S

Question 1

S/MIME

Answer 1

Secure/Multipurpose Internet Mail Extensions

An email encryption and signing industry standard widely used by corporations to enhance email security. S/MIME is compatible with most enterprise email clients.

S/MIME allows for the secure transformation of ALL applications - spreadsheets, graphics, presentations, movies, etc.

PGP was only made to secure plain email or text messages.

S/MIME is considered superior to PGP from an administrative perspective because of its strength, support for centralized key management through X.509 certificate servers and extensive industry support.

PGP is more complicated from an end-user perspective, because it requires additional plug-ins or downloads to operate.

S/MIME protocol allows most vendors to send and receive encrypted email without using additional software.

Question 2

SaaS

Answer 2

Software as a Service

A cloud-based method of providing software to users. SaaS users subscribe to an application rather than purchasing it once and installing it. Users can log into and use a SaaS application from any compatible device over the Internet.

Question 3

SAE

Answer 3

Simultaneous Authentication of Equals

A secure key exchange protocol used in Wi-Fi networks to prevent man-in-the-middle attacks by simultaneously authenticating both parties.

A derivation of the Diffie-Hellman key exchange with an authentication component. Everyone uses a different session key even if they each use the same pre-shared key.

Eliminates the need for four-way handshakes and hashes, so it is NOT vulnerable to brute force attacks.

At the core of SAE’s effectiveness is the innovative “Dragonfly” handshake mechanism. This sophisticated process underpins mutual authentication between a device seeking connection (e.g., a smartphone or laptop) and the wireless access point, achieving this without the actual exchange of the password itself.

Question 4

SAML

Answer 4

Security Assertions Markup Language

An open standard used for authentication. Based upon the Extensible Markup Language (XML) format, web applications use SAML to transfer authentication data between two parties - the idP and the service provider (SP).

Its primary role in online security is that it enables you to access multiple web applications using one set of login credentials. It works by passing authentication information in a particular format between two parties, usually an identity provider (idP) and a web application.

Question 5

SAN
(2 acronyms)

Answer 5

Storage Area Network

Subject Alternative Name

Question 6

Storage Area Network

Answer 6

A network of storage devices that can be accessed by multiple servers or computers, providing a shared pool of storage space.

Question 7

Subject Alternative Name

Answer 7

A structured way to indicate all of the domain names and IP addresses that are secured by the certificate.

Allows administrators to create wildcard SSL/TLS certificates.

Question 8

SASE

Answer 8

Secure Access Service Edge

An architecture that delivers converged network and security as a service capabilities including SD-WAN and cloud native security functions such as secure web gateways, cloud access security brokers, firewall as-a-service, and zero-trust network access.

SASE enables:

Centralized orchestration and real-time application optimization

Secure, seamless access for users

More secure remote and mobile access

Restriction of access based on user, device, and application identity

Centralized management

Question 9

SCADA

Answer 9

Supervisory Control and Data Acquisition

A system of software and hardware elements that allows organizations to control and monitor industrial processes by directly interfacing with plant-floor machinery and viewing real-time data.

Question 10

SCAP

Answer 10

Security Content Automation Protocol

A method for using specific standards to help organizations automate vulnerability management and policy compliance evaluation

It consolidates vulnerability information into a single language that all devices can understand. Then, because all the devices are on the same page, they can work together to automate the removal and detection of vulnerabilities in the network.

Question 11

SCEP

Answer 11

Simple Certificate Enrollment Protocol

A certificate management protocol that helps IT administrators issue certificates automatically.

–

SCEP is a protocol that allows devices to easily enroll for a certificate by using a URL and a shared secret to communicate with a PKI. MDM software commonly uses SCEP for devices by pushing a payload containing the SCEP URL and shared secret to managed devices. This can save an administrator a lot of time and effort compared to the alternative of manually enrolling their managed devices for certificates.

