SEC ACRONYMS Flashcards

1
Q

3DES

A

-Triple Data Encryption Standard

a symmetric-key block cipher, which applies the DES cipher algorithm three times to each data block.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

AAA

A

-Authentication, authorization, and accounting

security framework that controls access to computer resources, enforces policies, and audits usage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

ABAC

A

-Attribute-based access control

provides access to users based on who they are rather than what they do

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

ACL

A

-Access-control list

list of permissions that dictate what a user has access to and what types of operations they are allowed to do with that access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

AD

A

-Active Directory

a database and set of services that connect users with the network resources they need to get their work done

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

AES

A
  • Advanced Encryption Standard

symmetric block cipher chosen by the U.S. government to protect classified information
128-bit blocks

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AES256

A
  • Advanced Encryption Standard 256

virtually impenetrable symmetric encryption algorithm that uses a 256-bit key to convert your plain text or data into a cipher.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

AH

A

-Authentication Header

provides a means to verify the source of an IP packet

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

AIS

A

-Automated Indicator Sharing

enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ALE

A

-Annualized Loss Expectancy

your yearly cost due to a risk

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

API

A

-Advanced Persistent Threat

a set of programming code that allows two programs to talk to each other

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

ARO

A

-Annualized Rate of Occurrence

The probability that a risk will occur in a particular year

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

ARP

A

-Address Resolution Protocol

protocol that maps dynamic IP addresses to permanent physical machine addresses in a local area network (LAN).
(link layer address)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ASLR

A

-Address Space Layout Randomization

memory-protection process for operating systems that guards against buffer-overflow attacks by randomizing the location where system executables are loaded into memory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

ASP

A

-Active Server Pages

enables web servers to dynamically generate webpages and create interactive web applications by using server-side scripting technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

ATT&CK

A

-Adversarial Tactics, Techniques,
and Common Knowledge

guideline for classifying and describing cyberattacks and intrusions.
(It was created by the Mitre Corporation and released in 2013)

17
Q

AUP

A

-Acceptable Use Policy

practices users must agree to in order to use a network or other resource

18
Q

BASH

A

-Bourne Again Shell

free and enhanced version of the Bourne shell distributed with Linux and GNU operating systems.

19
Q

BCP

A

-Business Continuity Planning

establishes protocols and creates prevention and recovery systems in case of a cyber-attack or natural disaster

20
Q

BGP

A

-Border Gateway Protocol

most effective Internet protocol that enables routing, reachability and sharing data between autonomous systems (AS) on the Internet.

21
Q

BIA

A

-Business Impact Analysis

measures the severity of those threats and how they would affect business operations and finances

22
Q

BIOS

A

-Basic Input/Output System

a set of computer instructions in firmware which control input and output operations.

23
Q

BPA

A

-Business Partnership Agreement

establishes rules for two or more parties going into business together

24
Q

BPDU

A

-Bridge Protocol Data Unit

spanning tree protocol (STP) message unit that describes the attributes of a switch port such as its MAC address, priority and cost to reach.
BPDUs enable switches that participate in a spanning tree protocol to gather information about each other.

25
Q

BSSID

A

-Basic Service Set Identifier

the MAC (Media Access Control) physical address of the access point or wireless router that is used to connect to the WiFi.

26
Q

BYOD

A

-Bring Your Own Device

policy that enables employees in an organization to use their personally owned devices for work-related activities.

27
Q

CA

A

-Certificate Authority

entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.

28
Q

CAPTCHA

A

-Completely Automated Public Turing
Test to Tell Computers and Humans Apart

type of challenge–response test used in computing to determine whether the user is human in order to deter bot attacks and spam.

29
Q

CAR

A

-Corrective Action Report

a report which lists the defects (or defect) which need to be rectified or corrected.
The report outlines the remedial actions necessary to rectify whatever has gone wrong or will likely go wrong as per the current situation during the project.

30
Q

CASB

A

-Cloud Access Security Broker

on-premises or cloud-based security policy enforcement point between cloud service consumers and providers.

31
Q

CBC

A

-Cipher Block Chaining

the plaintext of a block is combined with the ciphertext of the previous block via an exclusive or (xor) operation, and the result is encrypted.
The result is the ciphertext of that block, and will also be used in the encryption of the following block.

32
Q

CBT

A

-Computer-based Training

a form of learning that utilizes computer technology and digital resources for delivering educational content.

33
Q

CCMP

A

-Counter-Mode/CBC-MAC Protocol

an encryption protocol designed for Wireless LAN products that implements the standards of the IEEE 802.11i
,.. amendment to the original IEEE 802.11 standard.

34
Q

CERT

A

-Computer Emergency Response Team

a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.

35
Q
A