R

Question 1

RA
(2 acronyms)

Answer 1

Recovery Agent

Registration Authority

Question 2

Recovery Agent

Answer 2

An internal entity (often human) authorized to access stored key information in key backups and archives. Commonly used to help internal users.

Question 3

Registration Authority

Answer 3

An intermediary authority that verifies user requests for a digital certificate and gives the CA the “ok” to issue certificates.

It does NOT have the power to create or issue a certificate. It merely collects necessary information to:

Receive user/device certificate requests
Validate users/devices
Authenticate users/devices
Revoke credentials if the certificate is no longer valid

–

The main purpose of an RA is to ensure that a user or device is allowed to request a digital certificate from a specific website or application. If the request is allowed, the RA forwards the certificate request to the CA, which completes the digital certificate request process.

A registration authority can be thought of as a gatekeeper to a certificate authority. In order to be issued a certificate, the requesting user or device must first register with the RA and fulfill the necessary requirements, including identity and authentication checks. This comes in the form of a certificate signing request.

Question 4

RACE

Answer 4

Research and Development in Advanced Communications Technologies in Europe

A program launched in 1980s by the Commission of European Communities to pave the way towards commercial use of Integrated Broadband Communication (IBC) in Europe in late 1990s.

General objectives:
Promote the EU’s telecommunications industry

Enable the European network operators to compete under the best possible conditions

Enable a critical number of the Member States of EU to introduce commercially viable IBC services by 1995

Offer opportunities to service providers to improve cost-performance and introduce new services

Make new services available to final users at a cost and on a timescale at least as favourable as in other major western countries

Support the formation of a single European market for all IBC equipment and services

Contribute to regional development within the European Union, by allowing less-developed regions to benefit fully from telecommunications developments.

Question 5

RAD

Answer 5

Rapid Application Development

An adaptive software development model based on prototyping and quick feedback with less emphasis on specific planning. Its work cycles are often shorter than agile.

Question 6

RADIUS

Answer 6

Remote Authentication Dial-In User Service

One of the most common AAA protocols that is supported on a wide variety of platforms and devices

It centralizes authentication for users through routers, switches, firewalls, VPNs, and 802.1X network access.

Question 7

RAID

Answer 7

Redundant Array of Inexpensive Disks

A technique that combines multiple disk drives to store data redundantly for greater reliability and faster access.

Question 8

RAS

Answer 8

Remote Access Server

A type of server that provides a suite of services to remotely connected users over a network or the Internet. It acts as a central hub enabling remote users to connect to an internal LAN. It grants authenticated users secure access to resources within an organization’s network from any geographic location.

Question 9

RAT

Answer 9

Remote Access Trojan

Malware designed to allow an attacker to remotely control an infected computer. It also gives the attacker full administrative privileges.

The attacker may also use a RAT as a keylogger to steal credentials. They can use this malware to install/remove software, steal files, and hijack the webcam.

Question 10

RBAC
(2 acronyms)

Answer 10

Role-Based Access Control

Rule-Based Access Control

Question 11

Role-Based Access Control

Answer 11

An access control model that is based on account roles (manager, director, team lead, project manager, etc.)

Administrators provide access based on the role of the user. Rights are gained implicitly instead of explicitly.

Question 12

Rule-Based Access Control

Answer 12

An access control model that grants rights and permissions according to system-enforced rules. The administrator configures these roles and attaches them to files. These rules are then enforced once a user attempts to access the resource.

Ex.
Lab network access is only available between 9am - 5pm.
Only chrome browsers can complete this web form.

Question 13

RC4

Answer 13

Rivest Cipher version 4

One of the most popular symmetric key stream cipher. It’s simple to apply and works quickly.

It encrypts one byte at a time via an algorithm.

Question 14

RDP

Answer 14

Remote Desktop Protocol

A protocol for using a desktop computer remotely.