Question 12

SD-WAN

Answer 12

Software-Defined Wide Area Network

A new form of WAN that is built specifically for cloud-based apps.

Instead of having all users communicating to a set of internal datacenters and servers, and from there to the cloud app–this technology allows WANs to be flexible enough to allow users to connect directly to cloud applications.

–

It is a way to send traffic directly over the internet from branch locations to trusted SaaS and cloud-based applications while maintaining compliance with enterprise security mandates.

An SD‑WAN assures consistent application performance and resiliency, automates traffic steering in an application-driven manner based on business intent, improves network security, and simplifies the WAN architecture.

An SD-WAN uses a centralized control function to steer traffic securely and intelligently across the WAN and directly to trusted SaaS and IaaS providers. This increases application performance and delivers a high-quality user experience, which increases business productivity and agility and reduces IT costs.

Question 13

SDK

Answer 13

Software Development Kit

A set of platform-specific building tools for developers, including components like debuggers, compilers, and libraries to create code that runs on a specific platform, operating system, or programming language. Additionally, they contain resources like documentation, tutorials, and guides as well as APIs and frameworks for faster application development.

Question 14

SDLC

Answer 14

Software Development Lifecycle

A plan for how to develop, alter, and maintain a software system.

Question 15

SDLM

Answer 15

Software Development Lifecycle Methodology

A structured framework or process used by software developers to plan, design, build, test, deploy, and maintain software applications. SDLMs guide the dev team through a series of phases, ensuring that the software is developed efficiently, with high quality, and meets the requirements of the stakeholders.

Question 16

SDN

Answer 16

Software-Defined Networking

A network architecture created by separating network devices into logical functional planes.

An approach to networking that uses APIs or software-based controllers to communicate with underlying hardware infrastructure and direct traffic on a network.

This model differs from that of traditional networks, which use dedicated hardware devices (i.e., routers and switches) to control network traffic. SDN can create and control a virtual network – or control a traditional hardware – via software.

It controls the routing of data packets through a centralized server.

Question 17

SE Linux

Answer 17

Security-Enhanced Linux

Patches that enhance the security of Linux, including the addition of:

Mandatory access control
Least privilege

Question 18

SED

Answer 18

Self-Encrypting Drives

A type of hard drive with encryption and decryption capabilities built into the drive hardware. The process is handled directly by the drive rather than by software on the host device.

SEDs can automatically encrypt and decrypt data as it is written to and read from the drive, making it more secure and convenient.

This can provide an added layer of security, as it eliminates the need for software that could be vulnerable to malware or other types of attacks.

Question 19

SEH

Answer 19

Structured Exception Handler

A Microsoft extension to C and C++ to handle certain exceptional code situations, such as hardware faults, gracefully.

Question 20

SFTP

Answer 20

Secured File Transfer Protocol

A secure transfer protocol based on FTP that uses SSH encryption.

It is considered more secure than FTPS, but is slower.

Question 21

SHA

Answer 21

Secure Hashing Algorithm

A family of cryptographic functions designed to keep data secured. It works by transforming the data using a hash function: an algorithm that consists of bitwise operations, modular additions, and compression functions.

A modified version of MD5.

Question 22

SHTTP

Answer 22

Secure Hypertext Transfer Protocol

An earlier security protocol that provided secure transactions over the Web. It works at the application layer rather than the transport layer.

This means that it secures individual messages, while HTTPS creates a secure connection for all transmitted data.

Because of this, it is best applied in situations where only certain parts of the communication need to be secured.

It is not as widely adopted or used as HTTPS because it requires more computational resources than HTTPS; it is less efficient for securing large volumes of data.

Question 23

SIEM

Answer 23

Security Information and Event Management

A central place to collect, aggregate, and analyze volumes of data across an enterprise, effectively streamlining security workflows.

It is security software that gives organizations a bird’s-eye-view of activity across their entire network so they can respond to threats faster—before business is disrupted.

