Answer 3

Domain Message Authentication Reporting and Conformance: An email authentication protocol designed to give email domain owners the ability to protect their domain from unauthorized use, commonly known as email spoofing.

Question 4

DKIM

Answer 4

DomainKeys Identified Mail: An email method designed to detect forged sender addresses in emails.

Question 5

UTM

Answer 5

Unified Threat Manager: A comprehensive solution that has evolved from traditional firewall solutions into a product that can perform multiple security functions within one single system.

Question 6

Federation

Answer 6

Allows members of one organization to authenticate using the credentials of another organization.

Question 7

802.1X

Answer 7

A network access control using EAP over Ethernet.

Question 8

EAP

Answer 8

Extensible Authentication Protocol: An authentication framework frequently used in wireless networks.

Question 9

SSO

Answer 9

Single Sign-on: A property of access control of multiple related, yet independent, software systems. With this property, a user logs in with a single ID and password to gain access to any of several related systems.

Question 10

MTBF

Answer 10

Mean Time Between Failures: The average time between system
failures.

Question 11

RTO

Answer 11

Recovery Time Objective: The time within which a business process must be restored after an incident.

Question 12

MTTR

Answer 12

Mean Time to Repair: The average time taken to repair a failed component or system.

Question 13

RPO

Answer 13

Recovery Point Objective: describes the minimum data or
operational state required to categorize a system as recovered.

Question 14

SLA

Answer 14

Service Level Agreement: Defines the level and quality of service expected from the vendor.

Question 15

SOW

Answer 15

Statement of Work: Specifies the particular services a vendor
will deliver in a specific instance.

Question 16

MOA

Answer 16

Memorandum of Agreement: Documents outlining mutual understandings, goals, and responsibilities but might not be
legally binding.

Question 17

NDA

Answer 17

Non‐disclosure Agreement: Binds the vendor to confidentiality, ensuring that organizational secrets or proprietary information isn’t disclosed.

Question 18

COPE

Answer 18

Corporate Owned, Personally Enabled: A business strategy for managing mobile devices that allows employees to use corporate‐owned IT devices for personal use.

Question 19

MDM

Answer 19

Mobile Device Management: A type of security software used by an IT department to monitor, manage, and secure employees’ mobile devices that are deployed across multiple mobile service
providers and across multiple mobile operating systems being used in the organization.

Question 20

WPA3

Answer 20

Wi-Fi Protected Access 3: An encryption protocol for 802.11
wireless networking.

Question 21

PSK

Answer 21

Pre-Shared Key: A wireless configuration option that allows
everyone on the network to use the same access key or password when connecting to the wireless network.

Question 22

MFA

Answer 22

Multifactor Authentication: The use of multiple types
of authentication checks.

Question 23

CYOD

Answer 23

Choose Your Own Device: Allows the user to pick the make and
model of their device.

Question 24

SASE

Answer 24

Secure Access Service Edge: A next-generation VPN
technology designed to optimize the process of secure communication to cloud services.

Question 25

RTOS

Answer 25

Real-time Operating System: An OS designed for industrial
equipment, automobiles, and other time-sensitive applications.

Question 26

CRL

Answer 26

Certificate Revocation List: Used to determine if a certificate
has been administratively revoked.

Question 27

AUP

Answer 27

Acceptable Use Policy: Defined by an employer to describe the
proper use of technology and systems within an organization.

Question 28

HSM

Answer 28

Hardware Security Module: A high-end cryptographic hardware appliance that can securely store keys and certificates for all devices.

Question 29

TPM

Answer 29

Trusted Platform Module: Used on individual devices to provide cryptographic functions and securely store encryption keys.

Question 30

SLE

Answer 30

Single Loss Expectancy: The financial impact of a single event.

Question 31

ALE

Answer 31

Annual Loss Expectancy: The financial loss over an entire 12-month period.

Question 32

ARO

Answer 32

Annualized Rate of Occurrence: The number of times an event will occur in a 12-month period.

Question 33

DLP

Answer 33

Data Loss Prevention: Can identify and block the transmission of sensitive data across the network.

Question 34

RADIUS

Answer 34

Remote Authentication Dial-In User Service: An authentication protocol commonly used to validate user credentials.

Question 35

IPsec

Answer 35

Internet Protocol Security: A protocol suite for authenticating
and encrypting network communication.

Question 36

SDN

Answer 36

Software-Defined Networking: This separates the control plane of
devices from the data plane. This allows for more automation and dynamic
changes to the infrastructure.

Question 37

UPS

Answer 37

Uninterruptible Power Supply: It `provides an alternative power
source when the main power is no longer available.

Question 38

VLAN

Answer 38

Virtual Local Area Network: A common method of using
a switch to logically segment a network. The devices in each segmented
VLAN can only communicate with other devices in the same VLAN. A
router is used to connect VLANs, and this router can often be used to
control traffic flows between the VLANs.

Question 39

VPN

Answer 39

Virtual Private Network: An encryption technology used
to secure network connections between sites or remote end-user
communication.

Question 40

RBAC

Answer 40

Role-Based Access Control: Describes a control mechanism for
managing rights and permissions in an operating system.

Question 41

SDN

Answer 41

Software Defined Networking: Separates the planes of operation
so that infrastructure devices would have a defined control plane and data
plane.

Question 42

Jump Server

Answer 42

A highly secured device commonly used to access secure
areas of another network.

Question 43

HSM

Answer 43

Hardware Security Module: A secure method of
cryptographic key backup and hardware-based cryptographic offloading.