Security + Acronyms

Question 1

IKE

Answer 1

(Internet Key Exchange)

A protocol used in IPsec VPNs to securely exchange encryption keys and establish a secure tunnel between two devices. It has two versions: IKEv1 (older) and IKEv2 (more secure and efficient).

Question 2

ATT&CK

Answer 2

(Adversarial Tactics, Techniques, and Common Knowledge)

A cybersecurity framework developed by MITRE that maps out real-world attack techniques used by threat actors, helping organizations defend against cyber threats.

Question 3

EDR

Answer 3

(Endpoint Detection and Response)

A security solution that provides the capability for detection, analysis, response, and real-time monitoring of cyber threats on endpoints (like laptops, desktops, and servers). It detects suspicious activity, investigates it, and helps remediate attacks. Think of it as a security camera and alarm system for your devices. (Example Tools: CrowdStrike Falcon, SentinelOne, Microsoft Defender for Endpoint)

Question 4

HSM

Answer 4

(Hardware Security Module)

A physical device designed to generate, store, and manage encryption keys securely. It is tamper-resistant and used in high-security environments like banking and cloud services to protect sensitive data. Think of it as a super-secure USB for encryption keys that ensures no one can steal or tamper with them.

Question 5

PUP

Answer 5

(Potentially Unwanted Program)

Software that’s not necessarily malicious but unwanted (e.g., toolbars, adware). Like junk mail that clutters your inbox, characteristic are:
* Often installed without clear user consent, but classified as an application downloaded and installed with the user’s consent.
* Can be pre-installed, downloaded, or bundled with other software.
* A type of software that may adversely affect the computer’s security and performance, compromise user’s privacy, or display unsolicited ads.

Question 6

SCAP

Answer 6

(Security Content Automation Protocol)

A set of standards for automating the management of vulnerabilities and security policies. It’s like a robot that checks your systems for weaknesses and fixes them.

Question 7

FRR

Answer 7

(False Rejection Rate)

The rate at which a biometric system incorrectly rejects an authorized user. Think of it as a security system mistakenly locking out the right person.

Question 8

SPF

Answer 8

(Sender Policy Framework)

An email security protocol that helps prevent email spoofing by verifying if a mail server is authorized to send emails on behalf of a domain.

Question 9

MAC

Answer 9

(Message Authentication Code)

A cryptographic method used to verify the integrity and authenticity of a message, ensuring it was not altered during transmission and came from a trusted source.

Question 10

MDM

Answer 10

(Mobile Device Management)

A security and management solution that allows organizations to control, monitor, and secure mobile devices like smartphones, tablets, and laptops.

Question 11

ECDHE

Answer 11

(Elliptic Curve Diffie-Hellman Ephemeral)

A key exchange method that uses ECC and generates new keys for each session, enhancing security and efficiency.

Question 12

DEP

Answer 12

(Data Execution Prevention)

A security feature that prevents malicious code from executing in certain memory regions meant for data storage, helping to block exploits like buffer overflow attacks.

Question 13

API

Answer 13

(Application Programming Interface)

A set of rules that allows different software applications to communicate with each other. Think of it as a menu that lets programs request specific functions from another service.

Question 14

RTBH

Answer 14

(Remotely Triggered Black Hole)

A DDoS mitigation technique that blocks malicious network traffic by rerouting it to a “black hole” (null route) where it is discarded before reaching the target.

Question 15

SCADA

Answer 15

(Supervisory Control and Data Acquisition)

A supervisory control system used to control industrial processes (e.g., power plants, water treatment). Like a digital dashboard for controlling factories.

Question 16

AH

Answer 16

(Authentication Header)

A protocol used to provide authentication and integrity for IP packets. It is often used in conjunction with ESP.

Question 17

AV

Answer 17

(Antivirus)

Software designed to detect, prevent, and remove malware from computer systems and networks. Think of it as a digital immune system that fights off infections.

Question 18

VDI

Answer 18

(Virtual Desktop Infrastructure)

A technology that hosts desktop environments on a central server, allowing users to access them remotely. Think of it as renting a computer in the cloud.

Question 19

Bash

Answer 19

(Bourne Again Shell)

A command-line shell and scripting language for Unix/Linux systems. Think of it as the text-based control panel for advanced computer operations.