Question 24

SIM

Answer 24

Subscriber Identity Module

A smart card necessary to make use of a mobile phone for communication. The SIM is an integrated circuit that is intended to securely store the international mobile subscriber identity (IMSI) number, which are used to identify and authenticate subscribers on mobile telephone systems. Memory is also available on the SIM for personalized data, such as a telephone book and messages.

A SIM card contains its unique serial number (ICCID), international mobile subscriber identity (IMSI) number, security authentication and ciphering information, temporary information related to the local network, a list of the services the user has access to, and two passwords: a personal identification number (PIN) for ordinary use, and a personal unblocking code (PUC) for PIN unlocking.

Question 25

SLA

Answer 25

Service-Level Agreement

A document that lists the minimum terms for services provided. Typically used between customers and service providers.

Ex. Level of uptime, response time agreement, requirements of both the customer and the service provider (ex. customer is required to keep spare parts onsite)

Question 26

SLE

Answer 26

Single Loss Expectancy

The monetary loss if a single event occurs

Question 27

SMS

Answer 27

Short Message Service

A text messaging service that allows the exchange of short text messages between mobile devices.

Question 28

SMTP

Answer 28

Simple Mail Transfer Protocol

A networking standard for sending emails over the internet. It is unencrypted.

SMTP only works when sending text without attachments.

MIME is what enables attachments, message bodies exceeding the character limits imposed by SMTP, messages in languages other than English, and HTML/CSS formats.

MIME is an extension protocol; it enhances SMTP, but does not operate separately.

Question 29

SMTPS

Answer 29

Simple Mail Transfer Protocol Secure

A protocol that sends emails over the internet, but also encrypts, authenticates, and prevents data tampering by using the TLS protocol.

Question 30

SNMP

Answer 30

Simple Network Management Protocol

A protocol used to transfer network information. It is used by SNMP agents installed on devices, which send SNMP messages to a centralized management device.

Question 31

SOAP

Answer 31

Simple Object Access Protocol

A lightweight XML-based protocol that is used for the exchange of information in decentralized, distributed application environments. It is used to build APIs.

You can transmit SOAP messages in any way that the applications require, as long as both the client and the server use the same method. The current specification describes only a single transport protocol binding, which is HTTP.

SOAP differs from REST in that the SOAP approach is highly structured and uses XML data format. REST is more flexible and allows applications to exchange data in multiple formats.

Question 32

SOAR

Answer 32

Security Orchestration, Automation, Response

Software that enables security teams to integrate and coordinate separate tools into streamlined threat response workflows.

Question 33

SoC

Answer 33

System on Chip

An integrated circuit that integrates most or all components of a computer or other electronic system on a single piece of silicon.

By eliminating the need for separate and large system components, SoCs help simplify circuit board design, resulting in improved power and speed without compromising system functionality.

In a SoC, the CPU is fully integrated with memory, GPUs, and more on a single chip. You can think of it as fully functional computer in a tiny, tiny box.

Question 34

SOC

Answer 34

Security Operations Center

A team of IT security professionals that protects the organization by monitoring, detecting, analyzing, and investigating cyber threats.

Question 35

SOW

Answer 35

Statement of Work

A document that includes a detailed breakdown that lists what services will be provided and when. it lists specific items that need to be completed.

Used in conjunction with the MSA to avoid renegotiating basic terms of the contract, instead focusing on detailed, specific tasks.

It helps evaluate whether the job was done properly.

Ex. The scope of the job, the location, deliverables schedule, acceptance criteria, etc.

Question 36

SPF

Answer 36

Sender Policy Framework

An email authentication system that aids in identifying which mail servers are allowed to deliver emails for a specific domain.

An administrator lists which servers are authorized to deliver emails on the organization’s behalf, and email recipients can check this list to make sure the email they received is legitimate.

Question 37

SPIM

Answer 37

Spam over Internet Messaging

Unsolicited messages, often advertisements, over IM.

–

Note that this is different from smishing, which uses SMS to attempt phishing.