Question 15

RFID

Answer 15

Radio Frequency Identifier

A wireless technology that uses radio waves to identify and track objects by placing an RFID tag or transponder on them. The tag contains a microchip and an antenna that transmits a unique identifier to a reader device when prompted by the reader’s radio signal.

This technology allows for non-contact, non-line-of-sight identification and tracking of items, which is beneficial for many businesses, including those involved in supply chain management, retail, logistics, and asset management.

Combining RFID and IoT technologies allows for the automation of gathering and analyzing massive amounts of information to optimize and improve businesses processes and decision-making.

Question 16

RIPEMD

Answer 16

RACE Integrity Primitives Evaluation Message Digest

Commonly used to create digital watermarks in Bitcoin and other cryptocurrencies.

A group of cryptographic hash functions that acts as a centralized encryption standard for all the different countries in Europe.

Question 17

ROI

Answer 17

Return on Investment

A performance measure used to evaluate the efficiency of an investment or compare the efficiency of several investments. It is a simple ratio that divides the net profit (or loss) from an investment by its cost.

Question 18

RPO

Answer 18

Recovery Point Objective

The measurement of how much data - measured in time- that a company MUST have in order to be considered up and running after an incident has occurred.

It defines how much data loss is acceptable.

Ex. The database must have at least the last 12 months of data to be considered fully functional.

Question 19

RSA

Answer 19

Rivest, Shamir, & Adleman

An asymmetric cryptographic algorithm. It has a variable-length key. It uses block cipher methodology, but it is technically not a block cipher.

In RSA, both the public and private keys can encrypt a message; the opposite key from the one used to encrypt a message is used to decrypt it.

–

RSA is typically meant to only encrypt very small pieces of data, typically hashes and symmetric key that are then used to encrypt the majority of the data. However, RSA encryption/decryption works on blocks of data, usually 64 or 128 bits at a time. The size of the blocks is determined at run time.

Since the requisite data can often be encrypted/decrypted in a single use, it is often mistakenly assumed that it is not a block cipher because the data is a single block, rather than several. This does not change the fact that it does indeed work in a block cipher manner.

It is not intended to be used as a block cipher.

Question 20

RTBH

Answer 20

Remotely Triggered Black Hole

A technique that provides the ability to drop undesirable traffic at the edge of a protected network (before it reaches the network). It is used to mitigate DDoS attacks and generally improve network security.

In effect, this means that all traffic towards a specific destination is rerouted to a null IP address – essentially a “black hole” in network terms - and dropped there.

Question 21

RTO

Answer 21

Recovery Time Objective

The maximum acceptable amount of time for restoring a network or application and regaining access to data after an unplanned disruption.

Question 22

RTOS

Answer 22

Real-Time Operating System

An OS that may allow one process to take complete control over the device’s resources. It is specially designed to run applications with very precise timing and a high degree of reliability. This can be especially important in measurement and automation systems where downtime is costly or a program delay could cause a safety hazard.

To be considered “real-time”, an operating system must have a known maximum time for each of the critical operations that it performs (or at least be able to guarantee that maximum most of the time). Some of these operations include OS calls and interrupt handling.

Question 23

RTP

Answer 23

Real-time Transport Protocol

A network protocol for delivering audio and video over IP networks. It is optimized for consistent delivery of live (real-time) data.

Question 24

Difference between key escrow and recovery agent

Answer 24

A Key Escrow is often a third-party. It is necessary when a third-party needs access to encrypted data, such as when there is a court order to decrypt the encrypted data. It involves the law giving the order to decrypt the encrypted data.

A Recovery Agent is often an internal entity. It is a person/entity/role allowed to decrypt a user’s data in case of emergency, such as when the original key is lost by the user. It is primarily for helping internal users.

A Recovery Agent holds a MASTER KEY. A key escrow holds only the private keys for various user encryptions.

Question 25

Difference between Agile and RAD

Answer 25

Agile focuses on production time; RAD focuses on rapid, iterative prototyping