Question 20

AP

Answer 20

(Access Point)

A device that allows wireless devices to connect to a wired network (e.g., Wi-Fi router). Think of it as a bridge between your devices and the internet.

Question 21

COPE

Answer 21

(Corporate-Owned, Personally Enabled)

A mobile device management model where employers provide devices for work and personal use. Think of it as a company phone you can also use for Netflix.

Question 22

CRC

Answer 22

(Cyclic Redundancy Check)

A method to detect errors in transmitted or stored data. Think of it as a spellchecker for digital files.

Question 23

IP

Answer 23

(Internet Protocol)

The rules governing how data is sent over networks (e.g., IP addresses). Think of it as the postal system for the internet.

Question 24

P2P

Answer 24

(Peer-to-Peer)

A network where devices communicate directly without a central server (e.g., torrenting). Think of it as a digital potluck where everyone shares directly.

Question 25

RSA

Answer 25

(Rivest-Shamir-Adleman) A widely used encryption algorithm for secure data transmission. Think of it as a mathematical lockbox for secrets.

Question 26

TOTP

Answer 26

(Time-Based One-Time Password) A temporary passcode (e.g., from Google Authenticator) that changes every 30-60 seconds. Think of it as a self-destructing digital key.

Question 27

HA

Answer 27

(High Availability) Systems designed to operate continuously without failure (e.g., backup servers). Think of it as a car with a spare engine.

Question 28

SPOF

Answer 28

(Single Point of Failure) A component whose failure can crash an entire system. Think of it as the one weak link that can break the chain.

Question 29

PBKDF2

Answer 29

(Password-Based Key Derivation Function 2) A method to securely hash passwords with added randomness. Think of it as a blender turning passwords into fortified digital mush.

Question 30

CVE

Answer 30

(Common Vulnerabilities and Exposures) A system that identifies, defines, and catalogues publicly known cybersecurity vulnerabilities (e.g., CVE-2023-1234). Think of it as a most-wanted list for bugs.

Question 31

MTU

Answer 31

(Maximum Transmission Unit) The largest data packet a network can transmit without fragmentation. Think of it as the size limit for digital shipping boxes.

Question 32

PIV

Answer 32

(Personal Identity Verification) A smart card standard for secure access (used by U.S. government employees). Think of it as a high-tech ID badge.

Question 33

IR

Answer 33

(Incident Response) The process of handling security breaches. Think of it as a digital fire drill.

Question 34

NFC

Answer 34

(Near-Field Communication) Short-range wireless tech for contactless payments/data transfer. Think of it as a digital handshake.

Question 35

XDR

Answer 35

(Extended Detection and Response) A security platform integrating multiple tools for threat detection. Think of it as a security guard with 360° vision.

Question 36

UPS

Answer 36

(Uninterruptible Power Supply) A battery backup for devices during power outages. Think of it as a surge protector with a built-in generator.

Question 37

PAT

Answer 37

(Port Address Translation) A type of NAT that maps multiple devices to a single IP using unique ports. Think of it as a shared apartment with numbered mail slots.

Question 38

NTFS

Answer 38

(New Technology File System) A file system format used in Windows OSs that offers improved performance, security, and file management/encryption. Think of it as a high-security filing cabinet.

Question 39

PAM

Answer 39

(Privileged Access Management) A security framework that controls and monitors privileged accounts to reduce risks It helps prevent unauthorized access, insider threats, and credential abuse. Often includes password vaulting, session monitoring, and least privilege enforcement. Used to secure admin accounts, service accounts, and root access in IT environments.

Question 40

SAE

Answer 40

(Simultaneous Authentication of Equals) A secure key agreement protocol used in Wi-Fi networks (especially WPA3) to establish encrypted connections. It replaces the older PSK (Pre-Shared Key) method with stronger protection against attacks. Think of it as a digital handshake where both sides verify each other equally, leaving no weak link.

Question 41

FIM

Answer 41

(File Integrity Monitoring) A security tool that continuously checks files (like system/config files) for unauthorized changes (e.g., edits, deletions). Alerts you if something suspicious happens. Think of it as a security camera for your critical files.