Question 38

SQL

Answer 38

Structured Query Language

A standard language for database creation and manipulation

Question 39

SQLi

Answer 39

SQL Injection

A web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

Question 40

SRTP

Answer 40

Secure Real-Time Protocol

An extension of RTP that adds message authentication, confidentiality, and replay protection (mostly intended for VoIP comms), among other security features.

It uses AES as its default encryption cipher.

Question 41

SSD

Answer 41

Solid State Drive

A storage device containing nonvolatile flash memory, used in place of a hard disk because of its much greater speed.

SSDs store data in flash memory, while HDDs store data in magnetic disks.

Question 42

SSH

Answer 42

Secure Shell

A software package that enables secure system administration (remote logins) and file transfers over insecure networks through secure tunnels.

While VPNs establish tunnels between your device and a VPN server, SSH establishes tunnels between your device directly to the remote target machine for file transfer/code execution.

Question 43

SSL

Answer 43

Secure Sockets Layer

A deprecated encryption-based Internet security protocol. It works by binding the identities of entities such as websites and companies to cryptographic key pairs via digital documents known as X.509 certificates.

Question 44

SSO

Answer 44

Single Sign-On

An identification method that enables users to log in to multiple applications and websites with one set of credentials.

Question 45

STIX

Answer 45

Structured Threat Information eXchange

A standardized language that uses a JSON-based lexicon to express and share threat intelligence information in a readable and consistent format.

STIX provides a common syntax so users can describe threats consistently by their motivations, abilities, capabilities, and responses.

Question 46

SWG

Answer 46

Structured Web Gateway

An SWG is NOT a firewall.

However, it is very similar to one. It mainly focuses on filtering unsafe content from web traffic to stop cyber threats and data breaches. It operates between company employees and the internet.

It may also include DLP, content filtering, and other features.

Question 47

Difference between SCAP and OVAL

Answer 47

OVAL is the declarative language for making logical assertions about the state of the system. It is the main component of the SCAP standard.

SCAP is a family of standards comprised of multiple component standards.

Question 48

Differences between SFTP and FTPS:

Encryption
Port
Firewall
Platform
Authentication

Answer 48

Encryption:
SFTP - SSH
FTPS - SSL/TLS

Port:
SFTP - 22
FTPS - 21 and 990

Firewall:
SFTP - easy to config behind a firewall bc it uses a single port
FTPS - requires 2 ports by default, making it more difficult to config behind a firewall

Platform:
SFTP - platform-independent
FTPS - platform-dependent; may require FTP clients/servers to be installed

Authentication:
SFTP supports more authentication methods than FTPS

Question 49

Why would one choose to use FTPS over SFTP, considering SFTP is generally more secure, easier to configure, and supports more authentication methods?

Answer 49

You are using an FTP client/server and need to upgrade the security, or if your org has existing SSL/TLS infrastructure.

Question 50

Difference between SHTTP and HTTPS

Answer 50

HTTPS encrypts the entire connection; SHTTP encrypts individual messages.

SHTTP is less widely adopted and used than HTTPS.

SHTTP is less efficient for encrypting large volumes of data because it encrypts each message separately.

Question 51

Difference between STIX and TAXII

Answer 51

STIX is a standardized language; TAXII is the format through which threat intelligence data is transmitted.

While TAXII supports sending STIX, they are two independent standards. STIX does not rely specifically on TAXII for transport; and TAXII can transport non-STIX data.

Question 52

Difference between SWG and NGFW

Answer 52

SWGs have more functionality and reporting options than a NGFW.

A NGFW enforces security policies and examines network packets.

A SWG focuses on filtering and managing web traffic.

A NGFW is focused on identifying and securing traffic.

An SWG is focused on identifying users, authenticating users, and recording all web access.

Question 53

Difference between SWG and WAF

Answer 53

SWG filters unwanted software/internet traffic

WAF protects web applications from attacks